VPN_SASE
VPNs Are Out and Scalable Remote Access Solutions Are In
Reading Time: 4 minutes

COVID-19 has accelerated the world’s digital transformation and lately this has headed in an inevitable direction: the adoption of remote work. We can no longer assume that employees are working from the office and the “new normal” that the world is experiencing will likely bring about permanent changes to how and where we work. Tech giants such as Facebook, Twitter and Google have announced they plan to keep their employees working remotely until at least the end of 2020, and possibly beyond. While this approach is gaining popularity by the day, it’s far from a new concept. 

Remote work has been a popular method for companies for the past two decades due to benefits like flexibility, productivity and cost-savings. In late 2019, Gartner predicted that by 2020, half of the US workforce would be working remotely. Here we are six months into 2020, and no one could have predicted that 62% of the U.S. workforce would go home to work remotely due to the COVID-19 outbreak. 

Are Traditional VPNs Still Relevant? 

Over the past 20 years, organizations adopted different tools in order to support and secure their remote workforces. The most popular solution that organizations relied on was an enterprise VPN technologies for remote network access. The value that VPNs once provided is diminishing by the day due to organizations’ transition to the cloud, however, and remote employees no longer need to connect to their corporate headquarters’ network. 

Due to COVID-19, the majority of global organizations are requiring that their workforces connect to business resources on the cloud or to the corporate network remotely, creating an overload of traffic on the VPN’s they previously implemented. Originally, the idea of installing a remote access VPN was the right approach, however it’s now providing more cons than pros. 

VPNs can expose organizations’ data and resources, making them more vulnerable to different attacks on the remote workforce. The traditional VPN provides remote workers with unlimited access to organizational resources, creating an attractive, ripe environment for hackers to get inside the company’s network. With legacy VPNs, organizations are unable to restrict access to specific network resources, making VPNs one of the weakest points of failure with respect to identity access and credential management as there is no segmentation, audit or control.

VPN has other limitations, such as a lack of network visibility and network segmentation, which limits unauthorized user access and overall network security. The tech was not designed to deal with dynamic networks that organizations are creating today. This is due to VPNs requiring constant hardware updates, the need to be properly managed and the absence of network or server flexibility. All of the above make it more complicated to scale and rapidly adjust for new users and network locations, and increasingly difficult to effectively manage hybrid and cloud-based computing architectures.

Scalability: The Key Factor of Today’s Workforce 

The idea that one day an organization may need to increase the number of users to thousands or more is possibly one of the most important factors when deciding which solution to implement, especially with remote access needs. VPNs’ scalability hasn’t been their strongest characteristic; actually their lack of scaling capability to hundreds or thousands of users has been more of an Achilles heel.

VPNs were initially designed to only handle a small percentage of the global workforce. In today’s day and age, with thousands of organizations looking to scale their entire workforce remotely, the need for remote access solutions is more demanding than ever. With a massive increase in users, organizations are seeing congestion and latency in network access and a lack of quality of service.  

In the past, when there were just a few remote workers in an organization, IT teams were required to designate a small amount of network access for them alone. When companies transform to a more remote workforce, organizations will need to adopt solutions that will have the capacity to support their networks and applications for everyone remotely. In the case of VPNs, network over-usage and older architecture results in slower user experience and creates headaches for IT and remote workers simultaneously. 

Additionally, the implementation of new users and networks with a VPN can take up to weeks to fully onboard, creating a major hole in the company’s network. So which kind of solutions should organizations look for when trying to scale access to remote employees?

SASE: The Scalable Model For Remote Access

Instead of thinking about how we can make the VPN more secure, flexible and scalable, we should look for a different secure remote access solution. The answer lies in SASE: Secure Access Service Edge. Unlike VPNs, SASE is a solution for the increasing demand for scalable network access. So what is SASE and why is it the answer?

SASE, which was coined by Gartner in August 2019, is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform. This delivered “as a service” offers scalable secure access to the organization’s resources and networks. The new model will allow organizations to simply connect and secure their networks and remote workers with a cost-effective and instantly integrated approach.

Unlike the traditional networking solutions or modern VPNs, the SASE model recommends that organizations should instead connect their employees and networks on a more user-centric level to a cloud-based service. While in the past, the majority of networks for organizations were concentrated at the central data center for user access, this didn’t provide a suitable model for remote workers. Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight, it will become less relevant as the majority of services are moving to the cloud. 

By adopting the SASE model, organizations will have a more flexible and scalable opportunity to connect remote employees to applications, cloud services, and APIs no matter their location. 

Scaling for the Future 

The SASE model for secure zero trust network access and additional vital security features provides organizations with scalability, flexibility, ROI and most important of all, secure access for their remote workforces.

When seeking the right remote access solution, look past the legacy VPN and change your approach with a more flexible and user-friendly SASE platform to secure your network, resources, and employees. 

Read More
The Digital Transformation Finally Comes to Security
Reading Time: 4 minutes

There are few phrases more buzzword-y than “the digital transformation”, but its broad scope means that the term has never meant a static, single thing. Digital technology is always changing, so the organizations that use it are changing as well. Going through a transformation from analog business flows to digital ones is something that started happening decades ago and we haven’t yet found the limit of this idea’s benefits, so it makes sense that there are multiple phases of digitization that have occurred over the decades.

Technology constantly gets smaller, faster, and more powerful, spilling like water into new industries and applicable ideas over time. These include infrastructure assets and machines, operations and business processes such as online payments, eCommerce, and supply chain management, and most of all organizations’ workforces by creating new roles and platforms they use to do their jobs. Much of digitization has been less about technology and more about self-reference, by cleaning up the digitization process itself and simplifying the array of vital tools and processes that pile up.

This is the theme of what is perhaps the most notable trend in the last year: and it comes from an unexpected sector.

Security a Silent Cornerstone of Digitization

In addition to incorporating the cloud into a business strategy or growing your data intelligence department, there’s a background of digitization that makes these processes easier and safer – because the risks inherent in going digital are many. The security sector exists to recognize how this new world is threatened and from where, and is important for ensuring that organizations’ digitization efforts don’t needlessly expose their data or put customers at harm’s way.

Since the 1970s, cybersecurity has been there to respond with pragmatic solutions, when a growing array of technology gets ahead of itself. From the early ARPANET “creeper” which led to the first antivirus program, and through years like 1989 which were devastated by both the first DDoS and malware attacks, it has nearly always taken some digital travesty to shed light on the security industry’s importance. 

Moving storage and services into the cloud is the latest and greatest example. These days, the cloud is a cornerstone of digitization, with migration tools abound and services like AWS and Salesforce, which come with an arsenal of useful onboarding functions, single-click business processes, storage solutions, and more.

With mobile devices and applications getting more capable, however, it has meant that data moves farther than ever and exchanges more hands. That has given a larger opportunity for hackers to steal this data, and so the security sector has had to identify where the gaps appear and how to close them to enterprising bad actors. This is hardly a surprise to those who are familiar with the idea of cybersecurity, but even IT professionals “in the know” aren’t aware of how far along this simple idea has taken digitization in 2020.

Putting Security Ahead of the Curve

Unfortunately, the limits of cloud computing have been tested recently as remote work gets infinitely more popular. In terms of both security and speed, we’ve seen online platforms overclocked and put to the test in greater numbers, and not always with stellar results for IT. The use of many business-critical services together may work, but a greater number of endpoints and carelessly strung together solutions puts even the most diligent IT teams in a bind.

