Security tips
The 7 Top Security Tips While Working Remote
Reading Time: 5 minutes

The curtains have opened on 2020, and the scene depicted so far has been difficult to observe.  In early March, COVID-19 literally took over the world, halting our day to day activities full stop. After some negligent optimism and resultant consequences, the 11th of the month saw the World Health Organization finally declare the Coronavirus to be a pandemic, forcing governments worldwide to come to terms with the outbreak and institute measures that would “flatten the curve”.

Countries closed their borders, disallowed public events, forced all nonessential businesses to close their doors and instructed that their employees work remotely. Some jobs cannot be done remotely while others can, and while the former have caused economic chaos the latter simply wreak their havoc on networks.

The primary strategy called social distancing goes hand-in-hand with working remotely, and has been one of the key tactics in limiting the spread of the coronavirus, yet this new way of doing things has its distinct disadvantages. While some experts might say lack of productivity is the biggest issue of the remote workforce, I think security is the biggest issue. 

This is especially true with remote workers and the additional network security challenges and risks it presents. We talked to different security experts who explained this notion, and provided their best security tips when working remotely. Without further ado, here are the top security tips for organizations to follow to fight off any untimely attacks from malicious actors.

Only Connect to Trusted Networks 

Accessing sensitive resources over public Wi-Fi or an unknown connection can prove risky to your remote employees as these connections are easy to hack. Hackers can easily gain access to the company’s confidential and valuable data when employees are connecting to public networks. 

“Many newly remote workers don’t have a dedicated home office and have to go to coffee shops or other public areas. However, public Wi-Fi is incredibly insecure and can leave you and your company exposed — no matter what industry you’re in. The best practice when working outside your home is to use your phone’s personal hotspot as well as a VPN. While VPNs can sometimes slow your connection, a phone’s 4G or 5G service is almost as fast as your home network access, so it won’t be terrible and could mean the difference between your company getting hacked or not.” – Michael Alexis, CIO of Team Building

Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is one of the key technologies in use today for verifying the identities of users. MFA requires that a user requesting access provides not only something that they know (their credentials) but also something that they have (their personal device).

“There are shortcomings with 2FA, as hackers can bypass wireless carriers, intercept or redirect SMS codes, and easily compromise credentials. Multi-factor authentication is more secure as it adds an additional layer of protection. Instead of  just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.” – Aaron Zander, Head of IT of HackerOne

Adopt a Password Manager 

The expectations for secure passwords have undoubtedly increased in recent years. Using common and frequent passwords have enabled hackers to access millions of accounts annually. This is why many experts are recommending that employers encourage workers to use a password manager. 

“If office network permissions previously gave you unfettered access to work software, now you may be required to enter a variety of passwords to gain access. If your workplace doesn’t already offer a single sign-on service, consider using a password manager. It will be much more secure than a written list of passwords left on your desk.” Pieter Arntz, Malware Intelligence Researcher for Malwarebytes Labs.

Use a VPN Alternative like SDP

With more and more organizations enforcing work from home with the current situation, many of them are thinking of implementing a legacy VPN. Network-security-wise, VPNs are not the right route to take and far from an adequate magic bullet – especially as workers go remote and resources move to the cloud.

“Traditional VPN services are too lenient when it comes to visibility and security features. This results in your network and resources becoming more receptive to compromise by hackers. Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. Additionally, in the Zero Trust least-privilege model encouraged by SDP, each employee will gain secure access only to the organizational resources they need for their roles. This drastically reduces the attack surface.” Amit Bareket, Co-Founder and CEO of Perimeter 81

Practice Smart Email Security Methods

Email is the most popular method of communication on the Internet – maybe even on the planet. However, its popularity comes with risks. Hacking emails or phishing attacks are some of the oldest tricks in the book for hackers. It’s therefore important that remote workers know the best email security practices. 

“Whenever you receive an email — even when it’s from your boss, a colleague, be sure to check the sender “From” field and also hover over any links or attachments before engaging with them. Phishing is commonly used to spread malware and to infiltrate businesses’ networks and databases and can be used to pull off business email compromise (BEC) scams. You can also use an email signing certificate (S/MIME) certificate to increase email security.” – Casey Crane, Cybersecurity Journalist at Sectigo

Don’t Use Work Devices for Personal Needs 

Easier said than done, we know, especially when the mirror image of this rule (BYOD, or Bring Your Own Device) is so prevalent. Still, just as it’s important to carve out boundaries between work life and home life while working from home, the same is true of those devices you use in these settings.

“Make sure that you have a malware protection software installed to monitor activity and keep out unwanted intruders. Also, make sure both your personal and business data are hosted on a secure platform that encrypts the files. Ideally, look for a platform that has built-in security timeouts if a device is left inactive too long and allows you to wipe data remotely in the event that your device is lost or compromised.” – Brian Schrader, Co-Founder and President of BIA,

Get Security Hygiene Training 

Fighting off potential attacks from hackers is largely a matter of identifying their attempts, and employees can do so with a little security training. The more trained your organization is with the best avoidance practices, the more the chances of an attack on your network and organization decrease.

“Train and educate your employees about security awareness and protecting company information. Be sure to include situations that are unique to remote workers that wouldn’t normally show up when working on-prem, such as the dangers of using free public Wi-Fi. Instruct employees to disable Wi-Fi and Bluetooth services when not in use, to prevent their devices from connecting to unknown (and possibly malicious) networks.” – Darren Guccione, CEO of Keeper Security

Working Remote, Securely 

With the right amount of security technologies and rules in place, IT teams can add an additional layer of defense versus hackers, and supplement it by encouraging more security hygiene among the workforce. The tips provided by the different security experts above should help your employees work safely and securely no matter where they choose to log in. Take a proactive approach to network security in these days of remote access, and it will continue paying dividends well into the future.

Read More
ddos-attacks
The Psychology Behind DDoS: Motivations and Methods
Reading Time: 5 minutes

DDoS attacks, also known as distributed denial of service attacks, are one of the oldest internet cyberweapons used today by everyone from hacktivists and governments to disgruntled video game players and thrill-seekers purely for personal enjoyment. The attacks disrupt access to web sites and servers or take them offline completely by using co-opted online resources such as zombie PCs and servers or Internet of Things (IoT) bot networks that flood and overwhelm victims with online traffic.

If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack,” says security researcher Bruce Schneier. “These attacks are not new: hackers do this to sites they don’t like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.”

Although individual and group motivations may differ, DDoS attacks have the same objective: take a target server or servers offline with internet traffic until the internet services are no longer operational. DDoS targets range from individuals to government organizations and businesses such as e-commerce sites, banks, stock exchanges, credit bureaus, gaming sites or internet service providers.

DDoS Attack Psychological Motivations

The motivations and psychology behind DDoS attacks vary. They span financial or economic benefits, revenge, ideological beliefs, cyberwarfare or even solely personal enjoyment. Large scale DDoS cyber attacks tend to be the result of group efforts, as opposed to individual actors, with a specific goal or agenda in mind.

