Working from Home During COVID-19: Secure Access for Remote Workers

Apr 16, 2020
4 minutes

These last few weeks have been challenging for employees and employers alike – we have all had to manage the stress and concern of COVID-19 in our personal lives while trying to keep our organizations functioning. The speed and demand of transitioning many users to full-time remote workers is unprecedented, and many IT teams, applications and products are struggling to keep up. This experience may be the beginning of a permanent shift in how we approach working, with a renewed focus on the ability to scale up remote users while keeping security at the forefront. 

Given the need to rapidly scale up, there are some important considerations for organizations as they begin this process. No matter what approach or vendor you select, two questions should be asked: how does your existing architecture scale and how effectively does it allow IT to create the granular policies that will secure my organization? Speed and agility are the focus right now, but long-term impacts like security, user experience and ease of management should also be considered.

Let’s consider this scenario: In the current climate, video streaming services have also had unprecedented demand and have needed to adapt quickly to scale up. If your favorite streaming service had to deploy individual DVD players into a shared data center to meet this demand, are they really capable of scaling rapidly? The same idea applies to your secure access service edge (SASE) or remote access provider, only in this instance, the impacts of slow scaling and poor performance have long-term implications.

Prisma Access, the Palo Alto Networks SASE solution, was purposefully architected to be truly cloud native, leveraging Infrastructure as a Service (IaaS) providers like Amazon Web Services and Google Cloud Platform to enable truly dynamic scale when it is most critical. Due to recent events, we have seen a drastic increase in utilization of Prisma Access. With a cloud-based foundation, the service has automatically scaled, as seen in the graph below.

This graph shows how Prisma Access automatically scaled in response to an increase in concurrent mobile users from March 4-25, 2020.
Concurrent Mobile Users on Prisma Access from March 4 - 25, 2020

Part of ensuring performance and user experience with any SASE product is global presence. Users need direct-to-internet connectivity for their critical SaaS applications such as Office365, Google G Suite and Users also expect to see web pages loaded in their regional dialect. For example, people in Spanish-speaking countries expect Spanish web pages, not French. If you are rapidly scaling SASE, consider the provider’s global presence in regions that matter to your organization. COVID-19 has had a global impact and the ability to scale up globally is critical. As you can see in the diagram below, Prisma Access has scaled up worldwide automatically to help our customers conduct business effectively.

This graph shows how Prisma Access scaled up worldwide automatically. The information is broken down by region and covers the period from March 4-25, 2020.
Prisma Access usage by region globally from March 4-25, 2020

Now, let’s talk about security with a real-life scenario. Say, for example, you live in San Francisco. Upon arriving at the airport to board your plane to Houston as expected, you have to go through security where you and your items are “inspected.” Now fast forward to when your trip is done and you head back to the airport to come home. This time, however, there is no security check and you and your items just board your plane. How secure do you feel?

Scale and performance are critical to business operations, but security must not be forgotten! The scenario above is how some products address private access, but just because the traffic is headed “home” to your data center or cloud resources, doesn’t mean you shouldn’t apply security policies. Recently, the sudden expansion of remote workers has left many organizations without enough laptops on hand. The time required to procure and image laptops only delays operations. Some organizations must allow users to use personal devices to access corporate resources in order to ensure productivity continues.

If your SASE or remote access solution isn’t inspecting this traffic, you are greatly increasing your attack surface. Full inspection for security and policy application is essential to ensure that business proceeds securely. The solution you choose needs to enable users to be productive while also ensuring they cannot accidentally upload malware or exfiltrate sensitive data.

Learn more about how Palo Alto Networks is helping to secure and scale remote workforces.

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.