Security tips
The 7 Top Security Tips While Working Remote
Reading Time: 5 minutes

The curtains have opened on 2020, and the scene depicted so far has been difficult to observe.  In early March, COVID-19 literally took over the world, halting our day to day activities full stop. After some negligent optimism and resultant consequences, the 11th of the month saw the World Health Organization finally declare the Coronavirus to be a pandemic, forcing governments worldwide to come to terms with the outbreak and institute measures that would “flatten the curve”.

Countries closed their borders, disallowed public events, forced all nonessential businesses to close their doors and instructed that their employees work remotely. Some jobs cannot be done remotely while others can, and while the former have caused economic chaos the latter simply wreak their havoc on networks.

The primary strategy called social distancing goes hand-in-hand with working remotely, and has been one of the key tactics in limiting the spread of the coronavirus, yet this new way of doing things has its distinct disadvantages. While some experts might say lack of productivity is the biggest issue of the remote workforce, I think security is the biggest issue. 

This is especially true with remote workers and the additional network security challenges and risks it presents. We talked to different security experts who explained this notion, and provided their best security tips when working remotely. Without further ado, here are the top security tips for organizations to follow to fight off any untimely attacks from malicious actors.

Only Connect to Trusted Networks 

Accessing sensitive resources over public Wi-Fi or an unknown connection can prove risky to your remote employees as these connections are easy to hack. Hackers can easily gain access to the company’s confidential and valuable data when employees are connecting to public networks. 

“Many newly remote workers don’t have a dedicated home office and have to go to coffee shops or other public areas. However, public Wi-Fi is incredibly insecure and can leave you and your company exposed — no matter what industry you’re in. The best practice when working outside your home is to use your phone’s personal hotspot as well as a VPN. While VPNs can sometimes slow your connection, a phone’s 4G or 5G service is almost as fast as your home network access, so it won’t be terrible and could mean the difference between your company getting hacked or not.” – Michael Alexis, CIO of Team Building

Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is one of the key technologies in use today for verifying the identities of users. MFA requires that a user requesting access provides not only something that they know (their credentials) but also something that they have (their personal device).

“There are shortcomings with 2FA, as hackers can bypass wireless carriers, intercept or redirect SMS codes, and easily compromise credentials. Multi-factor authentication is more secure as it adds an additional layer of protection. Instead of  just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.” – Aaron Zander, Head of IT of HackerOne

Adopt a Password Manager 

The expectations for secure passwords have undoubtedly increased in recent years. Using common and frequent passwords have enabled hackers to access millions of accounts annually. This is why many experts are recommending that employers encourage workers to use a password manager. 

“If office network permissions previously gave you unfettered access to work software, now you may be required to enter a variety of passwords to gain access. If your workplace doesn’t already offer a single sign-on service, consider using a password manager. It will be much more secure than a written list of passwords left on your desk.” Pieter Arntz, Malware Intelligence Researcher for Malwarebytes Labs.

Use a VPN Alternative like SDP

With more and more organizations enforcing work from home with the current situation, many of them are thinking of implementing a legacy VPN. Network-security-wise, VPNs are not the right route to take and far from an adequate magic bullet – especially as workers go remote and resources move to the cloud.

“Traditional VPN services are too lenient when it comes to visibility and security features. This results in your network and resources becoming more receptive to compromise by hackers. Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. Additionally, in the Zero Trust least-privilege model encouraged by SDP, each employee will gain secure access only to the organizational resources they need for their roles. This drastically reduces the attack surface.” Amit Bareket, Co-Founder and CEO of Perimeter 81

Practice Smart Email Security Methods

Email is the most popular method of communication on the Internet – maybe even on the planet. However, its popularity comes with risks. Hacking emails or phishing attacks are some of the oldest tricks in the book for hackers. It’s therefore important that remote workers know the best email security practices. 

“Whenever you receive an email — even when it’s from your boss, a colleague, be sure to check the sender “From” field and also hover over any links or attachments before engaging with them. Phishing is commonly used to spread malware and to infiltrate businesses’ networks and databases and can be used to pull off business email compromise (BEC) scams. You can also use an email signing certificate (S/MIME) certificate to increase email security.” – Casey Crane, Cybersecurity Journalist at Sectigo

Don’t Use Work Devices for Personal Needs 

Easier said than done, we know, especially when the mirror image of this rule (BYOD, or Bring Your Own Device) is so prevalent. Still, just as it’s important to carve out boundaries between work life and home life while working from home, the same is true of those devices you use in these settings.

“Make sure that you have a malware protection software installed to monitor activity and keep out unwanted intruders. Also, make sure both your personal and business data are hosted on a secure platform that encrypts the files. Ideally, look for a platform that has built-in security timeouts if a device is left inactive too long and allows you to wipe data remotely in the event that your device is lost or compromised.” – Brian Schrader, Co-Founder and President of BIA,

Get Security Hygiene Training 

Fighting off potential attacks from hackers is largely a matter of identifying their attempts, and employees can do so with a little security training. The more trained your organization is with the best avoidance practices, the more the chances of an attack on your network and organization decrease.

“Train and educate your employees about security awareness and protecting company information. Be sure to include situations that are unique to remote workers that wouldn’t normally show up when working on-prem, such as the dangers of using free public Wi-Fi. Instruct employees to disable Wi-Fi and Bluetooth services when not in use, to prevent their devices from connecting to unknown (and possibly malicious) networks.” – Darren Guccione, CEO of Keeper Security

Working Remote, Securely 

With the right amount of security technologies and rules in place, IT teams can add an additional layer of defense versus hackers, and supplement it by encouraging more security hygiene among the workforce. The tips provided by the different security experts above should help your employees work safely and securely no matter where they choose to log in. Take a proactive approach to network security in these days of remote access, and it will continue paying dividends well into the future.

Read More
Can Zero Trust Redeem Fintech?
Reading Time: 5 minutes

Though the ripples are gentler than they once were, the wake of the 2008 financial crisis is still felt today. Financial regulators around the world have since adopted laws that increase transparency and scrutiny alike, making it difficult for traditional banks to operate as opaquely they once did. This has opened the market wide for tech-assisted financial services that people like to refer to as fintech.

It’s a mistake to assume that fintech innovations come from independent programmers or garage development shops, though it has lowered the barriers to entry for providing financial services. Almost all of the world’s biggest banks and institutions invest heavily in fintech for their own products in order to stay competitive, and accordingly the market is enormous, estimated to claim upwards of $4.7 trillion of the sector’s total revenue

However, opening a market may also mean exposing something within it, and alongside a rash of serious breaches in the last decade, fintech’s pace of innovation is now threatened by its inability to be a trustworthy custodian of customer data.

Technology Both a Catalyst and a Cure

The fintech sector is responsible for many new ideas, some of them the same types of products and investment instruments we already have, like loans, but improved. Others, like crowdfunding, robo-advisors, and mobile payments are new and could have only existed with the addition of technology. An online lender that uses an algorithm to match someone’s credit profile with applicable lenders, do a credit check, and approve the loan within 24 hours is a good example.

