The Hybrid Workforce Reality: Creating a Secure, Cohesive Experience

By Anupam Upadhyaya, Palo Alto Networks

The world of work has changed dramatically. Today, employees collaborate from around the world, from corporate offices to home offices, coworking locations, coffee shops, and more.

This creates challenges for IT and security teams, who must safeguard company data and provide a seamless work experience for all employees, regardless of location. Thankfully, new solutions exist to eliminate the need for a tradeoff between security and productivity.

Security Without Borders

The traditional perimeter is long gone; the hybrid perimeter is here to stay. According to the Pew Research Center, about 22 million employed adults in the U.S. work from home every day. Hybrid work is more common than ever. Just over one-third of workers in the U.S. who can work remotely do so all the time; 41% are at least part-time remote on a hybrid setup. Mergers, acquisitions, and other business moves also often lead to the opening and integration of new branch offices — all of which must be secured and offer the same experience for all employees. 

Regardless of where employees sit, the browser is where they do most of their work. A survey of 500 security leaders conducted by Palo Alto Networks found that employees spend over 85% of their workday in the browser, using it to access applications and services. Unfortunately, typical browsers are susceptible to various threats, including account takeover attacks, phishing attacks, malicious extensions, and malware infections.

Related:I’m Torn. Should I Leave My Six-Figure Job So I Can Work Remotely?

A Better Approach

To deliver a secure work environment, organizations need a solution encompassing all the environments — remote and on-prem — a user may be working in. Unfortunately, that's not easy; many companies are grappling with multiple secure access tools, with different policies, network sensors, and management planes. Tool sprawl and the need to integrate an increasing number of point solutions make it difficult to guarantee consistent policy and maintain a unified view of network security. This patchwork approach is limited by inadequate data protection, security gaps, and inconsistent application performance.

To operate effectively, organizations must ensure they have the most optimized experience, with the same policies applied across all access points. Employees also expect flexibility when it comes to their devices, and employers want to balance that with providing secure access.

This is where a fully integrated SASE (secure access service edge) solution comes in. Properly executed, SASE provides an organization with security visibility and control from any device to any application. SD-WAN (software-defined wide area network) is vital within this setup to ensure that every "branch" has the optimal experience across multiple links with the same consistency of security.

Related:Safeguarding Hybrid Workers: A Modern Enterprise Imperative

SASE enforces zero trust principles to ensure all access to SaaS, web, or other apps is authenticated and authorized. This is done continuously, verifying users and devices each time before granting access to corporate applications.

However, limiting efforts to managed devices alone is not fully effective. A comprehensive solution must also include the browser. Extending SASE protections through an enterprise browser ensures that personal devices receive the same level of security as corporate-managed devices. Employees are empowered to create a secure work environment on any device, with enterprise apps isolated from untrusted endpoints.

By placing security in the browser — where users and data meet — you address a variety of critical use cases, including third parties and contractors, the BYOD workforce, additional data loss controls, and securing undecryptable traffic. This creates defense-in-depth, where you have set up a system that layers multiple security controls, from a secure enterprise browser to the network, enabling protection against a wide range of threats. It also enhances resiliency by ensuring that if employees encounter disruptions while using managed devices or connecting to SASE, they can still securely access their business applications. This capability is crucial for maintaining business continuity.

Creating a Fearless Hybrid Workforce Environment

Users, whether at home, the office, or some far-flung location, need consistency in how they access applications and the security surrounding them. This goes in tandem with the increasing number of applications moving to the cloud. We live and work in a hybrid world that needs not only consistency but security as well. This is only possible when all the pieces are speaking the same language.

Organizations need to optimize across all applications and avoid falling into the trap of treating security and consistent user experience as an either/or situation. That thinking can thwart productivity and security. Legacy approaches are often piecemeal, creating security gaps, data insecurity, and inconsistent app performance. A SASE solution enables modern organizations to attain the consistency of security needed and a single-pane-of-glass view. This secures all the devices they use. Follow these best practices to manage a hybrid workforce without fear.

About the author:

Anupam Upadhyaya is the vice president of product management for all SASE platforms including Prisma Access, SD-WAN, GlobalProtect, and ADEM at Palo Alto Networks. He has over 20 years of experience in networking and security. Prior to Palo Alto Networks, Anupam held senior product management roles at Cisco Systems, Aerohive Networks, and Aruba Networks. He holds a master's degree in marketing and finance from Santa Clara University, and a bachelor's degree in computer science from IIT BHU.