DDOS graph

 Images from Elsevier Inc, 2015

The majority of DDoS cyber-attack psychological motivations fall into several categories:  

  • Financial gain or economic benefit. DDoS attacks against e-commerce sites and banks is a growing trend, especially during the holidays, according to technology industry research firm Forrester. And extortion or blackmail is another motivating factor to use DDoS attacks. Using DDoS attacks as a financial weapon is also a favorite technique for hackers who demand Bitcoin via email to stop the onslaught of traffic.
  • Revenge. It’s a DDoS attack motivation used against companies, organizations, and individuals where victims include non-profit organizations, community colleges, courts and law enforcement entities, or journalists. In most cases, the disgruntled individual or group behind the attack has a goal of inflicting damage for a perceived wrong.
  • Ideological belief. Also known as hacktivism, some attackers become motivated to attack political targets because of their ideological beliefs against a nation-state or government policies. This motivation has become an influential reason behind many DDoS attacks where independent “hacktivists” DDoS government websites to cause outages and disruption. In January 2019, Zimbabwean government-related websites were hit with a DDoS attack by hacktivist group Anonymous protesting internet censorship in the country.
  • Intellectual challenge. Some attackers DDoS web sites to demonstrate their technical capabilities skills. DDoS tools and even services are available via the Dark Web making it easy for attackers to deploy and experiment with the latest technologies such as automation and botnets against targets.
  • Personal Enjoyment. This type of DDoS attack falls under the category of cyberbullying and trolling. It’s intentional and meant to be either fun or vindictive (or both) while at the same time demonstrating the power to disrupt a web site or network.
  • Cyberwar. Used for political and military advantage, cyberwarfare is normally associated with nation-states. It’s designed to inflict economic or physical impact on its targets. Groups that use cyber warfare strategies and tactics and are well-trained, organized, and belong to government militaries or terrorist organizations. Many world governments have devoted significant resources and time to conduct attacks that have disrupted an adversary’s online and critical infrastructure.

DDoS Attack Methodologies

DDoS attacks consist of three major phases and four different sub-components, according to researchers. The sub-components are an attacker, multiple control master or handler computers, multiple “slave” computers or botnets, agents, or zombies, and a victim or target machine. 

In the first phase of a DDoS attack, hackers take control of network-attached computers called “masters or handlers” to control other machines that will ultimately execute the DDoS attack. Creating a network of handlers and attack machines is an automated process where hackers scan the internet for computers or Internet of Things devices that can be compromised, usually with malware. 

When the desired number of compromised machines is reached, hackers start the second attack phase. The aggregate number of machines, called a botnet, is loaded with the necessary instructions and commands to launch an attack by the network of compromised zombie computers.

In the final DDoS phase, hackers direct the botnet to execute the attack or attacks on victim machines. The distributed nature of the attack sends massive amounts of internet traffic to the victim’s system or online resources that in turn disrupts or slows down the intended target’s services. Spoofed or fake IP addresses hide compromised device identities and discourage the victims to filter out malicious traffic to find the attack source.

Increasing DDoS Sophistication

The threat landscape of today is constantly opening up new opportunities for attackers to take advantage of the latest internet-connected devices and cloud technologies to launch even more massive DDoS attacks. These new attacks have also gotten easier to execute with zombie botnets able to take down large corporations or government entities.

The latest attack vector is physical access control systems installed in places including corporate headquarters, factories, or industrial parks. “Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks,” according to firewall company SonicWall.

Hackers are now scanning the internet for exposed Nortek Security & Control (NSC) Linear eMerge E3 devices and exploiting one of the ten newly discovered vulnerabilities, according to SonicWall. Their primary purpose is to control what doors and rooms employees and visitors can access based on their credentials (access codes) or smart cards and then block or disrupt access to physical buildings.

DDoS-as-a-Service

To mitigate the popularity and accessibility of DDoS attacks as a tool for non-technical attackers, security researchers and law enforcement agencies regularly track and take down malicious web services that are now offering for-profit DDoS-as-a-Services that have weaponized for the masses what was once only done by sophisticated hackers.  

Called “booter” or “stresser” sites, cybercriminals are marketing and selling attack-for-hire services that can be easily purchased online. According to Cloudflare, “Booters are slickly packaged as SaaS (Software-as-a-Service), often with email support and YouTube tutorials. Packages may offer one-time service, multiple attacks within a defined period, or even “lifetime” access. A basic, one-month package can cost as little as $19.99. Payment options may include credit cards, Skrill, PayPal or Bitcoin (though PayPal will cancel accounts if malicious intent can be proved).”

And security journalist Brian Krebs says “Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.”  DDoS-as-a-Service provides yet another attack vector for non-technical users to use for cybercrime, revenge, hacktivism, enjoyment or even cyberwar. 

Finally, the motivation or psychology behind DDoS attacks can also be viewed as merely a tool meant for distraction. Hosting company LiquidWeb claims that “while your security team is distracted mitigating the denial of service attack, the party responsible is free to go after what they actually want – whether it is financial information, intellectual property, or client data.”

If, as LiquidWeb states, DDoS attacks are the “equivalent of driving a bus through the front door of a bank while an associate tunnels into the bank vault from below,” then organizations must be vigilant about their IT security and take an approach that makes securing the network edge against all attacks a top priority.

Read More
URL Filtering
Exploring URL Filtering & Why Organizations Need to Implement It
Reading Time: 3 minutes

It’s not news that the majority of data breaches and network attacks occur due to poor internal security hygiene. However, what some of the headlines forget to mention is how easy it is for employees to leave the door open for attackers. In some cases, just a single click on an unsecured URL can expose your organization’s network and resources to those with malicious intent. This is one of the main reasons why organizations need to implement different security features to fight off unwanted attacks.  

To repel these accidental internal breaches, most experts will suggest security training and policy implementation, but that’s not enough. Organizations should instead choose the correct security solutions and policies to fit best their company’s needs. And in the case of limiting employee access to URLs that don’t relate to their job, this is where URL filtering comes in.

What is URL Filtering?

URL filtering provides organizations’ IT and security teams the ability to limit employees’ access to certain URLs, by defining which are either permitted or blocked sites. The most important reason your organization needs to integrate a URL filtering tool is to prevent employees from gaining access to websites that don’t help them with their jobs, or sites that can create major security risks for the organization.

By limiting access to certain URLs, it helps employees be more productive and helps to fight off potential security risks such as data loss, malware, or even legal issues. 

DNS Filtering Vs URL Filtering

DNS filtering, or Domain Name System blocking, is indeed useful for some ideas surrounding security but ultimately has less finesse than URL filtering. IT administrators can use a DNS filter to limit access to sites based on the DNS name resolution, or the site’s IP address, so whenever any URL resolves to this IP it’s blocked. This would also include all sub URLs, meaning it’s impossible to pick and choose which pages of a website (for example) are whitelisted and which are blocked. 

URL filtering has this capability and blocks access based on the exact URL as written in the filtering tool. With a URL filter, it would be possible to block access to facebook.com and still allow employees to see the company’s own Facebook page. This type of granular stratification of website access boosts the control that IT admins wield over the organization.

How Does URL Filtering Work?

URL filtering compares all web traffic with a database containing predetermined groups of URLs and then initiates the process of permitting or denying access to a site based on the categorization of the group that the URL belongs to. A URL filtering database operates with predefined URL lists such as gambling or pornography to groups of websites and allows managers to define the different access conditions to these URLs. 

Most organizations usually set up defined conditions similar to the following: 

  • Blocked: These URLs tend to be websites that distract employees from their work such as social media, news sites, or unsecured sites. Additionally, lists of URLs that are categorized with different security risks or have a history of malware or other attacks will be defined as blocked.
  • Allowed: Most sites that are defined as allowed concern employees’ daily work environments and tasks, such as workflow sites, email, work productivity sites, and more.
  • Allowed with Security Policies: These tend to be specific URLs that are set by the security and IT team, which will allow users access but with logging and monitoring by the security and IT teams.  

Customizing URL Filtering 

No matter if it’s integrated into different devices or a standalone platform, URL filtering provides another layer of security for organizations against unknown threats so employees can work normally without thinking about security. For all organizations looking to integrate a URL filtering feature, the following are the main security factors for integrating a URL filtering feature in your security strategy.