Despite convenience, a series of serious data breaches in the sector have customers thinking more about how complex fintech services like this handle their data, and regulators’ ears have perked up as well. Credit and identification details must be entered into an online database, trade hands, and be processed and sometimes stored and shared externally. It may result in an approval a hundred times faster than going into the bank, meeting with a loan agent and filling out forms, but it comes with risks that customers shouldn’t be forced to consider.

Even after GDPR laws went into effect, cyber attacks on EU companies increased to a rate of one attack every five minutes, and these days the bigger the company the harder they fall, with damage that’s both hurtful to their brand and to the bottom line. For organizations in the sector, innovation and the intricacy of data structures has resulted in growth, even if customer trust lags behind. Regulations like GDPR and MiFID II are pushing against this notion, just in time for technology like Zero Trust security to provide an answer: remove trust from the equation altogether.

Zero Trust: Few Can Step Into the Vault

What’s so safe about a brick and mortar bank? Cameras are there to watch all entrants and occupants at all times. The money is tucked away behind layers of security and many walls and floors. Only a few employees have access to the vault – where the customers’ most sensitive possessions are – and there are alarms everywhere. How can online financial services providers redeem this level of security?

At a time when hackers are more clever than ever and regulations are boosting enforcement, Zero trust security solutions represent a redemption. In terms of product, Zero Trust is a platform integrated across financial service providers’ networks to enable a superior level of protection for all the data their employees even get close to touching. It accomplishes this by giving IT control over which employees have access to certain parts of the network, and gain oversight over who enters it and what they do.

Using Zero Trust solutions, finance companies and banks can regain the confidence of the market, move faster towards growth and tech initiatives, and take a zero-tolerance approach to compliance, ending an era where data breaches are the new normal. There are three ways it can do so:

With segmented policy access: Don’t give every employee the key to the bank vault. This makes each employee as big a risk as the last, no matter their personal security hygiene. For a platform that helps someone do their taxes and submit the correct forms, an accelerated personal lender, or even a regular online bank, Zero Trust creates specific user access policies at the individual application and even file level, rather than providing full data access to any employee with a password. 

Employees of financial institutions only have access to the least amount of sensitive resources required to do their jobs, and no more. This significantly reduces the number of relevant targets for hackers, and lessens the impact of employees with poor security habits. Access is often synonymous with speed, however, and so banks with staff who wear multiple hats – a necessity in this era of customer convenience – can rely on other aspects of Zero Trust.

By monitoring the network: The equivalent of cameras to watch and record all corners of the bank, activity monitoring features are a central aspect of Zero Trust and run constantly when users are connected to the network. Suspicious activity is more visible to IT, which can then prioritize the threat and close the gap if necessary. Zero Trust also means zero tolerance, after all, so having proof of what occurred on the network in black and white is necessary for ideas that are crucial for financial services companies, such as compliance reporting. A central management dashboard reduces the manpower requirements of monitoring and also can funnel data to other processing tools that look for deeper insights. 

By securing network access: Though resources like files and applications can be segmented with the least-privilege principles of Zero Trust, it still benefits security to install multiple layers of identification and protection at the edge of the network. Encrypted IPSec tunnels, provided by a standard enterprise VPN, stretches across the network and cloud and requires employees to first connect through an application before being allowed inside. This also offers the chance to integrate other network-wide features such as automatic Wi-Fi protection (which cuts the internet off should the VPN connection fail), multi-factor authentication for extra device-based security, and web filtering tools that limit what network-connected devices can access on the internet.

Trust is an Achilles Heel

With these tools, IT teams at banks and fintech companies can safely abandon the defenses they used to post at the network perimeter. Zero Trust lets them build a more agile, aggressive security apparatus which refocuses on users and employees instead. That’s an important milestone when the reality of financial breaches is that it’s often sloppiness or negligence that exposes customer data, not an intrepid hacker genius. For Equifax and JP Morgan, failure to patch and install 2-factor authentication on crucial servers, respectively, caused irreparable breaches of customer data and industry damage. 

Hackers search endlessly in repetitive fashion across employees, devices, and systems for these kinds of human errors, and so an idea like Zero Trust not only makes gaps less common, but also reduces their impact and improves accountability. It’s the type of safety net that helps organizations like healthcare providers and financial service providers and meet compliance expectations confidently, and meet the pace of innovation they’ve so far set for themselves without looking back.

Read More
press release image
Perimeter 81 Closes $4.5M Series A Extension Round to Further Accelerate Market Adoption of Cloud-Agnostic Network Security Offerings
Reading Time: 2 minutes

Latest Investment Led by Toba Capital Brings Network Security Disruptor  and Emerging SASE Leaders’ Total Funding to $19.5M in Less Than One Year

TEL AVIV, Israel, March 11, 2020Perimeter 81, a leading Secure Access Service Edge (SASE) provider, announced today that it has completed a $4.5 million Series A extension round, bringing the company’s total funding to $19.5 million raised in under twelve months. The round was led by Toba Capital, a US-based early-stage investment firm focused on high-growth technology companies. Existing investors also participated. The financing will help support Perimeter 81’s rapid growth and accelerate the development and go-to-market strategy of its holistic, cloud-agnostic Zero Trust Secure Network as a Service.

Perimeter 81 simplifies network security for the modern and increasingly remote and mobile workforce. Since its 2018 inception, the company has emerged as a SASE leader and grew 450% in 2019. Named a Deloitte Technology Fast 500™ for EMEA and a Gartner Cool Vendor, Perimeter 81 has gained immediate market traction and quickly acquired more than 620 clients — including Fortune 500 companies and some of the most prominent organizations in government, entertainment, technology and AI.

“Legacy network infrastructure has proven unable to support the modern security requirements of the modern workforce, creating a global need for unified security and network platforms that are cloud-based and easy to use,” said Perimeter 81 CEO and Co-Founder Amit Bareket.  “As corporations of all sizes increasingly work in remote environments and rely upon the cloud to run their businesses, they need new ways of consuming security to effectively prevent cyber-attacks regardless of their location or network environment. The investment from Toba Capital will enable Perimeter 81 to grow even faster, add additional security features and fulfill our vision to fully bring network security into the cloud.”

Perimeter 81’s user-centric and highly intuitive Secure Network as a Service enables businesses to more easily secure access to local network resources, cloud environments, and business applications using a 100% cloud service. Over the next few months, Perimeter 81 will add user and branch internet security, branch interconnectivity and endpoint security to its offering. In February 2020, the company unveiled a new Secure Access Service Edge (SASE) platform that combines its Network as a Service offering with advanced cloud security capabilities licensed from SonicWall.

