In the world of professional services, reputation is everything. Customers place an enormous amount of trust in their vendors, believing that they take data security seriously. In return these customers give these vendors access to proprietary and often irreplaceable business information. So, it comes as no surprise that any company that falls victim to cyberattacks, ransomware, spyware or malware runs the serious risk of becoming a pariah, greatly damaging its hard-won reputation, and losing many customers in the process.
With mobility now an accepted part of the working environment, IT teams are acutely aware of the heightened security risks that face their networks. As employees work from home or when on the move, they are constantly switching between available Wi-Fi and cellular networks to stay connected. While creating this efficient and productive work-from-anywhere setting for employees is an absolute must for many companies these days, the increased size of the attack surface necessitates more attention to security threats and constant monitoring.
Rock-solid security is no accident
For firms such as Naxion, a consulting firm based in Philadelphia, protecting company employees, their devices and the network all the way to the edge required a new approach. The company’s director of IT, Joe Stern, did not want to take a passive, wait-and-see approach to the integrity of the company’s network.
“I’m always looking for ways to tighten up the security of things. There’s never going to be a shortage of opportunities for that.”Joe Stern, IT Director, Naxion
Intelligent network tools
In one specific example, Stern mentions an employee in Minnesota who connects to Naxion resources from his home on a daily basis.
“When I connect him from his home network to my Naxion network,” said Stern, “I’m excited that we’ve added some intelligence to that connection to make sure that there isn’t anything anomalous happening.”
In this case, Stern isn’t so much concerned with the possibility of credentials being stolen, it’s more about the risk that something on the employee’s network may be attacking his connection and trying to force its way in.
Zero trust – the right place at the right time
Having taken a new approach to hiring and finding talent, Naxion has a much more geographically diverse workforce than it did even two years ago. For Stern and his IT team, this added complexity requires new security strategies that involve zero trust, instantly recognizing and weeding out unusual and unauthorized traffic. Based on a host of different policies, the implementation of zero trust network access (ZTNA) ensures that even if hackers gain an employees credentials, they cannot move laterally through the network to exfiltrate data.
Zero trust works by forcing an employee or a device to prove their identity before being allowed to access data, a service or an application. In the case of Naxion, by implementing the NetMotion platform, the IT team was able to create granular policies and user-access controls while providing Layer 7 threat prevention. Rather than becoming more cumbersome for employees to use, the platform actually streamlined and greatly simplified the reliability and stability of Naxion’s network.
Prepared for change
“(When the pandemic hit,) everybody was worried that there’d be an interruption, but we were just able to keep up. We were ready for it, because the technology we had was suited to the new moment, even if we didn’t see it coming.”Joe Stern, IT Director, Naxion
The year ahead will continue to be an important one for Naxion as it continues to execute its digital transformation goals. One of its key initiatives is to provide all employees a laptop to aid mobility.
“Getting ransomware or being hacked would be a terrible, terrible thing. We are committed to doing everything we can to avoid it. If you don’t prioritize security, you run the risk of having everything that matters to you taken, and your reputation destroyed. That may be hard to quantify, but it would cost a lot more than what we spend on proper software.”
To see more of Joe Stern’s comment on IT priorities and using zero trust technologies to support a growing hybrid workforce, watch the video below.
- Verified IT and security leaders reveal highest-rated ZTNA platforms in new G2 Grids
- Best practices in finance IT: Sven Goelles from Lincoln International
- Inside NetMotion: A security engineer’s view of SASE
- Best practices in public safety: Alex Bowen of the UK’s National Enabling Programmes
- Accountancy firms look for best practices in a “work-from-anywhere” world