With businesses planning and preparing for the new year ahead, many are realising a new approach will be required when it comes to achieving effective IT security.
As 2021 unfolds, growing numbers of organisations will need to take a different strategy to protect their digital assets and ensure staff have secure access to the data and applications they require.
These changes have been driven by the sudden shift to home working that occurred in early 2020 as a result of COVID lockdowns. With little warning, organisations had to quickly find a way for staff to work from home while keeping disruptions to a minimum.
Gone was the idea that effective security can be achieved by having a single secure network on which everything lives. The pandemic completely shattered the idea of location and organisations can no longer depend on everyone being on the corporate network.
For many, this change required them to rely on existing virtual private networks (VPNs) to connect staff with centralised IT systems. VPNs create a secure tunnel across the public internet that ensures data remains protected during transit.
While they do this effectively, it can be difficult for VPNs to quickly be scaled to meet increased demand. Higher numbers of users can cause capacity problems, resulting in lower performance and frustration.
A change in strategy
For this reason, a new strategy will be required in 2021 – one that involves a shift away from the concept of ‘networks’ to the concept of ‘identity’. Identity will become the new perimeter, enabling organisations to make informed decisions about who a user is and to what digital assets they should have access.
To support this shift to identity-based security, increasing numbers of organisations will deploy multi-factor authentication (MFA) technologies for all remote staff. MFA requires users to provide additional means of identification above and beyond the traditional password. This could include a code generated by a mobile phone app, a fingerprint, or even a voice scan.
Each additional item required to gain access significantly improves overall security levels. Even if a password is compromised, a cyber criminal would not be able to gain access unless they also had access to a user’s smartphone or other MFA device.
While identity is one important layer in a secure infrastructure, in 2021, more organisations will also adopt data governance models in a preventative manner. Rather than being pressured by external factors such as legislation, organisations will look to future-proof their security before a problem arises.
Governance will also be used in a more preventative manner to improve visibility and compliance of security. This will help organisations to prepare for any potential disasters that may arise in the future. Governance is about making a list, and taking stock of how well you did, rather than focusing too extensively on the externalities such as auditors or legislature.
Improved security on both of these fronts will fundamentally change how data is viewed and accessed by organisations. In particular, it will encourage more efficient, compliant and secure data sharing processes.
It’s clear that there will continue to be much change throughout 2021 as the fallout from COVID-19 continues to be felt. However, by adopting new identity-based security strategies and working to consolidate data stores, organisations will be much better positioned for growth.
Peter O’Connor is the vice president, sales, Asia Pacific, at Snowflake.