VPN_SASE
VPNs Are Out and Scalable Remote Access Solutions Are In
Reading Time: 4 minutes

COVID-19 has accelerated the world’s digital transformation and lately this has headed in an inevitable direction: the adoption of remote work. We can no longer assume that employees are working from the office and the “new normal” that the world is experiencing will likely bring about permanent changes to how and where we work. Tech giants such as Facebook, Twitter and Google have announced they plan to keep their employees working remotely until at least the end of 2020, and possibly beyond. While this approach is gaining popularity by the day, it’s far from a new concept. 

Remote work has been a popular method for companies for the past two decades due to benefits like flexibility, productivity and cost-savings. In late 2019, Gartner predicted that by 2020, half of the US workforce would be working remotely. Here we are six months into 2020, and no one could have predicted that 62% of the U.S. workforce would go home to work remotely due to the COVID-19 outbreak. 

Are Traditional VPNs Still Relevant? 

Over the past 20 years, organizations adopted different tools in order to support and secure their remote workforces. The most popular solution that organizations relied on was an enterprise VPN technologies for remote network access. The value that VPNs once provided is diminishing by the day due to organizations’ transition to the cloud, however, and remote employees no longer need to connect to their corporate headquarters’ network. 

Due to COVID-19, the majority of global organizations are requiring that their workforces connect to business resources on the cloud or to the corporate network remotely, creating an overload of traffic on the VPN’s they previously implemented. Originally, the idea of installing a remote access VPN was the right approach, however it’s now providing more cons than pros. 

VPNs can expose organizations’ data and resources, making them more vulnerable to different attacks on the remote workforce. The traditional VPN provides remote workers with unlimited access to organizational resources, creating an attractive, ripe environment for hackers to get inside the company’s network. With legacy VPNs, organizations are unable to restrict access to specific network resources, making VPNs one of the weakest points of failure with respect to identity access and credential management as there is no segmentation, audit or control.

VPN has other limitations, such as a lack of network visibility and network segmentation, which limits unauthorized user access and overall network security. The tech was not designed to deal with dynamic networks that organizations are creating today. This is due to VPNs requiring constant hardware updates, the need to be properly managed and the absence of network or server flexibility. All of the above make it more complicated to scale and rapidly adjust for new users and network locations, and increasingly difficult to effectively manage hybrid and cloud-based computing architectures.

Scalability: The Key Factor of Today’s Workforce 

The idea that one day an organization may need to increase the number of users to thousands or more is possibly one of the most important factors when deciding which solution to implement, especially with remote access needs. VPNs’ scalability hasn’t been their strongest characteristic; actually their lack of scaling capability to hundreds or thousands of users has been more of an Achilles heel.

VPNs were initially designed to only handle a small percentage of the global workforce. In today’s day and age, with thousands of organizations looking to scale their entire workforce remotely, the need for remote access solutions is more demanding than ever. With a massive increase in users, organizations are seeing congestion and latency in network access and a lack of quality of service.  

In the past, when there were just a few remote workers in an organization, IT teams were required to designate a small amount of network access for them alone. When companies transform to a more remote workforce, organizations will need to adopt solutions that will have the capacity to support their networks and applications for everyone remotely. In the case of VPNs, network over-usage and older architecture results in slower user experience and creates headaches for IT and remote workers simultaneously. 

Additionally, the implementation of new users and networks with a VPN can take up to weeks to fully onboard, creating a major hole in the company’s network. So which kind of solutions should organizations look for when trying to scale access to remote employees?

SASE: The Scalable Model For Remote Access

Instead of thinking about how we can make the VPN more secure, flexible and scalable, we should look for a different secure remote access solution. The answer lies in SASE: Secure Access Service Edge. Unlike VPNs, SASE is a solution for the increasing demand for scalable network access. So what is SASE and why is it the answer?

SASE, which was coined by Gartner in August 2019, is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform. This delivered “as a service” offers scalable secure access to the organization’s resources and networks. The new model will allow organizations to simply connect and secure their networks and remote workers with a cost-effective and instantly integrated approach.

Unlike the traditional networking solutions or modern VPNs, the SASE model recommends that organizations should instead connect their employees and networks on a more user-centric level to a cloud-based service. While in the past, the majority of networks for organizations were concentrated at the central data center for user access, this didn’t provide a suitable model for remote workers. Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight, it will become less relevant as the majority of services are moving to the cloud. 

By adopting the SASE model, organizations will have a more flexible and scalable opportunity to connect remote employees to applications, cloud services, and APIs no matter their location. 

Scaling for the Future 

The SASE model for secure zero trust network access and additional vital security features provides organizations with scalability, flexibility, ROI and most important of all, secure access for their remote workforces.

When seeking the right remote access solution, look past the legacy VPN and change your approach with a more flexible and user-friendly SASE platform to secure your network, resources, and employees. 

Read More
Tightening Security on Microsoft Teams
Reading Time: 4 minutes

Remember driving down to your local computer store and picking up a shiny new copy of the latest Microsoft Word? Sleek in its box, the neatly wrapped Microsoft product had both disc and license inside, but it also came with something you didn’t bargain for: responsibility for its successful, safe operation. 

As a physical offline copy, security issues in operating this relic of the past could be placed squarely on you. But now that Microsoft Word has gone through multiple cycles of product consolidation and emerged as a vital business pillar, security considerations surrounding the whole Office suite, and now Teams, deserve another look.

Microsoft Teams allows collaboration and communication across the various services that are included in Office 365. Make no mistake, Teams users can be confident in the safety of their data, but when more weight lands on the solution as a productivity cornerstone, it’s smart for organizations to supplement Microsoft’s built-in safety mechanisms

From discs to on-demand software, the now fully-integrated nature of Teams makes it a powerful tool, but one that sits at the epicenter of a bustling cloud encapsulating both good and bad actors. 

Consolidation of Products, and of Problems

Exemplified primarily by Microsoft, products that were once sold separately eventually congeal into a single platform that offers them all as functions conveniently packaged together. This is what happened to Word, Excel, PowerPoint and other Microsoft software that turned into the Microsoft Office 365 “as a service” solution. 

With Teams, increasing sophistication and connectivity in the name of a good user experience has also created new ideas in the world of security, as most innovations do. Teams represents a single window into the virtual Office, where employees can discuss projects happening in real time, talk over chat, voice or video call, and work on shared documents together. This shiny front end doesn’t bely any backend complication, but it’s there. 

For each “team” you create, the backend gets a new SharePoint site, Office 365 group and other assets in places like OneNote and more. This doesn’t include other integrations that your organization might choose, such as ZenDesk, Salesforce, Mailchimp and other popular platforms. With an impressive level of integration comes an intricately complicated environment for security professionals, especially as companies expand and lean on Teams even more. 

Licenses are online, so much of the functionality that Teams offers is largely available when an organization is connected to the web. Moreover, since November 2019 Microsoft has allowed Enterprise customers to grant guest access to contractors and other non-licensed individuals who work with them. Suddenly, file sharing of sensitive documents and resources is happening outside the network and unfamiliar entrants are streaming in, so managing the chaos becomes necessary.

Integrated Solutions Beg Integrated Security

Both in how Teams is secured and used, and in the tools that IT security teams must enforce for users, care should be taken so that data inside Teams doesn’t sprawl outside of its boundaries, or alternatively, become concentrated and offer hackers a single ripe target. Much like Slack, Teams users can create different channels where they communicate about specific subjects or tasks related to this department or the other. 

While users should be encouraged to create new and different channels for their conversations, it’s crucial to maintain control and ensure that loose ends (dead, repeat, underused channels) don’t occur, and that sensitive information isn’t overly shared or replicated in multiple different places or with people who don’t need to see it.