  • Enforcing Best Security Practices: By controlling access to different sites it helps IT teams to have full control of who is accessing what, where, and when. This plays a huge role in avoiding unwanted security threats.
  • Avoiding Phishing and Malware: By denying access to known flawed sites the opportunity for hackers to create a security breach will be decreased.
  • Implementing Security Policies: By setting up a security playbook that includes whitelisted and blacklisted URLs and user identification rules it will add another layer between malicious attackers and your organization. 
  • Clearly Defined Whitelists and Blacklists:  With IT and security teams fully controlling all the different sites that are being accessed by employees, it provides the guarantee of zero unwanted and accidental URL blocks.

URL Filtering is Better Security for the Future

By implementing URL filtering into your cloud security, you take a major step towards an airtight network. URL filtering additionally protects different endpoint devices and cloud services from cyber threats while boosting employee productivity and performance. By protecting and managing your employee’s access, it supplements your lines of defense in the fight against malicious attackers on your organization. The more secure your employees’ access, the more comprehensive your organizational security.

Read More
CSIO Mistakes
5 Security Mistakes CISOs Must Avoid in 2020
Reading Time: 4 minutes

With every new security breach announced, the CISO position is becoming more and more trendy for organizations. However, CISO is not a new position – it’s just only now getting the attention it deserves. Outside of enterprises, we rarely see an organization or a startup with a CISO and this is a huge mistake. There are many different security challenges in organizations of all sizes that prove why the need for an internal CISO will play a critical role in your organization’s success. 

Before we dig into the different challenges and mistakes that CISOs make let’s discuss what does the role entails. The position, Chief Information Security Officer (CISO) is fully in charge of the organization’s cyber and information security responsibilities and risk management. 

As we have seen in past years with huge breaches like the Equifax and Capital One breach, CISO’s have a lot of responsibilities on their plate when strategizing their organization’s risk management. As the threat landscape is continuously evolving with hackers implementing different dynamic and complicated attack tactics, the traditional risk management strategy can not withstand these styles of attacks. By implementing an outdated strategy your organization can become victim to massive fines, losing the trust of your customers and brand damage if your strategy isn’t up to par with the latest best security practices.  

CISO Responsibilities 

Today, your average CISO resources are mainly allocated to monitoring and responding to different security threats and making certain that their organization meets all the different compliance requirements.  

The organization’s CISO key responsibilities include identifying and securing any potential leaks in the network, creating and managing a risk management strategy for security incidents, researching and implementing new security tools and technologies. Last but not least the CISO is the go-to employee for all things security and with that, it’s their responsibility to inform everyone from junior developers to the sales team to C-level management about all the different security team activities in the organization.  

Mistakes Will Happen 

No matter how experienced your CISO is, mistakes will happen. The difference is how big are the mistakes and how often are they occurring. As we start a new year organization’s CISOs should be well aware of what are the best practices and what are the new style of different attacks. So with further ado, here are the 5 mistakes your CISO should avoid in 2020. 

Not Hacking Your Own Network

Organizations that aren’t using external or internal white hackers (ethical hackers) and think their network or environments are secure are dead wrong. Without knowing how secure or insecure your internal resources is like launching your product without testing with quality assurance.  While your CISO might tell the management team that everything is secure but until your organization has implemented hacks by white hackers on your system you can’t be 100% sure that your organization is safe.

Advice: Hire white hackers internally but if you don’t have the necessary resources to hire professional penetration testers. Pen testers will look for everything from testing network security protocols and settings, software vulnerabilities and even will try different malware and targeted phishing campaigns on the organization employees. Your organization’s CISO should implement a yearly internal security test to take the extra step ensuring the organization’s cybersecurity is up to date. 

Nobody Likes a “Dr. No” 

Every organization has employees who are yes men/women but when it comes to the different responsibilities of a CISO, one of the worst mistakes they can make is becoming a “Dr. No”. The CISO is often seen as the organizational blocker telling employees they can’t do things and forcing them through unwieldy processes in the name of compliance. Despite looking out for what’s best for the organization, CISO’s should have a good balance of when to say yes and no to different requests.

Advice: Instead of CISO’s denying and putting their foot down, they should be open to change. They should be able to easily recognize the benefits of new security tools and solutions and how it will help the organization on a security level. Secondly, instead of saying no to everyone and everything, become the person that everyone seeks to implement new technology in the organization, but don’t forget to check the risk factor. 

Not Sticking to a 360 Degrees Security Strategy 

The security space has two players, the organizations and the hackers. While some people might say it’s a fair matchup, it’s not. Organizations are expected to know how to defend every attacker from every angle, while hackers have it easy by finding one small leak and then they have access to the organization’s network. To make it simple, CISO’s should understand and accept that you won’t be able to fight off every attack. 

Advice: As a CISO who is always thinking about one’s security, one of the worst mistakes they can make is thinking that you can stop every single attack. Instead, CISO’s should clearly understand the organization’s technology, vision, and limitations and strategize for minimal risk with the different resources you have in the organization. In a world where there are endless attacks it’s best to survive than not be prepared. 

Not Setting up a Security Policy for the Future 

Today, organizations are making changes and decisions quicker than ever. They’re focusing more on how many new features and products can we launch in a certain amount of time. One major factor that is being forgotten is the security risk factor. While moving fast and making quick changes is great, organizations of all sizes need to make sure the right security is put into place so your organization won’t become an easy target for hackers.

Advice: Implement a cybersecurity policy and architecture in the organization. If there isn’t a security policy in place there is a very high chance your organization will be hacked and breached. Organizations and CISO need to emphasize on a cybersecurity strategy as early as possible to provide the best defense plan against hackers. This strategy should include incident response strategies, creating a security policy, employee training and assigning employees as the security team. 

Not asking for Help

Despite the increase of cybersecurity jobs worldwide, there is a huge shortage of proper cybersecurity skills in most organizations. However, with a CISO they should never be afraid to ask when they don’t know the answer or can’t find the answer. CISO’s can have the “perfect team” but if they’re lacking the right security skills, the CISO decisions will backfire without reasons. 

Advice: Instead of making choices with a gut feeling or best practices, CISO’s should ask the experts which is the correct direction and have a clear understanding of why they are making the decision with the correct reason to back it up.  

Better be Prepared then Attacked

While a CISO will never be correct 100 percent of the time, they should learn from their mistakes and have the right strategy in place to fight off everything. By strategizing correcting with the right security approach that has a mix of experience, security knowledge, strategy, and organization’s expectations, the CISO will be more ready to grasp every security activity they will encounter. 

Read More
2020 Predictions
2019 Security Trends & 2020 Predictions That Will Shape Your Organization’s Strategy
Reading Time: 5 minutes

As we commence a new year and century, we tend to look at the different trends from the previous years and think about what the future holds for us.

When looking back at 2019, it was a wild run for organizations that were fighting different challenges such as cryptojacking, phishing, ransomware and making sure their critical resources stayed in the clear from hackers. However, not everyone stayed safe in 2019 as we saw different organizations fall prey, for example, the Capital One breach. As we move forward it is important to dwell on what we experienced, take those lessons, and implement them in order to improve your organization’s internal and external security.

Looking forward to 2020 and beyond, organizations will need to be prepared against attackers who will create and implement different kinds of attacks. We talked to different security experts who explained what 2019 trends and 2020 predictions they’re most excited about seeing in security in the upcoming year.

2019 Network Security Trends

Insider Threat Attacks

Hackers and malicious actors have a massive resource pool available to them which helps them easily access an organization’s networks and resources. One of the most popular kinds of attacks in 2019 was insider threat attacks.

