Using Zero Trust to Protect Today's Remote Workforce - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Security & Risk Strategy
7/19/2021
06:00 AM
HP Wolf Security
HP Wolf Security
Sponsored Article
50%
50%

Using Zero Trust to Protect Today’s Remote Workforce

A zero-trust security approach protects remote devices, eases digital transformation efforts, and reduces the IT burden.

Since the pandemic, organizations are confronting unique challenges: accelerated digital transformations; a more dispersed, hybrid workforce; and a rise in cyberattacks due to these distributed endpoints. The increase in work from home (WFH) initiatives and an unprecedented growth in remote users has resulted in perimeter-less IT environments. Facing these challenges, 35% of IT decision makers cite organizational risk and malware as key concerns due to corporate device usage in hybrid and WFH scenarios. In this article, we explore zero trust as a crucial tool to combat these security risks.

Digital Transformation and Zero Trust

Increasingly, the information that companies accrue is open to cyberattacks, so overstretched IT teams are employing zero trust to handle unprecedented threat levels. The situation is further complicated by WFH environments, which broaden attack surfaces and amplify existing threats. Based on a recent security report, 91% of IT decision makers believe endpoint security has become as important as network security, while a similar percentage spends more time on endpoint security than they did two years ago.

The concept of zero trust offers a different model of endpoint security and states that nothing should be trusted implicitly. Zero trust puts protection at the endpoint, limiting access based on context, including user credentials, device, location, and security posture. However, as the first line of defense, a zero-trust solution doesn’t simply detect threats, but contains and neutralizes them. Security teams can use the isolation, cloud-based intelligence, and threat telemetry of zero-trust approaches to turn endpoint vulnerabilities into intelligence-gathering strengths. Threat information can then be used not only to constrain an attacker’s freedom of movement, but also limit the ability to inflict damage.

Shifting Attack Perimeters

Digital transformation offers organizations an ongoing process to integrate business activities and take advantage of new innovations. But it’s often a fragmented process due to numerous single-point applications and information silos that exist across an organization. These digital adoptions have been further complicated by recent WFH scenarios.

A recent security report indicates that for 76% of office workers, the transition to WFH environments has blurred the lines between their personal and professional roles. For example, remote end users often rely on corporate devices in ways they normally wouldn’t in the office, such as using work devices for personal tasks or sharing them with friends and family.

The trend highlights the limits of current endpoint security -- where incursions can go undetected until real damage is inflicted. For example, devices targeted by cybercriminals include printers, of which more than half (56%) are accessible via open printer ports, according to the HP report. IT and security teams are at a disadvantage because they often lack visibility into all the devices being used across an organization.

The limitations of traditional perimeter security also add to the IT burden by requiring that valuable time be spent remediating compromised hardware. In this new threat environment, corporate firewall protection is no longer viable; leaving 88% of IT decision makers to express concern around end users accessing sensitive data via insecure VPN connections and networks.

Protect Endpoints with HP Wolf Security

In response, HP Wolf Security offers a dramatically different model to render malware harmless before it can infect end-user devices or the larger organization. By gathering contextual data at the endpoint, the platform employs hardware-powered micro virtualization (micro-VM) to isolate and contain threats without impacting the user experience. An end user who unknowingly clicks on a malicious element is protected because the event is automatically opened in a micro-VM and the threat neutralized when the document or application is closed.

HP Wolf Security ensures that remote users can work safely and further eases the IT burden. For example, the smaller attack surface not only reduces the number of alerts, it also requires less device monitoring. This new security approach combines hardware-enforced security built into the endpoint along with deep learning-based protection technologies and cloud-based threat intelligence.

From the maker of the world’s most secure PCs* and Printers**, HP Wolf Security represents a new breed***of endpoint security. HP’s portfolio of hardware-enforced security and endpoint-focused security services are designed to help organizations safeguard PCs, printers, and people from circling cyber predators. HP Wolf Security provides comprehensive endpoint protection and resiliency that starts at the hardware level and extends across software and services. For more information, visit www.hp.com/wolf

 

*Based on HP’s unique and comprehensive security capabilities at no additional cost among vendors on HP Elite PCs with Windows and 8th Gen and higher Intel® processors or AMD Ryzen™ 4000 processors and higher; HP ProDesk 600 G6 with Intel® 10th Gen and higher processors; and HP ProBook 600 with AMD Ryzen™ 4000 or Intel® 11th Gen processors and higher.

**HP’s most advanced embedded security features are available on HP Enterprise and HP Managed devices with HP FutureSmart firmware 4.5 or above. Claim based on HP review of 2021 published features of competitive in-class printers. Only HP offers a combination of security features to automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST SP 800-193 guidelines for device cyber resiliency. For a list of compatible products, visit: www.hp.com/go/PrintersThatProtect. For more information, visit: www.hp.com/go/PrinterSecurityClaims.

***HP Security is now HP Wolf Security. Security features vary by platform; please see product data sheet for details.

 

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Slideshows
Flash Poll