Businesses of all kinds continue to embrace hybrid work as the “new normal,” now making it a permanent offering for their employees. While this shift certainly offers competitive advantages, like talent acquisition and retention, workforce engagement and business resiliency, the newly-persistent nature of remote work introduces a new generation of security challenges for IT teams. Sensitive and proprietary data – once confined to secure corporate offices – are now susceptible to attacks from vulnerable home networks.
A New Era of Home Network (In) security
IT security teams face unprecedented challenges with a work-from-home (WFH) model that expands the attack surface, reduces visibility and adds varying degrees of unknown risks. The critical role of securing sensitive data, corporate-issued devices and business operations in this vastly distributed workforce – amid evolving threats ranging from ransomware to phishing attacks – requires an approach to enterprise security that extends to the home network.
“...with increasing numbers of workers at home, malicious attackers
are focused now more than ever on what is often a
critical security weakness: home devices.” - Forrester Research
Cybercriminals are adapting to this new reality by targeting employees' personal lives in order to target companies. With the digital lines between personal and corporate often blurred and with seemingly limitless tools available to adversaries today, organizations must rethink their approach to risk. Threat actors can easily find the home IP addresses of executives and employees who have access to sensitive data. Once identified, they can target insecure personal devices to breach the home network and carry out lateral attacks against the enterprise. Consumer-grade home routers are particularly at risk with vulnerabilities and overly permissive factory-default configurations that can also be easily exploited.
Zero-Trust Approach to Securing WFH Employees
Similar to past IT challenges with mobile phones, organizations cannot simply hope its employees’ home routers will do a good enough job with security. Consumer-grade routers were neither designed to protect against rapidly evolving cyber attacks nor intended to integrate with enterprise security solutions. With the home now functioning as the new branch office, it needs a similar level of network security as traditional branch offices. That starts with secure routers and appropriate IT visibility.
Continuous visibility is often hindered by WFH employees who turn off their VPNs to wirelessly connect to local printers, boost performance or to use their corporate device for personal reasons. The moment an employee turns off their VPN, they risk exposing sensitive company data to cybercriminals. That’s why so many organizations are moving away from their legacy remote access VPN solutions to a pervasive and always-on ZTNA solution like Prisma Access.
As part of our Prisma SASE launch, we’re excited to announce the availability of the next-generation of enterprise cybersecurity from Palo Alto Networks for the home network – Okyo Garde Enterprise Edition.
In addition to the always-on ZTNA solution for the remote workforce in Prisma Access, Okyo Garde Enterprise Edition extends best-in-class secure access service edge (SASE) to the employees’ entire home network. Okyo Garde is a Wi-Fi 6 mesh-enabled router that brings the enterprise SSID into the home and allows corporate devices to automatically connect to a separate enterprise-managed network in the home. Prisma Access inspects all application traffic, across all ports, with Palo Alto Networks’ industry-leading threat intelligence. Okyo Garde adds another layer of protection by smartly segmenting the corporate network from the personal network to prevent lateral attacks, and can even extend protections to the personal network to secure the whole home.
Okyo Garde Enterprise Edition was designed with a zero trust model to safely and privately secure all devices in the home to provide the same peace of mind while working from home as you would in the office.
One Stop, Zero-Compromise Home Network Security
Okyo Garde Enterprise Edition enables fast, reliable Wi-Fi 6 coverage with a high-performance mesh router that improves throughput and resolves many common connectivity issues, alleviating burden on IT staff. Increased performance coupled with Okyo Garde security and Prisma Access can help your organization in several ways:
- Standardize your security posture – Improve risk awareness of corporate-issued devices, including agentless devices like printers, VoIP phones, hardware prototypes, etc., to identify issues sooner with uniform network-layer enterprise security that is always on. Extend network security policies to home-based corporate networks to ensure consistent and seamless implementation and enforcement.
- Secure the entire home, holistically – Employees can create a completely separate and secure personal Wi-Fi network at no additional cost. Protections include the latest cybersecurity defenses against malware, phishing attacks, ransomware, and other threats.
- Manage your workforce with visibility and scale – With Prisma Access cloud-based management console and Panorama, SOC/IR teams have visibility into WFH security risks and can centralize orchestration for unified management of security policies. Dedicated Okyo services also serve as first-line support to avoid calls to in-house IT staff related to home network issues; and Okyo Concierge (included with Premium Success) provide 24/7 priority access, as well as on-site installation and support.
- Respect employee privacy – The corporate network and the employee’s personal network are smartly segmented, with each having its own unique SSID and sign-in credentials. Employees operate and control their own personal network as the home network administrator via the Okyo Garde app. Employers have no visibility into the personal network, including who’s using it, the devices connecting to it and any activities that occur on it.
A Holistic and Proactive Mitigation Strategy
Although organizations invest in enterprise security to protect corporate assets and sensitive data in the office, they lose critical network-layer visibility and control when employees work from home. This lack of visibility coupled with the increasing number and sophistication of cyberattacks on home networks have elevated the importance of home network security as a key tenet of enterprise security.
In this new era of working from home, organizations require a holistic and proactive mitigation strategy that provides continuous visibility, comprehensive insights, and the ability to identify and stop sophisticated attacks. Purpose-built for today’s modern workforce, Okyo Garde Enterprise Edition boasts high performance, strong security, and privacy to not only extend enterprise security but drive business velocity in an increasingly distributed and digital world.
To learn more about Okyo Garde Enterprise Edition, we invite you to watch our launch event on demand, or contact a sales representative. Okyo Garde is currently available in the United States and Canada.
- Protect Your Work-From-Home Workforce, Forrester Research, Inc., November 30, 2021 ↑