With much of the world working from home, cyber criminals are trying to exploit vulnerabilities in every business to steal valuable information. Geert Busse, NGS Business Lead, EMEA, explains how to keep your data locked down, your network protected and your people safe as we move to a more flexible, remote workforce.
1. Don’t get hooked
The overwhelming news coverage surrounding the novel coronavirus has created a new danger – phishing attacks looking to exploit public fears about the virus. Coronavirus-themed phishing emails can take different forms, including alerts from government bodies, health advice and workplace policies. Alert users to the dangers and brief them on how to report phishing emails, and use an email security gateway with URL analysis, machine learning and sand box detonation to stop sophisticated phishing emails.
2. Fix the flaws
The majority of cyberattacks have one thing in common: they target known vulnerabilities in systems and third-party software. WannaCry and the Equifax and BA hacks are all high-profile examples of successful attacks on unpatched systems. Cybersecurity is only as good as its weakest link. If you use outdated systems or software, your end points are left vulnerable and can be readily compromised. Make sure you apply the latest patches and updates to fix flaws and protect your data.
3. Secure the end points
Staff devices on your network are some of the most vulnerable points for cyberattack. Legacy antivirus can’t keep up with advanced threats, and you need to safeguard endpoints on all platforms to effectively block advanced malware, exploits and fileless attacks. Make sure your solution includes antivirus protection, intrusion prevention, data loss prevention and device and application control, with endpoint detection and response to detect malicious behaviour and activity.
4. Zero trust and VPNs
A business VPN allows users to securely connect to your corporate network to send and receive files, data and applications from anywhere – which right now is from people’s homes. Simply put, a VPN creates a virtual encrypted tunnel between the remote worker and a server connected to the internet. All internet traffic is routed through this tunnel, so data is secure from prying eyes. Attackers can’t see your remote server on the internet, and they won’t be able to intercept communications between your employees and your network. Even safer, Zero Trust Network Access (ZTNA) solutions provide secure access to private apps without access to the enterprise network.
5. Identify and verify
Implementing multi-factor authentication (MFA) across internet-facing assets is one of the most effective ways to prevent unauthorised access to sensitive data. MFA can safeguard often overlooked points of authentication, such as email and business applications. Without MFA, an attacker can exploit an exposed email account or compromise a poorly-protected application to gain access to additional user information – or even worse, get a “foothold” to escalate privileges and gain access to your entire environment. MFA delivered as a cloud service can significantly reduce deployment time.
6. Collaboration is key
Collaboration tools enable your teams to meet, communicate, collaborate and share data safely when they’re apart and working remotely. They also prevent them from using private apps that are not safe or sanctioned and monitored by IT. Online collaboration tools such as MS Teams or Webex Teams give you total control over who sees your data. You can set permissions, only allowing certain individuals or teams to view a document or a series of documents. Leading vendors also put strict security measures in place to ensure that the software can’t be hacked.
7. Avoid data leakage
On average one out of four employees has installed software on their business devices that was not approved by the IT department. According to Gartner, 30% of successful attacks on enterprises are on unsanctioned shadow IT resources. Use a Cloud Access Security Broker (CASB) to help you find out what people are actually using, control data through granular policies and protect your data at the file level in a simple, manageable way. They provide deeper visibility, comprehensive controls, and improved protection for the cloud applications your employees use – sanctioned or unsanctioned.
To find out more about how to secure home workers, get in touch. Our team is on hand to guide you through the considerations and advise on the best solutions for your needs.