Many organizations realize this, and to lighten the burden they’ve enforced the use of basic security tools like a VPN. While a VPN will raise the lowest hanging fruit for a lazy hacker, they’re not perfect, and don’t make the digital transformation much easier. They just add another tool for IT to be responsible for configuring and managing, on top of storage, CRM, ERP, and other platforms. The required hardware for a VPN puts a price tag on security in terms of labor and more, and they don’t perform well under the conditions that networks are currently in. IT teams are then learning more about ideas such as Zero Trust security, which lets them segment their networks into custom-sized pieces, and implement unique access policies on top of the capabilities of a traditional VPN.

SASE Reminiscent of Past Tech Consolidation

This has solved some problems but not others. Zero Trust is indeed much better for security and easily scalable, but it’s still another tool stacked on top of the network. The old problem – that knowledge workers only spend 39% of their days actually working, thanks to platform overload – isn’t solved. Teams implementing Zero Trust are indeed considered cutting edge, but the last year has brought a relevant idea into the spotlight: SASE. Billed by research firm Gartner – the acronym’s creator – as a unified network security platform, SASE merges many of the network access and security tools that IT relies on.

With CASB, FWaaS, Wi-Fi security, IPSec tunneling and encryption, multi-factor authentication and SWG all easily consumed in one place, SASE turns ideas that used to be full-fledged and separately consumed platforms into features of a single platform. This is reminiscent of what Microsoft Office 365 did in 2011 – combining multiple pieces of software into a single, cloud-based “as a Service” solution. Now that it’s happening in security, as companies go through implementation in greater numbers the turbulence of the last decade, rife with consecutive record-breaking data breaches, may finally be recognized as a speed bump instead of the status quo.

Read More
SDWAN
The 5 Most Common Mistakes That Organizations Make with SD-WAN Security
Reading Time: 5 minutes

The traditional brick and mortar, 9-5 office was previously seen as the central database for all employees trying to connect to the company’s network and resources. While this model worked in the past, currently it’s extremely outdated due to slow network connection time to data centers. Instead of placing the networks where the company is based, organizations must rethink how their network architecture needs to be designed. 

While many organizations still make the branch sites the center of networking, they should make their employees’ location the key factor of how their company’s networking should be implemented. Due to the ongoing digital and cloud transformation, employees are seeking quick access to data and company resources in their work environments, no matter their location. 

As a result of the modern employee needs, the once traditional static MPLS connections are not the answer for today’s modern networking between the user and the office branch. Due to the evolving network technology, organizations started to adopt SD-WAN solutions for quicker, flexible, effective, and more affordable networking. 

What is SD-WAN and What are its Benefits?  

An SD-WAN, also known as a software-defined wide-area network, is a virtualized network that is abstracted from data center or branch office hardware to create an easily configurable and scalable overlay wide area network distributed across local and global sites. It’s also an application of Software Defined Network (SDN) technology that is more reliable and scalable than VPN-based WAN solutions because it takes a software-based approach to build and extend enterprise networks beyond the core SDN.

Organizations today can use SD-WAN solutions to connect branch offices to their corporate networks instead of using traditional and expensive multiprotocol label switching (MPLS) connections, firewalls or proprietary hardware.

SD-WANs offer many benefits for organizations looking to leverage the cloud ranging from network topology simplification, internet traffic prioritization, and cost reduction to scalability and integrated security. SD-WAN management solutions allow IT managers to automate deployment and configuration processes of their network which reduces the complexity of managing a WAN network. Additionally, applications can also be integrated and managed from an SD-WAN portal, further simplifying SD-WAN management.

Despite the numerous benefits and the advancement of SD-WAN solutions, most organizations leave security at the door when implementing SD-WAN solutions. 

Security is Essential for SD-WAN Success

When organizations are adopting new technologies, security is top priority when choosing a service of solution. This is the same with SD-WAN. According to a Gartner survey, 72% of executives see security as their biggest SD-WAN concern.

As each organization implements new networking infrastructures, they need to think and prepare for the different security risks and challenges. Many of the outdated security solutions cannot address these modern security challenges. 

Adding to that problem, SD-WAN falls under most networking teams, which creates an even bigger issue where security isn’t even brought to their attention. Some might say it’s a mix of employees’ neglect or misguided advice but it’s just simply leaving an easy target for hackers to attack your organization’s network. 

SD-WAN Security Mistakes Happen

Some might think that SD-WAN security is simple: you install the solution, it encrypts the data, and then sends it to the user from one location to the next. However, like every other cybersecurity solution, you need to strategize and instead of separating security and networking, you need to think of it as one solution where networking and security go hand in hand. Other security mistakes can and will occur.  Here are our 5 security mistakes that organizations tend to make with SD-WAN and how to fix them:

Not Including SD-WAN Security in Your Organization’s Security Strategy

One of the biggest SD-WAN security mistakes that organizations commonly make is thinking that SD-WAN security is not part of the organization’s overall security strategy. SD-WAN should not be perceived as a standalone solution and just another connectivity tool that provides a level of data encryption. SD-WAN needs to implement the advanced security policies that other networking infrastructures are implementing.  

To avoid further security risks, organizations must implement a more advanced security approach that looks past WAN capabilities that integrate policy-based control rules into their company security strategy. This new approach will allow security teams to monitor the data with a more holistic SDN managed detection response model. By prioritizing SD-WAN security and integrating it into your cloud security strategy, your organization will have an extra layer of defense when fighting off malicious actors’ attacks on your organization’s network. 

Treating SD-WAN With a ‘Set It and Forget It’ Mentality

A continuous mistake we are seeing is when organizations implement a new technology in place and then they move on from it. This is the same issue with SD-WAN. To stay clear of this common mistake, organizations should have an ongoing monitoring and updating strategy in place to make sure everything is going smoothly. 

By adopting this always monitoring approach with SD-WAN, it will allow organizations to expand network visibility and properly manage their network on a daily basis. As the security landscape is continuously changing so is your SD-WAN solution, so it’s best to always stay up to date and monitor your network instead of setting it up and forgetting about it.

Encrypting SD-WAN Traffic is a Must 

A major networking challenge that organizations are experiencing is switching from an MPLS connection to a more public broadband connection. Unfortunately, this doesn’t bode well with their cloud environments and services. Due to this, more organizations are implementing SD-WAN solutions to create more private broadband connections that link the cloud resources to the organization’s main network. Adding more and new connections causes a domino effect which results in adding more holes in your network, opening the door to attacks. 

To solve this issue, organizations need to encrypt their SD-WAN traffic to protect their critical information that is being accessed by the organization.  It is recommended to adopt a SASE platform that encrypts all network traffic that transforms into a fundamental security layer in your SD-WAN solution. By having that extra layer of security it’s essential for organizations to provide a high performance secure networking connection to its employees.  

Implementing the Wrong Solution For Your Needs 

When seeking the right SD-WAN solution for your organization, you need to consider if this is the right fit for your networking needs. Another common mistake made by organizations is that they deploy another stand alone solution or the wrong solution. By looking for a tool that helps with network visibility or device policy management, organizations need to understand if this tool will secure our network and not complex the tough challenge of securing the network. 

Therefore, the first thing organizations need to check when considering an SD-WAN solution is whether it will easily integrate into its network and security strategy. By adopting the correct SD-WAN solution for its organization it will help increase security posture for the entire network security strategy.  

Forgetting about Security Entirely

Ignoring security might be the simplest mistake that an organization can make when adopting SD-WAN solutions. While SD-WAN tends to fall under the networking teams at organizations, the idea of a cost-saving solution usually forgets to include the importance of security.  

Instead of just thinking SD-WAN as another networking tool, organizations need to include their security teams when managing SD-WAN to ensure there is the proper security in place after adopting the solution. While this common mistake is a simple one it comes with major consequences. By implementing an unsecured solution can open the door to hackers and can create major security issues for the organization’s network and critical resources. 

Improving SD-WAN Security

In just over a few years, SD-WAN has shown its great value by providing a quicker and more flexible option for network transformation. Despite the continuous advancement of SD-WAN, they don’t entirely provide protection against more sophisticated attacks that we are seeing with today’s network environments. 

