Most people think of service providers as simply the companies that connect your phone and the Internet. But service providers offer a much broader range of "value-added" services. One of these “value-adds” is the ability to provide secure access and dynamic protection against malicious sites to anyone using your connection. In recent months, COVID-19 has forced many companies to rapidly reassess the technologies they use to power their business. One area where this has been particularly true is how they approach cybersecurity. When the lockdowns went into effect earlier this year, many companies rushed to implement remote work on a large scale, at least where their business models allowed. In a matter of weeks, large numbers of personal broadband connections at home have become a lifeline in general enterprise IT portfolios. And as a result, the capabilities of these home connections - their speed, stability and security - have become a more important factor in the business continuity of companies. As staff began working remotely, organizations were faced with potentially expanded “attack surfaces” – the number of points at which an attack could be attempted increased dramatically. It is clear that these networks must be secure. It would not have been practical, let alone prohibitively expensive, for cybersecurity experts to implement specific measures on each worker's home network. Clearly, what is needed is an effective security mechanism that also scales effectively. As it turns out, one type of business was, and is, in a unique position to respond to this cybersecurity challenge, and will likely play a significant role as we continue to define and explore the 'next normal.' : service providers.
Service providers are ideally positioned to provide simple and scalable security
In a perfect world, all users would understand the importance of scanning and monitoring all traffic on their home networks. However, this is not realistic. Even allowing for one of the most basic internet security measures, 85% of business users routinely bypass their VPN when working remotely. The chances of an entire workforce effectively and independently managing your firewalls and other home protections are slim. However, for an additional fee, service providers can effectively become the first line of defense against viruses, malware, phishing, etc., by "cleaning the pipe" in and out of the house. Home. This approach has obvious advantages. One is its simplicity. With no software to install or update, the network takes care of itself. Users can accept a service and forget about it. This is especially beneficial for small businesses that do not have the manpower or budgets for dedicated IT or cybersecurity professionals or solutions. Another obvious benefit of remote security is its scalability. No matter how resource-rich an organization is, organizations will find it difficult to implement traditional security solutions on networks over which they have little control or oversight. Solutions that can simply be "activated" remotely provide a much more scalable solution. These systems can also offer extraordinary capabilities. As a standard, we can probably expect them to benefit from constant and automatic updating and to take advantage of wide visibility into international network traffic patterns. In fact, any service provider looking to offer "value-added" security filtering is likely to want to take advantage of the most sophisticated security capabilities on the market. As an example, the Cisco Umbrella system, already used by many service providers, provides a differentiator through better AI-based user behavior and traffic analysis to detect unusual patterns, even in encrypted traffic. Remote security services can of course be activated by third parties. However, activation of these services through SP offers specific benefits. In addition to the convenience and ease of built-in billing, SPs can very easily activate the service with fully automated end-to-end setup. SPs are also uniquely positioned to offer integrated connectivity and security troubleshooting. For example, when a malicious website is inaccessible, SPs are in an ideal position to notify the client if it is a connectivity problem or a security service in action.The demand for remote security will only increase
Secure remote work practices are likely to be one of the main drivers of demand for remote security for the foreseeable future. We are likely to see significantly high levels of remote work continue, compared to the pre-COVID baseline. Many companies will now be looking to get a return on investment from the systems they have implemented. Others will increase the amount of remote work within their companies for reasons of health and safety, staff retention, or operational efficiency. However, there are also other factors that will drive the growth of remote security adoption. For example, all predictions point to increased use of 5G and IoT in corporate networks in the coming years. These networks present many similar challenges: the need to secure a large number of remote endpoints, connected through a service provider, for example. The establishment of a widespread security “frontline” at the PS level has the potential to play an important role in the development of national economies and broader national “digitization” programs. As such, remote security has the potential to offer important and broader societal benefits. After all, as Cisco noted in its recent Digital Readiness Index, there has never been a clearer link between a country's digital capability and its economic and social well-being.Remote workers need security as a managed service
Despite its need, effective remote security continues to raise a number of questions that businesses and governments must answer. For example, service providers may have to charge for these services, but who should pay that cost? Should it be employees, their employers, or even governments as part of broader efforts to digitize countries? And, can security be required at the PS level, given the different positions of countries on whether these services can be "excluded"? However, as we move toward a common approach to these details, there is no question that a service managed by security at the service provider level is a strong first line of defense. Of course, it should be part of an organization's broader ``defense-in-depth'' approach, incorporating various security controls through the use of additional tools such as multi-factor authentication, VPNs, and encryption. We need to make sure that deploying managed security services becomes as much a part of the standard setup for remote workers as provisioning a laptop. In the future, security will be a catalyst for the broader digitization of societies. This makes it not just a matter of asset protection by individual companies, but a "common good."- Paolo Campoli, Service Provider Segment Leader, Cisco EMEAR.