Integrations are crucial to any organization relying on Teams, and when implemented correctly they are amazing productivity boosters. However, one of the most underestimated issues that occurs in a highly integrated environment is configuration: Sometimes the integration may work well but the most minor settings might create a security gap that leaves the network exposed. 

When many third parties are a part of your Teams installation, whether they’re services or service providers, it’s recommended to layer an extra security blanket over the whole thing. Teams has built-in two-factor authentication, and IT should require it before users are able to log in. Don’t stop there, though, extra effort to track devices and endpoints should be taken as it will also help IT prevent downloads from Teams to unmanaged devices, or those that haven’t passed through the gates of “Zero Trust”. 

Because Teams is a nucleus of business activity and by definition holds assets that might spell trouble in the wrong hands, a strict least-privilege access model should be instituted. Another integrated solution is suitable, but one that simplifies the security functions that can plug into Teams, and with a purpose to remove trust from the equation, full stop.

Teams Turns Zero Trust

In few organizations does each employee need access to the full list of functions and capabilities that Teams provides. Microsoft understands that not every employee will need access to SharePoint, for example, and supports Teams separately as a cloud app for Azure Active Directory and the conditional access policies it offers. To take advantage, however, administrators must ensure that the correct policies exist on all applications inside the Teams installation such as Exchange. 

This can take some maintenance and oversight, so it’s easier to find a more unified, seamless Zero Trust solution where all this is done from a single admin panel. Security providers pursuing the Network as a Service model are already being used for this purpose, and when integrated with Teams are able to better streamline the orchestration of necessary security tools. Network as a Service solutions reside on the network layer and therefore allow organizations to easily define custom access policies for segments of their local and cloud resources (like Teams, or parts of it). 

This way, IT controls which roles, devices, and locations are allowed into specific parts of Teams and other network areas with greater ease. Additional security tools can’t hurt, and add a safety net to Teams in a couple different ways. Though Microsoft has 2FA, Single Sign-On and the encryption of files, a wider array of options is helpful. 

Support for other MFA and SSO providers is nice, as is the option between SSL, IPSec, and WireGuard in terms of encryption, for instance. One idea which should surely not be forgotten is better network activity monitoring. This is one of the most important points for complex Teams installations: logging and monitoring is a lynchpin to proactive threat detection and compliance alike. 

Integrating these functions directly into Teams doesn’t complicate it. Why? Simply because they’re all offered under the umbrella of a single security provider which integrates directly into Teams and saves IT from fiddling around with different settings between Exchange, SharePoint, Word, Azure, and others. Teams is an amalgamation of multiple useful software tools, but there’s no question that productivity is the primary reason for its existence, and that third-party security services improve it is neither a surprise nor takes from its impressive reputation.

Read More
SASE_Gov
SASE: Evolving Government’s Cloud and Network Security Strategy
Reading Time: 4 minutes

Even though cloud technology has become the new normal for the private sector, it has a less than tenuous grasp on government. In 2018, cloud neglect in the public sector prompted the White House to launch its “Cloud Smart” policy, designed to promote the idea that government agencies should begin adopting this useful breed of computing technology. 

At the time, relevant agencies didn’t jump quickly on the opportunity due to security concerns such as data storage and the sharing of information. However, the time is now ripe. With cloud computing over a decade old and long proven as a pragmatic solution to many administrative problems, it’s time for lagging governments to bring themselves up to speed. 

Despite some public offices embracing a cloud-first approach or cloud-only policy, the majority of the United States government is woefully behind, and still in the dark about the risks and benefits that come with moving network resources to the cloud. Most concerns circle the notion of privacy or security, but these days they’re addressed more easily than they once were.

Cloud Security a #1 Priority  

In the United States, there are more than 90,000 government offices that comprise a patchwork of different approaches for cloud computing and cloud security. In most cases, local and state governments are more open to adopting cloud solutions and services as opposed to the federal government.

These government offices are finally clueing into the tangible benefits that the cloud provides: low costs, ease-of-use and higher productivity. With these advantages within reach, ensuring that preferred cloud solutions are secured has become the top priority for governments. Any and all benefits can be ignored if the implemented cloud services or solutions aren’t totally secure, and this is why analog processes have reigned supreme for so long.

As government offices begin to push their networks onto cloud infrastructure and connect them with remote workers and IoT devices, the number of endpoints that hackers can attack has climbed significantly. As we saw in March 2018, the City of Atlanta was attacked by hackers with ransomware that shut down government services for six days. Likely a victim of the SamSam exploit on Java-based servers, this is an example of how ditching self-managed hardware for a provider’s cloud would likely add a barrier between hackers and government property.

Gov_breaches

It is also just one of many examples for how governments have become a more popular target. In response to the growing sophistication of attacks, cloud security must now go beyond malware defense, and so government IT teams are forced to look at the big picture. Instead of focusing on specific types of attacks, they need to promote efforts to gain omniscience within the network. In the past, governments tended to only pay attention to the data leaving their network perimeter, but today they need to be just as cognizant of permissioned users and data being accessed by government employees. The rise of the remote workforce has pushed visibility even further into government IT teams’ awareness.  

Taking Control of the Network 

As more governments adopt network security solutions for their work environment, an increasing number of security events and alerts have overwhelmed governments’ security teams, which actually distracts from the idea of better network visibility. IT teams need to have complete knowledge of what is occurring on their network at any given time, across public and private clouds, applications running on the network, and more. Where numerous unqualified alerts create a swarm blocking proper visibility, hackers can use the hubbub to muffle their steps and make a quiet entrance into government agencies’ networks. 

To fight visibility and network control concerns, governments should adopt Security Information and Event Management (SIEM) systems. These systems accumulate the data from different sources and recognize which are outside normal parameters, and also provide an appropriate response. SIEM systems play a huge part in helping IT and security teams to detect and prevent security risks across governments’ infrastructures in an intelligent manner. 

More Solutions, More Headaches 

For any modern government cloud security strategy, it’s often recommended to implement a range of products that deal individually with a wider range of common network attacks. Until recently, this strategy worked well, but now we are seeing that it creates a bigger problem. Adding a large number of products to IT’s stack causes misconfiguration and exposed deployments of various software solutions. This, together with ensuing hybrid IT complexity, is creating a tangle of security challenges for IT teams.

This challenge has a label; “tool sprawl”. It is the idea of investing in a range of security products that work together, yet make it harder for IT teams to manage and orchestrate them in the network. In order to achieve a more flexible and productive network and cloud security strategy, governments have to move away from the multi-vendor tool sprawl approach and look to adopt a unified platform model. It’s especially true for governments that are looking to ensure the privacy and security of their data against outside threats. This is where SASE comes into play.  

Perfect Cloud Security Model for Governments 

By adopting edge data security, government agencies can enhance their security hygiene with the help of quicker, integrated, and more elastic solutions that simultaneously keep government employees connected from afar. This approach has become more relevant with the introduction of Secure Access Service Edge (SASE).

Secure Access Service Edge (SASE) was introduced by Gartner in August 2019. SASE is a new cloud-based network security model that combines multiple network technologies delivered as a service, including SWG, CASB, FWaaS and ZTNA with WAN capabilities (i.e., SD-WAN) to support dynamic secure access to organizational assets. The SASE model allows government IT and security teams to easily connect and secure all of their networks and users in an agile, cost-effective and scalable way through the cloud.

By adopting a SASE platform, government offices can enable the delivery of integrated secure network security services that support digital cloud transformation, edge computing, workforce mobility, identity and access management. This new model will help governments get over the hump of doubt that has built up around the cloud. It will allow governments to manage all of their security and network solutions from one platform, fight off new threats and secure employees’ data no matter their location. On the near horizon is a cloud security strategy for the future and one that has no more relevant home than government.

