- July 15, 2021
- Catagory Workplace
As offices move to a mix of remote and office work, hybrid security takes on a new meaning. It’s no longer just about securing public cloud services along with on-premises data centers, but also securing the hybrid office.
While many organizations want to go back to pre-pandemic office occupant levels, some are looking at easing into the return to work. The hybrid office will see fewer workers on-site at a time, with employees splitting their time between home and work. Not only do IT teams need to secure remote workers, but they must also be able to secure a workforce that’s even more dynamic. In some ways, every worker is becoming a road warrior that must be kept track of.
Keep tabs on hybrid office traffic
The pandemic brought on a very sudden shift to remote work, but the easy part was every employee was in one place all the time. The hybrid office means workers will be back and forth a lot, and the flow could be uneven and unpredictable, especially if they’re hot desking while on-site.
Hybrid security means you need full visibility and control over all traffic in both your on-premises data center and public cloud platforms, with a clear understanding who is responsibility for security and what the available tools and functions are, but with the added context that many mobile workstations are moving back and forth between two locations. Streamlining applications and platforms, and the tools need to secure the hybrid office, will help to make these traffic patterns clearer. More dashboards to stare at aren’t better.
Employee cybersecurity training and awareness remains key in the hybrid office era. Most business users are not security experts, but people are a critical factor when securing staff who can work anywhere. You need to have policies and controls to govern access to corporate applications, data and infrastructure while also making it easy for people to do their work, so they don’t try to circumvent hybrid security measures. Again, you want to reduce complexity, while still controlling access.
Hybrid security should take a Zero Trust approach
If you want to fully secure your hybrid office, consider taking a Zero Trust approach as to limit user and device access to the applications required to complete work functions.
A Zero Trust architecture assumes everyone is a threat unless they can verify their identify. Requiring employees to do so no matter where they’re working will go a long way to strengthening the security of your hybrid office. Even when employees are in the office—inside the perimeter, so to speak—robust user identification, authentication, authorization, and access permissions remain essential.
In addition to Zero trust approach, you need to always think about security in tandem with networking by leveraging SD-WAN, next-generation firewalls, and advanced routing capabilities. When your employees can work everywhere, your networking becomes a key factor in your hybrid security, just as it does in a hybrid cloud or multi-cloud environment.
Think about flexibility and the future
Many workers want the flexibility of the hybrid office, so you need to consider the future of work as part of your overall security strategy.
Connectivity is key to embracing new cloud platforms and supporting workers wherever they want to work, but it must always be paired with security. You should assume the hybrid office is here to stay and that it will guide your cloud, mobility, and security strategies. A managed security service provider can help you architect your business for the future of work and help you to secure the hybrid office at scale as technologies and threats evolve.
- May 31, 2021
- Catagory Security
After more than a year of focusing on securing remote workers, it’s time to prepare your office for a hybrid workforce and reinforce your wireless security.
The threats to your on-site wireless security haven’t gone away and having workers who are in and out of your office post-pandemic ends means the network security landscape is just as dynamic as ever. The hybrid workforce is a stark reminder that there is no network perimeter, and you must constantly review your network security checklist—Bring Your Own Device (BYOD), the Internet of Things (IoT), and ubiquitous connectivity remain important considerations.
Secure your office for a hybrid workforce
As people come back to office, the best practices for wireless security are more important than ever, especially as many employees may no longer have a permanent office or workspace as hot desking becomes more prevalent. In addition to guests, you’ll have employees connecting to your office network on-site in an inconsistent manner with devices that are connecting a variety of other networks, whether it’s the employee’s home network or a wi-fi hotspot as it becomes possible to work from coffee shops again.
Now is a great time to review your management policy for all IT endpoints and provide refresher courses on wireless security for your staff. For some organizations, a hybrid workforce was already familiar to them before the pandemic, but for others it will be just as jarring as going fully remote. Given that you’re about to experience another paradigm shift, it can’t hurt to bring an outside partner to evaluate your current wireless security posture.
What’s in a name
A good place to start is to review your inventory of wireless routers access points.