Moving forward, Organizations need to think about which advanced security functionalities need to be easily integrated into their SD-WAN solution instead of thinking security afterward. By adopting a more secure SD-WAN solution with the correct security functions integrated it will help organizations to detect and intercept attacks on its network moving forward.  

Read More
remote_workers
When Hackers Attack: 5 Essential Security Tips For Working Remotely
Reading Time: 4 minutes

Whether working from home or remotely, social distancing has grabbed headlines as one of the most popular buzzwords on the internet due to COVID-19.

Once the World Health Organization declared COVID-19 a global pandemic, the shift to working remotely became a reality. Governments forced all nonessential places of work to close up shop and recommended that all companies who can work remotely shift their employees to work from home model.

While remote work and social distancing have been essential in flattening the curve and the spread of the coronavirus, they open a Pandora’s Box of cybersecurity risks. By having employees work from home, organizations are forced to face the fact that employees’ devices are now the main way that they connect to their work resources. While this might not sound worrisome, it comes with many security risks, especially when coping with hackers and malicious actors. 

More Remote Workers = More Attacks

With each passing day, we are seeing more and more hackers trying to take advantage of the COVID-19 situation to target remote workers with different attacks such as phishing, VPN vulnerabilities, and malware. According to CNBC, the rise of cyber attacks is occurring due to the fact that the majority of companies have implemented an entirely remote workforce.

Due to the increase of attacks, IT and security teams are forced to make quick changes to their security policies and best practices for their remote employees. The in-office, company-wide security policies and training are not accommodated for the new reality that hackers are trying to exploit. Now, organizations must depend on their employees to be on the front lines against hackers, making it essential that organizations strategize and plan out employee-friendly security policies.

To Work Securely You Need to Think Like a Hacker

To help global organizations’ remote workforces to learn more about the different security risks we co-hosted a webinar with SOSA, Leading Cyber Ladies, the Israeli Economic Mission to North America, and the Global Cyber Center of NY on April 1st. The panel of security experts included Sivan Tehila, Director of Solution Architecture at Perimeter 81 and Founder of Cyber Ladies NYC, Nicole Becher, Director of Information Security & Risk Management at S&P Global Platts and Guy Franklin, MD, SOSA NYC – Global Cyber Center of NYC. In this webinar, the panel of experts provided their insights on the number of cyber threats facing everyone while working remotely and how organizations should protect their data, resources and remote employees. Watch the entire webinar on-demand below.

5 Essential Tips for Securing Remote Workers

Throughout the webinar, the panel of experts provides great insights into the different kinds of attacks remote workers can face on a daily basis. However, we would like to highlight the great security tips they provided throughout the webinar. You can find them below:

Update Your Business Continuity Plan

One of the most important tips that we can provide to organizations is to update their business continuity plans so that they can adapt to the always-changing landscape of uncertainties. When thinking about the rise of remote workers, organizations need to strategize and plan out how to keep their business afloat while staying secure. 

Take a closer look and assess risks and response technology to decide if you are prepared enough for the new changes in cybersecurity planning. This is an important tip as this division of a business must provide a quick and immediate assessment period. 

Create Strong Passwords and Enable 2FA

One of the most common mistakes that employees can make is using weak passwords. When passwords are not set using the correct best practices, they can be easily stolen by hackers. The use of weak passwords can easily be resolved by educating employees about what makes a strong password and the role they play in keeping hackers away.

Additionally, organizations should enforce the usage of a 2FA solution. Two-factor authentication (2FA) ensures that, in addition to usernames and passwords, the second layer of verification such as an SMS code is required. By adopting stronger passwords and 2FA, employees will be one step closer to working more securely.

Beware of Phishing Emails

When experts think of the most common attack on organizations, phishing is the first thing that comes to mind. Phishing is the easiest way to attack an organization’s employees due to its low cost and familiar presentation as an email. The process is simple; hackers begin by emailing employees an official-looking email that requests that they send them critical information from their work device. Despite it being one of the oldest ways to hack an organization or a user, most phishing emails can easily fool employees. 

To avoid such phishing attacks, they suggested educating employees to always double-check the email address, the tone of the email and the request itself. 

Implement Training and Awareness Programs

Educating employees on the importance of remote security will help them understand the impact they have on their organization. Implementing a security awareness program is a crucial step for organizations’ remote security planning efforts.

The program should cover why security is a joint responsibility for everyone from management to employees by providing clear examples of their roles in the organization and how security may be affected. The mistake of employees often thinking that the responsibility of the organization security solely falls on the security team is dangerous, but with the right education and real-life examples, employees will understand the importance of working remotely the right way.

Ditch the Legacy VPN

As most companies have become fully remote during this time, the need for secure remote access has become a must. While you might turn to traditional VPNs in order to access company resources, they are not the right solution to attain policy-based secure remote access today. Traditional VPN services are not scalable for organizations moving their entire workforces remotely and they lack network visibility, which opens the door for hackers to breach an organization’s network and critical resources, without any warning.

Instead of adopting a traditional VPN for remote access, you should look towards a solution that is based on the SDP architecture and the Zero Trust model. By Implementing a Software-Defined Perimeter solution, IT managers can customize permissions for those employees who need access to specific parts of the organization’s network. Additionally, by adopting the Zero Trust need-to-know model, each remote employee will receive tailored secure access to only the resources necessary for their roles.

Looking into the Future of Remote Workers

 As we see remote work becoming the norm for organizations moving forward, it’s important to think about the different risks that employees are facing on a daily basis. While some might believe hackers are thinking outside of the box with remote workers, they are actually targeting remote employees with the simplest and most effective of attacks. 

Looking into the future of business, security teams should adopt a mix of user-friendly security solutions and engaging employee security awareness programs. These are the first basic steps in the direction for total security for remote employees. 

Read More
Security tips
The 7 Top Security Tips While Working Remote
Reading Time: 5 minutes

The curtains have opened on 2020, and the scene depicted so far has been difficult to observe.  In early March, COVID-19 literally took over the world, halting our day to day activities full stop. After some negligent optimism and resultant consequences, the 11th of the month saw the World Health Organization finally declare the Coronavirus to be a pandemic, forcing governments worldwide to come to terms with the outbreak and institute measures that would “flatten the curve”.

Countries closed their borders, disallowed public events, forced all nonessential businesses to close their doors and instructed that their employees work remotely. Some jobs cannot be done remotely while others can, and while the former have caused economic chaos the latter simply wreak their havoc on networks.

The primary strategy called social distancing goes hand-in-hand with working remotely, and has been one of the key tactics in limiting the spread of the coronavirus, yet this new way of doing things has its distinct disadvantages. While some experts might say lack of productivity is the biggest issue of the remote workforce, I think security is the biggest issue. 

This is especially true with remote workers and the additional network security challenges and risks it presents. We talked to different security experts who explained this notion, and provided their best security tips when working remotely. Without further ado, here are the top security tips for organizations to follow to fight off any untimely attacks from malicious actors.

Only Connect to Trusted Networks 

Accessing sensitive resources over public Wi-Fi or an unknown connection can prove risky to your remote employees as these connections are easy to hack. Hackers can easily gain access to the company’s confidential and valuable data when employees are connecting to public networks. 

“Many newly remote workers don’t have a dedicated home office and have to go to coffee shops or other public areas. However, public Wi-Fi is incredibly insecure and can leave you and your company exposed — no matter what industry you’re in. The best practice when working outside your home is to use your phone’s personal hotspot as well as a business VPN. While VPNs can sometimes slow your connection, a phone’s 4G or 5G service is almost as fast as your home network access, so it won’t be terrible and could mean the difference between your company getting hacked or not.” – Michael Alexis, CIO of Team Building

Use Multi-Factor Authentication (MFA)

Multi-factor authentication (MFA) is one of the key technologies in use today for verifying the identities of users. MFA requires that a user requesting access provides not only something that they know (their credentials) but also something that they have (their personal device).