Read More
The Digital Transformation Finally Comes to Security
Reading Time: 4 minutes

There are few phrases more buzzword-y than “the digital transformation”, but its broad scope means that the term has never meant a static, single thing. Digital technology is always changing, so the organizations that use it are changing as well. Going through a transformation from analog business flows to digital ones is something that started happening decades ago and we haven’t yet found the limit of this idea’s benefits, so it makes sense that there are multiple phases of digitization that have occurred over the decades.

Technology constantly gets smaller, faster, and more powerful, spilling like water into new industries and applicable ideas over time. These include infrastructure assets and machines, operations and business processes such as online payments, eCommerce, and supply chain management, and most of all organizations’ workforces by creating new roles and platforms they use to do their jobs. Much of digitization has been less about technology and more about self-reference, by cleaning up the digitization process itself and simplifying the array of vital tools and processes that pile up.

This is the theme of what is perhaps the most notable trend in the last year: and it comes from an unexpected sector.

Security a Silent Cornerstone of Digitization

In addition to incorporating the cloud into a business strategy or growing your data intelligence department, there’s a background of digitization that makes these processes easier and safer – because the risks inherent in going digital are many. The security sector exists to recognize how this new world is threatened and from where, and is important for ensuring that organizations’ digitization efforts don’t needlessly expose their data or put customers at harm’s way.

Since the 1970s, cybersecurity has been there to respond with pragmatic solutions, when a growing array of technology gets ahead of itself. From the early ARPANET “creeper” which led to the first antivirus program, and through years like 1989 which were devastated by both the first DDoS and malware attacks, it has nearly always taken some digital travesty to shed light on the security industry’s importance. 

Moving storage and services into the cloud is the latest and greatest example. These days, the cloud is a cornerstone of digitization, with migration tools abound and services like AWS and Salesforce, which come with an arsenal of useful onboarding functions, single-click business processes, storage solutions, and more.

With mobile devices and applications getting more capable, however, it has meant that data moves farther than ever and exchanges more hands. That has given a larger opportunity for hackers to steal this data, and so the security sector has had to identify where the gaps appear and how to close them to enterprising bad actors. This is hardly a surprise to those who are familiar with the idea of cybersecurity, but even IT professionals “in the know” aren’t aware of how far along this simple idea has taken digitization in 2020.

Putting Security Ahead of the Curve

Unfortunately, the limits of cloud computing have been tested recently as remote work gets infinitely more popular. In terms of both security and speed, we’ve seen online platforms overclocked and put to the test in greater numbers, and not always with stellar results for IT. The use of many business-critical services together may work, but a greater number of endpoints and carelessly strung together solutions puts even the most diligent IT teams in a bind.

Many organizations realize this, and to lighten the burden they’ve enforced the use of basic security tools like a VPN. While a VPN will raise the lowest hanging fruit for a lazy hacker, they’re not perfect, and don’t make the digital transformation much easier. They just add another tool for IT to be responsible for configuring and managing, on top of storage, CRM, ERP, and other platforms. The required hardware for a VPN puts a price tag on security in terms of labor and more, and they don’t perform well under the conditions that networks are currently in. IT teams are then learning more about ideas such as Zero Trust security, which lets them segment their networks into custom-sized pieces, and implement unique access policies on top of the capabilities of a traditional VPN.

SASE Reminiscent of Past Tech Consolidation

This has solved some problems but not others. Zero Trust is indeed much better for security and easily scalable, but it’s still another tool stacked on top of the network. The old problem – that knowledge workers only spend 39% of their days actually working, thanks to platform overload – isn’t solved. Teams implementing Zero Trust are indeed considered cutting edge, but the last year has brought a relevant idea into the spotlight: SASE. Billed by research firm Gartner – the acronym’s creator – as a unified network security platform, SASE merges many of the network access and security tools that IT relies on.

With CASB, FWaaS, Wi-Fi security, IPSec tunneling and encryption, multi-factor authentication and SWG all easily consumed in one place, SASE turns ideas that used to be full-fledged and separately consumed platforms into features of a single platform. This is reminiscent of what Microsoft Office 365 did in 2011 – combining multiple pieces of software into a single, cloud-based “as a Service” solution. Now that it’s happening in security, as companies go through implementation in greater numbers the turbulence of the last decade, rife with consecutive record-breaking data breaches, may finally be recognized as a speed bump instead of the status quo.

Read More
SDWAN
The 5 Most Common Mistakes That Organizations Make with SD-WAN Security
Reading Time: 5 minutes

The traditional brick and mortar, 9-5 office was previously seen as the central database for all employees trying to connect to the company’s network and resources. While this model worked in the past, currently it’s extremely outdated due to slow network connection time to data centers. Instead of placing the networks where the company is based, organizations must rethink how their network architecture needs to be designed. 

While many organizations still make the branch sites the center of networking, they should make their employees’ location the key factor of how their company’s networking should be implemented. Due to the ongoing digital and cloud transformation, employees are seeking quick access to data and company resources in their work environments, no matter their location. 

As a result of the modern employee needs, the once traditional static MPLS connections are not the answer for today’s modern networking between the user and the office branch. Due to the evolving network technology, organizations started to adopt SD-WAN solutions for quicker, flexible, effective, and more affordable networking. 

What is SD-WAN and What are its Benefits?  

An SD-WAN, also known as a software-defined wide-area network, is a virtualized network that is abstracted from data center or branch office hardware to create an easily configurable and scalable overlay wide area network distributed across local and global sites. It’s also an application of Software Defined Network (SDN) technology that is more reliable and scalable than VPN-based WAN solutions because it takes a software-based approach to build and extend enterprise networks beyond the core SDN.

Organizations today can use SD-WAN solutions to connect branch offices to their corporate networks instead of using traditional and expensive multiprotocol label switching (MPLS) connections, firewalls or proprietary hardware.

SD-WANs offer many benefits for organizations looking to leverage the cloud ranging from network topology simplification, internet traffic prioritization, and cost reduction to scalability and integrated security. SD-WAN management solutions allow IT managers to automate deployment and configuration processes of their network which reduces the complexity of managing a WAN network. Additionally, applications can also be integrated and managed from an SD-WAN portal, further simplifying SD-WAN management.

Despite the numerous benefits and the advancement of SD-WAN solutions, most organizations leave security at the door when implementing SD-WAN solutions. 

Security is Essential for SD-WAN Success

When organizations are adopting new technologies, security is top priority when choosing a service of solution. This is the same with SD-WAN. According to a Gartner survey, 72% of executives see security as their biggest SD-WAN concern.

As each organization implements new networking infrastructures, they need to think and prepare for the different security risks and challenges. Many of the outdated security solutions cannot address these modern security challenges. 

Adding to that problem, SD-WAN falls under most networking teams, which creates an even bigger issue where security isn’t even brought to their attention. Some might say it’s a mix of employees’ neglect or misguided advice but it’s just simply leaving an easy target for hackers to attack your organization’s network. 

SD-WAN Security Mistakes Happen

Some might think that SD-WAN security is simple: you install the solution, it encrypts the data, and then sends it to the user from one location to the next. However, like every other cybersecurity solution, you need to strategize and instead of separating security and networking, you need to think of it as one solution where networking and security go hand in hand. Other security mistakes can and will occur.  Here are our 5 security mistakes that organizations tend to make with SD-WAN and how to fix them:

Not Including SD-WAN Security in Your Organization’s Security Strategy

One of the biggest SD-WAN security mistakes that organizations commonly make is thinking that SD-WAN security is not part of the organization’s overall security strategy. SD-WAN should not be perceived as a standalone solution and just another connectivity tool that provides a level of data encryption. SD-WAN needs to implement the advanced security policies that other networking infrastructures are implementing.  

To avoid further security risks, organizations must implement a more advanced security approach that looks past WAN capabilities that integrate policy-based control rules into their company security strategy. This new approach will allow security teams to monitor the data with a more holistic SDN managed detection response model. By prioritizing SD-WAN security and integrating it into your cloud security strategy, your organization will have an extra layer of defense when fighting off malicious actors’ attacks on your organization’s network. 