No matter how many you have or where they are located, you should review their service set identifiers (SSIDs) to make sure they are suitably named as to be found by authorized users, but not so easy for unwanted guests to connect to because the names are obvious or remain the factory default. Your network naming should be just as well thought out password selection—avoid creating one that’s likely to help a hacker guess the network password. Rotating passwords and SSIDs can also make it harder for devices and networks to be breached, and the more unique, the better.
With a hybrid workforce, you may want to segment your network so that transient employees have dedicated wireless access points to connect to that are separate from employees who are back on-site full time. Either way, you should hide your SSID so only users who know the actual wireless network name can search it out.
Apply access controls
Even before the advent of the hybrid workforce, there was never a need for every employee to access the same network resources or devices. Just as you segment wireless router access, consider giving specific users access to specific devices such as network printers depending on whether they’re occasionally on-site or in the office everyday.
No one needs to be connected to every device in the organization, so segmenting access will limit the impact of a breach should one endpoint be compromised. At the end of the day, not all employees are equal, including post-pandemic visitors, who wireless access for their mobile devices. Adopting a Zero Trust model for wireless security can go a long way because it’s based on the mindset that organizations shouldn’t automatically trust anything inside or outside its perimeter—every connection must be verified, whether it’s an endpoint, switch or IP address if the organization is to prevent breaches.
Secure and scan everything
Wireless security demands that all access points been encrypted, and yet surprisingly, many wireless networks are left wide open, making them easy avenues for threat actors to gather sensitive information, or as a means to gateway to hack more secure systems.
No matter how stringent your wireless security, it’s often just a of time before someone or something gets past the firewall because today’s cyber threats are so persistent. The trick is to balance security with productivity—you don’t want it to be a barrier to getting things done, otherwise employees will find shortcuts around it whether they’re working at home or in the office.
If you’re feeling rusty about in-office wireless security and would like a refresher to prepare your organization for the hybrid workforce, seek out the help of a managed security services provider.
- May 18, 2021
- Catagory Security
The Zero Trust model for security isn’t new, but it’s getting more attention due to the massive shift to remote work.
Also known as the Zero Trust Network or Zero Trust Architecture, it’s a model that was first created more than 10 years ago by then Forrester Research analyst John Kindervag. It has since become more mainstream thanks in part due to the evolution of security technologies, but also because remote work has made it more challenging to secure enterprise networks.
The ABCs of Zero Trust
Zero Trust isn’t just a suite of technologies you buy. It’s a security model based on the foundational belief that organizations shouldn’t automatically trust anything inside or outside its perimeter—every connection must be verified, whether it’s an endpoint, switch or IP address if the organization is to prevent breaches.
Even before the massive uptick in remote work last year, the Zero Trust model recognized that organizations already have an increasingly porous network perimeter—it was no longer a castle surrounded by a moat. The old model assumed everything already inside was cleared for access. The Zero Trust model is a paradigm shift in that it assumes everything is a threat it until it’s certified safe. It also recognizes that once a hacker gains access via a single vulnerable spot, they can easily move around the enterprise network and attain increasing levels of access.
Zero Trust combines technologies with governance policies as to segment access at a granular level, taking into account the user, their location, and other information to decide whether to authorize any user, device or application. It’s not enough to authenticate the user, even if it is the CEO or CFO, but also the device they are using to gain access to the enterprise network, and where they are physically. Even if the user can be authenticated, policy may decide that the location—a coffee shop Wi-Fi hotspot, for example—isn’t secure enough. Or, it may decide that the user can’t access the network with a personal device, only one that was issued by the organization.
While technologies such as multifactor authentication, analytics, encryption, and file system permissions all play a role in a Zero Trust architecture, governance policies and good habits are just as critical to realizing its benefits, and that includes remote work environments.
Applying Zero Trust to Remote Work
For organizations to truly benefit from a Zero Trust model in the era of remote work, the same mindset must be brought into the home.
Whether they’re accessing the Internet for work or personal reasons, users need to apply a Zero Trust approach that keeps the wrong people out. And it’s more than just security awareness training or a strong password policy. Users at home should always be questioning every interaction online, including emails and texts with links, and communications that seem out of character by the sender, even if it appears to come from an official source. Phishing attempts and other attacks rely heavily on complacency, so a Zero Trust requires vigilance out of habit.