“The insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network. The threat from malicious insider activity is an increasing concern, especially for financial institutions, and will continue to be so in 2020.” – Steve Durbin, Managing Director of the Information Security Forum

More Data Privacy Regulations

“With new legislation such as CCPA for California Residents and previous regulations such as GDPR, Data Privacy and Compliance are huge issues for 2019. There is an ongoing focus on protecting consumer’s personally identifiable information (PII) and a lot of companies are falling short. If each person took five minutes to run an internet search, they would likely find a wealth of information about themselves on public websites that they didn’t know existed. This will continue to be a problem in 2020 as not all companies will comply with privacy laws and some companies will continue to sell people’s personal information for profit.” – Courtney H. Jackson, Founder & Chief Information Security Officer (CISO) at Paragon Cyber Solutions

5G leading to More IoT Risks

With the rollout of 5G, we have seen more data than ever before being gathered from IoT, to protect access to those devices, IAM solutions for IoT will be a major need in 2020.

“With the opportunity of higher bandwidth provided by 5G, there are emerging threats, to name a few, that threat actors will dedicate more effort to hijack these devices for botnets for DDOS, malware distribution and recognizance of the target organization.

Enterprises should start planning now to protect this type of asset that is often forgotten, leaving them unmanaged from a security point of view and a low effort entry point for an attacker, often combined with the device vendor unwilling or unable to patch known vulnerabilities. This lead to a continued spread of Mirai botnet and their clones across the globe in 2019, three years after the threat was identified it is still a danger, given the current trend, I predict we will continue to see them grow in 2020.”- Fausto Oliveira, Principal Security Architect at Acceptto

2020 Security Predictions

Ransomware

Ransomware has always been a continuous threat to organizations over the years and in 2020 and beyond we will see many businesses and users in the financial sector become a more popular target by hackers.

“We will continue to expect to see more ransomware attacks on healthcare, education, and government sectors due to the large ransoms and success over the past year. Additionally, several ransomware groups have started to exfiltrate data in order to force victims to pay ransoms as many organizations started to ensure that they had good backup systems in place and avoided paying ransoms. But with this new twist to ransomware, companies now face the release of information and a data breach.“ – Shannon Wilkinson, CEO of Tego Cyber

Increasing Automated Security

There’s a huge shortage of skilled cybersecurity personnel, several million worldwide according to some reports.

“To make do with too few skilled resources, more companies will explore and expand security automation initiatives. In recent years, a whole market has emerged for Security Orchestration Automated Response (SOAR) platforms which enable teams to orchestrate and automate security actions to get more done in less time and with less manual effort. In 2020, look for greater adoption of SOAR platforms and automated playbooks, as well as for SIEM and Threat Intelligence Platform vendors to add more SOAR-type capabilities.” – Atif Mushtaq, CEO of SlashNext

Shadow IT

Over the past decade, many organizations have considered “shadow IT” as one of the key risk trends expected to change the way we think about security risk. As we enter 2020 and the next decade, shadow IT will become not just a trend but the native way we do business.

“Organization, from the largest hospital systems to rapidly-growing startups, will have an ever-growing set of thousands of external, cloud-based software systems, or externally managed dependencies introduced into their systems and software. It will be critical that companies understand which type of data they are sharing and with which third parties – and the security postures of those third parties.

In order to mitigate the risk in this fundamental change to the way we do business, information security organizations will need to support all areas of the business with more efficient processes and practices so everyone can make informed, risk-based decisions about the software they use and how to manage it securely – in line with a shared responsibility model.” – Ben Waugh, CSO at digital health firm Redox.

Unified Security Platforms

Today the majority of organizations are continuously adopting many different kinds of security solutions. Most of them are outdated, hard to manage and no longer relevant to the modern world and its new threats. The idea of a unified security platform will be introduced in 2020.

“Modern organizations will need to adopt Saas based unified cybersecurity platforms that are easier to implement and manage inside the organization’s environment. Moving forward, instead of using different vendors for different security needs, I believe IT managers will prefer to implement a central security system that provides complete visibility of its networks to help the cybersecurity analysts identify threats and respond in real-time in case of an incident. This concept presents the idea of having one platform for all solutions which provide the idea of a  one-stop-shop to consume cybersecurity.” – Amit Bareket, Co-Founder and CEO of Perimeter 81

Looking Past the Predictions

When looking back at 2019 and even earlier, we must learn from our previous security experiences and mistakes to learn what worked well and what didn’t. However,  looking into 2020 and forward we can’t depend on outdated tactics to fight off hackers and attacks.

The security community as a whole needs to stay informed daily about the different kinds of attacks, tactics and trends and start implementing them on an organization level to stay safe in 2020. We wish everyone a happy and secure 2020!

Read More
SASE
Gartner SASE: Transforming Network Security
Reading Time: 4 minutes

SASE is now doing to network security what storage devices did to the IT space.

SASE was coined in late August by leading Gartner security analysts Neil MacDonald, Lawrence Orans, and Joe Skorupa. They published the “The Future of Network Security Is in the Cloud” report, which discussed for the first time a new model for network security which will change the way organizations secure their networks and data. This model is called Secure Access Service Edge (SASE).

SASE was announced as the emerging technology model that will shape network security in the upcoming years. Gartner believes that SASE will change the network security industry, similar to how IaaS changed data center architecture. Despite being just introduced, the emerging SASE market is becoming apparent. In the report, Gartner says by 2024, at least 40% of enterprises will have security strategies that will require the SASE model. The concept of the model is to create and provide a secure cloud environment that is fully integrated into one’s network.

Cloud Services Adoption Requires Better Security 

As the majority of organizations are moving to the cloud and adopting different cloud services, they are quickly learning network security isn’t so simple. The traditional network security model was built on the idea that organizations should send traffic to corporate static networks where the necessary security services were located. At the time, this was the accepted model due to the majority of employees working from site-centric offices. 

The idea of more user-centric networks is changing the traditional network we once knew. While people are now working more remotely from home, cafes, as well as around the world the standard, hardware-based security appliances we’ve depended on are no longer adequate in securing remote network access

With the widespread adoption of cloud computing, organizations started to see the increase in employees becoming nomads. As more digital workspaces increased, the static network model became a thing of the past. This new approach presented an increase in network security issues. While static network security solutions provide a level of security for most organizations, a fundamental transformation is essential. However, this network and resources digital transformation haven’t provided a smooth transition. 

Organizations have implemented cloud services with traditional hardware security solutions such as firewalls, SD-WAN devices, and other security products. This attempt to work with both outdated security solutions and cloud services has created more problems than solutions. How can organizations moving forward combine their hardware and cloud security solutions? 

The cyber security and network security solution space is highly segmented with an endless amount of different solutions by security vendors. This is creating a massive headache for organizations that are trying to smoothly integrate these solutions in their network environment. Instead, the entire cybersecurity space needs to converge to provide a more holistic cybersecurity approach. This is where SASE is introduced. SASE allows organizations to have a software-based and service-based network that will provide a unification of different security solutions approach. It happened with the IT space with storage devices and it is now happening with the network security space with SASE.

What is SASE? 

Secure Access Service Edge (SASE) is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform to be delivered as a service without any or small amounts of hardware and appliances involved. The new cloud architecture model which is transforming how the cloud will integrate more smoothly with outdated security technologies all in one network. SASE provides organizations the opportunity to securely connect to a single network where they can gain access to physical and cloud resources – no matter their location.

SASE enables IT security solutions to provide a more holistic and agile service for business networking and security for its customers. What makes SASE innovative and disruptive is the idea of how it will transform the way network security is consumed over traditional products and cloud services. 