Treating SD-WAN With a ‘Set It and Forget It’ Mentality

A continuous mistake we are seeing is when organizations implement a new technology in place and then they move on from it. This is the same issue with SD-WAN. To stay clear of this common mistake, organizations should have an ongoing monitoring and updating strategy in place to make sure everything is going smoothly. 

By adopting this always monitoring approach with SD-WAN, it will allow organizations to expand network visibility and properly manage their network on a daily basis. As the security landscape is continuously changing so is your SD-WAN solution, so it’s best to always stay up to date and monitor your network instead of setting it up and forgetting about it.

Encrypting SD-WAN Traffic is a Must 

A major networking challenge that organizations are experiencing is switching from an MPLS connection to a more public broadband connection. Unfortunately, this doesn’t bode well with their cloud environments and services. Due to this, more organizations are implementing SD-WAN solutions to create more private broadband connections that link the cloud resources to the organization’s main network. Adding more and new connections causes a domino effect which results in adding more holes in your network, opening the door to attacks. 

To solve this issue, organizations need to encrypt their SD-WAN traffic to protect their critical information that is being accessed by the organization.  It is recommended to adopt a SASE platform that encrypts all network traffic that transforms into a fundamental security layer in your SD-WAN solution. By having that extra layer of security it’s essential for organizations to provide a high performance secure networking connection to its employees.  

Implementing the Wrong Solution For Your Needs 

When seeking the right SD-WAN solution for your organization, you need to consider if this is the right fit for your networking needs. Another common mistake made by organizations is that they deploy another stand alone solution or the wrong solution. By looking for a tool that helps with network visibility or device policy management, organizations need to understand if this tool will secure our network and not complex the tough challenge of securing the network. 

Therefore, the first thing organizations need to check when considering an SD-WAN solution is whether it will easily integrate into its network and security strategy. By adopting the correct SD-WAN solution for its organization it will help increase security posture for the entire network security strategy.  

Forgetting about Security Entirely

Ignoring security might be the simplest mistake that an organization can make when adopting SD-WAN solutions. While SD-WAN tends to fall under the networking teams at organizations, the idea of a cost-saving solution usually forgets to include the importance of security.  

Instead of just thinking SD-WAN as another networking tool, organizations need to include their security teams when managing SD-WAN to ensure there is the proper security in place after adopting the solution. While this common mistake is a simple one it comes with major consequences. By implementing an unsecured solution can open the door to hackers and can create major security issues for the organization’s network and critical resources. 

Improving SD-WAN Security

In just over a few years, SD-WAN has shown its great value by providing a quicker and more flexible option for network transformation. Despite the continuous advancement of SD-WAN, they don’t entirely provide protection against more sophisticated attacks that we are seeing with today’s network environments. 

Moving forward, Organizations need to think about which advanced security functionalities need to be easily integrated into their SD-WAN solution instead of thinking security afterward. By adopting a more secure SD-WAN solution with the correct security functions integrated it will help organizations to detect and intercept attacks on its network moving forward.  

Read More
remote_workers
When Hackers Attack: 5 Essential Security Tips For Working Remotely
Reading Time: 4 minutes

Whether working from home or remotely, social distancing has grabbed headlines as one of the most popular buzzwords on the internet due to COVID-19.

Once the World Health Organization declared COVID-19 a global pandemic, the shift to working remotely became a reality. Governments forced all nonessential places of work to close up shop and recommended that all companies who can work remotely shift their employees to work from home model.

While remote work and social distancing have been essential in flattening the curve and the spread of the coronavirus, they open a Pandora’s Box of cybersecurity risks. By having employees work from home, organizations are forced to face the fact that employees’ devices are now the main way that they connect to their work resources. While this might not sound worrisome, it comes with many security risks, especially when coping with hackers and malicious actors. 

More Remote Workers = More Attacks

With each passing day, we are seeing more and more hackers trying to take advantage of the COVID-19 situation to target remote workers with different attacks such as phishing, VPN vulnerabilities, and malware. According to CNBC, the rise of cyber attacks is occurring due to the fact that the majority of companies have implemented an entirely remote workforce.

Due to the increase of attacks, IT and security teams are forced to make quick changes to their security policies and best practices for their remote employees. The in-office, company-wide security policies and training are not accommodated for the new reality that hackers are trying to exploit. Now, organizations must depend on their employees to be on the front lines against hackers, making it essential that organizations strategize and plan out employee-friendly security policies.

To Work Securely You Need to Think Like a Hacker

To help global organizations’ remote workforces to learn more about the different security risks we co-hosted a webinar with SOSA, Leading Cyber Ladies, the Israeli Economic Mission to North America, and the Global Cyber Center of NY on April 1st. The panel of security experts included Sivan Tehila, Director of Solution Architecture at Perimeter 81 and Founder of Cyber Ladies NYC, Nicole Becher, Director of Information Security & Risk Management at S&P Global Platts and Guy Franklin, MD, SOSA NYC – Global Cyber Center of NYC. In this webinar, the panel of experts provided their insights on the number of cyber threats facing everyone while working remotely and how organizations should protect their data, resources and remote employees. Watch the entire webinar on-demand below.

5 Essential Tips for Securing Remote Workers

Throughout the webinar, the panel of experts provides great insights into the different kinds of attacks remote workers can face on a daily basis. However, we would like to highlight the great security tips they provided throughout the webinar. You can find them below:

Update Your Business Continuity Plan

One of the most important tips that we can provide to organizations is to update their business continuity plans so that they can adapt to the always-changing landscape of uncertainties. When thinking about the rise of remote workers, organizations need to strategize and plan out how to keep their business afloat while staying secure. 

Take a closer look and assess risks and response technology to decide if you are prepared enough for the new changes in cybersecurity planning. This is an important tip as this division of a business must provide a quick and immediate assessment period. 

Create Strong Passwords and Enable 2FA

One of the most common mistakes that employees can make is using weak passwords. When passwords are not set using the correct best practices, they can be easily stolen by hackers. The use of weak passwords can easily be resolved by educating employees about what makes a strong password and the role they play in keeping hackers away.

Additionally, organizations should enforce the usage of a 2FA solution. Two-factor authentication (2FA) ensures that, in addition to usernames and passwords, the second layer of verification such as an SMS code is required. By adopting stronger passwords and 2FA, employees will be one step closer to working more securely.

Beware of Phishing Emails

When experts think of the most common attack on organizations, phishing is the first thing that comes to mind. Phishing is the easiest way to attack an organization’s employees due to its low cost and familiar presentation as an email. The process is simple; hackers begin by emailing employees an official-looking email that requests that they send them critical information from their work device. Despite it being one of the oldest ways to hack an organization or a user, most phishing emails can easily fool employees. 

To avoid such phishing attacks, they suggested educating employees to always double-check the email address, the tone of the email and the request itself. 

Implement Training and Awareness Programs

Educating employees on the importance of remote security will help them understand the impact they have on their organization. Implementing a security awareness program is a crucial step for organizations’ remote security planning efforts.

The program should cover why security is a joint responsibility for everyone from management to employees by providing clear examples of their roles in the organization and how security may be affected. The mistake of employees often thinking that the responsibility of the organization security solely falls on the security team is dangerous, but with the right education and real-life examples, employees will understand the importance of working remotely the right way.

Ditch the Legacy VPN

As most companies have become fully remote during this time, the need for secure remote access has become a must. While you might turn to traditional VPNs in order to access company resources, they are not the right solution to attain policy-based secure remote access today. Traditional VPN services are not scalable for organizations moving their entire workforces remotely and they lack network visibility, which opens the door for hackers to breach an organization’s network and critical resources, without any warning.