“There are shortcomings with 2FA, as hackers can bypass wireless carriers, intercept or redirect SMS codes, and easily compromise credentials. Multi-factor authentication is more secure as it adds an additional layer of protection. Instead of  just asking for a username and password, MFA requires additional credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.” – Aaron Zander, Head of IT of HackerOne

Adopt a Password Manager 

The expectations for secure passwords have undoubtedly increased in recent years. Using common and frequent passwords have enabled hackers to access millions of accounts annually. This is why many experts are recommending that employers encourage workers to use a password manager. 

“If office network permissions previously gave you unfettered access to work software, now you may be required to enter a variety of passwords to gain access. If your workplace doesn’t already offer a single sign-on service, consider using a password manager. It will be much more secure than a written list of passwords left on your desk.” Pieter Arntz, Malware Intelligence Researcher for Malwarebytes Labs.

Use a VPN Alternative like SDP

With more and more organizations enforcing work from home with the current situation, many of them are thinking of implementing a legacy VPN. Network-security-wise, VPNs are not the right route to take and far from an adequate magic bullet – especially as workers go remote and resources move to the cloud.

“Traditional VPN services are too lenient when it comes to visibility and security features. This results in your network and resources becoming more receptive to compromise by hackers. Instead of providing your employees with a traditional VPN, you should adopt an organization-wide Software-Defined Perimeter solution. Implementing a Software Defined Perimeter will allow you to restrict network access and provide customized, manageable and secure access to networked systems. Additionally, in the Zero Trust least-privilege model encouraged by SDP, each employee will gain secure access only to the organizational resources they need for their roles. This drastically reduces the attack surface.” Amit Bareket, Co-Founder and CEO of Perimeter 81

Practice Smart Email Security Methods

Email is the most popular method of communication on the Internet – maybe even on the planet. However, its popularity comes with risks. Hacking emails or phishing attacks are some of the oldest tricks in the book for hackers. It’s therefore important that remote workers know the best email security practices. 

“Whenever you receive an email — even when it’s from your boss, a colleague, be sure to check the sender “From” field and also hover over any links or attachments before engaging with them. Phishing is commonly used to spread malware and to infiltrate businesses’ networks and databases and can be used to pull off business email compromise (BEC) scams. You can also use an email signing certificate (S/MIME) certificate to increase email security.” – Casey Crane, Cybersecurity Journalist at Sectigo

Don’t Use Work Devices for Personal Needs 

Easier said than done, we know, especially when the mirror image of this rule (BYOD, or Bring Your Own Device) is so prevalent. Still, just as it’s important to carve out boundaries between work life and home life while working from home, the same is true of those devices you use in these settings.

“Make sure that you have a malware protection software installed to monitor activity and keep out unwanted intruders. Also, make sure both your personal and business data are hosted on a secure platform that encrypts the files. Ideally, look for a platform that has built-in security timeouts if a device is left inactive too long and allows you to wipe data remotely in the event that your device is lost or compromised.” – Brian Schrader, Co-Founder and President of BIA,

Get Security Hygiene Training 

Fighting off potential attacks from hackers is largely a matter of identifying their attempts, and employees can do so with a little security training. The more trained your organization is with the best avoidance practices, the more the chances of an attack on your network and organization decrease.

“Train and educate your employees about security awareness and protecting company information. Be sure to include situations that are unique to remote workers that wouldn’t normally show up when working on-prem, such as the dangers of using free public Wi-Fi. Instruct employees to disable Wi-Fi and Bluetooth services when not in use, to prevent their devices from connecting to unknown (and possibly malicious) networks.” – Darren Guccione, CEO of Keeper Security

Working Remote, Securely 

With the right amount of security technologies and rules in place, IT teams can add an additional layer of defense versus hackers, and supplement it by encouraging more security hygiene among the workforce. The tips provided by the different security experts above should help your employees work safely and securely no matter where they choose to log in. Take a proactive approach to network security in these days of remote access, and it will continue paying dividends well into the future.

Read More
ddos-attacks
The Psychology Behind DDoS: Motivations and Methods
Reading Time: 5 minutes

DDoS attacks, also known as distributed denial of service attacks, are one of the oldest internet cyberweapons used today by everyone from hacktivists and governments to disgruntled video game players and thrill-seekers purely for personal enjoyment. The attacks disrupt access to web sites and servers or take them offline completely by using co-opted online resources such as zombie PCs and servers or Internet of Things (IoT) bot networks that flood and overwhelm victims with online traffic.

If you want to take a network off the Internet, the easiest way to do it is with a distributed denial-of-service attack,” says security researcher Bruce Schneier. “These attacks are not new: hackers do this to sites they don’t like, and criminals have done it as a method of extortion. There is an entire industry, with an arsenal of technologies, devoted to DDoS defense. But largely it’s a matter of bandwidth. If the attacker has a bigger fire hose of data than the defender has, the attacker wins.”

Although individual and group motivations may differ, DDoS attacks have the same objective: take a target server or servers offline with internet traffic until the internet services are no longer operational. DDoS targets range from individuals to government organizations and businesses such as e-commerce sites, banks, stock exchanges, credit bureaus, gaming sites or internet service providers.

DDoS Attack Psychological Motivations

The motivations and psychology behind DDoS attacks vary. They span financial or economic benefits, revenge, ideological beliefs, cyberwarfare or even solely personal enjoyment. Large scale DDoS cyber attacks tend to be the result of group efforts, as opposed to individual actors, with a specific goal or agenda in mind.

DDOS graph

 Images from Elsevier Inc, 2015

The majority of DDoS cyber-attack psychological motivations fall into several categories:  

  • Financial gain or economic benefit. DDoS attacks against e-commerce sites and banks is a growing trend, especially during the holidays, according to technology industry research firm Forrester. And extortion or blackmail is another motivating factor to use DDoS attacks. Using DDoS attacks as a financial weapon is also a favorite technique for hackers who demand Bitcoin via email to stop the onslaught of traffic.
  • Revenge. It’s a DDoS attack motivation used against companies, organizations, and individuals where victims include non-profit organizations, community colleges, courts and law enforcement entities, or journalists. In most cases, the disgruntled individual or group behind the attack has a goal of inflicting damage for a perceived wrong.
  • Ideological belief. Also known as hacktivism, some attackers become motivated to attack political targets because of their ideological beliefs against a nation-state or government policies. This motivation has become an influential reason behind many DDoS attacks where independent “hacktivists” DDoS government websites to cause outages and disruption. In January 2019, Zimbabwean government-related websites were hit with a DDoS attack by hacktivist group Anonymous protesting internet censorship in the country.
  • Intellectual challenge. Some attackers DDoS web sites to demonstrate their technical capabilities skills. DDoS tools and even services are available via the Dark Web making it easy for attackers to deploy and experiment with the latest technologies such as automation and botnets against targets.
  • Personal Enjoyment. This type of DDoS attack falls under the category of cyberbullying and trolling. It’s intentional and meant to be either fun or vindictive (or both) while at the same time demonstrating the power to disrupt a web site or network.
  • Cyberwar. Used for political and military advantage, cyberwarfare is normally associated with nation-states. It’s designed to inflict economic or physical impact on its targets. Groups that use cyber warfare strategies and tactics and are well-trained, organized, and belong to government militaries or terrorist organizations. Many world governments have devoted significant resources and time to conduct attacks that have disrupted an adversary’s online and critical infrastructure.