SASE Is Networking

Unlike traditional networking, SASE is removing the outdated network idea of site-centric to a more user-centric mindset. Instead of organizations connecting their networks and resources under one branch to a central office, the SASE model suggests that businesses should instead connect their employees and networks on a more user-centric level to a cloud-based service. 

In the past, the majority of networks for organizations were pinpointed at the central data center for user access. While this approach was implemented by global organizations, Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight its will become less relevant as the majority of services are moving to the cloud. 

According to Gartner, SASE provides organizations of all sizes many advantages over traditional security technologies such as better flexibility for users and IT managers, more affordable network costs and greater performance. 

SASE Means More Security Features

While current network security solutions emphasis on very specific features in their product, SASE creates the opportunity for security services to provide different security features than their initial offering. One of the key additional security features that SASE can offer is Zero Trust network access. 

Due to the SASE model, which is not dependent on an IP address or location of a user’s device for policy enforcement, organizations can implement the Zero Trust approach for consistent and secure network access and policy enforcement. 

By enforcing the Zero Trust approach for identity user access ensures policy enforcement and protection for all users, devices, applications, and data, regardless of where they’re connecting from. This user-centric approach makes the verification of authorized entities mandatory, not optional. By implementing a holistic security approach with the SASE model will provide a more flexible and adaptable versus any potential network risks moving forward all organizations no matter the size. 

Is SASE the Right Model For Your Organization?

For each organization the successful network security depends on the right solution, organizations can feel confident that they can implement the SASE model without needing to modify the existing network.

With secure, segmented and audited access to cloud environments, applications, and local services, Perimeter 81’s SASE service increases security, auditing, monitoring, and visibility while reducing help-desk support and hardware spending.

Read More
How Employees Open the Door to Hackers (and how to prevent it)
How Employees Open the Door to Hackers (and how to prevent it)
Reading Time: 5 minutes

With every passing day, we are seeing more and more security breaches announced globally. Whether it’s the massive Capital One data breach or the latest CafePress data breach, organizations of all sizes are being targeted and breached by malicious actors. While these breaches grab headlines, reporters are constantly highlighting the hackers, information or the failure of technology. 

These stories may be exciting for your casual reader, we should be asking ourselves what is the real reason these breaches are happening. Unfortunately, companies prefer not to admit to it but the reality is that breaches, no matter the size, tend to be caused by a mistake from someone inside the company.

According to an industry report by Shred-it, 47% of business leaders cited human error as the main cause of a data breach at their organization. These simple but harmful mistakes are hurting organizations financially and ruining customer’s trust in their service or product. One of the main reasons for these mistakes is that far too many employees are not fully aware of the security policies implemented at their company. By not following these security policies, employees are lowering their guard and presenting an easier target for hackers.

Remote Workers: Ideal Target for Hackers

The adoption of remote workers for organizations is increasing by the day. More and more companies are hiring remote workers and allowing employees to work on the go, which presents an increase of potential security risks. For example, when remote workers are using an unsecured public Wi-Fi network, it provides an easy path for hackers to gain access to your organization’s critical resources and network.  

When allowing employees to work remotely, organizations must clearly outline those remote employees’ responsibilities regarding IT security best practices and the importance of data protection. To provide another layer of defense, organizations must implement remote worker specific security policies which include device monitoring, multi-factor authentication and forcing employees to specific locations with secure Wi-Fi networks.

While remote workers might be easier targets for hackers, all types of employees must be aware of all the different kinds of attacks that will exploit human behavior to open the door for hackers. 

The 3 Most Popular Types of Attacks on Employees

Phishing 

Phishing is the most common and easiest way to attack company employees due to its low costs and its organic nature. Hackers target your employees by sending official-looking emails requesting that they send them critical information from their work device. Despite it being one of the oldest and original methods of hacking, most phishing emails can fool the common employee. 

The most famous phishing attack was Phish Phry, where hundreds of bank and credit card customers received an official-looking email directing them towards fake financial websites. People entered their account numbers and passwords into fraudulent forms, giving the attackers easy access to their private data.

Pro Tip: Remind your employees to always make sure the email address, email tone, requests fit the sender’s tendencies and if suspicious to report it to the security team. Another confirmation of a phishing email can help prevent a future phishing attack.

Social Engineering

This kind of attack is when hackers lure your employees into the trap by gathering personal data on them or your organization from the internet or social media. Hackers will use psychological manipulation to trick users into making security mistakes or giving away sensitive information. Hackers will investigate on how to gather the necessary background information and then gain the employee’s trust, which will result in the person breaking security practices, such as revealing sensitive information or granting access to critical resources.

The most famous social engineering attack was 2013’s Yahoo data breach. Leaked data included names, email addresses, phone numbers, security questions (encrypted or unencrypted), dates of birth, and passwords. Furthermore, the breach was used to falsify login data, allowing hackers to grant access to any account without the use of a password. 

Pro tip: Check the source. Make sure your employees check the URL links to see if they are real, and the person sending you the email is actually someone you know or work with. Usually, a spelling error is a dead giveaway that they are being attacked.

Ransomware 

This kind of attack is a type of malicious software which is designed to deny access to critical files unless a ransom is paid. Companies that don’t give in to ransomware attacks tend to result in the publishing of their critical data on the dark web or in the headlines. Even if organizations pay the ransom it’s not guaranteed that they will regain access. 

The most famous ransomware attack was Wannacry. It struck a number of important and high-profile systems globally. This attack exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency

Pro Tip: To fight off ransomware attacks, your employees should regularly update their devices’ software and block fake email messages using email authentication.

Keys For Better Employee Security Hygiene 

Fighting off potential attacks such as described above starts with continuous and ongoing security training with your employees. The better trained your employees and organization are with IT security best practices, the lesser chance of a successful attack sneaking into your networks and resources. 

Educate Your Employees 

One of the key steps for better employee security hygiene is knowing the best practices and how to implement them in your daily workday. It is important to train employees on security policies and to explain the rationale behind those policies.

Employees don’t care about creating a strong password or watching for phishing emails if they don’t understand the risks behind them. You don’t need to teach employees about every technical detail in security protocols, but they should know which risks can impact their jobs. Organizations should frequently run training sessions to keep their employees up to date with security best practices. 

Minimize Data Access

If you provide all your employees access to every resource in your organization, they are potentially creating more levels of risks. To keep it simple, only give access to employees that need those resources to do their job. By limiting access, you will be safeguarded from potential leaking of your organization’s sensitive information (personal information, financial information) of the organization that shouldn’t be seen by your entire staff.  

Implementing Multi-Factor Authentication (MFA)

It’s 2019 and MFA is everywhere. Despite its importance, MFA frustrates many employees, even though it is one of the most effective practices today. By forcing a second factor for identity verification, risks are eliminated by ensuring that stolen credentials alone won’t be enough to ensure access. When you implement MFA capabilities with strong passwords, SSH keys, and strong internet hygiene, you can further reduce the chances of a breach.

User-Friendly Security Solutions

One of the most effective ways to make sure your employees aren’t creating security risks is by implementing user-friendly security solutions throughout the entire organization. By implementing employee-friendly security solutions, another layer of defense against hackers will be added. To make the user experience more useful and enjoyable for your employees, these solutions should be easy to implement, straightforward, not too technical and optimized for their work environment. The better the user experience, the more secure your employees are. 

Moving Forward 

The common misconception is that malicious actors are gaining access to devices and networks by exploiting systems and vulnerabilities. In reality, they are actually targeting your employees with simple and effective attacks. 