A common threat to enterprise network security in the remote work era is sharing passwords across work and personal devices and granting access to corporate devices to family members for personal use. The average person may think this is harmless, but a Zero Trust model requires that every employee think about their behaviour from a security perspective. Careless uses of a corporate device by a family member could compromise the enterprise network and lead to a data breach.
Zero Trust means password and device sharing a no-no. Every home user should have their own separate passwords and device as much as possible, and devices should either be for personal use or corporate use, not both.
These habits and overall mindset are essential to successfully applying a Zero Trust approach to security in the organization, regardless of where employees are doing their work. Having the right technology is a critical enabler, but you need the right governance policies and employee engagement if you’re to fully secure your business.
- April 29, 2021
- Catagory Security
If you’re looking for ways to secure remote work environments, there’s no shortage of dos and don’ts.
And while there’s always a danger of impeding employee productivity with cumbersome security, there are polices and procedures that balance threat protection with efficient business operations so that you can secure remote work environments without creating barriers to getting things done. Often, it’s just as much about how you implement security, not just what implement.
Encryption should be end to end
Security implementation should never be half-hearted, which is why bi-directional encryption of data and communications is an essential enabler of secure remote work environments. Ideally, you should embrace the cloud so you can leverage a web platform that is completely secure so it’s the primary means for remote employees to get their work done. You should also use strong VPN connections to secure remote work environments. All it takes is one vulnerable employee to be exploited by a threat actor to put your entire network at risk.
Secure all devices
Similarly, all workstations and devices accessing applications and data via your network must be fully secured without any workarounds—that includes the executive team. Giving one employee a pass to use a smartphone or laptop that doesn’t adhere to security policies and procedures is a data breach waiting to happen. Take advantage of tools that evaluate the vulnerability of all devices, and make sure all of them can be managed and updated from a central location by the IT team.
Contain any breaches
Because it only takes one device or one employee to open the door to the broader network, you need to secure remote work environments in such a way where access to a single workstation doesn’t lead to wider access to other systems. Your policies, procedures and chosen tools should mitigate against a domino effect where a single intrusion via one employee’s credentials or workstation can lead to threat actors taking down other systems or your entire network.
Clearly define security policies and communicate goals
Secure remote work environments are more likely to stay secure if you clearly outline security objectives and make it easy for employees to comply. Otherwise, they will find workarounds to make their lives easier, thereby making any security policies and procedures ineffective.
Put someone in charge
Even smaller organizations should designate someone to act as their Chief Information Security Officer (CISO), even if it’s not their only duties on the IT team. The organization will benefit from someone taking point on all things security, including the selection and implementation of tools, the development of policies and procedures, and being the point of contact for both employees and the executive team.
Even if you do have an IT team member who takes on responsibility for security, you may find there’s value in getting external support to help secure remote work environments. A Managed Security Services Provider can help you evaluate your current security posture, make recommendations, and help deploy the right tools, either on a project-by-project basis or through an ongoing partnership.
- April 19, 2021
- Catagory Security
Securing remote workers is a never-ending job, regardless of how many there are at your organization, because there’s always new threats and new attack surfaces to protect.
After a while, it becomes clear to any cybersecurity expert that there are both do’s and don’ts when it comes to securing remote workers. These lessons are based on hard-won experience—in some cases because they’ve experienced a serious breach. However, there’s no reason that every organization needs to learn the hard way, so here’s some of the top mistakes your organization and your employees should avoid when securing remote workers, followed by do that are proven to work.
What not to do when securing remote workers
There’s many things employees shouldn’t do with their office computer and it’s important that you have policies in place to keep them from doing them.
- Don’t tolerate workarounds: Good security should never get in the way of employee productivity or impede business success, but it’s not uncommon for cybersecurity practices to constrain workers so that prompt them to find a way around a security policy. These workarounds might include employees using personal computers to access corporate networks and data without proper vetting of IT or exchanging documents using their personal email addresses saving passwords in the browsers. Employees need to understand the rules are there for reason.