DDoS Attack Methodologies

DDoS attacks consist of three major phases and four different sub-components, according to researchers. The sub-components are an attacker, multiple control master or handler computers, multiple “slave” computers or botnets, agents, or zombies, and a victim or target machine. 

In the first phase of a DDoS attack, hackers take control of network-attached computers called “masters or handlers” to control other machines that will ultimately execute the DDoS attack. Creating a network of handlers and attack machines is an automated process where hackers scan the internet for computers or Internet of Things devices that can be compromised, usually with malware. 

When the desired number of compromised machines is reached, hackers start the second attack phase. The aggregate number of machines, called a botnet, is loaded with the necessary instructions and commands to launch an attack by the network of compromised zombie computers.

In the final DDoS phase, hackers direct the botnet to execute the attack or attacks on victim machines. The distributed nature of the attack sends massive amounts of internet traffic to the victim’s system or online resources that in turn disrupts or slows down the intended target’s services. Spoofed or fake IP addresses hide compromised device identities and discourage the victims to filter out malicious traffic to find the attack source.

Increasing DDoS Sophistication

The threat landscape of today is constantly opening up new opportunities for attackers to take advantage of the latest internet-connected devices and cloud technologies to launch even more massive DDoS attacks. These new attacks have also gotten easier to execute with zombie botnets able to take down large corporations or government entities.

The latest attack vector is physical access control systems installed in places including corporate headquarters, factories, or industrial parks. “Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks,” according to firewall company SonicWall.

Hackers are now scanning the internet for exposed Nortek Security & Control (NSC) Linear eMerge E3 devices and exploiting one of the ten newly discovered vulnerabilities, according to SonicWall. Their primary purpose is to control what doors and rooms employees and visitors can access based on their credentials (access codes) or smart cards and then block or disrupt access to physical buildings.

DDoS-as-a-Service

To mitigate the popularity and accessibility of DDoS attacks as a tool for non-technical attackers, security researchers and law enforcement agencies regularly track and take down malicious web services that are now offering for-profit DDoS-as-a-Services that have weaponized for the masses what was once only done by sophisticated hackers.  

Called “booter” or “stresser” sites, cybercriminals are marketing and selling attack-for-hire services that can be easily purchased online. According to Cloudflare, “Booters are slickly packaged as SaaS (Software-as-a-Service), often with email support and YouTube tutorials. Packages may offer one-time service, multiple attacks within a defined period, or even “lifetime” access. A basic, one-month package can cost as little as $19.99. Payment options may include credit cards, Skrill, PayPal or Bitcoin (though PayPal will cancel accounts if malicious intent can be proved).”

And security journalist Brian Krebs says “Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button.”  DDoS-as-a-Service provides yet another attack vector for non-technical users to use for cybercrime, revenge, hacktivism, enjoyment or even cyberwar. 

Finally, the motivation or psychology behind DDoS attacks can also be viewed as merely a tool meant for distraction. Hosting company LiquidWeb claims that “while your security team is distracted mitigating the denial of service attack, the party responsible is free to go after what they actually want – whether it is financial information, intellectual property, or client data.”

If, as LiquidWeb states, DDoS attacks are the “equivalent of driving a bus through the front door of a bank while an associate tunnels into the bank vault from below,” then organizations must be vigilant about their IT security and take an approach that makes securing the network edge against all attacks a top priority.

Read More
URL Filtering
Exploring URL Filtering & Why Organizations Need to Implement It
Reading Time: 3 minutes

It’s not news that the majority of data breaches and network attacks occur due to poor internal security hygiene. However, what some of the headlines forget to mention is how easy it is for employees to leave the door open for attackers. In some cases, just a single click on an unsecured URL can expose your organization’s network and resources to those with malicious intent. This is one of the main reasons why organizations need to implement different security features to fight off unwanted attacks.  

To repel these accidental internal breaches, most experts will suggest security training and policy implementation, but that’s not enough. Organizations should instead choose the correct security solutions and policies to fit best their company’s needs. And in the case of limiting employee access to URLs that don’t relate to their job, this is where URL filtering comes in.

What is URL Filtering?

URL filtering provides organizations’ IT and security teams the ability to limit employees’ access to certain URLs, by defining which are either permitted or blocked sites. The most important reason your organization needs to integrate a URL filtering tool is to prevent employees from gaining access to websites that don’t help them with their jobs, or sites that can create major security risks for the organization.

By limiting access to certain URLs, it helps employees be more productive and helps to fight off potential security risks such as data loss, malware, or even legal issues. 

DNS Filtering Vs URL Filtering

DNS filtering, or Domain Name System blocking, is indeed useful for some ideas surrounding security but ultimately has less finesse than URL filtering. IT administrators can use a DNS filter to limit access to sites based on the DNS name resolution, or the site’s IP address, so whenever any URL resolves to this IP it’s blocked. This would also include all sub URLs, meaning it’s impossible to pick and choose which pages of a website (for example) are whitelisted and which are blocked. 

URL filtering has this capability and blocks access based on the exact URL as written in the filtering tool. With a URL filter, it would be possible to block access to facebook.com and still allow employees to see the company’s own Facebook page. This type of granular stratification of website access boosts the control that IT admins wield over the organization.

How Does URL Filtering Work?

URL filtering compares all web traffic with a database containing predetermined groups of URLs and then initiates the process of permitting or denying access to a site based on the categorization of the group that the URL belongs to. A URL filtering database operates with predefined URL lists such as gambling or pornography to groups of websites and allows managers to define the different access conditions to these URLs. 

Most organizations usually set up defined conditions similar to the following: 

  • Blocked: These URLs tend to be websites that distract employees from their work such as social media, news sites, or unsecured sites. Additionally, lists of URLs that are categorized with different security risks or have a history of malware or other attacks will be defined as blocked.
  • Allowed: Most sites that are defined as allowed concern employees’ daily work environments and tasks, such as workflow sites, email, work productivity sites, and more.
  • Allowed with Security Policies: These tend to be specific URLs that are set by the security and IT team, which will allow users access but with logging and monitoring by the security and IT teams.  

Customizing URL Filtering 

No matter if it’s integrated into different devices or a standalone platform, URL filtering provides another layer of security for organizations against unknown threats so employees can work normally without thinking about security. For all organizations looking to integrate a URL filtering feature, the following are the main security factors for integrating a URL filtering feature in your security strategy.

  • Enforcing Best Security Practices: By controlling access to different sites it helps IT teams to have full control of who is accessing what, where, and when. This plays a huge role in avoiding unwanted security threats.
  • Avoiding Phishing and Malware: By denying access to known flawed sites the opportunity for hackers to create a security breach will be decreased.
  • Implementing Security Policies: By setting up a security playbook that includes whitelisted and blacklisted URLs and user identification rules it will add another layer between malicious attackers and your organization. 
  • Clearly Defined Whitelists and Blacklists:  With IT and security teams fully controlling all the different sites that are being accessed by employees, it provides the guarantee of zero unwanted and accidental URL blocks.

URL Filtering is Better Security for the Future

By implementing URL filtering into your cloud security, you take a major step towards an airtight network. URL filtering additionally protects different endpoint devices and cloud services from cyber threats while boosting employee productivity and performance. By protecting and managing your employee’s access, it supplements your lines of defense in the fight against malicious attackers on your organization. The more secure your employees’ access, the more comprehensive your organizational security.

Read More
CSIO Mistakes
5 Security Mistakes CISOs Must Avoid in 2020
Reading Time: 4 minutes

With every new security breach announced, the CISO position is becoming more and more trendy for organizations. However, CISO is not a new position – it’s just only now getting the attention it deserves. Outside of enterprises, we rarely see an organization or a startup with a CISO and this is a huge mistake. There are many different security challenges in organizations of all sizes that prove why the need for an internal CISO will play a critical role in your organization’s success. 

