The shift to working from home has raised new worries for IT security pros, but observability might be part of the solution.
For 15 months, enterprise IT security professionals have worried about the pandemic-fueled shift to work from home (WFH). The worries go on as employees and employers decide that WFH should be a permanent fixture, even though it opens security concerns. But observability might provide some relief.
Take the case of the US Department of Defense, which had its own wave of WFH. The department – with 2 million military personnel and civilian employees — found an “immense increase” in WFH and interest in making some WFH arrangements permanent. That trend, in turn, has expanded the cyberattack surface of agencies, according to Government Computer News.
So, the Defense Information Systems Agency is determined to transition to zero-trust networks. That would require all users, whether inside the enterprise network or not, to be authenticated and constantly validated. The concept also calls for enforcing least-privilege access rights.
Zero trust is an example of where observability can pay dividends for all types of enterprises, not just the military. The early steps toward zero-trust security include taking inventory of all users, applications, databases and other areas to protect. Then the team maps out likely risks, classifying both devices and the level of risk each element holds.
The GCN article noted that security teams next must “track all transaction flows”. That is where observability comes into play. By constantly monitoring and capturing data from logs and transactions, security teams can use artificial intelligence to track activity against performance baselines. Any aberrations may indicate current or potential attacks.
WFH didn’t create the need for strategies such as zero-trust security, but the image of tens of thousands of employees working on home networks shared by family members and friends or logging in by smart phone from local coffee shops certainly highlighted security concerns.
IT security and observability
The idea of observability and AIOps playing key roles in enterprise security strategies isn’t new. However, the reliance on WFH during the pandemic and the continued interest in WFH and remote computing options in general have given security pros the night sweats. So, observability might ease the frets at least somewhat.
AIOps and observability certainly aren’t easy fixes for the security challenges of tomorrow. At minimum, just getting the tools and culture in place across a large enterprise will take time, but they do offer promise of better days. That’s more than we all had a year ago.