Zscaler Cloud Platform

Dirty Devices: Are They on Your Network?

When COVID-19 was first declared a pandemic, companies scrambled to get employees working away from the office as quickly as possible. The speed at which this shift needed to happen posed some serious challenges for businesses, especially those already struggling to provision managed devices for their existing remote workforce. Additionally, providing a seamless transition to this new, work-from-anywhere—and on any device—world has led to dips in productivity for businesses whose infrastructure simply couldn't keep up with the new demands.

While helping our customers navigate these challenges, we found that many companies had difficulty purchasing additional managed devices for their large, newly remote workforce. In many cases, IT teams asked employees to use their own devices for work to prevent interruptions in business continuity. In doing so, security concerns wound up taking a backseat to the need for speed.

Fast forward five months, and now we have a situation in which users are connecting to corporate networks using a myriad of personally owned devices and connecting on unsecured home networks. Unfortunately, devices can become infected with malware without the user’s knowledge, which drastically increases an organization’s risk. In light of these threats, IT teams must adopt a new security posture built around zero trust that prevents dirty devices from harming an organization’s distributed networks. 

The last thing IT would want to do is put dirty devices on the network, right?
 

Understanding device posture

Devices that have been used for remote work and for personal use should no longer be trusted by default. Instead, the device and its posture must be fully vetted before it’s allowed to connect to the network. To do that, you need the proper information about the endpoint (type, software, OS, device health, etc.). This is why we’re partnering with CrowdStrike, which provides endpoint security and remediation in the case of infection.
 

Adopting zero trust network access (ZTNA)

Getting insight into the devices your employees are using is important. But another essential part of protecting your network and everything on it is to keep devices off the network altogether. 

Zscaler Private Access (ZPA) is a ZTNA service that decouples application access from network access. In this case, devices are never inherently trusted, but are only provided access to applications based on policies and only after proper authorization and authentication have taken place. With ZPA, user devices are never on the network. Instead, the internet is used as a medium to connect specific users to specific applications. ZPA enables secure access to private applications and integrates with CrowdStrike to pull relevant information about the endpoint. 
 

Security at the new edge

With remote work, security must extend beyond the classic network perimeter. The new perimeter is the user, the application being accessed, and the device being used. Supporting this model must be IT’s priority for the foreseeable future to enable work from anywhere and scale as needed. Continuous assessment of the device, zero trust network access with ZPA, and remediation can protect networks and applications against the spread of attacks by dirty devices.

shutterstock_600760271


Delivered as a cloud service, ZPA is designed to connect the right users to the right applications, while scaling across all devices. For employees connecting from home, office, or any other network, ZPA consumes information from the endpoint to continually assess permissions based on context—the user’s location, device, application, and more—and provides a fast, secure, and seamless way for users to connect to applications.

With so many people working on their unsecured home networks using personally owned laptops and smartphones, there can be no doubt that many devices have already been exposed to multiple threats. According to ThreatLabZ researchers,  there was a 30,000% increase in cyber attacks leveraging COVID-related lures to target consumers and corporations. Attackers are exploiting public concerns related to the pandemic to trick users globally into downloading malicious apps, many of which give cybercriminals access to these devices and their data.

Knowing that devices have been under attack—and there’s a possibility some of those attacks have successfully infiltrated your users’ endpoints—there are two steps you must take:
 

  1. Test the devices to ensure they have not been compromised so that they cannot spread malware to other devices and networks.
     
  2. Prevent devices from connecting to the network. 


The threat of dirty devices is real, so you can’t do one or the other. You need to do both. Whether your employees are continuing to work remotely, or they’re beginning to go back to the office, you must ensure that their dirty devices don’t place your network at risk. 

By combining ZPA and CrowdStrike, you get end-to-end security and protection—from the device to the application. User access is restricted using device posture that is provided by CrowdStrike and connectivity provided by the ZPA service. This combination delivers secure access to applications with complete context of every user and device’s identity, location, and posture.
 

Additional resources:

Watch the webinar: Ensuring Business Continuity By Securing Your Remote Workforce

Explore the microsite: Support Your Work-from-Anywhere Initiatives


Kanishka Pandit is a product marketing manager for Zscaler Private Access

Stay up to date with the latest digital transformation tips and news.

By clicking the submit button, you are agreeing to our privacy policy.