“Rapid, global adoption of the cloud and widespread employee mobility are driving a radical transformation of security infrastructure including the replacement of traditional firewalls and unification of network and security services under a single SaaS and cloud-based platform,” said Vinny Smith, Managing Partner, Toba Capital. “Perimeter 81 is at the forefront of this shift to deliver an innovative and consolidated network security platform that simply and securely connects employees to their company’s resources and to the Internet. In the past year, they’ve met and exceeded several strategic milestones and Toba Capital looks forward to supporting their continued growth and market adoption here in the U.S.”

About Perimeter 81

Perimeter 81 is a Zero Trust Secure Network as a Service that is simplifying network security for the modern and distributed workforce. Based in Tel Aviv, the heart of the startup nation and a global hub for innovative technology development, Perimeter 81 was founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali. Perimeter 81’s clients range from small businesses to Fortune 500 corporations across a variety of sectors, and its partners are among the world’s foremost integrators, managed service providers and channel resellers. Earlier last year, Gartner selected Perimeter 81 as a Cool Vendor in Network and Cyber-Physical Systems Security. For more information, visit www.perimeter81.com

Read More
Employers See Rising Number of Remote Workers During Corona Scare
Reading Time: 5 minutes

 

In late January, the World Health Organization declared the Coronavirus outbreak an international health emergency, and on March 11, 2020, they officially declared the virus to be a pandemic. It’s the first time the organization has declared a pandemic since the H1N1 “swine flu” in 2009. Though the numbers keep rising, currently over 315,000 cases have been reported in 109 countries, and over 13,500 have died from the virus.

While people think coronavirus is a new outbreak of disease, it is actually a common thread of various, known viruses. Officially named the 2019 Novel Coronavirus, or Wuhan Coronavirus, this latest and ongoing outbreak contains the most severe type of the virus. Some of the symptoms include coughs, sore throat, vomiting, lack of breath, and fever. A respiratory illness, the severity for patients has ranged from a mild cold to very serious symptoms that can (and do) lead to death. These symptoms tend to occur between 2 to 14 days after being infected. 

The effects of this particular coronavirus have put a spotlight on the need to protect employee health and that of their organizations. Accordingly, remote work has gone from an already popular workplace strategy to a necessary one for companies worldwide. Organizations that have contact with people affected by the Wuhan strain of coronavirus need to consider how to restrict their employees from being in physical contact with each other and potentially infected individuals. As a central tenet of this strategy, gatherings of large numbers of people in public places or in the office should be avoided as much as possible. 

A clear example of this precaution is the recently canceled World Mobile Congress. A majority of vendors decided to pull out of the event and its organizers requested that the city of Barcelona declare a state of health emergency, due to numerous attendees coming directly from the epicenter of Wuhan Coronavirus’s origins.

Coronavirus Has Boosted Remote Work

The concept of working remotely or working on the go isn’t a new trend, and has largely become the status quo for modern organizations. Allowing employees to work “off-campus” is a perk that has mutual advantages for both employees and organizations, and this is why 61% of organizations allow staff the privilege of remote work.

According to Harvard Business Review, ““A key takeaway from our research is that if a work setting is ripe for remote work – that is, the job is fairly independent and the employee knows how to do their job well – implementing WFA (working from anywhere) can benefit both the company and the employee”. This trend is only increasing, and has already grown 159% since 2005 – skyrocketing past the growth of the rest of the workforce.

In places like the UK and USA, the prevalence of flexible work policies runs parallel with employee preferences.

This is no surprise, as managers and executives have found that implementing a remote work policy improves productivity so much that it’s easily measurable, with the estimate that flexible work models will save organizations up to $4.5 trillion in the US alone by 2030. One part of this more tangible productivity is sick days, which traditionally cost organizations significantly when they need to be used, but are reduced by over 13% among remote workers. Another measure is retention. It comes as no great shock that when 70% of potential hires consider remote work flexibility a top priority as to whether or not they’ll join, that organizations who do offer it will retain employees with 10% greater efficiency in 2020.

A New Purpose for Remote Work

To fight off the spread of Coronavirus, organizations are enforcing remote work as a necessity instead of a privilege. Around 60 million people in China were forced to work from home in January as the government tried to contain the virus. Most recently, with the global spread of the virus, major tech giants have begun to follow suit. Twitter has asked all of its international employees to work from home, and Amazon, headquartered in Seattle, now labeled “America’s Corona Virus Capital,” has begun planning remote access stress tests for all employees.

Over the past ten years, organizations around the globe are increasing and expanding opportunities for remote work due to the need for an agile workforce spurred on by new technology. Yet despite the advancement of tech and the tools that create an increasingly mobile workforce, the trend comes with risks that have more to do with network health than personal health. 

More Remote Workers, More Security Holes 

The burgeoning remote work paradigm is creating countless security gaps for organizations. While remote workers might be easier targets for hackers, all employees must be aware of the different attacks that will exploit human behavior to open the door for hackers. One of the easiest attack vectors is unsecured Wi-Fi networks. 

When allowing employees to work remotely, organizations must clearly outline those remote employees’ responsibilities regarding IT security best practices and the importance of data protection. To provide another layer of defense vs unauthorized network access, organizations must implement remote-worker-specific security policies which include device monitoring, multi-factor authentication and Wi-Fi security.

Today the majority of global organizations still depend on legacy hardware-based VPN technology for secure network access and access to cloud resources on different networks.  These site-centric and hardware-based network security appliances that we’ve relied on for the past 30 years are no longer adequate in securing remote and on-premise access.

In providing secure network access to remote workers, organizations need to create and implement different security strategies to fight off different attacks on their network and resources. The user-centric Zero Trust security model enforces multiple layers of verification before granting resource access to any user.

Additionally, by implementing a solution that offers Software-Defined Perimeter architecture, organizations are helped to deploy perimeters globally while retaining the traditional model’s value of invisibility and inaccessibility to “outsiders”. These can be deployed anywhere – on the internet, in the cloud, at a hosting center, on the private corporate network, or across some or all of these locations.

Security Hygiene and Health Go Hand in Hand

To prevent remote access risks such as a sudden movement of employees off-premises in order to fight off Coronavirus, organizations should implement Software-Defined Perimeter technology and the Zero Trust model to ensure secure access by authorized devices, users and locations. They should also seek services that include advanced or even automatic Wi-Fi security features, ensuring employee communications are encrypted across all Internet connections. With the right security tools in place, organizations can ensure that only authorized connections are being established while leaving their cloud environments completely hidden from attacks, giving networks as clean a bill of health as their users.

 

Read More
One Small Step for SASE: Perimeter 81 Lands at RSA 2020
Reading Time: 3 minutes

After a record-breaking and thought-provoking 2020 RSA conference, we’re excited to gush about Perimeter 81’s successes and reminisce on the latest security trends – not to mention the adventures we had in sunny San Francisco. 

While it will be impossible to cover all that was discussed during the countless visits to our (literally) stellar booth, some of the most important highlights can definitely do our accomplishments justice.

