Learn how hybrid work is fueling ransomware attacks and what to do about it.
Traditional security approaches are flawed, costly, and overwhelming for security teams. Menlo Security is different. It’s the simplest, most definitive way to secure work—making online threats irrelevant to your users and your business.
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Mark Guntrip | Oct 01, 2022
Share this article
Two years after the pandemic forever changed how we work, IT teams continue to struggle with providing fast, reliable, and secure application access to remote workers.
At the onset of the pandemic, immediate access was the priority. Newly remote workers required access to the tools and information they needed to keep the business running as if they were in the office. But now, two years later, the chickens are coming home to roost. The shift to hybrid work has expanded threat surfaces and opened the door for highly sophisticated threats that leverage advanced evasion techniques to easily bypass legacy security technology. Ransomware, spearphishing, credential theft, and other malware attacks are growing in volume and success — providing a major risk to your workers, data and constituents.
It’s time for IT teams at state and local government agencies to acknowledge the security concerns of the remote access connectivity solutions they hastily put in place two years ago. They need to finally close these security gaps by adding back in the security visibility and control that was lost when the world turned upside down.
Many agencies responded to the acceleration of digital transformation and work-from-home policies by deploying Zero Trust Network Access (ZTNA) tools as a way to replace or augment existing virtual private network (VPN) environments that couldn’t handle the massive increase in traffic. Based in the cloud, these ZTNA solutions serve as highly scalable, direct connections between applications and a highly distributed workforce.
However, once that connection is established, IT has no visibility into traffic or policy control — leaving the organization vulnerable to malicious activity. Once a user (or, in unfortunate cases, a threat actor) is authorized to access an application, they can essentially behave in any way they want. This prevents the agency from identifying abnormal behavior such as making admin or configuration changes or exfiltrating data.
ZTNA solutions provided a crucial Band-Aid that was applied in unprecedented times, but they eliminated much of the security and visibility that VPN access provided for remote workers. Two years into the new normal, it’s time to implement a better, more secure network access solution that meets the connectivity, security, and user experience expectations of today’s way of working.
Next-gen ZTNA solutions combine the accessibility of legacy ZTNA products with robust security and visibility capabilities that protect the organization from today’s Highly Evasive Adaptive Threats (HEAT). These highly sophisticated threat actors use advanced evasion techniques to make an initial breach and then spread laterally through the network. Enhancing legacy ZTNA solutions with visibility and policy control allows security teams to prevent these initial breaches and identify potentially malicious activity.
But not all next-gen ZTNA solutions are created equal. Here are two things to consider when looking to fill security gaps in remote application access capabilities for a hybrid workforce:
Legacy ZTNA solutions focus on application security while leaving the user and data exposed. The ability to monitor traffic in both directions expands protection to the user and the data — ensuring that a malicious actor who has already made an initial breach is not able to spread laterally through the network. Next-gen ZTNA solutions provide this bidirectional visibility into all communication — allowing security teams to protect users from attacks originating from an application and implement Data Loss Protection (DLP) policies.
Complexity and inconsistency are the death knell for robust security. You can’t secure private applications differently than web apps or Software as a Service (SaaS) platforms, and you shouldn’t have to use different solutions to protect data and users. Security capabilities should be layered on top of each other, working together to orchestrate fast, reliable, and secure experiences for users. Next-gen ZTNA solutions should integrate seamlessly with your existing security investments — expanding protection and visibility.
Today’s security solutions need to protect users, data, and applications from increasingly sophisticated malicious actors. While legacy ZTNA solutions focused almost exclusively on access, the next generation of ZTNA solutions needs to add the security that the modern hybrid workforce needs. We’ve been flying blind for two years, so now it’s time to close those gaps.
Posted by Mark Guntrip on Oct 01, 2022
Tagged with Awareness, Blog, MPA, State & Local, Zero Trust
Securing Remote Access
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.