Before we dig into the different challenges and mistakes that CISOs make let’s discuss what does the role entails. The position, Chief Information Security Officer (CISO) is fully in charge of the organization’s cyber and information security responsibilities and risk management. 

As we have seen in past years with huge breaches like the Equifax and Capital One breach, CISO’s have a lot of responsibilities on their plate when strategizing their organization’s risk management. As the threat landscape is continuously evolving with hackers implementing different dynamic and complicated attack tactics, the traditional risk management strategy can not withstand these styles of attacks. By implementing an outdated strategy your organization can become victim to massive fines, losing the trust of your customers and brand damage if your strategy isn’t up to par with the latest best security practices.  

CISO Responsibilities 

Today, your average CISO resources are mainly allocated to monitoring and responding to different security threats and making certain that their organization meets all the different compliance requirements.  

The organization’s CISO key responsibilities include identifying and securing any potential leaks in the network, creating and managing a risk management strategy for security incidents, researching and implementing new security tools and technologies. Last but not least the CISO is the go-to employee for all things security and with that, it’s their responsibility to inform everyone from junior developers to the sales team to C-level management about all the different security team activities in the organization.  

Mistakes Will Happen 

No matter how experienced your CISO is, mistakes will happen. The difference is how big are the mistakes and how often are they occurring. As we start a new year organization’s CISOs should be well aware of what are the best practices and what are the new style of different attacks. So with further ado, here are the 5 mistakes your CISO should avoid in 2020. 

Not Hacking Your Own Network

Organizations that aren’t using external or internal white hackers (ethical hackers) and think their network or environments are secure are dead wrong. Without knowing how secure or insecure your internal resources is like launching your product without testing with quality assurance.  While your CISO might tell the management team that everything is secure but until your organization has implemented hacks by white hackers on your system you can’t be 100% sure that your organization is safe.

Advice: Hire white hackers internally but if you don’t have the necessary resources to hire professional penetration testers. Pen testers will look for everything from testing network security protocols and settings, software vulnerabilities and even will try different malware and targeted phishing campaigns on the organization employees. Your organization’s CISO should implement a yearly internal security test to take the extra step ensuring the organization’s cybersecurity is up to date. 

Nobody Likes a “Dr. No” 

Every organization has employees who are yes men/women but when it comes to the different responsibilities of a CISO, one of the worst mistakes they can make is becoming a “Dr. No”. The CISO is often seen as the organizational blocker telling employees they can’t do things and forcing them through unwieldy processes in the name of compliance. Despite looking out for what’s best for the organization, CISO’s should have a good balance of when to say yes and no to different requests.

Advice: Instead of CISO’s denying and putting their foot down, they should be open to change. They should be able to easily recognize the benefits of new security tools and solutions and how it will help the organization on a security level. Secondly, instead of saying no to everyone and everything, become the person that everyone seeks to implement new technology in the organization, but don’t forget to check the risk factor. 

Not Sticking to a 360 Degrees Security Strategy 

The security space has two players, the organizations and the hackers. While some people might say it’s a fair matchup, it’s not. Organizations are expected to know how to defend every attacker from every angle, while hackers have it easy by finding one small leak and then they have access to the organization’s network. To make it simple, CISO’s should understand and accept that you won’t be able to fight off every attack. 

Advice: As a CISO who is always thinking about one’s security, one of the worst mistakes they can make is thinking that you can stop every single attack. Instead, CISO’s should clearly understand the organization’s technology, vision, and limitations and strategize for minimal risk with the different resources you have in the organization. In a world where there are endless attacks it’s best to survive than not be prepared. 

Not Setting up a Security Policy for the Future 

Today, organizations are making changes and decisions quicker than ever. They’re focusing more on how many new features and products can we launch in a certain amount of time. One major factor that is being forgotten is the security risk factor. While moving fast and making quick changes is great, organizations of all sizes need to make sure the right security is put into place so your organization won’t become an easy target for hackers.

Advice: Implement a cybersecurity policy and architecture in the organization. If there isn’t a security policy in place there is a very high chance your organization will be hacked and breached. Organizations and CISO need to emphasize on a cybersecurity strategy as early as possible to provide the best defense plan against hackers. This strategy should include incident response strategies, creating a security policy, employee training and assigning employees as the security team. 

Not asking for Help

Despite the increase of cybersecurity jobs worldwide, there is a huge shortage of proper cybersecurity skills in most organizations. However, with a CISO they should never be afraid to ask when they don’t know the answer or can’t find the answer. CISO’s can have the “perfect team” but if they’re lacking the right security skills, the CISO decisions will backfire without reasons. 

Advice: Instead of making choices with a gut feeling or best practices, CISO’s should ask the experts which is the correct direction and have a clear understanding of why they are making the decision with the correct reason to back it up.  

Better be Prepared then Attacked

While a CISO will never be correct 100 percent of the time, they should learn from their mistakes and have the right strategy in place to fight off everything. By strategizing correcting with the right security approach that has a mix of experience, security knowledge, strategy, and organization’s expectations, the CISO will be more ready to grasp every security activity they will encounter. 

Read More
2020 Predictions
2019 Security Trends & 2020 Predictions That Will Shape Your Organization’s Strategy
Reading Time: 5 minutes

As we commence a new year and century, we tend to look at the different trends from the previous years and think about what the future holds for us.

When looking back at 2019, it was a wild run for organizations that were fighting different challenges such as cryptojacking, phishing, ransomware and making sure their critical resources stayed in the clear from hackers. However, not everyone stayed safe in 2019 as we saw different organizations fall prey, for example, the Capital One breach. As we move forward it is important to dwell on what we experienced, take those lessons, and implement them in order to improve your organization’s internal and external security.

Looking forward to 2020 and beyond, organizations will need to be prepared against attackers who will create and implement different kinds of attacks. We talked to different security experts who explained what 2019 trends and 2020 predictions they’re most excited about seeing in security in the upcoming year.

2019 Network Security Trends

Insider Threat Attacks

Hackers and malicious actors have a massive resource pool available to them which helps them easily access an organization’s networks and resources. One of the most popular kinds of attacks in 2019 was insider threat attacks.

“The insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network. The threat from malicious insider activity is an increasing concern, especially for financial institutions, and will continue to be so in 2020.” – Steve Durbin, Managing Director of the Information Security Forum

More Data Privacy Regulations

“With new legislation such as CCPA for California Residents and previous regulations such as GDPR, Data Privacy and Compliance are huge issues for 2019. There is an ongoing focus on protecting consumer’s personally identifiable information (PII) and a lot of companies are falling short. If each person took five minutes to run an internet search, they would likely find a wealth of information about themselves on public websites that they didn’t know existed. This will continue to be a problem in 2020 as not all companies will comply with privacy laws and some companies will continue to sell people’s personal information for profit.” – Courtney H. Jackson, Founder & Chief Information Security Officer (CISO) at Paragon Cyber Solutions

5G leading to More IoT Risks

With the rollout of 5G, we have seen more data than ever before being gathered from IoT, to protect access to those devices, IAM solutions for IoT will be a major need in 2020.

“With the opportunity of higher bandwidth provided by 5G, there are emerging threats, to name a few, that threat actors will dedicate more effort to hijack these devices for botnets for DDOS, malware distribution and recognizance of the target organization.

Enterprises should start planning now to protect this type of asset that is often forgotten, leaving them unmanaged from a security point of view and a low effort entry point for an attacker, often combined with the device vendor unwilling or unable to patch known vulnerabilities. This lead to a continued spread of Mirai botnet and their clones across the globe in 2019, three years after the threat was identified it is still a danger, given the current trend, I predict we will continue to see them grow in 2020.”- Fausto Oliveira, Principal Security Architect at Acceptto

2020 Security Predictions

Ransomware

Ransomware has always been a continuous threat to organizations over the years and in 2020 and beyond we will see many businesses and users in the financial sector become a more popular target by hackers.