RSA Revs Up

Over 650 companies attended this year, and the space was a loudly buzzing forum for security-centric activity and discussion. Despite the hubbub, we grabbed a significant amount of attention from thousands of curious event-goers, and so our team was constantly on their feet demonstrating the advantages of Perimeter 81’s Secure Network as a Service platform.

VP of Customer Success Daniel Goldfeld, deep in conversation.

The Crown of the Conference

Though RSA is where “the world talks about security”, our booth design was the real talk of the town. 45,000 people attended RSA this year and thousands were drawn to our space-themed booth, which was the biggest we’ve ever had. With asteroid beanbags and an anti-gravity prize display, it was pretty hard to miss. Just ask this enthusiastic visitor:

It was even harder to miss the intrepid Perimeter 81 team, outfitted with some sassy SASE jackets to signify that we’re already far along on our expedition to take network security to places it’s never been – and beyond. Secure Access Service Edge is the way the security sector’s rocket ship is headed: a unified cloud-based solution for both network and security.

The team, fully outfitted, flexing on the streets of San Fran.

The “SASE Squad” wore our colors around town as well, and it wasn’t just for the famously temperate San Fran weather (but they did help). Though we had tons of fun exploring, seeing the sights, and eating our way through the city, as always it was important to balance work with play. And work we did.

Leading the Discussion on Network Security

Our presence as an industry leader was exemplified during panels in which our CEO Amit Bareket and Director of Business Development James Alvarez led their respective conversations, perking ears and drawing crowds as they outlined the biggest issues in network security that organizations face and talking with other industry leaders about what the future will look like.

The panel left our fearless leaders a bit hungry, but they’re not the type to dismiss an opportunity when it comes into their orbit. Accordingly, they managed to find time to grab a quick bite with security expert and prolific author Richard Stiennon, who quickly found himself deep in conversation with the two executives, and was generous enough to give them a copy of his Security Yearbook 2020: A History and Directory of the IT Industry. Cheers Richard!

RSA 2021 Here We Come

Given the skyward trajectory of Perimeter 81’s ship, we’ve already booked a booth that’s double the size as this year’s for RSA 2021, and we look forward to showing off our complete, fully unified Secure SASE platform. See you there!

Read More
ZT_Healthcare
Zero Trust a Frontline Defense Against Healthcare Attacks
Reading Time: 4 minutes

To optimize their nefarious efforts, hackers often employ the admittedly logical strategy of targeting only the most lucrative sources of personal information. With this in mind, medical records bring a particularly greedy gleam to their eyes. The value of a stolen healthcare file is quite literally ten times that of standard identity theft, with hackers able to squeeze about $2,000 out of a hijacked identity, on average, while the amount and type of information contained in one’s medical records often means profits of up to $20,000.

For hackers, Personal Health Information (PHI) is a veritable treasure trove of rubies, sapphires, and other precious gems in the form of birthdates, family names (useful for cracking passwords), social security and tax identification numbers, and other data tied to receiving medical care. The value of this information is hard to overstate, but multiple other factors have compounded to make PHI more vulnerable than it should be. Healthcare providers struggling with the security of their patients’ data are now beginning to realize the solution is right in front of them: don’t trust a soul.

PHI and Hospitals: A Perfect Storm

A volatile mixture of factors has created the biggest ever hoard of hackable personal data – and it’s in the hands of the industry least prepared to cope. Complete medical files contain identifying data that is nearly impossible to change on the fly, such as one’s SIN. Once this information is exposed, the lengthy time to a resolution offers hackers days or weeks to defraud patients before the tap runs dry. Moreover, the haphazard implementation of IoT devices and other machines used in patient care give hackers a way to affect patients’ health, and not only their wallets.

 Image from Comparitech, 2020

In attending to those under their care, hospital staff are overworked and simply don’t have time to consider the implications of their substandard security hygiene. Their priority is to utilize the complex and precariously stacked array of applications, network resources, and internet-connected devices that help them do their jobs. Any downtime is a health risk, and so resistance to multi-factor authentication and other best practices is the norm. In networks with multiple attack vectors, highly valuable data, and negligent (if well-meaning) workers, it’s clear a low-touch security strategy is necessary to raise the lowest-hanging fruit out of hackers’ reach.

Zero-Trust is the Exclusive Answer

One of the most glaring trends to illustrate this idea is that it took until 2017 for the majority of breaches to originate from hackers, rather than by individual security mistakes within healthcare organizations. Though healthcare had been a ripe target for hackers long before then, that sheer insider negligence outpaced intentional breaches for so long is a scary thought – especially for providers who put a premium on HIPAA compliance. In one particularly cringe-worthy example, it took a whopping 14 years before a PHI breach was discovered and closed.

Providers in the healthcare industry are now forced to confront the fact that their highly-educated workforce simply doesn’t have the security education to be trusted. Many are therefore adopting Zero Trust as a network access model, which takes a different approach to security. In traditional network security solutions, once a doctor had the authorization to enter the network, he or she was trusted within every corner of it, full stop. Accordingly, at a time when one in five healthcare workers are willing to sell PHI for as little as $500, Zero Trust is key.

Why Trust is Obsolete

Zero Trust is aptly named because it enables IT managers to implement a security model where absolutely no one is trusted, and all who enter the network are both allowed only into the places they’re supposed to be and monitored at all times. If you don’t need to see certain parts of the network, you can’t, nor can you do anything compromising inside it without setting off alarm bells in the IT room. For regulatory compliance such as HIPAA, this level of vigilance isn’t frivolous, it’s necessary.

In hybrid-cloud environments like the ones commonly implemented by healthcare providers, Zero Trust is much safer than perimeter-centric security models simply because the perimeter is no longer there. It’s constantly moving, and constantly being accessed by a range of devices and people with varying degrees of protection. As Zero Trust segments users only into the areas they absolutely need to be in, the number of accidental insider breaches and those coming from the outside are decimated. 

The idea behind Zero Trust is one thing, but arriving there is another. Healthcare providers should look to network security solutions that implement a Software Defined Perimeter (SDP) as their foundational step towards winning the ongoing cyber war. Supplementing this SDP solution with security awareness education is also important. Healthcare workers need to recognize that they face daily threats regarding data security, and to learn what their role is in securing the network. This dual-edged strategy is robust, but it will never stave off hackers entirely; PHI is just too lucrative. What it will do, however, is make hacks expensive and difficult enough to dissuade bad actors, shooing them away to the next most vulnerable industry. Better there than here.

Read More
ddos-attacks
The Psychology Behind DDoS: Motivations and Methods
Reading Time: 5 minutes

DDoS attacks, also known as distributed denial of service attacks, are one of the oldest internet cyberweapons used today by everyone from hacktivists and governments to disgruntled video game players and thrill-seekers purely for personal enjoyment. The attacks disrupt access to web sites and servers or take them offline completely by using co-opted online resources such as zombie PCs and servers or Internet of Things (IoT) bot networks that flood and overwhelm victims with online traffic.

If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack,” says security researcher Bruce Schneier. “These attacks are not new: hackers do this to sites they don’t like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.”

