Federated Security for the Future of Work, Workforce, and Workplace | Deloitte US has been saved
COVID-19 has created tectonic shifts in how and where we work. The ratio of full-time employees working remotely versus from the physical workplace has almost flipped in a matter of a few months—from merely 3 percent of employees working from home in January1 to more than 80 percent in May.2 While remote working helped to ensure business continuity and to maintain social distancing, it hurled previously unseen security challenges to internal IT teams. Office closures made it almost impossible for employees to access on-premise infrastructure and networks.3 Simultaneously, the rise in remote working created a completely new and heterogeneous IT infrastructure configuration comprising home internet, personal mobile devices, and remote collaboration tools at scale. Ensuring maximum security for this increasingly distributed and, in some cases, new cloud IT infrastructure has raised new cybersecurity challenges for IT teams globally.
To address shifting security concerns, companies must change the way they approach security by implementing a more federated model across distributed work infrastructures. By focusing on proactive defensive monitoring and managing endpoint security, with an aim to enable dynamic sharing of threat information, organizations (across networks) can create a federation to enhance security against known and novel attacks.4 Federated security models can effectively mitigate challenges posed by the “new normal,” namely heterogeneous IT infrastructure, remote access management, ineffective physical perimeter security, and secure information-sharing and collaboration in the cloud.
To summarize; yes, the coronavirus pandemic has posed numerous challenges to organizations, but it has also presented opportunities for digitally mature companies to stand out. With the work moving away from swanky and secure offices to homes of employees, securing these dispersed access points is essential for a protected IT infrastructure. That challenge comes with great complexity across an unimaginably heterogenous network, and a tiered (federated) security model needs to be implemented to enable dynamic threat intelligence and remediation. With embedded zero-anonymity security features, multifactor authentication, and privileged access management, organizations can effectively govern network access at scale. And lastly, with higher security system interoperability and team collaboration through federated IM solutions, organizations can achieve faster threat detection and remediation while working remotely.
Ultimately, a robust federated security backbone can enable organizations to effectively navigate through the complex virtual business infrastructure and thrive in these uncertain times.
This is the third post in a four-part series on the future work infrastructure. Click to read the first and second posts.
Click to read the related Article on Deloitte Insights.
Endnotes
1 Roy Maurer, “SHRM: Employers Say Remote Work Not Here to Stay,” SHRM, May 5, 2020.
2 International Labor Organization, “COVID-19 and labour statistics,” accessed July 30, 2020.
3 Joao-Pierre S. Ruth, “Next Steps for Cloud Infrastructure Beyond the Pandemic,” Information Week, April 29, 2020.
4 Weiliang Luo, Li Xu, Zhenxin Zhan, Qingji Zheng, and Shouhuai Xu, “Federated Cloud Security Architecture for Secure and Agile Clouds”; Department of Homeland Security, “Federated Security,” accessed July 30, 2020.
5 M. Hatala, Ty Mey Eap, and A. Shah, “Federated security: lightweight security infrastructure for object repositories and Web services,” International Conference on Next Generation Web Services Practices (NWeSP'05), Seoul, South Korea, 2005, pp. 6 pp.-, doi: 10.1109/NWESP.2005.41.
6 Yuri Demchenko, Canh Ngo, Cees de Laat, and Craig Lee, “Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns.”
7 Bill Doerrfeld, “3 Key Issues With Hybrid Cloud Transformation,” DevOps.com, July 28, 2020.
8 Deloitte, “Zero Trust cybersecurity: Never trust, always verify,” Dbriefs webinar, July 30, 2020.
9 Louis Columbus, “Protecting Privileged Identities In a Post-COVID-19 World,” Forbes, May 10, 2020.
10 Nikhar Aggarwal, “Charting out your multi-cloud strategy,” ETCIO, March 18, 2020.
11 Libby Bacon, Sean Morris, and Nicole Overley, COVID-19 and the virtualization of government, Deloitte Insights, April 28, 2020.
As the chief cloud strategy officer for Deloitte Consulting LLP, David is responsible for building innovative technologies that help clients operate more efficiently while delivering strategies that enable them to disrupt their markets. David is widely respected as a visionary in cloud computing—he was recently named the number one cloud influencer in a report by Apollo Research. For more than 20 years, he has inspired corporations and start-ups to innovate and use resources more productively. As the author of more than 13 books and 5,000 articles, David’s thought leadership has appeared in InfoWorld, Wall Street Journal, Forbes, NPR, Gigaom, and Lynda.com. Prior to joining Deloitte, David served as senior vice president at Cloud Technology Partners, where he grew the practice into a major force in the cloud computing market. Previously, he led Blue Mountain Labs, helping organizations find value in cloud and other emerging technologies. He is a graduate of George Mason University.