- Do not ignoring warning signs: With more workers at home, it’s even harder to keep an eye on your fleet of workstations, so you need to make sure employees aren’t ignoring any hints their computer at home is under attack. Unexpected browser pop-ops or a sudden change in user settings are signs that unauthorized changes have been made and that the employee’s workstation has compromised. Ignoring these signs could lead to a much bigger problem that could impact the network security of the entire organization.
- Don’t let family use the company computer: With a corporate workstation at home during the pandemic, family members of remote workers may be tempted to use it for non-work-related activities that can lead to clicking on a link that infects the devices and compromises company data and applications.
- Don’t delay software updates and patches: When employees are in the middle of getting work done, they may be inclined to postpone much needed software updates and scheduled security scans when prompted. But the best way to keep workstations secure, no matter where they’re located, is by making sure they have the latest software updates, virus definitions, and other patches. Even in the era where many use Software-as-a-Service (SaaS) applications, operating system and application updates are still critical for robust security.
A few do’s that can go a long way
Some of the above don’ts suggest some do’s that should be happening instead, but here are few other key other do’s that go a long way to securing remote workers.
- Empower and train your workers: If employees understand why security measures are put in place and are given ways of getting things done quickly and efficiently without workarounds, they’re a great asset for protecting the organization. When you have the right people with the right training, it’s hard for a threat actor to gain a foothold within you network.
- Make the move to the cloud: If you haven’t already, migrate your data and applications to the cloud as much as possible. The fewer applications and data that reside on the workstation, the better. While SaaS security has its own set of challenges, a centralized cloud approach is easier to manage, especially in a pandemic, and easier anytime for SMBs with limited IT resources.
- Take a zero-trust approach: The cloud can be an effective security enabler for taking a Zero Trust Network Access (ZTNA) stance. It’s a mindset that’s becoming increasingly preferred because it assumes anything in a network can be a threat and separates remote workers from the network. User access is determined by third-party cloud provider to manage verifications and access to applications. If users don’t have the credentials, then they can’t access data and applications they’re not supposed, even they are legitimately employees of the company.
- Get second a opinion: When it comes to evaluating your security posture, it never hurts get an outside to take a look at what you’re doing and making sure it’s aligned with your goals. And if you’re new to securing remote workers, a Managed Security Services Provider can fill in the gaps, whether it’s just a risk assessment with recommendations or helping with ongoing management of your network security.
The security landscape dynamic even when you don’t have many employees working from home. Having clear policies and procedures in place is an important foundation for securing remote workers, but partnering with a managed services provider that can help you leverage the cloud, implement best practices and policies, and spot common pitfalls improve your overall security posture no matter how many remote workers you have.
- March 31, 2021
- Catagory Security
Software-as-a-Service (SaaS) applications are especially appealing when you’ve got more of you’re your employees working from home, but it’s easy to fall into the trap of believing SaaS security is less vulnerable than the rest of your network security.
Although some SaaS security is baked into the applications by the software provider, the 50 per cent increase in cloud usage for enterprises across all industries in 2020 means the number of threats have increased exponentially, according to IBM Security’s 2020 Cost of a Data Breach Report. It found attacks directed at cloud services, particularly collaboration tools such as Office 365, have increased 630 per cent. Remote work due to the pandemic has been a big contributor to SaaS security incidents, as three quarters of survey respondents reported that discovery and recovery time from data breaches has significantly increased.
It’s not surprising that SaaS security is an increasing concern as threat actors will always go after applications, systems and tools that are popular with businesses and users—it increases the likelihood of success because for them, it’s a numbers game. The increase in attacks is a reminder that regardless of the cloud platform you choose, your provider does bring a lot to the table in terms of SaaS security. However, when you have more than one provider and multiple SaaS applications deployed, you must remember that SaaS security is a shared responsibility.
The increase in cloud and SaaS applications deployments coupled with a dramatic increase in remote workers means organizations need a framework to guide their SaaS security.
Complexity threatens SaaS security
When you have so many applications and systems in place, adequate SaaS security can be a challenge, even when cloud providers include their own security controls. Even without the uptick in remote work, endpoints have continued to grow as workers access data and applications from multiple devices from wherever is convenient for them.