Although individual and group motivations may differ, DDoS attacks have the same objective: take a target server or servers offline with internet traffic until the internet services are no longer operational. DDoS targets range from individuals to government organizations and businesses such as e-commerce sites, banks, stock exchanges, credit bureaus, gaming sites or internet service providers.

DDoS Attack Psychological Motivations

The motivations and psychology behind DDoS attacks vary. They span financial or economic benefits, revenge, ideological beliefs, cyberwarfare or even solely personal enjoyment. Large scale DDoS cyber attacks tend to be the result of group efforts, as opposed to individual actors, with a specific goal or agenda in mind.

DDOS graph

 Images from Elsevier Inc, 2015

The majority of DDoS cyber-attack psychological motivations fall into several categories:  

  • Financial gain or economic benefit. DDoS attacks against e-commerce sites and banks is a growing trend, especially during the holidays, according to technology industry research firm Forrester. And extortion or blackmail is another motivating factor to use DDoS attacks. Using DDoS attacks as a financial weapon is also a favorite technique for hackers who demand Bitcoin via email to stop the onslaught of traffic.
  • Revenge. It’s a DDoS attack motivation used against companies, organizations, and individuals where victims include non-profit organizations, community colleges, courts and law enforcement entities, or journalists. In most cases, the disgruntled individual or group behind the attack has a goal of inflicting damage for a perceived wrong.
  • Ideological belief. Also known as hacktivism, some attackers become motivated to attack political targets because of their ideological beliefs against a nation-state or government policies. This motivation has become an influential reason behind many DDoS attacks where independent “hacktivists” DDoS government websites to cause outages and disruption. In January 2019, Zimbabwean government-related websites were hit with a DDoS attack by hacktivist group Anonymous protesting internet censorship in the country.
  • Intellectual challenge. Some attackers DDoS web sites to demonstrate their technical capabilities skills. DDoS tools and even services are available via the Dark Web making it easy for attackers to deploy and experiment with the latest technologies such as automation and botnets against targets.
  • Personal Enjoyment. This type of DDoS attack falls under the category of cyberbullying and trolling. It’s intentional and meant to be either fun or vindictive (or both) while at the same time demonstrating the power to disrupt a web site or network.
  • Cyberwar. Used for political and military advantage, cyberwarfare is normally associated with nation-states. It’s designed to inflict economic or physical impact on its targets. Groups that use cyber warfare strategies and tactics and are well-trained, organized, and belong to government militaries or terrorist organizations. Many world governments have devoted significant resources and time to conduct attacks that have disrupted an adversary’s online and critical infrastructure.

DDoS Attack Methodologies

DDoS attacks consist of three major phases and four different sub-components, according to researchers. The sub-components are an attacker, multiple control master or handler computers, multiple “slave” computers or botnets, agents, or zombies, and a victim or target machine. 

In the first phase of a DDoS attack, hackers take control of network-attached computers called “masters or handlers” to control other machines that will ultimately execute the DDoS attack. Creating a network of handlers and attack machines is an automated process where hackers scan the internet for computers or Internet of Things devices that can be compromised, usually with malware. 

When the desired number of compromised machines is reached, hackers start the second attack phase. The aggregate number of machines, called a botnet, is loaded with the necessary instructions and commands to launch an attack by the network of compromised zombie computers.

In the final DDoS phase, hackers direct the botnet to execute the attack or attacks on victim machines. The distributed nature of the attack sends massive amounts of internet traffic to the victim’s system or online resources that in turn disrupts or slows down the intended target’s services. Spoofed or fake IP addresses hide compromised device identities and discourage the victims to filter out malicious traffic to find the attack source.

Increasing DDoS Sophistication

The threat landscape of today is constantly opening up new opportunities for attackers to take advantage of the latest internet-connected devices and cloud technologies to launch even more massive DDoS attacks. These new attacks have also gotten easier to execute with zombie botnets able to take down large corporations or government entities.

The latest attack vector is physical access control systems installed in places including corporate headquarters, factories, or industrial parks. “Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks,” according to firewall company SonicWall.

Hackers are now scanning the internet for exposed Nortek Security & Control (NSC) Linear eMerge E3 devices and exploiting one of the ten newly discovered vulnerabilities, according to SonicWall. Their primary purpose is to control what doors and rooms employees and visitors can access based on their credentials (access codes) or smart cards and then block or disrupt access to physical buildings.

DDoS-as-a-Service

To mitigate the popularity and accessibility of DDoS attacks as a tool for non-technical attackers, security researchers and law enforcement agencies regularly track and take down malicious web services that are now offering for-profit DDoS-as-a-Services that have weaponized for the masses what was once only done by sophisticated hackers.  

Called “booter” or “stresser” sites, cybercriminals are marketing and selling attack-for-hire services that can be easily purchased online. According to Cloudflare, “Booters are slickly packaged as SaaS (Software-as-a-Service), often with email support and YouTube tutorials. Packages may offer one-time service, multiple attacks within a defined period, or even “lifetime” access. A basic, one-month package can cost as little as $19.99. Payment options may include credit cards, Skrill, PayPal or Bitcoin (though PayPal will cancel accounts if malicious intent can be proved).”

And security journalist Brian Krebs says “Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.”  DDoS-as-a-Service provides yet another attack vector for non-technical users to use for cybercrime, revenge, hacktivism, enjoyment or even cyberwar. 

Finally, the motivation or psychology behind DDoS attacks can also be viewed as merely a tool meant for distraction. Hosting company LiquidWeb claims that “while your security team is distracted mitigating the denial of service attack, the party responsible is free to go after what they actually want – whether it is financial information, intellectual property, or client data.”

If, as LiquidWeb states, DDoS attacks are the “equivalent of driving a bus through the front door of a bank while an associate tunnels into the bank vault from below,” then organizations must be vigilant about their IT security and take an approach that makes securing the network edge against all attacks a top priority.

Read More
press release image
Perimeter 81 Disrupts Traditional Network Security; Partners with SonicWall on New SASE Platform
Reading Time: 3 minutes

Integrated Cloud and Service-Based Solutions Redefine the Future of Network Security Without Traditional Perimeters

TEL AVIV, Israel–(BUSINESS WIRE)–Perimeter 81, a leading Zero Trust network provider for enterprises and organizations, today announced a new Secure Access Service Edge (SASE) platform that combines its Network as a Service offering with advanced cloud security capabilities from SonicWall, a Francisco Partners portfolio company. The integrated, cloud-native platform will deliver Zero Trust access to internal resources, user and branch internet security, branch interconnectivity and endpoint security.

Identified by Gartner as one of the most promising emerging technologies in enterprise networking, SASE is a cloud-native architecture model that supports dynamic secure access to organizational assets by combining multiple network technologies delivered as a service, including Secure Web Gateway, Cloud Access Security Broker, Firewall-as-a-Service (FWaaS) and Zero Touch Network Access with WAN capabilities (i.e., SDWANaaS).