Moving forward, your organization should implement a combination of engaging employee training and the adoption of security solutions. By implementing periodic employee security training and security solutions, your organization and its employees will be moving in the right direction to fight off attacks from hackers. 

We hope you found this post helpful! If you’d like to learn more about the many advantages a Zero Trust Network as a Service solution, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
Naas_blog
The Rise of Network as a Service
Reading Time: 5 minutes

An increase in innovation in enterprise IT is changing how companies manage every aspect of their business. At the core of this revolution is the rise of cloud computing, which is among the most significant transformations since the launch of the internet.

Before cloud computing technology was available, businesses had to manage their network and resources on-premises, with employees working from one site-centric location. Today, the IT industry is seeing a massive increase in organizations adopting cloud services that use private clouds, which are created independently and used by a single organization. 

As for employees, we are seeing an increase of over 16% of global companies fully employing remote workers on the go and thus make the adoption of the cloud a requirement for organizations moving forward. 

The global cloud computing market is estimated to be worth over $300 billion by 2022. Cloud computing has transformed IT offerings for organizations with cost-effective, scalable solutions to the various needs of the IT teams. Further, it has proven to be a critical stepping stone for the future of how organizations adopt cloud-based networks. 

Cloud Networks May Lead to More Security Issues 

The use of cloud network services is universal—we’ve seen this rise over the past decade to the point where many of our organizations couldn’t function today without the cloud. The ability to quickly upload resources, adopt new applications, and respond in real-time to end users’ tickets allows organizations to compete effectively in today’s ever-changing marketplace. The understanding that sensitive data lives in the cloud and must be protected is critical for cloud adoption growth. Critical to cloud adoption growth is the understanding that sensitive data, now lives in the cloud and must be protected. The cloud also introduces a different set of risks that need to be understood properly in order to prevent potential cyber.

The expansion of cloud services being implemented by organizations means that it can be confusing to clearly understand where and which data is being exposed to risk. Storing data without encryption and lack of multi-factor authentication for access can lead to loss of intellectual property, loss of management control, exposure to malware, compliance violations, massive data breaches with customers and partners and ultimately loss of customer trust and loss of revenue. As we learned in the Capital One data breach, we need a clear understanding of which cloud services are being used and which data is being uploaded in order to implement specific security policies.  

Organizations that introduce company-wide identity access policies provide another layer of security for their employees and their customer’s data. This is where the idea of Network as a Service is introduced. 

What is a Network as a Service?

To understand if Network as a Service is the right solution for your organization, we need to understand what it actually is and why it’s the modern solution for cloud network security

Network as a Service is the model of delivering enterprise network services virtually on a subscription basis. Configuring and operating business networks and protocols routers can be time-consuming and complicated. With Network as a Service (NaaS), the entire network operations can be handled by a third-party service provider, such as Perimeter 81.

Small to midsize businesses are the classic NaaS buyers, however, with the rise of SaaS and other service models, enterprises and large organizations are becoming more interested in the network model. NaaS can also be appealing to new business owners because there is no need for a large investment for traditional network hardware. This model also reduces the amount of staff time required to maintain the network and reduces the level of training and skill required of network staff.

In the NaaS business model, IT Security teams can manage the organization’s network through a portal rather than through network management tools and out of date hardware. A new virtual network can be added to the organization’s WAN by connecting it to the NaaS provider’s nearest point of presence (POP) either directly through a leased line to a nearby data center or over the internet.

Now that we’ve explained the advantages of a Network as a Service, read on to find out how this particular model can benefit your organization. 

Benefits of Network as a Service

Network as a Service will become the ideal business model for delivering scalable network services using a subscription-based application and enables vendors to scale the service by the customer needs and add new functionality and features on-demand. 

Additionally, businesses can easily deploy custom routing and user access protocols. Further, by modifying the content of the network, businesses can efficiently implement advanced network services, such as in-network data aggregation, redundancy elimination and more. 

Here are some key benefits when implementing a NaaS for your business:

Reduced Costs

Implementing a Network as a Service reduces many IT costs including infrastructure, hardware, software, operations, and maintenance. The lowered expenses are due not only to outsourcing but also to the knowledge and expertise that NaaS providers can bring to the table. The right NaaS partner can make the transitional period as smooth as possible, minimizing expenses and mistakes as you implement new processes and equipment.

Continuous Maintenance 

Network as a Service provides a continuous monitoring service to ensure that threats are easily preventable, and notifications can often be configured so that major issues can be identified and resolved.

Enhanced Security

With Network as a Service, service providers can protect and secure sensitive data, applications, and resources. 

Increased Levels of Uptime  

Many Service Level Agreements (SLAs) are created with managed network service providers that guarantee levels of their availability, network uptime, and response and resolving services for addressing network issues. Employing a Network as a Service with a reputable provider is an easy way to ensure these service level guarantees, and provide organizations with confidence that they have a dependable and stable communications system.

The Future of Network as a Service

Software-defined wide area networks have opened new opportunities for network service providers to offer Network as a Service to more enterprise businesses. While organizations today are expanding globally, relying on data and applications on the cloud and driven by the mobile workforce, SD-WAN is addressing the right IT needs. This new network service approach allows security vendors to provide one network with one security framework for all users and applications, which makes IT leaner, more agile. While a software-defined wide area network has played as a strong variable with today’s evolution of the wide-area network, it has successfully encouraged businesses to adopt Network as a Service by bringing a new vision for networking and security to today’s business.

When looking into the future of Network as a Service, another phase is now developing. While still being defined, some of the attributes that are emerging include the expansion of running Network as a Service workload in public clouds.

The transition of running cloud services in the public cloud domain will likely be a gradual process, but there is already an initial demand for this capability for applications. The attraction here is that the public cloud is well-suited to deliver any service that requires cloud computing. 

As a result, future phases of NaaS will continue to expand with the increasing adoption of cloud services. Every business will have its own strategy for migrating to the internet. However, given the fact that Network as a Service is always evolving with the cloud, IT managers will have a lot of different network options moving forward.

We hope you found this post helpful! If you’d like to learn more about the many advantages of a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
Capitol One Breach
The Capital One Data Breach: How Crisis Could Have Been Averted
Reading Time: 3 minutes

One of the largest hacks in 2019 was made by a former Amazon employee who stole credit card data, including 80k bank account numbers and 140k Social Security numbers affecting millions of Americans and Canadians. Here’s how this crisis could have been averted.

The largest category of information which was accessed is related to consumers and small businesses who applied for credit cards between 2005 and early 2019, according to a statement from Capital One. 

The stolen information included names, addresses, postal codes, phone numbers, email addresses, dates of birth, and self-reported income, as well as other bits of important data that may be used by criminals to carry out fraud. 

Who Let the Data Out?

The cause of the breach was a cloud firewall configuration vulnerability, which Capital One said it has since fixed. The unauthorized access took place on March 22-23, 2019 when the attacker exploited a firewall misconfiguration which permitted commands to reach the impacted server. 

This exploit allowed a hacker to execute a series of commands on the bank’s servers. Once through the perimeter, the intruder commandeered the credentials for an administrator account, gaining access to Capital One’s data stored on their AWS servers. The file contained code for three commands:

The first command obtained security credentials from an administrator account that had access for web application firewalls. The second listed the number of buckets or folders of data in an Amazon Web Services (AWS) database. The final command by the hacker was to copy the data from the Capital One repository. After successfully exfiltrating the data from Capital One’s servers, the hacker posted the stolen data to GitHub for a brief while before dropping a dime on herself on Slack. Despite her use of tools aimed at keeping her anonymous, it created a digital trail for their potential arrest. 

Is Capital One to Blame? 