“We will continue to expect to see more ransomware attacks on healthcare, education, and government sectors due to the large ransoms and success over the past year. Additionally, several ransomware groups have started to exfiltrate data in order to force victims to pay ransoms as many organizations started to ensure that they had good backup systems in place and avoided paying ransoms. But with this new twist to ransomware, companies now face the release of information and a data breach.“ – Shannon Wilkinson, CEO of Tego Cyber

Increasing Automated Security

There’s a huge shortage of skilled cybersecurity personnel, several million worldwide according to some reports.

“To make do with too few skilled resources, more companies will explore and expand security automation initiatives. In recent years, a whole market has emerged for Security Orchestration Automated Response (SOAR) platforms which enable teams to orchestrate and automate security actions to get more done in less time and with less manual effort. In 2020, look for greater adoption of SOAR platforms and automated playbooks, as well as for SIEM and Threat Intelligence Platform vendors to add more SOAR-type capabilities.” – Atif Mushtaq, CEO of SlashNext

Shadow IT

Over the past decade, many organizations have considered “shadow IT” as one of the key risk trends expected to change the way we think about security risk. As we enter 2020 and the next decade, shadow IT will become not just a trend but the native way we do business.

“Organization, from the largest hospital systems to rapidly-growing startups, will have an ever-growing set of thousands of external, cloud-based software systems, or externally managed dependencies introduced into their systems and software. It will be critical that companies understand which type of data they are sharing and with which third parties – and the security postures of those third parties.

In order to mitigate the risk in this fundamental change to the way we do business, information security organizations will need to support all areas of the business with more efficient processes and practices so everyone can make informed, risk-based decisions about the software they use and how to manage it securely – in line with a shared responsibility model.” – Ben Waugh, CSO at digital health firm Redox.

Unified Security Platforms

Today the majority of organizations are continuously adopting many different kinds of security solutions. Most of them are outdated, hard to manage and no longer relevant to the modern world and its new threats. The idea of a unified security platform will be introduced in 2020.

“Modern organizations will need to adopt Saas based unified cybersecurity platforms that are easier to implement and manage inside the organization’s environment. Moving forward, instead of using different vendors for different security needs, I believe IT managers will prefer to implement a central security system that provides complete visibility of its networks to help the cybersecurity analysts identify threats and respond in real-time in case of an incident. This concept presents the idea of having one platform for all solutions which provide the idea of a  one-stop-shop to consume cybersecurity.” – Amit Bareket, Co-Founder and CEO of Perimeter 81

Looking Past the Predictions

When looking back at 2019 and even earlier, we must learn from our previous security experiences and mistakes to learn what worked well and what didn’t. However,  looking into 2020 and forward we can’t depend on outdated tactics to fight off hackers and attacks.

The security community as a whole needs to stay informed daily about the different kinds of attacks, tactics and trends and start implementing them on an organization level to stay safe in 2020. We wish everyone a happy and secure 2020!

Read More
SASE
Gartner SASE: Transforming Network Security
Reading Time: 4 minutes

SASE is now doing to network security what storage devices did to the IT space.

SASE was coined in late August by leading Gartner security analysts Neil MacDonald, Lawrence Orans, and Joe Skorupa. They published the “The Future of Network Security Is in the Cloud” report, which discussed for the first time a new model for network security which will change the way organizations secure their networks and data. This model is called Secure Access Service Edge (SASE).

SASE was announced as the emerging technology model that will shape network security in the upcoming years. Gartner believes that SASE will change the network security industry, similar to how IaaS changed data center architecture. Despite being just introduced, the emerging SASE market is becoming apparent. In the report, Gartner says by 2024, at least 40% of enterprises will have security strategies that will require the SASE model. The concept of the model is to create and provide a secure cloud environment that is fully integrated into one’s network.

Cloud Services Adoption Requires Better Security 

As the majority of organizations are moving to the cloud and adopting different cloud services, they are quickly learning network security isn’t so simple. The traditional network security model was built on the idea that organizations should send traffic to corporate static networks where the necessary security services were located. At the time, this was the accepted model due to the majority of employees working from site-centric offices. 

The idea of more user-centric networks is changing the traditional network we once knew. While people are now working more remotely from home, cafes, as well as around the world the standard, hardware-based security appliances we’ve depended on are no longer adequate in securing remote network access

With the widespread adoption of cloud computing, organizations started to see the increase in employees becoming nomads. As more digital workspaces increased, the static network model became a thing of the past. This new approach presented an increase in network security issues. While static network security solutions provide a level of security for most organizations, a fundamental transformation is essential. However, this network and resources digital transformation haven’t provided a smooth transition. 

Organizations have implemented cloud services with traditional hardware security solutions such as firewalls, SD-WAN devices, and other security products. This attempt to work with both outdated security solutions and cloud services has created more problems than solutions. How can organizations moving forward combine their hardware and cloud security solutions? 

The cyber security and network security solution space is highly segmented with an endless amount of different solutions by security vendors. This is creating a massive headache for organizations that are trying to smoothly integrate these solutions in their network environment. Instead, the entire cybersecurity space needs to converge to provide a more holistic cybersecurity approach. This is where SASE is introduced. SASE allows organizations to have a software-based and service-based network that will provide a unification of different security solutions approach. It happened with the IT space with storage devices and it is now happening with the network security space with SASE.

What is SASE? 

Secure Access Service Edge (SASE) is the cloud architecture model that combines the different functions of network and security solutions into a unified cloud security platform to be delivered as a service without any or small amounts of hardware and appliances involved. The new cloud architecture model which is transforming how the cloud will integrate more smoothly with outdated security technologies all in one network. SASE provides organizations the opportunity to securely connect to a single network where they can gain access to physical and cloud resources – no matter their location.

SASE enables IT security solutions to provide a more holistic and agile service for business networking and security for its customers. What makes SASE innovative and disruptive is the idea of how it will transform the way network security is consumed over traditional products and cloud services. 

SASE Is Networking

Unlike traditional networking, SASE is removing the outdated network idea of site-centric to a more user-centric mindset. Instead of organizations connecting their networks and resources under one branch to a central office, the SASE model suggests that businesses should instead connect their employees and networks on a more user-centric level to a cloud-based service. 

In the past, the majority of networks for organizations were pinpointed at the central data center for user access. While this approach was implemented by global organizations, Gartner suggests that this site-centric approach is outdated and not effective as organizations are turning to edge platforms, SaaS solutions and cloud services. While the concept of organizations providing a data center for user access won’t disappear overnight its will become less relevant as the majority of services are moving to the cloud. 

According to Gartner, SASE provides organizations of all sizes many advantages over traditional security technologies such as better flexibility for users and IT managers, more affordable network costs and greater performance. 

SASE Means More Security Features

While current network security solutions emphasis on very specific features in their product, SASE creates the opportunity for security services to provide different security features than their initial offering. One of the key additional security features that SASE can offer is Zero Trust network access. 

Due to the SASE model, which is not dependent on an IP address or location of a user’s device for policy enforcement, organizations can implement the Zero Trust Security approach for consistent and secure network access and policy enforcement. 

By enforcing the Zero Trust approach for identity user access ensures policy enforcement and protection for all users, devices, applications, and data, regardless of where they’re connecting from. This user-centric approach makes the verification of authorized entities mandatory, not optional. By implementing a holistic security approach with the SASE model will provide a more flexible and adaptable versus any potential network risks moving forward all organizations no matter the size. 

Is SASE the Right Model For Your Organization?