In November 2019, Perimeter 81 partnered with SonicWall to integrate its security services features, including Content Filtering, Application Control, Intrusion Prevention System (IPS), File Sandboxing, Real-Time Deep Memory InspectionTM (RTDMI), antivirus and more, to create one of the strongest SASE offerings in the network security space. Perimeter 81 will be launching Web Filtering and DNS Filtering in Q1 and, with SonicWall, will gradually roll out security features to customers throughout 2020, starting with FWaaS. Additional functionalities, such as SaaS security and Endpoint Protection Platform, will be introduced later in the year.

By integrating SonicWall’s Capture Cloud Platform and real-time breach detection and prevention technologies, the Perimeter 81 SASE platform provides organizations with a holistic and unified security solution to authenticate and consume their network and security needs across all enterprise edges. Businesses can connect to a single secure network and gain access to physical and cloud resources no matter their location, allowing IT teams to easily access and secure their organization’s networks and users in an agile, easy-to-use, cost-effective and scalable way.

“The consumption of modern network security and cybersecurity solutions needs to fundamentally change. With today’s increasingly distributed and mobile workforce, this paradigm shift begins with replacing the traditional and perimeter-based network model with cloud, cyber and network security platforms,” said Amit Bareket, Co-Founder and CEO of Perimeter 81. “Our partnership with SonicWall and integrated SASE offering is a positive first step towards this market transformation. Companies are seeking solutions that are cloud-native, easy to use and encompass many functionalities in a one-stop-shop. We will deliver a converged cloud-delivered secure access service edge that is needed to effectively serve the secure these access requirements of the digital business.”

“Existing security models are failing to meet the needs of today’s digital business. Organizations are looking to adopt integrated and intelligent networking and security solutions that deliver compute power in the cloud and at the edge,” said Bill Conner, President and CEO of SonicWall. “SonicWall’s advanced cloud security capabilities and Perimeter 81’s innovative secure cloud-based network offerings will allow us to provide the most advanced SASE platform available today and place ourselves, and our customers, at the forefront of an emerging and promising market.”

Perimeter 81 will be showcasing the features of the new SASE platform at RSAC 2020, taking place February 24-28, 2020, at the Moscone Center in San Francisco, CA. To learn more visit booth #1365, or set up a meeting with one of our experts at: https://www.perimeter81.com/start/schedule-meeting-rsa-2020/

About Perimeter 81
Perimeter 81 is a Zero Trust Secure Network as a Service that is simplifying network security for the modern and distributed workforce. Based in Tel Aviv, the heart of the startup nation and a global hub for innovative technology development, Perimeter 81 was founded by two IDF elite intelligence unit alumni, CEO Amit Bareket and CPO Sagi Gidali. The team of security as a service experts comes together every day to deliver a truly innovative, world-class network security service. Perimeter 81’s clients range from SMB to include Fortune 500 businesses and industry leaders across a wide range of sectors, and its partners are among the world’s foremost integrators, managed service providers and channel resellers. Earlier this year, Gartner selected Perimeter 81 as a “Cool Vendor in Network and Cyber-Physical Systems Security. For more information, visit www.perimeter81.com

About SonicWall
SonicWall has been fighting the cybercriminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on TwitterLinkedInFacebook and Instagram.

Read More
URL Filtering
Exploring URL Filtering & Why Organizations Need to Implement It
Reading Time: 3 minutes

It’s not news that the majority of data breaches and network attacks occur due to poor internal security hygiene. However, what some of the headlines forget to mention is how easy it is for employees to leave the door open for attackers. In some cases, just a single click on an unsecured URL can expose your organization’s network and resources to those with malicious intent. This is one of the main reasons why organizations need to implement different security features to fight off unwanted attacks.  

To repel these accidental internal breaches, most experts will suggest security training and policy implementation, but that’s not enough. Organizations should instead choose the correct security solutions and policies to fit best their company’s needs. And in the case of limiting employee access to URLs that don’t relate to their job, this is where URL filtering comes in.

What is URL Filtering?

URL filtering provides organizations’ IT and security teams the ability to limit employees’ access to certain URLs, by defining which are either permitted or blocked sites. The most important reason your organization needs to integrate a URL filtering tool is to prevent employees from gaining access to websites that don’t help them with their jobs, or sites that can create major security risks for the organization.

By limiting access to certain URLs, it helps employees be more productive and helps to fight off potential security risks such as data loss, malware, or even legal issues. 

DNS Filtering Vs URL Filtering

DNS filtering, or Domain Name System blocking, is indeed useful for some ideas surrounding security but ultimately has less finesse than URL filtering. IT administrators can use a DNS filter to limit access to sites based on the DNS name resolution, or the site’s IP address, so whenever any URL resolves to this IP it’s blocked. This would also include all sub URLs, meaning it’s impossible to pick and choose which pages of a website (for example) are whitelisted and which are blocked. 

URL filtering has this capability and blocks access based on the exact URL as written in the filtering tool. With a URL filter, it would be possible to block access to facebook.com and still allow employees to see the company’s own Facebook page. This type of granular stratification of website access boosts the control that IT admins wield over the organization.

How Does URL Filtering Work?

URL filtering compares all web traffic with a database containing predetermined groups of URLs and then initiates the process of permitting or denying access to a site based on the categorization of the group that the URL belongs to. A URL filtering database operates with predefined URL lists such as gambling or pornography to groups of websites and allows managers to define the different access conditions to these URLs. 

Most organizations usually set up defined conditions similar to the following: 

  • Blocked: These URLs tend to be websites that distract employees from their work such as social media, news sites, or unsecured sites. Additionally, lists of URLs that are categorized with different security risks or have a history of malware or other attacks will be defined as blocked.
  • Allowed: Most sites that are defined as allowed concern employees’ daily work environments and tasks, such as workflow sites, email, work productivity sites, and more.
  • Allowed with Security Policies: These tend to be specific URLs that are set by the security and IT team, which will allow users access but with logging and monitoring by the security and IT teams.  

Customizing URL Filtering 

No matter if it’s integrated into different devices or a standalone platform, URL filtering provides another layer of security for organizations against unknown threats so employees can work normally without thinking about security. For all organizations looking to integrate a URL filtering feature, the following are the main security factors for integrating a URL filtering feature in your security strategy.

  • Enforcing Best Security Practices: By controlling access to different sites it helps IT teams to have full control of who is accessing what, where, and when. This plays a huge role in avoiding unwanted security threats.
  • Avoiding Phishing and Malware: By denying access to known flawed sites the opportunity for hackers to create a security breach will be decreased.
  • Implementing Security Policies: By setting up a security playbook that includes whitelisted and blacklisted URLs and user identification rules it will add another layer between malicious attackers and your organization. 
  • Clearly Defined Whitelists and Blacklists:  With IT and security teams fully controlling all the different sites that are being accessed by employees, it provides the guarantee of zero unwanted and accidental URL blocks.