Instead of adopting a traditional VPN for remote access, you should look towards a solution that is based on the SDP architecture and the Zero Trust model. By Implementing a Software-Defined Perimeter solution, IT managers can customize permissions for those employees who need access to specific parts of the organization’s network. Additionally, by adopting the Zero Trust need-to-know model, each remote employee will receive tailored secure access to only the resources necessary for their roles.

Looking into the Future of Remote Workers

 As we see remote work becoming the norm for organizations moving forward, it’s important to think about the different risks that employees are facing on a daily basis. While some might believe hackers are thinking outside of the box with remote workers, they are actually targeting remote employees with the simplest and most effective of attacks. 

Looking into the future of business, security teams should adopt a mix of user-friendly security solutions and engaging employee security awareness programs. These are the first basic steps in the direction for total security for remote employees. 

Read More
April Product Updates: New SIEM Integrations, Amazon S3 and Azure Sentinel
Reading Time: 3 minutes

It’s not only the excellent feedback and requests from our customers that push us at Perimeter 81 to seek constant improvement. Our drive towards a complete SASE (Secure Access Service Edge) platform is a goal we’ve always got our eyes on, and we just got even closer. In that light, we’re excited to introduce some important new functionality to our solution this month: integration with Microsoft’s Azure SIEM and Amazon S3.

Smart Networks Lean on SIEM

No comprehensive network security platform should be without the ability to monitor and log the traffic or user activity that takes place. For ensuring total compliance and obtaining awareness of potential network exposure, SIEM (Security Information and Event Management) tools allow Perimeter 81 users to receive security alerts and analysis of events generated by applications and other parts of their networks in real-time.

Starting now, users with an Enterprise plan will be able to integrate their Perimeter 81 platforms with two more popular tools for free alongside our previous Splunk integration: Azure Sentinel and Amazon S3.

Azure Sentinel

A perfect fit for Perimeter 81, Azure Sentinel is a cloud-native SIEM and SOAR (Security Orchestration Automated Response) solution that is known for its scalability and ease of use. Now that it can be integrated directly with Perimeter 81, customers will be able to enjoy smart security analytics capabilities and live threat intelligence across their networks and applications.

Perimeter 81 customers will find it simple to set up a Log Analytics Workspace within our platform and link it to their Azure Sentinel solution, providing them with a unified platform that includes our rich array of network and security functions, and now also alert detection, threat visibility, proactive hunting, and threat response.

Perimeter 81 Azure Sentinel Integration

For a guide on how to integrate Azure into your Perimeter 81 platform, see our complete integration guide.

Amazon S3

The popular Amazon Simple Storage Service (abbreviated Amazon S3) helps organizations store their network objects and scale easily as they expand. Offering superior data availability, security, and performance than other leading solutions, organizations around the world rely on S3 to store, manage access to, and protect the enormous amount of data generated by their operations. Perimeter 81 now integrates with Amazon S3, enabling our users to forward data captured on their networks to their Amazon S3 bucket and improve their access controls in pursuit of specific business and compliance goals.

Perimeter 81 Amazon S3 Integration

For users relying on Amazon S3 to capture and who want to gain greater visibility over their Perimeter 81 network data, our handy integration guide makes it simple.

Stay Tuned for More

We’re hard at work adding features that complement our already robust Secure Zero Trust Network as a Service solution. Get in touch with us if there are features, functions, or integrations you’d like to see in the future – and keep an eye out for them!

Read More
SASE_ZT
SASE and Zero Trust Are a Perfect Match
Reading Time: 5 minutes

As more and more organizations are shifting their resources and applications to the cloud, we are seeing how edge computing is changing networks. These organizations must enforce policies on their employees for access to the networks and resources which are now in the cloud or on-premises. Additionally, employees are working remotely more than ever and their employers are seeing more applications and cloud services being consumed outside the traditional workplace. 

With the move to a remote workforce, the outdated hardware we once depended on is creating more issues by the day. The traditional network security architectures and solutions that pinned data to the headquarters of most organizations are a thing of the past. The challenge is that these organizations now need to provide their data and services no matter where their employees are located. 

Today, companies are adopting a more user-centric approach, which will provide a flexible network model for the remote workforce and cloud resources and services which must be accessible for employees around the world. This new model is forcing organizations to implement edge networks, connecting users to networks closer to their location and thus providing a more agile and secure access model to their organizations’ networks.   

To protect these networks, organizations typically shop around in the cybersecurity and network security solutions space, which is highly segmented offering an endless amount of different solutions from many vendors. Instead of simplifying the consumption of cybersecurity, these services are complicating what should be a smooth transition for integrating solutions in an organization’s network environment. The entire security space needs to join forces and offer a holistic approach to cybersecurity, and this is where the idea of Secure Access Service Edge or SASE comes in.

New Kid on the Block

Secure Access Service Edge (SASE), pronounced “sassy,” is a new cloud-based network security model that was coined by research firm Gartner. It combines the different functions of network and security solutions into a unified cloud platform to be delivered as a service without any or very little hardware and appliances required. The key solutions in a SASE platform are ZTNA, SDWAN, CASB, FWaaS and others. This unified platform will help organizations by simplifying secure access to critical resources and networks. The more streamlined model allows IT security teams to easily connect and secure all of their organization’s networks and users in an agile, cost-effective and scalable way.

Gartner also suggests that SASE offerings will offer policy-based “software-defined” secure access with a more agile and flexible networking where security and IT professionals of organizations will be able to customize the level of security, performance, reliability, and cost of every network session based on the identity of each user and prioritization of access needed. 

SASE enables the consumption of integrated secure network security services which promotes the adoption of digital transformation, edge computing, mobile workforces and identity and access management. Further to more advanced security and networking, key benefits include IT productivity, cost reduction, efficiency and flexibility to adopt new business services. Additionally, SASE  enable organizations to update their security solutions against new threats and establish policies more quickly for the agile adoption of new security capabilities. For organizations looking to adopt the SASE model for their network security, it’s important to implement a solution that hinges on the Zero Trust approach. 

Zero Trust is a Process, Not a Product

Zero Trust (ZT) is a decade-old security approach that is based on the idea that organizations can’t automatically trust anything inside or outside their perimeters, but instead should verify anything and everything before granting access. They must also keep an eye on users within their borders at all times, and be able to get a warning when (and where) exposure is imminent. This Zero Trust model to secure network access services allows for the delivery of high-security, enterprise-wide network services virtually, and on a subscription basis for small and mid-market to large enterprises.

“Companies cannot afford to trust internal network traffic as legitimate, nor can they trust employees and partners to always be well-meaning and careful with systems and data. To manage the complexities of their environment without constraining their digital transformation ambitions, many companies are moving toward a Zero Trust (ZT) security model — a more identity- and data-centric approach based on network segmentation, data obfuscation, security analytics, and automation that never assumes trust,” states analyst firm Forrester Research. 

When implementing a Zero Trust security architecture, IT managers must isolate resources within their IT infrastructure using micro-segmentation. By dividing network resources at a granular level, organizations tune security settings to different types of traffic and create policies that limit network and application flows to only those that are explicitly permitted. This network micro-segmentation approach allows security teams the flexibility to apply the right level of protection to a given workload based on sensitivity and value to the business.

Today’s digital businesses need security technology partners that offer a range of capabilities that are easy to use and integrate, improve their network visibility and support the ZT model. The modern enterprise places a high value on partner solutions which can apply security controls across environments uniformly and quickly, with features that allow them to modify security policies and access as business needs change. This is where the SASE comes into play with a Zero Trust mindset. 

Zero Trust in a SASE World

Given that the Zero Trust network access model is geared around data access controls and visibility to organizations’ corporate resources, it’s easy to understand why Zero Trust and the SASE model are a perfect match. The two core elements of every SASE platform are its CASB (Cloud Access Security Broker) and the ZTNA (Zero Trust Network Access) solutions. 