With each and every worker, endpoint, and application added to the enterprise network, SaaS security becomes more susceptible to threats because the overall attack surface is larger. Because data is spread across many different applications and environments, the complexity and sprawl raises the risk of compliance and data breaches. Even before the pandemic hit, there was a growing need to bolster SaaS security as lines of business are increasingly spooling up applications as needed, independent of IT supervision—departments such as marketing, human resources, and finance all have their own SaaS applications accessing and managing critical business data and intellectual property.
Organizations may be inclined to add more and more security tools, but the more solutions you have in place, the more work there is to configure, maintain and update them. More people are needed to understand the interfaces and nuances of each and every security tool.
Without some sort of playbook or strategy, SaaS security can quickly become unmanageable.
SaaS security requires a framework and tools
It’s not realistic to have a single security solution to protect all data and applications, but your SaaS security strategy needs to be proactive, not reactive, and ensures your IT team isn’t overwhelmed by alerts from multiple dashboards.
One approach to keep your SaaS security posture robust is what research firm Gartner defines as SaaS Security Posture Management (SSPM), which is part of its SaaS Security Framework. SSPM tools allow for enhanced controls to better secure SaaS applications and data through monitoring native SaaS security configurations, automation of remediation, and reporting non-compliance. The key to any good SSPM solution is the capability to assess your SaaS security posture in a manner that’s automated and customized, according to Gartner. Much like compliance, SaaS security is a continuum that requires constant monitoring and adjustment.
Although SSPM solutions add to the arsenal available for IT teams to establish strong SaaS security, adopting them and moving to a framework that allows these SSPMs to streamline processes, automate workloads and reduce demands on the IT staff do require some upfront work. While cloud providers who are delivering SaaS applications can play a role in helping to configure these solutions to secure their applications, you should consider partnering with a Managed Security Services Partner (MSSP) who can advise on your overall SaaS security, as well as implement and even manage it on an ongoing basis.
- March 16, 2021
- Catagory endpoints
In the era of remote work, having a robust endpoint protection platform (EPP) in place is even more critical for maintaining network security. If you’re struggling to scale up to effectively secure each and every endpoint, you need to consider a cloud-based solution.
Even after many employees return to the office post-pandemic, a cloud-based EPP will continue to be essential for safeguarding organizations that have a great deal of remote workers because it makes it easier and more cost-effective to protect any workstation regardless of location, whether it’s desktop or laptop computer, or a smartphone or a tablet.
Prevention is just the beginning
An EPP is more than just anti-virus—it combines next-generation antivirus with more advanced security tools that leverage detection technologies such as signature matching, behavioral analytics, anomaly detection, and machine learning.
While different EPP offerings vary in features and functionality, there are a few things that should be included in any solution you may be considering. For starters, it should be able to prevent bad things from affecting your systems, such as malware and ransomware attacks, by applying behavioral analysis and machine learning to ward against file-based and fileless malware. It should also provide a great deal of endpoint control, including the ability to configure firewalls, ports, and devices.
But while prevention is table stakes in an EPP, you should be looking for more proactive capabilities if you’re to keep pace with the threats to your cybersecurity
Be more responsive
You shouldn’t just settle for comprehensive detection capabilities in an EPP. Because there are so many threat vectors to manage, you want to be able to respond automatically and effectively whenever possible.
To this end, EPP solutions are adding detection and response (EDR) capabilities so that you can detect, investigate, and remediate through automation capabilities, while also having the ability to customize the platform for your environment. Today’s EPP and EDR platforms recognize that the sheer volume of security alerts are far more than cybersecurity analysts can address without being able to automate some tasks.
Ideally, you want to streamline the number of tools implemented by your cybersecurity team—one per category is enough, although it’s fine if you want to take a best-of-breed approach rather than a single solution. However, having multiple firewall products to manage creates more problems than it solves. Open source solutions may also make sense because you can leverage the community support optimize them for more effective security. You should also keep the door open for integration with third-party solutions that add specific capabilities you need to secure your environment.
Ideally, an EPP implementation should not only improve security but also productivity of your IT staff, which is why it’s important to avoid complexity.
Simplify security with a partner
An EPP doesn’t have to be yet another costly cybersecurity implementation that must be maintained and managed. Cloud-based solutions facilitated by a managed service provider along with their team can help with detection and incident response, and even proactive activities such as hunting and penetration testing.