URL Filtering is Better Security for the Future

By implementing URL filtering into your cloud security, you take a major step towards an airtight network. URL filtering additionally protects different endpoint devices and cloud services from cyber threats while boosting employee productivity and performance. By protecting and managing your employee’s access, it supplements your lines of defense in the fight against malicious attackers on your organization. The more secure your employees’ access, the more comprehensive your organizational security.

Read More
Product Updates
February 2020 Product Updates: Splunk Integration, Linux Agent and More
Reading Time: 2 minutes

The new year has only just begun, and thanks to many different customer requests we have recently implemented and launched new features and updates, and are thrilled to share. It’s no stretch to say that the best feedback is from customers using your platform on a daily basis, but nowhere is it written in ink that this feedback justifies any changes. In our case, we write it in stone, because our users are just that good.

With the excellent feedback you’ve provided, we’re proud to highlight the latest product updates and integrations since the start of 2020 to our Network as a Service solution.

Splunk Integration

Traditional security solutions tend to lack the ability to monitor, log, alert and integrate data from cloud resources into Security Information Event Management (SIEM) systems.

Lacking the right monitoring processes and systems also makes it difficult to respond in real-time to a cyber attack or data breach. No less important is having skilled security analysts who are able to take action when recognizing network anomalies, correlate events, and eliminate manual data analysis for AWS action detection such as suspicious instance creation, new user account creation or resource access and security group modification.

Accordingly, we have recently launched our new Splunk Integration into the Perimeter 81 platform. Splunk enables organizations of all sizes to search, analyze, and view the data gathered from all components of their IT infrastructure or business. Splunk users can enable log aggregation of event data from across their environment into a single repository of critical security insights within their Splunk platform.

In the video below we walk you through how to configure Splunk in order to have full visibility of your Perimeter 81 activity.

New Linux Agent

Customers often request new features and integrations, however in late 2019 we saw a surge of requests for our application to be available for Linux operating systems. Now your calls have been answered, as our application is now available with Linux X64.

You can download the Linux agent inside your platform under the Downloads tab, or you can download it in the Downloading the Applications page in our knowledge base. Additionally, if you would like to manually configure for your Linux agent we provide a step by step process here.  

24/7 Phone and Chat Support

As a company that strives for exceptional customer support, we are continuously updating our knowledge base with different articles to help our customers solve any issues they encounter on their own steam.

Now we are excited to share that our customer support services have expanded with 24/7 chat support and phone support. Our chat and phone support teams will be able to answer issues or requests you might have in real time. 

New Pricing Packages

As the Perimeter 81 solution evolves with new security features, so does the flexibility and accessibility of our application. We are thrilled to announce that we’ve launched our new Perimeter 81 subscription plans and billing system on the platform and on our website. 

Our new plans will allow users to get the services and features that they actually need while utilizing our new robust billing system. The new billing system is an improved self-service experience that allows users to easily change subscription plans with a click of their mouse. 

Stay Tuned

We’d love to hear your feedback going into the busy spring months and stay tuned for more product updates in the upcoming months. We are planning to launch our new unified network and security platform with more network and security features in the upcoming year.

Read More
CSIO Mistakes
5 Security Mistakes CISOs Must Avoid in 2020
Reading Time: 4 minutes

With every new security breach announced, the CISO position is becoming more and more trendy for organizations. However, CISO is not a new position – it’s just only now getting the attention it deserves. Outside of enterprises, we rarely see an organization or a startup with a CISO and this is a huge mistake. There are many different security challenges in organizations of all sizes that prove why the need for an internal CISO will play a critical role in your organization’s success. 

Before we dig into the different challenges and mistakes that CISOs make let’s discuss what does the role entails. The position, Chief Information Security Officer (CISO) is fully in charge of the organization’s cyber and information security responsibilities and risk management. 

As we have seen in past years with huge breaches like the Equifax and Capital One breach, CISO’s have a lot of responsibilities on their plate when strategizing their organization’s risk management. As the threat landscape is continuously evolving with hackers implementing different dynamic and complicated attack tactics, the traditional risk management strategy can not withstand these styles of attacks. By implementing an outdated strategy your organization can become victim to massive fines, losing the trust of your customers and brand damage if your strategy isn’t up to par with the latest best security practices.  

CISO Responsibilities 

Today, your average CISO resources are mainly allocated to monitoring and responding to different security threats and making certain that their organization meets all the different compliance requirements.  

The organization’s CISO key responsibilities include identifying and securing any potential leaks in the network, creating and managing a risk management strategy for security incidents, researching and implementing new security tools and technologies. Last but not least the CISO is the go-to employee for all things security and with that, it’s their responsibility to inform everyone from junior developers to the sales team to C-level management about all the different security team activities in the organization.  

Mistakes Will Happen 

No matter how experienced your CISO is, mistakes will happen. The difference is how big are the mistakes and how often are they occurring. As we start a new year organization’s CISOs should be well aware of what are the best practices and what are the new style of different attacks. So with further ado, here are the 5 mistakes your CISO should avoid in 2020. 

Not Hacking Your Own Network

Organizations that aren’t using external or internal white hackers (ethical hackers) and think their network or environments are secure are dead wrong. Without knowing how secure or insecure your internal resources is like launching your product without testing with quality assurance.  While your CISO might tell the management team that everything is secure but until your organization has implemented hacks by white hackers on your system you can’t be 100% sure that your organization is safe.

Advice: Hire white hackers internally but if you don’t have the necessary resources to hire professional penetration testers. Pen testers will look for everything from testing network security protocols and settings, software vulnerabilities and even will try different malware and targeted phishing campaigns on the organization employees. Your organization’s CISO should implement a yearly internal security test to take the extra step ensuring the organization’s cybersecurity is up to date. 

Nobody Likes a “Dr. No” 

Every organization has employees who are yes men/women but when it comes to the different responsibilities of a CISO, one of the worst mistakes they can make is becoming a “Dr. No”. The CISO is often seen as the organizational blocker telling employees they can’t do things and forcing them through unwieldy processes in the name of compliance. Despite looking out for what’s best for the organization, CISO’s should have a good balance of when to say yes and no to different requests.

Advice: Instead of CISO’s denying and putting their foot down, they should be open to change. They should be able to easily recognize the benefits of new security tools and solutions and how it will help the organization on a security level. Secondly, instead of saying no to everyone and everything, become the person that everyone seeks to implement new technology in the organization, but don’t forget to check the risk factor. 

Not Sticking to a 360 Degrees Security Strategy 

The security space has two players, the organizations and the hackers. While some people might say it’s a fair matchup, it’s not. Organizations are expected to know how to defend every attacker from every angle, while hackers have it easy by finding one small leak and then they have access to the organization’s network. To make it simple, CISO’s should understand and accept that you won’t be able to fight off every attack. 

