CONNECT WITH US

WFH pushes companies to improve network security, says Palo Alto Networks

Jane Wang, Taipei; Eifeh Strom, DIGITIMES Asia 0

Credit: DIGITIMES

The COVID-19 pandemic has had a major impact on global corporate culture, particularly on remote working models. The rising work from home (WFH) trend has also extended corporate information security risks and challenges.

Palo Alto Networks recently released its latest IoT Security Report, which surveys 1,900 IT decision-makers around the world. According to the report, 78% of those surveyed reported an increase in non-business IoT devices connected to corporate networks in the last year. In Taiwan, 98% of respondents said that the use of IoT devices during WFH caused an increase in security events on corporate networks.

The majority of surveyed decision-makers believe that corporate IoT device protection needs to be improved. Decision-makers named threat protection and risk assessment as top priorities, with 62% and 61% respectively. Additionally, 51% agree that when companies are making an IoT device list they should provide context for use, such as who is using the device and the amount of traffic.

James Yu, country manager for Taiwan at Palo Alto Networks, pointed out that remote working has resulted in the connection of many non-business devices to corporate networks. For example, when working from home, an employee may have smart wearable devices, smart light bulbs and pet feeders connected to their home network, as well as their corporate-issued laptop.

WFH pushed the boundaries of corporate networks to employees' homes, giving hackers more opportunities to launch security attacks through different network devices, such as home IoT devices. As a result, companies must also change the way they manage their network security in order to ensure a safe network environment under the rapidly changing work models.

Palo Alto Networks has provided three steps for strengthening WFH IoT device security. The first is that companies must understand the unknown, meaning establishing a comprehensive understanding of unexpected IoT devices, picking out overlooked devices, and establishing a complete list of IoT equipment.

The second step is to keep track of all devices connected to the network. Doing so allows companies to disconnect old inactive devices, as well as take back remote management rights for devices that are no longer needed.

Lastly, companies should use micro-segmentation to protect IoT devices in secure areas strictly controlled by the company. This will prevent hackers from moving laterally on the network. Companies should also implement a zero trust architecture to reduce possible threats to information security by giving minimum connection and access permissions.