By implementing both CASB and Zero Trust organizations can control their users’ activity and access based on preassigned rules created by the IT team. 

This will allow them to fully monitor their employee’s access to the different resources inside their network. But restricting user access to specific cloud resources based on each user or team of users isn’t the only feature that makes Zero Trust so attractive for organizations looking to implement the SASE model. The importance of complete network visibility is also a deciding factor.

As organizations implement SASE platforms with a Zero Trust model that has CASB, ZTNA and Layer7 (the application layer) integrated, IT managers have full control and visibility of user’s access throughout their organization’s networks and applications. Additionally,  any organization’s Zero Trust solution should be easily able to easily integrate with their current IAM – for example Azure AD, Okta and MFA. 

The number of agents required on a device will be reduced with SASE compliant solutions such as Zero Trust Network Access to a single agent or device with streamlined access policies that do not require user interaction while at the same time providing a consistent access experience regardless of the location or resource requested. y providing Zero Trust protection of user sessions seamlessly and consistently on and off the enterprise network, SASE solutions will offer end-to-end encryption as well as web application and API protection (WAAP) services. Using Zero Trust Network Access, SASE platforms will also extend protection to endpoint devices for public Wi-Fi network protection to protect remote workers. This dual-sided approach is crucial as endpoints pile up and expand their reach into organizational networks from afar.

There is No SASE Without Zero Trust 

As we are seeing a massive shift for organizations of all sizes moving to a more modern user-centric model, where the cloud and mobile are the center of attention, we need to adopt an approach that helps them enable better and more flexible security. The model we’ve been waiting for is here and it now has a name; SASE.  

This new approach will allow organizations to easily control their security and connectivity all under one platform. However, we must not forget that the Zero Trust model is a cornerstone of SASE and in a way, is a reason it can be defined as “unified”. Implementing Zero Trust alone is a strategy that gets companies most of the way there, in terms of security, but as this approach is delivered as a service alongside other functions, SASE begins to materialize. In the future, instead of thinking that Zero Trust and SASE are each a stand-alone offer, they will both reinforce each other to provide a revolutionary offering.  

Read More
Telehealth
The Proper Privacy Regulations TeleHealth Needs Right Now
Reading Time: 4 minutes

When the average American thinks of March, the first thing that pops into their mind is the beginning of spring. Unfortunately, in March 2020, life as we know it has changed completely due to COVID 19. While only essential employees are allowed to continue work as usual (with additional regulations), anyone and everyone who is able to work remotely has transitioned from the office to home in order to keep things on an even keel. 

This new remote lifestyle has changed the way we live, work, interact with people, and how we approach doctor appointments as well. The healthcare sector quickly implemented changes to provide a more remote experience to comply with social distancing regulations. 

In order to decrease the amount of face-to-face doctor appointments, on March 17th the Department of Health and Human Services (HHS) announced they “will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency.”

This popular move has allowed different healthcare providers to implement some of the most popular communication applications such as Zoom, Skype, WebEx, GoToMeeting, and others. Is this move to provide a remote option for patients the right decision for the current situation? 

The Right Healthcare Solution for the Current Situation

With the increasing rise of social distancing limitations and regulations, telehealth services are seeing an overflow of patients requesting a remote doctor appointment instead of face-to-face. 

As hospitals and governments are urging patients to avoid visiting emergency rooms,  many are turning to the online option of telehealth. The online option allows patients to consult with their doctors and specialists over the phone, video or chat as a feasible option. Telehealth video visits can be a successful tool for remotely monitoring and treating patients with mild symptoms who are staying home. Telehealth providers are easily able to monitor a patient’s symptoms and quickly decide whether they should stay home, go to the hospital, or meet their general practitioner. 

While telehealth has many benefits for patients, it comes with its challenges for healthcare providers – especially the traditional healthcare companies that did not have a telehealth program in place. Similar to scaling an entire company remotely, implementing telehealth programs takes time to establish the necessary technology, recruit doctors, train doctors about the best virtual practices and teach the patient how to use the platform. 

Healthcare providers that have not implemented a telehealth program yet should educate their patients with internal resources to learn more about moving to digital doctor appointments. In order to allow patients to take part in telehealth visits instead of in-person, providers should frequently provide medical best practices through their website, blog and social media to keep their patients engaged and informed.  

HIPAA Solves Privacy Risks

Due to surging increase of patients who are turning to telehealth services it comes with many privacy risks. Instead of doctors having previous knowledge of the patient’s medical history, the patients will need to explain more in-depth to their new doctors due to the lack of medical records on hand.

The lack of updated records on patients creates a massive privacy issue between the doctors and the telehealth platforms which they are using. Due to the history of healthcare’s super sensitive regulations for sharing records and the restriction of sharing patients’ data, this presents a problem for telehealth platforms. By sharing sensitive data over a communication app it creates an opportunity for hackers to be a fly on the wall of these more vulnerable conversations between doctor and patient, since communication apps may sometimes be easily breached and represent a trove of valuable patient information. Additionally, hospitals and healthcare providers need to double down on IT and cybersecurity to fight off potential privacy risks. This is where HIPAA comes into play. 

healthcare stat

Over the years, healthcare has been an attractive target for hackers trying to breach patients’ sensitive records. While medical data and records are some of the most delicate pieces of information out there, the healthcare industry has the right compliance regulations in place. HIPAA and other regulations have been around for years but since the HHS weakened the previous compliance regulations, telehealth is now a more attractive target for hackers.

Now that the government has become more lenient with telehealth regulation rules, enforcing HIPAA with telehealth communication is the right move to provide better privacy for patients.

The Health Insurance Portability and Accountability Act (HIPAA) requires medical providers to adopt data security in order to protect their patients’ information from disclosure. The HIPAA regulation requirement of encryption initially sounds a bit confusing, however, it’s much more simple than suggested. The HIPAA encryption requirements for transmission security state that covered entities should “implement a mechanism to encrypt PHI whenever deemed appropriate.” 

In other words, majority healthcare organizations are required to be HIPAA compliant and each provider needs to have some level of security for PHI. Healthcare providers are required to encrypt their data unless they can justify why they can’t implement encryption and can provide an equal alternative.

Achieve HIPAA Compliance with Secure Solutions

Tasked with choosing the best way to store, access and back up electronically protected health information, many healthcare technology companies and providers are looking at cloud computing. Adopting cloud-based Network as a Service technology is a great choice in comparison to traditional hardware-based solutions, as it offers scalability, affordability and increased compatibility with cloud storage environments. But remember, the security service you choose must be SOC 2 type 2 compliant and ISO 27001-compliant and have signed multiple HIPAA BAAs. With these checks in place, a Network as a Service solution like Perimeter 81 for healthcare can offer a highly effective solution for any organization’s HIPAA compliance needs.

TeleHealth is the Future

As we are experiencing a global social distancing, telehealth is quickly evolving, as is the way that it presents a remote option for healthcare services. However, potential privacy and security risks could decrease its value moving forward. Soon, we should begin seeing more government bodies authorize and create federal telehealth privacy and security protocols which will help healthcare providers avoid risks to their patients and better show the numerous benefits telehealth has to offer. With the help of the government and best privacy and security in place telehealth will have that added security to fight off hackers, and be able to shrug off questions about its security.

Read More
New Product Update: DNS Filtering and Data Centers
Reading Time: 4 minutes

The dilemma that Perimeter 81 has always sought to address is simple: In a world where mobile and cloud have moved the network perimeter, how do we provide a complete, scalable security solution that moves along with it? 

With our Zero Trust Network as a Service, we’ve so far helped IT teams to pivot their security strategies around users rather than sites or resources, and this month we’re excited to introduce a new feature that makes it easier to implement this type of agile network security.