Advice: As a CISO who is always thinking about one’s security, one of the worst mistakes they can make is thinking that you can stop every single attack. Instead, CISO’s should clearly understand the organization’s technology, vision, and limitations and strategize for minimal risk with the different resources you have in the organization. In a world where there are endless attacks it’s best to survive than not be prepared. 

Not Setting up a Security Policy for the Future 

Today, organizations are making changes and decisions quicker than ever. They’re focusing more on how many new features and products can we launch in a certain amount of time. One major factor that is being forgotten is the security risk factor. While moving fast and making quick changes is great, organizations of all sizes need to make sure the right security is put into place so your organization won’t become an easy target for hackers.

Advice: Implement a cybersecurity policy and architecture in the organization. If there isn’t a security policy in place there is a very high chance your organization will be hacked and breached. Organizations and CISO need to emphasize on a cybersecurity strategy as early as possible to provide the best defense plan against hackers. This strategy should include incident response strategies, creating a security policy, employee training and assigning employees as the security team. 

Not asking for Help

Despite the increase of cybersecurity jobs worldwide, there is a huge shortage of proper cybersecurity skills in most organizations. However, with a CISO they should never be afraid to ask when they don’t know the answer or can’t find the answer. CISO’s can have the “perfect team” but if they’re lacking the right security skills, the CISO decisions will backfire without reasons. 

Advice: Instead of making choices with a gut feeling or best practices, CISO’s should ask the experts which is the correct direction and have a clear understanding of why they are making the decision with the correct reason to back it up.  

Better be Prepared then Attacked

While a CISO will never be correct 100 percent of the time, they should learn from their mistakes and have the right strategy in place to fight off everything. By strategizing correcting with the right security approach that has a mix of experience, security knowledge, strategy, and organization’s expectations, the CISO will be more ready to grasp every security activity they will encounter. 

Read More
Cloud Policies
Why Your Organization’s Security Strategy Starts with a Cloud Security Policy
Reading Time: 4 minutes

The IT industry has made significant strides with cloud computing security and many organizations remain anxious about emerging cloud security risks. A new generation of malware and hacking techniques continue to threaten different organizations’ data and apps on the cloud. We are seeing many different cloud security vulnerabilities being introduced through bringing your own device (BYOD) risks, web application risks and incomplete cloud visibility. 

To fight off these cloud risks, organizations need to act quickly to seek the cloud’s advantages while maintaining control over their assets. So how do organizations grow with the cloud and ensure they’re acting responsibly when it comes to cloud security? 

The Cloud is Not as Secure as You Think

When we think of cloud security, the first thing that comes to mind is data loss but that is the wrong way to think about it. When organizations implement different cloud services, one of the main security factors that is focused on is if the network and resources are safe. Instead, we should be additionally focusing more on how employees are using cloud services. One of the lesser-known challenges with the cloud is if your team is implementing and taking the appropriate cautionary steps when deploying resources.

Organizations need to implement different cloudy security tools that encrypt data and access control and implement organization-wide cloud policies. By implementing these tools they will fix or play safeguard with the appropriate amount of cloud security hygiene. But at the end of the day, it all starts with a strong cloud security policy.

What is a Cloud Security Policy?

With the increasing global adoption of cloud computing, having a cloud security policy is essential for every organization. Cloud security policies are the guidelines under which companies operate in the cloud, often implemented in order to ensure the integrity and privacy of company-owned information.

When most organizations migrate to the cloud, they often mistakenly indicate that the current security policy will cover the cloud security rules in their policy. While there is some sense to this, it’s rather lacking and it can create specific holes exposed to potential risks. However, organizations need to consider incorporating the importance of cloud security into their existing security policies and standards. A cloud security policy needs to be flexible and interchangeable in order to meet the new security rules of the organization. 

Your policy must be simple to understand by all of your employees. In order to keep training costs down, it’s best to avoid overcomplication and technical complexity in the policy. The best security policy will be one that is clear and concise. Don’t be afraid to state the obvious, as that way nobody can claim to have missed the point. Every cloud security policy should start with a definition of intent, which clearly outlines the whole point of the policy. 

The Key Principles of a Successful Cloud Security Policy 

The policies for your organization’s cloud security must come from all corners of an organization; from your developers, security team, management team, and so on. These policies are the basis for all cloud security planning, design and deployment. These policies should be able to provide direction on how the issues should be handled and what are the best technologies to be used. 

While security policies are very easy to decide on, the main issue is to implement them properly. The organization’s security policies depend on the different content on which they are implemented. These security policies of an organization are required to protect the cloud security of an organization.

Here are the key principles of successful cloud security policies that you can implement at your organization:

Implementing Security Awareness Program

Educating users on the need for security is important as it will help them understand the importance of cloud security, and how it will benefit them in their daily work. Implementing a security awareness program is a major step with your cloud security policy. 

The program should explain why security is everyone’s responsibility and show the users about their role in maintaining security. This is because people often tend to think that only the security team’s responsibility in protecting the security of their company.

Clear Communication

Once an organization has implemented the policy, it has to be clearly communicated to all the people responsible for enforcing and complying with it. It can include employees, service providers, and other relevant users. 

The policy can be introduced to the employees during their start at the organization and incorporated into the company’s Employee Handbook. A key part of the communication process is to establish a record that those involved have read, understood, and agreed to abide by the policy. It is a challenge to ensure that users understand and accept the policy that governs them. A clear, concise, coherent, and consistent policy is more likely to be accepted and followed.

Authorized Access Regulations

To prevent any unauthorized access to your cloud network environment or cloud resources, organizations need to implement precise access control regulations internally. By implementing access regulations it will prevent potential holes in your organization’s network on the cloud. 

By implementing these regulations in your cloud security policy you will be only giving access to the users that actually need access for their day to day job. The policy should include authentication protocols, identity and authorization management, authorization, and authentication protocols.

Encrypting Cloud data

When creating a cloud security policy one of the most important sections has to be data encryption. By enforcing cloud data encryption, organizations will be more secure knowing that only authorized users will be able to access sensitive data and cloud resources. Additionally, organizations should encrypt data and cloud resources that are being uploaded to the cloud to ensure that they are secure and protected.  

We recommend that you schedule a monthly data encryption update to make sure that your data and resources on the cloud are secure and protected.

Monitoring your cloud environment

Monitoring is a critical component of cloud security policy. By implementing automated tools helps your organization get a macro view of your entire network. Cloud monitoring provides an easier way to see different activity patterns and any potential vulnerabilities in your network on the cloud.  By implementing an effective cloud monitoring solution it will put the organization’s security and compliance team at ease knowing there is a system in place. 

An organization’s cloud security policy can be a decisive factor when deciding the right direction by implementing different cloud services and resources. However, it shouldn’t change the organization’s mission. With that in mind, it’s important to create an employee-friendly cloud security policy that is aligned with an organization’s culture and helps the employee work more smoothly without interfering with their day to day work environment. In conclusion, a more complete cloud security policy will keep your company safe but don’t forget the policy starts with your employees. 

Read More