It’s strange times when physical health, safety, and one’s children are completely relevant to a conversation about cybersecurity. And yet here we are.

“You never thought you’d be talking about this intersection of sorts — society, work from home, my kids. Add this to the list of wacky things from COVID-19,” Edgewise Networks CEO Peter Smith said.

In addition to discussing school closures, lack of child care, trying to help 6-year-olds learn remotely, and what this all means for working parents well into the summer and possibly longer, we also talked about some security-related consequences of the pandemic, the rapid shift to remote work that it induced, and how zero-trust security can help.

Edgewise, a microsegmentation and zero-trust networking provider, saw one company shift to remote work by literally moving employees’ workstations out of the office and into their homes. “You had an IT organization outfitting these things with WiFi adapters, because most people aren’t going to have a Ethernet connection in their home these days,” Smith said. “So you’ve got devices that used to be plugged in, hard-wired to a switch, presumably in a completely isolated network, and that was for a reason, that’s now outfitted with WiFi dropped into people’s home networks. The implications of that are deep and scary.”

This shift to remote work is hastening a couple trends, Smith said. First, it’s sending a growing number of companies’ IT systems and workloads to the cloud because they can no longer send employees to an on-site data center to monitor these systems. This means security controls and processes that require physical access — like on-site security operations centers (SOCs) and air gapping to ensure secure corporate networks are physically isolated — are no longer viable options to protect networks and corporate data.

For this reason, zero-trust approaches to network security become more important. These assign rules and policies to workloads, virtual machines (VMs), or network connections, and then only allow necessary actions and connections in a workload or application while anything else gets blocked. This provides high levels of assurance that only the correct users and devices are accessing what they need without requiring physical access.

Because of their newly remote workforces, more companies are looking to zero-trust security to protect their networks and workloads, Smith said. “Organizations are trying to figure out not just how do I get access, but how do I do so securely,” he said. “Zero trust is this philosophy around remote access and workload protection that gives you the convenience you desire with the security you need.”

And second, it’s shifting security to the endpoint. “Because the network is not yours,” Smith said. “My home network isn’t my company’s. Azure’s network is not my company’s. And you don’t have the same control that you have over your data center, your office, your WAN. You simply do not have those injection points to be able to harness the control of the network. So you have one alternative: shift the security focus to the applications and the devices, not the network itself.”

Companies should take a layered approach to securing endpoints so that the network protections essentially follow the user. “Network segmentation, application control, next-gen anti-malware, EDR [endpoint detection and response], log collection, aggregation and analysis, network monitoring, filtering — that can be roughly translated into a network security stack,” Smith said. “Those all need to be shifted to the endpoint.”