For smaller organizations, tapping into the expertise of a managed security services and availing itself the capabilities of a modern, cloud-based EPP can go a long way to keeping up with endpoint security requirements and mitigating the threats that come with a remote workforce.
- February 25, 2021
- Catagory Security
The ability to work anywhere was already driving cloud security trends before the pandemic hit, but remote work played a heightened role in 2020 and will continue to do so as employers maintain a hybrid approach to staffing—many will continue to work from home even once others return to the office.
That means many of the cloud security trends we’ve seen over the last year will continue for the foreseeable future, and the cloud will be part of the solution in securing proliferating endpoints.
Remote work has led to more attacks and shoring up of cloud security as endpoints proliferate. Mix in adoption of 5G networks and SD WAN, and you’ve got a recipe for even more attack surfaces that look tempting to hackers. Cybersecurity teams need see every endpoint connected to the network and how they impact cloud security as users connect to public services as well as those still run on-premises and some delivered by managed service providers.
Cloud security misconfigurations
As remote work remains a reality for many employees, it unfortunately means misconfigurations of cloud security will continue to pose a risk to the organization. Easily providing access to applications and data to many users and endpoints requires a robust security strategy that enables IT teams to see all the data traffic traversing its corporate network and across various cloud services. It’s critical that they understand who is responsible for securing what, as it can differ depending on the cloud service provider while improving identity and access management adding better cloud security controls. This should include the use of multifactor authentication to protect user credentials and help to avoid common threats such as phishing attacks.
Continued reliance on VPNs
Virtual Private Networks (VPNs) have always been an essential tool for enabling remote work, and they will continue to be necessary to enable employees to access the corporate network securely. Provisioning, maintaining, and securing them through robust encryption will continue to be a high priority task for cybersecurity teams as relying on consumer grade VPNs downloaded by home users for personal devices present too much risk to the organization.
Security awareness training
End user behaviour has always had an impact on cloud security, but as remote work continues, organizations must make sure they put time and resources into cybersecurity awareness training from the C-level on down. Every employee, including remote workers, must understand how data breaches and other security incidents, whether caused by threat actors or honest mistakes, can disrupt business operations and the resulting consequences.
The answer is in the cloud
As much as remote work poses a threat to cloud security, the cloud is likely to provide the solution. The traditional network perimeter has arguably been long gone for years with the rise of the cloud, distributed and global workforces, and the Bring-Your-Own-Device (BYOD) trend that is now par for the course.
Just as many applications and data now reside in the cloud, organizations need to transition to more security being delivered via the cloud, and that includes the securing of endpoints. Cloud-delivered endpoint protection platform (EPP) will become essential for safeguarding organizations that have a great deal of remote workers, even after many employees return to the office.
EPP will make it easier for you to protect any workstation regardless of location, whether it’s desktop or laptop computer, or a smartphone or a tablet. And while this may look like yet another time-consuming and costly cybersecurity implementation that must be undertaken, it’s something an experienced managed service provider can help you to cost-effectively deploy and manage to maintain both security and availability of applications and data as remote work continues.
- January 14, 2021
- Catagory Security
It’s still open for debate as to whether remote work is here to stay for everyone, or if a year from now everyone will back in the office. Reality is probably somewhere in between, which means IT teams must find a balance between security and keeping employees productive.
In many ways, the Covid-19 pandemic accelerated trends already in play as better connectivity and cloud computing have made it easier for workforces to be more geographically distributed. Instead of corporate satellite offices with small teams, however, we have home-based offices of one.
IT teams need to assume that there will be at least a hybrid workforce for the foreseeable future and that security for remote work will continue to be a high priority. The trick is to keep the organization secure without impeding productivity.
Hybrid workforces work odd hours
The age of remote work is more than just applying security to more endpoints accessing the corporate network. IT teams need more management tools to support remote workers while extending support hours as employees embrace less traditional schedules to accommodate their home life. Digital workers are expected to embrace “time blocking” and “time slicing” to juggle all their commitments.
IT teams will need to bolster their own remote collaboration capabilities so members can work more efficiently with each other, but also with other departments, such as human resources to onboard new staff remotely. This includes provisioning new remote workers with corporate-issued equipment or configure their personal devices.