Data breaches on cloud storage services are occurring more often, primarily because more companies are using the cloud and attackers are seeing this as a fruitful platform. Despite the migration to cloud services, companies are still responsible for their own security even on the cloud. When implementing a cloud storage service there are many financial and logistic benefits but companies must not forget the importance of cloud storage security. 

There is no denying that cloud computing is the way of the future, but when financial institutions that house so much sensitive customer data approach the cloud, implementing the proper security measures is an absolute must. In the case of the Capital One breach, despite being cloud innovators, security wasn’t up to par.   

Capital One has been a major advocate in the banking world for cloud services. The company is migrating more of its applications and data to the cloud and plans to be done with its data centers by the end of 2020. Other financial institutes have been more cautious of implementing cloud services, largely for security reasons.

Cloud-hosting services such as AWS are very appealing to companies looking to cut costs as data centers carry a hefty price tag, often tens of millions of dollars. When it comes to data security, AWS, like most providers, the cloud storage model is the Shared Security Responsibility model. This assures certain layers of infrastructure and software security, but the customer is ultimately responsible for how data is used and accessed.

Clearly, there were mistakes with how Capital One was protecting this AWS bucket as it appears someone was able to access the data it contained pretty easily. The Capital One breach is proof that companies have a lot to learn when it comes to deploying security technology effectively and especially the importance of access to cloud storage must be defended and protected by adopting security strategies.

Stay on Top with Secure Network Access 

Many organizations still rely on outdated hardware-based VPN technology with a distributed management system and other complicated client applications. These systems are complex, costly, require extensive management, and most notably, they are not cloud-friendly.

Access to cloud storage must be defended and protected by adopting security strategies, like the Zero Trust security model, which enforces multiple layers of verification before granting resource access. Furthermore, this breach highlights the need to embrace cloud-compatible cybersecurity solutions. 

To prevent similar risks such as the Capital One breach, organizations should use Software-Defined Perimeter technology and the Zero Trust model to close their cloud environments and SaaS services so that they can only be accessed by authorized devices, users and locations.

The shift to the cloud is inevitable, so it is key that financial institutions also adopt cybersecurity services that are well designed to integrate with major cloud providers. Our solution is based on the Zero-Trust security model and allows direct access to cloud resources and applications while evaluating the user permissions and related metadata. With Perimeter 81, organizations can ensure that only authorized connections are being established while leaving their cloud environments completely hidden from attacks.

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
5 Network Security Mistakes
5 Network Security Mistakes Your Employees are Still Making
Reading Time: 4 minutes

Network security breaches are frequently grabbing the headlines, often with the same angle of how big was the hack, who was affected and what information was taken. The majority of the time, the source of the hacks tend to be influenced by which actor or which technical error occurred. While these data breach stories grab readers attention, we need to rethink how these kinds of hacks really occur.

5 Network Security Mistakes Your Employees are Still Making

Today, companies are increasing their cybersecurity budget by implementing different security solutions to fight off hackers. This is good news as we are not just depending upon best practices. However, there is one security patch that can never be fully fixed the errors committed by the company’s employees.

Every organization is aware of the risk of human error. Employees occasionally commit mistakes, which can hurt the network of their company. However, not all organizations realize how dangerous human errors can be when it comes to the network security of the organization. 

So how do you help lead your employees past some of the common and painful network security mistakes?

Here are the 5 most common network security mistakes by your employees and how to fix them.

1. Using Weak Passwords

One of the most common network security threats is the usage of weak passwords. When passwords are not set using the correct procedures, they can be easily hacked by external actors which will allow them to infiltrate the company‘s network.

Passwords are considered one of the most common forms of security, and they can be highly effective when used properly to protect the privacy of data stored on servers across the network. The use of weak passwords can easily be resolved by educating employees about strong passwords and the part they play in keeping hackers away. For critical and sensitive business data, implementing a stronger password-protection system like periodic expiration of the password and multi-factor authentication can provide an additional layer of security against hackers.

2. Using a Traditional VPN

More and more companies have adopted remote workers and the migration of their critical applications to the cloud. Traditional VPN services are too tolerant, allowing staff to access their company’s network for their day-to-day work. As a result, these resources assume unwarranted visibility and become more receptive to compromise.

Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software-Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. 

Traditional security models are designed to protect the perimeter to fight off threats that try to exploit your company’s network. By implementing the Zero Trust need-to-know model, each employee will gain a customized secure connection to their organization’s resources requiring access.

3. Using Unknown Devices

Employees tend to make the mistake of sharing external USB devices or using unauthorized devices which can be plugged-in any machine on the network. In addition, some employees make the potentially harmful mistake of plugging in unknown USB drives into their laptops that they find around the office.

These devices may contain a virus that could spread from one infected computer to another. Employees should refrain from using these kinds of devices that were not authorized by the administrators of their network. Organizations should set up company policies that prohibit employees from using their own devices which might have been controlled remotely by a hacker.

4. Using Free WiFi Hotspots for Work

Public Wi-Fi hotspots are convenient when abroad on vacation, at a cafe, and at the airport. Remote workers and employees who frequently travel for business often take advantage of public Wi-Fi to work on the go. However, connecting to public Wi-Fi for accessing your company’s network can prove risky to your employees as these networks are easy to hack. Hackers can easily gain access to the company’s confidential and sensitive data.

Hackers can also use public Wi-Fi hotspots to install malware on the mobile devices of those employees who have enabled file-sharing on their system. To fight off the hackers, organizations should advise employees to avoid using public Wi-Fi networks to connect to corporate resources without a secure network as a service solution.

5. Unauthorized Application Installation

Another common security threat by your employees is the installation of unauthorized applications on the company’s network. This can be a critical threat to a company because it just takes a few small installation steps for a small program to take control of the whole network.

This can easily be fixed by revoking administrative access for most employees. Another way to fix this type of threat is by training employees the importance of third-party credibility and authenticity. This can be enough to make employees aware of the threats posed by the installation of unauthorized applications.

Moving Forward 

The human factor is one of the main issues in ensuring the security of corporate systems. More and more often attackers choose to slip into the corporate network by attacking the employees, rather than hacking into the infrastructure directly from outside the perimeter.

To prevent attackers from getting inside your company’s infrastructure, your organization’s employees should be properly educated about security and the risks involved. By properly educating your employees with network security best practices, they will provide an additional layer of defense against hackers attempting to gain access to your network.

We hope you found this post helpful! Feel free to share any network security mistakes that you have witnessed in the comments section below. If you’d like to learn more about the many advantages a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
Perimeter 81 featured in Gartner Zero Trust Network Access Market Guide
Perimeter 81 Recognized in Gartner’s 2019 Market Guide for Zero Trust Network Access
Reading Time: 3 minutes

Perimeter 81, a secure network access solution for the modern and distributed workforce has been included in the 2019 Market Guide for Zero Trust Network Access by Gartner Inc., a leading IT research and advisory company.
Gartner Zero Trust Market Guide

At Perimeter 81, our Software-Defined Perimeter (SDP) service, backed by Zero Trust access control, ensures secure access to web applications, SSH, RDP, VNC or Telnet, through protected IPSec tunnels – without an agent.

Employees simply access their application portal, select the application they have permission to enter and create a session that is fully audited, recorded and monitored.

According to Gartner, “ZTNA, which is also known as a software-defined perimeter (SDP), creates an identity- and context-based, logical-access boundary around an application or set of applications. The applications are hidden from discovery, and access is restricted via a trust broker to a set of named entities. The broker verifies the identity, context and policy adherence of the specified participants before allowing access. This removes the application assets from public visibility and significantly reduces the surface area for attack.”