Perimeter 81’s new DNS filtering tool is a great addition to the array of network security features we offer in our Zero Trust NaaS, but it’s also one of the first one to be offered as a part of our vision to build a complete Secure Access Service Edge (SASE) platform. 

Thanks to our highly talented team, and some excellent feedback from our users, we can now offer DNS filtering immediately. We’re excited to show you how to use it to more effectively secure networks for your remote and on-premise employees. 

DNS Filtering Feature Goes Live

With a user-centric approach to network security, it’s easier for IT teams to monitor and stay aware of those accessing their organization’s resources, but it’s often not enough. Active measures for blocking entry to certain websites is a cornerstone of any truly secure access management model. This is especially true when hackers create over 300,000 new pieces of malware every day, and when at any given time, it’s estimated that a full 1% of the internet’s 1.5 billion websites are infected.

Being aware of risky internet browsing habits does little to secure your network against the malware that often lurks on these sites – gambling, pornography, and others. This is why as of March 2020, DNS filtering is being rolled out to customers of Perimeter 81 who are using the Premium or Enterprise plans. 

How Does DNS Filtering Work?

Activate DNS filtering on your Network page.

We recognize that the Domain Name System, or DNS, is used for mapping written URLs to IP addresses, and DNS filtering can be used in the same processes for an opposite result. By typing a URL into your Perimeter 81 DNS Filtering dashboard, you’re telling the DNS Resolver not to resolve the website associated with its IP address and display in internet browsers. 

Instead, Perimeter 81 steps in and tells it to show a custom page indicating to the user that the content they’re trying to access is blocked. There are a few ways that IT teams  can broaden or narrow which sites are blocked on network-connected devices.

This is what employees will see when trying to navigate to a blocked URL.

Blacklisting: When any URL is entered into a browser, the DNS Resolver receives a query, and if the name matches any of those that have been typed directly into the Blacklisted URLs field in Perimeter 81 (or uploaded as part of a list), then it cannot be reached by users. 

Whitelisting: Web filtering also acts in the other direction as a whitelisting tool, which gives IT administrators more control over the list of web destinations that employees are allowed to access. This two-pronged strategy is vital for herding users away from the bad and towards the good.

Category-Based Filtering: It’s easy to block access to the most popular and often compromised websites by category. Social media, pornography, news sites, gambling and gaming sites, and other categories can be removed in their entirety, and then supplemented with individual additions to either the Blacklisted URLs or Whitelisted URLs fields.

Why DNS Filtering is In Demand

The primary goal of DNS filtering is to block access to resources which shouldn’t be accessed from the company’s network, whether from a PC or user devices that may be accessing resources thanks to a BYOD policy. Blocking serves many purposes, sites may be malware infected, copyright-infringing sites, or just distracting sites. People use their personal devices differently than they do a work laptop, for example, and thankfully web filtering has utility for blocking malicious websites but also phishing emails.

  • Block websites: Compromised websites can go about infecting you with malware in many different ways. A drive-by attack simply downloads the malware onto your employee’s computer once the page loads, for instance. It may also try to trick them into downloading malware by clicking a button or banner.
  • Phishing emails: A phishing email is intended to get the recipient to go to a fake, yet official-looking website. If the DNS filter is aware of the most notorious fakes and phishing domains it can save a fatal error from being made, and block access to the problematic domain immediately.

More Gateways in New Places

We wouldn’t leave the update at DNS Filtering. Network security features must also be applied efficiently and non-intrusively across networks of any size, granting remote access that is as fast as it is expansive. In pursuit of this need, and thanks to requests from our loyal customers, we’ve continually strengthened our global backbone of data centers (and plan on continuing this trend) by adding the following gateway locations:

  • Helsinki
  • San Jose
  • Fremont
  • Mumbai

Six will be added in the very near future, bringing the total new data center additions to ten.

Sprinting Into 2020

We’re confident that these updates, and those coming in the future thanks to the combined power of SonicWall and Perimeter 81, will bring a better experience for users and we stand by to help you implement them. With a quickly expanding toolkit of network security features, our race towards a holistic, cloud-based SASE platform is happening at a breakneck pace, so stay tuned: It’s only a matter of time until we announce the next steps toward the future of network security.

For a free demo to see how DNS filtering and other Perimeter 81 features work in real-time, click here.

Read More
Security tips
The 7 Top Security Tips While Working Remote
Reading Time: 5 minutes

The curtains have opened on 2020, and the scene depicted so far has been difficult to observe.  In early March, COVID-19 literally took over the world, halting our day to day activities full stop. After some negligent optimism and resultant consequences, the 11th of the month saw the World Health Organization finally declare the Coronavirus to be a pandemic, forcing governments worldwide to come to terms with the outbreak and institute measures that would “flatten the curve”.

Countries closed their borders, disallowed public events, forced all nonessential businesses to close their doors and instructed that their employees work remotely. Some jobs cannot be done remotely while others can, and while the former have caused economic chaos the latter simply wreak their havoc on networks.

The primary strategy called social distancing goes hand-in-hand with working remotely, and has been one of the key tactics in limiting the spread of the coronavirus, yet this new way of doing things has its distinct disadvantages. While some experts might say lack of productivity is the biggest issue of the remote workforce, I think security is the biggest issue. 

This is especially true with remote workers and the additional network security challenges and risks it presents. We talked to different security experts who explained this notion, and provided their best security tips when working remotely. Without further ado, here are the top security tips for organizations to follow to fight off any untimely attacks from malicious actors.

Only Connect to Trusted Networks 

Accessing sensitive resources over public Wi-Fi or an unknown connection can prove risky to your remote employees as these connections are easy to hack. Hackers can easily gain access to the company’s confidential and valuable data when employees are connecting to public networks. 

“Many newly remote workers don’t have a dedicated home office and have to go to coffee shops or other public areas. However, public Wi-Fi is incredibly insecure and can leave you and your company exposed — no matter what industry you’re in. The best practice when working outside your home is to use your phone’s personal hotspot as well as a VPN. While VPNs can sometimes slow your connection, a phone’s 4G or 5G service is almost as fast as your home network access, so it won’t be terrible and could mean the difference between your company getting hacked or not.” – Michael Alexis, CIO of Team Building

Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is one of the key technologies in use today for verifying the identities of users. MFA requires that a user requesting access provides not only something that they know (their credentials) but also something that they have (their personal device).

“There are shortcomings with 2FA, as hackers can bypass wireless carriers, intercept or redirect SMS codes, and easily compromise credentials. Multi-factor authentication is more secure as it adds an additional layer of protection. Instead of  just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.” – Aaron Zander, Head of IT of HackerOne

Adopt a Password Manager 

The expectations for secure passwords have undoubtedly increased in recent years. Using common and frequent passwords have enabled hackers to access millions of accounts annually. This is why many experts are recommending that employers encourage workers to use a password manager. 

“If office network permissions previously gave you unfettered access to work software, now you may be required to enter a variety of passwords to gain access. If your workplace doesn’t already offer a single sign-on service, consider using a password manager. It will be much more secure than a written list of passwords left on your desk.” Pieter Arntz, Malware Intelligence Researcher for Malwarebytes Labs.

Use a VPN Alternative like SDP

With more and more organizations enforcing work from home with the current situation, many of them are thinking of implementing a legacy VPN. Network-security-wise, VPNs are not the right route to take and far from an adequate magic bullet – especially as workers go remote and resources move to the cloud.

“Traditional VPN services are too lenient when it comes to visibility and security features. This results in your network and resources becoming more receptive to compromise by hackers. Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. Additionally, in the Zero Trust least-privilege model encouraged by SDP, each employee will gain secure access only to the organizational resources they need for their roles. This drastically reduces the attack surface.” Amit Bareket, Co-Founder and CEO of Perimeter 81

Practice Smart Email Security Methods

Email is the most popular method of communication on the Internet – maybe even on the planet. However, its popularity comes with risks. Hacking emails or phishing attacks are some of the oldest tricks in the book for hackers. It’s therefore important that remote workers know the best email security practices. 