In addition to supporting remote work, we are likely to see a move toward “hoteling,” which is when employees book an on-site work site for a few hours or a day. These facilities must also be equipped and provisioned with connectivity and hardware, as well as maintained for cleanliness.
This hybrid workforce means IT teams must rethink how they deliver service to employees and view their relationship as partnership that supports productivity for everyone—this includes delivering a high-quality user experience that helps employees work better without compromising security.
Productivity should not compromise security
The trend toward more remote was always going to have security implications.
In the early days of the pandemic, the focus was getting employees productive at home. However, the price tag appears to have been a spike in malware incidents and other poor security behaviors. According to Wandera’s Cloud Security Report 2021, 52 per cent of organizations dealt with a malware incident in 2020 compared to 37 per cent in 2019.
The rise in incidents can be attributed to a more relaxed work environment for employees, who are likely using a single device for most of their online activities—personal and professional. Employees feel free to install whatever applications they want, whether it’s their device or one issued by the company. Adopting cloud-based and Software-as-a-Service (SaaS) applications also impact security as lines of business spin up apps for their own uses without oversight by the IT department.
Keep security simple to enable employees
As much as remote work has created new threats for security, the solutions for IT teams aren’t all that different.
Regardless of they work, security awareness training for employees continues to be a key tool for defending against threat actors. IT teams must engage regularly with users to remind them of how they should log into applications, which applications are approved by the organization, and how they should report an incident if it occurs. Employees should understand they play a role in protecting the organization and its mission-critical business information.
If IT teams are work in partnership with users to balance remote work productivity and security, simpler is better so that any solutions implemented enable a pleasant user experience. This encourages users to follow protocols rather than bypass them because they’re seen as a barrier to getting their work done.
Sanjeev Spolia is CEO of Supra ITS
- December 29, 2020
- Catagory Security
Penetration testing must be proactive, but many organizations often do theirs in response to an incident. Since the worst time to learn how to fight a fire is amid an inferno, the right security partner can help create an effective program to ensure regular testing that improves cybersecurity posture.
Before you even select a security partner for network penetration testing, you should set up guidelines for what might prompt such a test—and it’s not an emergency such as a data breach. Instead, think of milestones within the organization that might require a test of your information security. Aside from compliance obligations, common examples include a new web-based application that allow employees to access data remotely, a desktop or operating system refresh, or new network access points such as routers.
All these potentially can be misconfigured and present vulnerabilities that may not be immediately obvious to internal IT teams, who already have a lot on their plate.
Get a second security opinion
A security partner with deep and extensive penetration testing capabilities has experience that enables it to poke holes in information security and find vulnerabilities their customers won’t. It’s their business to be up to speed on the misconfigurations and current threats, including those in the latest software and hardware that might allow a threat actor to steal data or take control of a system.
An outside security partner can put together a penetration testing plan that considers your infrastructure, including new switches and servers, as well the motivations for doing the test: Is to meet compliance objectives? Satisfy a potential customer? Meet industry standards? If you’re not sure why you’re doing penetration testing but do understand it should be part of your information security program, a partner can help you understand the benefits.
Partner for the long term
Just as all penetration tests are created equal, neither are security partners who perform them, so you need clear selection criteria.
Ideally, you want partner with an organization over the long term, so you should take the time to evaluate the methods of a potential service providers, as well as the skill sets of the testers they employ. Understanding your compliance requirements to guide penetration testing is a good start, but you should work with your security partner to define your goals and make sure their capabilities are in alignment with them.
You also need to be prepared for them to find problems—set your ego aside. The whole point of penetration testing is to be able remediate problem areas and improve your overall security posture. Most of all, remember that testing shouldn’t be an occasional, scheduled, tactical activity to tick off boxes on a compliance checklist. It’s part of a broader exercise for protecting sensitive data and is a contributor to your competitive advantage—documenting and certifying your penetration testing can differentiate you in your industry and build trust and credibility with customers.
The right security partner can help you develop a penetration testing regime that’s driven by milestones in your IT environment as well as compliance requirements and critical business information that allows you to remediate threats iteratively and effectively.