What Is the Market Guide for Zero Trust Network Access?

Each year, Gartner publishes the Market Guide for Zero Trust Network Access. This report states that “this research helps security and risk management leaders choose the best solutions for their use cases, including application-centric and demand-driven connections.”

According to Gartner, “Zero trust network access replaces traditional technologies, which require companies to extend excessive trust to employees and partners to connect and collaborate. Security and risk management leaders should plan pilot ZTNA projects for employee/partner-facing applications.”

The Perimeter 81 Secure Connection Product Offering

For Zero Trust network access, it’s essential that organizations obtain unparalleled visibility into enterprise computing activity. Our Zero Trust solution, managed through our central management platform, provides visibility, control, and threat protection with comprehensive coverage for all IT domains.  

Our  non-disruptive Zero Trust network security solution features:

  • Secure Network Access
    Network security, implemented via a client application for endpoints, allows for secure IPsec and SSL VPN connectivity for all employees, partners, customers and guests no matter where they’re connecting from (e.g., remotely, on the local network, or over the Internet).
  • Inspect and Log All Traffic
    Accurately monitor network activity by identifying and classifying all traffic, regardless of ports and protocols, encryption or hopping. This reiterates the need to “always verify” and eliminates methods that malware may use to hide from detection and provides complete context into applications, associated content and threats.
  • Least Privilege Access Control
    Many legacy solutions are limited to port and protocol-level classification, resulting in too much unfiltered traffic. With granular access control, users can safely access appropriate applications and data by reducing available pathways and eliminating unauthorized and malicious traffic from the network.
  • Advanced Threat Protection
    Legacy stateful inspection technology is incapable of enforcing a least-privileged policy because they only understand IP addresses, ports and protocols – not specific applications. Perimeter Zero protects against both known and unknown threats is necessary to support a closed-loop, highly integrated defense stature that consistently and cost-effectively enables trust boundaries.
  • High-Performance Design
    Zero Trust security and networking capabilities must be implemented in a way that they do not become a performance bottleneck. The Perimeter 81 software architecture minimizes latency and surpasses processing requirements, providing high availability, avoiding loss of service and increasing the uptime of your network. By deploying multiple server instances in locations closest to your business, data centers or remote employees, organizations can prevent slow-downs and reduce redundant loads on servers.

Penetrating a Growing Market

From our perspective, being recognized as a Representative Vendor in the 2019 Market Guide for Zero Trust Network Access from such a reputable resource validates our continuous effort in the enterprise cybersecurity market.

“With a least-privileged strategy and strictly enforced access control, organizations can control interactions with resources based on relevant attributes, including application access, user and group identity and the sensitivity of the data being accessed,” said Amit Baraket, CEO and Co-Founder of Perimeter 81. “With unmatched visibility and control of applications, users, and content, organizations can migrate to Perimeter 81’s Zero Trust network security flexibly and non-disruptively.”

Read more about our recent recognitions:

Gartner Hype Cycles
- Hype Cycle for Infrastructure Strategies, July 2018
- Hype Cycle for Cloud Security, July 2018
- Hype Cycle for Enterprise Networking and Communications, July 2018
Comet Competition Finalist
- Perimeter 81 was announced as one of 12 finalists
for the 2019 Comet Competition, held by Ingram Micro
Inc., in partnership with MassChallenge
Annual Cybersecurity Breakthrough Awards
- “Mobile VPN of the Year” - 2018 CyberSecurity Breakthrough Awards
Info Security Products Guide
- Silver Winner of Startup of the Year – Founded in 2018
- Bronze Winner of Cyber Security Vendor Achievement of the Year
Gartner Market Guide
- Gartner, Market Guide for Secure Enterprise Data Communications, April 2019
Gartner Cool Vendor
- Gartner, Cool Vendors in Network and Cyber-Physical Systems Security, April 2019

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

(1) Gartner, Market Guide for Zero Trust Network Access, 2019, Steve Riley, Neil MacDonald, Lawrence Orans, 29 April 2019.    

Have any product questions or suggestions? Don’t hesitate to contact us at [email protected] or drop us a line in the comments section below.

To learn more about Perimeter 81’s Zero Trust Network as a Service be sure to request a complimentary demo.

Read More
Network Building Feature - Perimeter 81
Perimeter 81 Platform Release: Introducing Our Network Building Capabilities
Reading Time: 3 minutes

We’re excited to announce the launch of our new and powerful network building capabilities which now allow you, our valued customers, to create fully flexible, customized networks that are multi-regional, interconnected to your environments and optimized for speed.

Perimeter 81’s new network building capabilities enable you to model your entire network using several advanced security features. Our new and easy-to-use UI helps you create, manage and secure multi-regional custom networks that are interconnected to your cloud and on-premise environments.

New Network Building Capabilities

Perimeter 81’s new Network Capabilities allow you to automatically create fully customized networks.

The new and innovative platform UI includes:

  • Multi-Regional Support: Now you can have private gateways in different locations to ensure your network can best serve international branches and employees with reduced latency and optimal speed. Since our applications are optimized for performance, employees will automatically connect to the nearest private gateway.
  • Split Tunneling: Control whether you tunnel all your network traffic, or specific subnets, from the client applications to Perimeter 81’s Secure Network as a Service. You can choose to add a Perimeter 81 Connector to interconnect your cloud (AWS, Azure, Google Cloud) and on-premise environments, or use an IPsec Site-to-Site Tunnel to create a secure communication link between two different networks located at different sites.
  • Custom DNS: Now you can opt-in to use a Custom DNS will allow you to utilize your organization’s DNS servers, as well as local domain names. You can choose to either obtain a DNS server address automatically, or select a primary and secondary DNS address manually.

Network Innovation

Businesses across a wide variety of industries are in need of simpler, more reliable network security. By delivering a single-click service that eliminates much of the hassle and headache of the past, our users are able to deploy, manage, and visualize network connections using only software. This enables the integration of powerful APIs, as well as the ability to analyze and visualize network traffic.

With Perimeter 81, you get the full package. Along with our new networking building capabilities, our platform continues to provide:

  • Sleek, User-Friendly UI: With our improved UX and UI, compatible for web and mobile devices, it’s now easier than ever before to deploy, manage and secure your organization’s network.
  • Single Sign-On Integration: Our customers can enforce secure policy-based access with total ease. Perimeter 81 offers integration with several leading Identity Providers including G Suite/ Google Cloud, Okta, Microsoft Azure AD and Active Directory/LDAP.
  • Two-Factor Authentication: Add an extra layer of security and prevent remote attacks with SMS notifications, Google Authenticator and Duo Security authentication. We know this feature will be highly valuable for all businesses, and particularly those that need to adhere to strict industry regulations, like HIPAA compliance standards.
  • Advanced Activity Monitoring: With the management platform, you can gain even more insight into your network’s health, activity and security. Our platform includes a wide range of activity types including visibility into group and server creation, team member authentication, password changes and more.
  • Automatic Wi-Fi Security: Immediately protect your traveling employees from Wi-Fi hotspot threats with an encrypted connection that activates the moment your employees connect to an unsecured network.
  • Cross Platform: Easy-to-use cross-platform applications available for all your employees’ corporate and BYOD devices.
  • Private Servers: Private servers with dedicated IPs so you can skip manual IP whitelisting and lock down secure resources to protected IPs.

Have any product questions or suggestions? Don’t hesitate to contact us at [email protected].

If you don’t currently have an account and would like to experience a full tour of our platform, be sure to request a complimentary demo.

We hope you enjoy all the new networking features and benefit from a faster, simpler, and more seamless way to build and manage your network!

Read More