Have you ever accessed critical company resources from your personal phone or a shared device, using the hotel’s WiFi, or from a conference that you attended? Did you realize that by doing so you could put your company at risk?
Companies are under attack, today more than ever, and statistics show it.
There are 6 million records breached every day;
Each of these attacks cost companies on average 3 million dollars;
It can take more than 200 days to detect a breach;
25% of attacks are not caused by external attackers, but rather by internal employees.
It is arguable that accessing company data and working remotely is not secure enough. But in light of digital transformation and the values of the modern employee, flexible and remote work is here to stay.
Work used to happen only at the office. Employees worked at the company offices and sat together with the company servers. Back then, the model of trust and access to a company’s data was based on the corporate network perimeter. Access was determined by whether you were inside or outside of it. If you were outside of the office network, you were not able to access company information. For a while, this method worked to block cyber attackers. But the problem escalated: 74% of data breaches are generated by privileged credential abuse.
Now we work remotely, from home, coffee shops, airports, and conferences. Our company data is in the cloud and we connect to that information whenever we need it.
To adapt to this change, the concept of the network was extended outside of the office perimeter using VPNs. But in reality, VPNs can be slow and unreliable. Moreover, they are complex to configure and setup and their technology is based on old assumptions fitting the old, office-only work model.
If there is a flaw in the networking configuration or even outdated VPN software, an attacker only needs to compromise one device, with a phishing attack or unpatched system, to access key resources in the company network. The recent NordVPN hack or Palo Alto Networks vulnerability, are a few recent breaches that prove this point.
When we started Fyde, our goal was to move beyond the old assumptions that VPNs are based on. We built a new system based on the concept of Zero Trust.
Zero trust means that every person and every device are not trusted, whether they are inside or outside of the company network perimeter. Accessing company resources and data is not automatic, over-privileged and uncontrolled like in many enterprises today. The Zero Trust model shifts the company network perimeter and moves it to every device and user within a company that’s trying to access information. It increases the chances that if an asset is compromised, it won’t affect the entire company.
How does Fyde Enterprise empower a remote or traveling workforce? Fyde continuously and in the background verifies whether you are the right person, with the right device, and with the right permissions to access company data or apps. It is fast, reliable, productivity-boosting and culture-changing, allowing people to collaborate when convenient and without friction. And unlike VPNs and MDMs, it protects employee privacy.
In an era of continuous change and cloud transformation, productive and adaptive culture is critical to ensure growth and success. Gartner predicts that by 2021, CIOs will be as responsible for culture change as chief HR officers (CHROs) and will play a key role in establishing the right mindsets and practices. Technology indeed is powerful in enabling the desired culture change for the modern enterprise.
A final thought, does it really make sense to rely on 90’s technologies to protect your company in the 21st century? Replace outdated VPNs and upgrade to modern secure access.
What is Zero Trust and how can it transform your enterprise security?
Fyde: Zero Trust architecture and components
Remote workers need a security upgrade. How Zero Trust can help
Startups need to prioritize security. Zero Trust can be a lifesaver