“Whenever you receive an email — even when it’s from your boss, a colleague, be sure to check the sender “From” field and also hover over any links or attachments before engaging with them. Phishing is commonly used to spread malware and to infiltrate businesses’ networks and databases and can be used to pull off business email compromise (BEC) scams. You can also use an email signing certificate (S/MIME) certificate to increase email security.” – Casey Crane, Cybersecurity Journalist at Sectigo

Don’t Use Work Devices for Personal Needs 

Easier said than done, we know, especially when the mirror image of this rule (BYOD, or Bring Your Own Device) is so prevalent. Still, just as it’s important to carve out boundaries between work life and home life while working from home, the same is true of those devices you use in these settings.

“Make sure that you have a malware protection software installed to monitor activity and keep out unwanted intruders. Also, make sure both your personal and business data are hosted on a secure platform that encrypts the files. Ideally, look for a platform that has built-in security timeouts if a device is left inactive too long and allows you to wipe data remotely in the event that your device is lost or compromised.” – Brian Schrader, Co-Founder and President of BIA,

Get Security Hygiene Training 

Fighting off potential attacks from hackers is largely a matter of identifying their attempts, and employees can do so with a little security training. The more trained your organization is with the best avoidance practices, the more the chances of an attack on your network and organization decrease.

“Train and educate your employees about security awareness and protecting company information. Be sure to include situations that are unique to remote workers that wouldn’t normally show up when working on-prem, such as the dangers of using free public Wi-Fi. Instruct employees to disable Wi-Fi and Bluetooth services when not in use, to prevent their devices from connecting to unknown (and possibly malicious) networks.” – Darren Guccione, CEO of Keeper Security

Working Remote, Securely 

With the right amount of security technologies and rules in place, IT teams can add an additional layer of defense versus hackers, and supplement it by encouraging more security hygiene among the workforce. The tips provided by the different security experts above should help your employees work safely and securely no matter where they choose to log in. Take a proactive approach to network security in these days of remote access, and it will continue paying dividends well into the future.

Read More
Can Zero Trust Redeem Fintech?
Reading Time: 5 minutes

Though the ripples are gentler than they once were, the wake of the 2008 financial crisis is still felt today. Financial regulators around the world have since adopted laws that increase transparency and scrutiny alike, making it difficult for traditional banks to operate as opaquely they once did. This has opened the market wide for tech-assisted financial services that people like to refer to as fintech.

It’s a mistake to assume that fintech innovations come from independent programmers or garage development shops, though it has lowered the barriers to entry for providing financial services. Almost all of the world’s biggest banks and institutions invest heavily in fintech for their own products in order to stay competitive, and accordingly the market is enormous, estimated to claim upwards of $4.7 trillion of the sector’s total revenue

However, opening a market may also mean exposing something within it, and alongside a rash of serious breaches in the last decade, fintech’s pace of innovation is now threatened by its inability to be a trustworthy custodian of customer data.

Technology Both a Catalyst and a Cure

The fintech sector is responsible for many new ideas, some of them the same types of products and investment instruments we already have, like loans, but improved. Others, like crowdfunding, robo-advisors, and mobile payments are new and could have only existed with the addition of technology. An online lender that uses an algorithm to match someone’s credit profile with applicable lenders, do a credit check, and approve the loan within 24 hours is a good example.

Despite convenience, a series of serious data breaches in the sector have customers thinking more about how complex fintech services like this handle their data, and regulators’ ears have perked up as well. Credit and identification details must be entered into an online database, trade hands, and be processed and sometimes stored and shared externally. It may result in an approval a hundred times faster than going into the bank, meeting with a loan agent and filling out forms, but it comes with risks that customers shouldn’t be forced to consider.

Even after GDPR laws went into effect, cyber attacks on EU companies increased to a rate of one attack every five minutes, and these days the bigger the company the harder they fall, with damage that’s both hurtful to their brand and to the bottom line. For organizations in the sector, innovation and the intricacy of data structures has resulted in growth, even if customer trust lags behind. Regulations like GDPR and MiFID II are pushing against this notion, just in time for technology like Zero Trust security to provide an answer: remove trust from the equation altogether.

Zero Trust: Few Can Step Into the Vault

What’s so safe about a brick and mortar bank? Cameras are there to watch all entrants and occupants at all times. The money is tucked away behind layers of security and many walls and floors. Only a few employees have access to the vault – where the customers’ most sensitive possessions are – and there are alarms everywhere. How can online financial services providers redeem this level of security?

At a time when hackers are more clever than ever and regulations are boosting enforcement, Zero trust security solutions represent a redemption. In terms of product, Zero Trust is a platform integrated across financial service providers’ networks to enable a superior level of protection for all the data their employees even get close to touching. It accomplishes this by giving IT control over which employees have access to certain parts of the network, and gain oversight over who enters it and what they do.

Using Zero Trust solutions, finance companies and banks can regain the confidence of the market, move faster towards growth and tech initiatives, and take a zero-tolerance approach to compliance, ending an era where data breaches are the new normal. There are three ways it can do so:

With segmented policy access: Don’t give every employee the key to the bank vault. This makes each employee as big a risk as the last, no matter their personal security hygiene. For a platform that helps someone do their taxes and submit the correct forms, an accelerated personal lender, or even a regular online bank, Zero Trust creates specific user access policies at the individual application and even file level, rather than providing full data access to any employee with a password. 

Employees of financial institutions only have access to the least amount of sensitive resources required to do their jobs, and no more. This significantly reduces the number of relevant targets for hackers, and lessens the impact of employees with poor security habits. Access is often synonymous with speed, however, and so banks with staff who wear multiple hats – a necessity in this era of customer convenience – can rely on other aspects of Zero Trust.

By monitoring the network: The equivalent of cameras to watch and record all corners of the bank, activity monitoring features are a central aspect of Zero Trust and run constantly when users are connected to the network. Suspicious activity is more visible to IT, which can then prioritize the threat and close the gap if necessary. Zero Trust also means zero tolerance, after all, so having proof of what occurred on the network in black and white is necessary for ideas that are crucial for financial services companies, such as compliance reporting. A central management dashboard reduces the manpower requirements of monitoring and also can funnel data to other processing tools that look for deeper insights. 

By securing network access: Though resources like files and applications can be segmented with the least-privilege principles of Zero Trust, it still benefits security to install multiple layers of identification and protection at the edge of the network. Encrypted IPSec tunnels, provided by a standard enterprise VPN, stretches across the network and cloud and requires employees to first connect through an application before being allowed inside. This also offers the chance to integrate other network-wide features such as automatic Wi-Fi protection (which cuts the internet off should the VPN connection fail), multi-factor authentication for extra device-based security, and web filtering tools that limit what network-connected devices can access on the internet.

Trust is an Achilles Heel

With these tools, IT teams at banks and fintech companies can safely abandon the defenses they used to post at the network perimeter. Zero Trust lets them build a more agile, aggressive security apparatus which refocuses on users and employees instead. That’s an important milestone when the reality of financial breaches is that it’s often sloppiness or negligence that exposes customer data, not an intrepid hacker genius. For Equifax and JP Morgan, failure to patch and install 2-factor authentication on crucial servers, respectively, caused irreparable breaches of customer data and industry damage. 

Hackers search endlessly in repetitive fashion across employees, devices, and systems for these kinds of human errors, and so an idea like Zero Trust not only makes gaps less common, but also reduces their impact and improves accountability. It’s the type of safety net that helps organizations like healthcare providers and financial service providers and meet compliance expectations confidently, and meet the pace of innovation they’ve so far set for themselves without looking back.

Read More