For each organization the successful network security depends on the right solution, organizations can feel confident that they can implement the SASE model without needing to modify the existing network.

With secure, segmented and audited access to cloud environments, applications, and local services, Perimeter 81’s SASE service increases security, auditing, monitoring, and visibility while reducing help-desk support and hardware spending.

Read More
How Employees Open the Door to Hackers (and how to prevent it)
How Employees Open the Door to Hackers (and how to prevent it)
Reading Time: 5 minutes

With every passing day, we are seeing more and more security breaches announced globally. Whether it’s the massive Capital One data breach or the latest CafePress data breach, organizations of all sizes are being targeted and breached by malicious actors. While these breaches grab headlines, reporters are constantly highlighting the hackers, information or the failure of technology. 

These stories may be exciting for your casual reader, we should be asking ourselves what is the real reason these breaches are happening. Unfortunately, companies prefer not to admit to it but the reality is that breaches, no matter the size, tend to be caused by a mistake from someone inside the company.

According to an industry report by Shred-it, 47% of business leaders cited human error as the main cause of a data breach at their organization. These simple but harmful mistakes are hurting organizations financially and ruining customer’s trust in their service or product. One of the main reasons for these mistakes is that far too many employees are not fully aware of the security policies implemented at their company. By not following these security policies, employees are lowering their guard and presenting an easier target for hackers.

Remote Workers: Ideal Target for Hackers

The adoption of remote workers for organizations is increasing by the day. More and more companies are hiring remote workers and allowing employees to work on the go, which presents an increase of potential security risks. For example, when remote workers are using an unsecured public Wi-Fi network, it provides an easy path for hackers to gain access to your organization’s critical resources and network.  

When allowing employees to work remotely, organizations must clearly outline those remote employees’ responsibilities regarding IT security best practices and the importance of data protection. To provide another layer of defense, organizations must implement remote worker specific security policies which include device monitoring, multi-factor authentication and forcing employees to specific locations with secure Wi-Fi networks.

While remote workers might be easier targets for hackers, all types of employees must be aware of all the different kinds of attacks that will exploit human behavior to open the door for hackers. 

The 3 Most Popular Types of Attacks on Employees

Phishing 

Phishing is the most common and easiest way to attack company employees due to its low costs and its organic nature. Hackers target your employees by sending official-looking emails requesting that they send them critical information from their work device. Despite it being one of the oldest and original methods of hacking, most phishing emails can fool the common employee. 

The most famous phishing attack was Phish Phry, where hundreds of bank and credit card customers received an official-looking email directing them towards fake financial websites. People entered their account numbers and passwords into fraudulent forms, giving the attackers easy access to their private data.

Pro Tip: Remind your employees to always make sure the email address, email tone, requests fit the sender’s tendencies and if suspicious to report it to the security team. Another confirmation of a phishing email can help prevent a future phishing attack.

Social Engineering

This kind of attack is when hackers lure your employees into the trap by gathering personal data on them or your organization from the internet or social media. Hackers will use psychological manipulation to trick users into making security mistakes or giving away sensitive information. Hackers will investigate on how to gather the necessary background information and then gain the employee’s trust, which will result in the person breaking security practices, such as revealing sensitive information or granting access to critical resources.

The most famous social engineering attack was 2013’s Yahoo data breach. Leaked data included names, email addresses, phone numbers, security questions (encrypted or unencrypted), dates of birth, and passwords. Furthermore, the breach was used to falsify login data, allowing hackers to grant access to any account without the use of a password. 

Pro tip: Check the source. Make sure your employees check the URL links to see if they are real, and the person sending you the email is actually someone you know or work with. Usually, a spelling error is a dead giveaway that they are being attacked.

Ransomware 

This kind of attack is a type of malicious software which is designed to deny access to critical files unless a ransom is paid. Companies that don’t give in to ransomware attacks tend to result in the publishing of their critical data on the dark web or in the headlines. Even if organizations pay the ransom it’s not guaranteed that they will regain access. 

The most famous ransomware attack was Wannacry. It struck a number of important and high-profile systems globally. This attack exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency

Pro Tip: To fight off ransomware attacks, your employees should regularly update their devices’ software and block fake email messages using email authentication.

Keys For Better Employee Security Hygiene 

Fighting off potential attacks such as described above starts with continuous and ongoing security training with your employees. The better trained your employees and organization are with IT security best practices, the lesser chance of a successful attack sneaking into your networks and resources. 

Educate Your Employees 

One of the key steps for better employee security hygiene is knowing the best practices and how to implement them in your daily workday. It is important to train employees on security policies and to explain the rationale behind those policies.

Employees don’t care about creating a strong password or watching for phishing emails if they don’t understand the risks behind them. You don’t need to teach employees about every technical detail in security protocols, but they should know which risks can impact their jobs. Organizations should frequently run training sessions to keep their employees up to date with security best practices. Solutions like DNS Filtering and Automatic Wi-fi Security can also improve your security level without asking more from your employees.

Minimize Data Access

If you provide all your employees access to every resource in your organization, they are potentially creating more levels of risks. To keep it simple, only give access to employees that need those resources to do their job. By limiting access, you will be safeguarded from potential leaking of your organization’s sensitive information (personal information, financial information) of the organization that shouldn’t be seen by your entire staff. You can follow this recommendation by applying Zero Trust Security principles and implementing a SASE platform

Implementing Multi-Factor Authentication (MFA)

It’s 2019 and MFA is everywhere. Despite its importance, MFA frustrates many employees, even though it is one of the most effective practices today. By forcing a second factor for identity verification, risks are eliminated by ensuring that stolen credentials alone won’t be enough to ensure access. When you implement MFA capabilities with strong passwords, SSH keys, and strong internet hygiene, you can further reduce the chances of a breach.

User-Friendly Security Solutions

One of the most effective ways to make sure your employees aren’t creating security risks is by implementing user-friendly security solutions throughout the entire organization. By implementing employee-friendly security solutions, another layer of defense against hackers will be added. To make the user experience more useful and enjoyable for your employees, these solutions should be easy to implement, straightforward, not too technical and optimized for their work environment. The better the user experience, the more secure your employees are. 

Moving Forward 

The common misconception is that malicious actors are gaining access to devices and networks by exploiting systems and vulnerabilities. In reality, they are actually targeting your employees with simple and effective attacks. 

Moving forward, your organization should implement a combination of engaging employee training and the adoption of security solutions. By implementing periodic employee security training and security solutions, your organization and its employees will be moving in the right direction to fight off attacks from hackers. 

We hope you found this post helpful! If you’d like to learn more about the many advantages a Zero Trust Network as a Service solution, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More
Naas_blog
The Rise of Network as a Service
Reading Time: 5 minutes

An increase in innovation in enterprise IT is changing how companies manage every aspect of their business. At the core of this revolution is the rise of cloud computing, which is among the most significant transformations since the launch of the internet.

Before cloud computing technology was available, businesses had to manage their network and resources on-premises, with employees working from one site-centric location. Today, the IT industry is seeing a massive increase in organizations adopting cloud services that use private clouds, which are created independently and used by a single organization. 

As for employees, we are seeing an increase of over 16% of global companies fully employing remote workers on the go and thus make the adoption of the cloud a requirement for organizations moving forward. 

The global cloud computing market is estimated to be worth over $300 billion by 2022. Cloud computing has transformed IT offerings for organizations with cost-effective, scalable solutions to the various needs of the IT teams. Further, it has proven to be a critical stepping stone for the future of how organizations adopt cloud-based networks. 

Cloud Networks May Lead to More Security Issues 

The use of cloud network services is universal—we’ve seen this rise over the past decade to the point where many of our organizations couldn’t function today without the cloud. The ability to quickly upload resources, adopt new applications, and respond in real-time to end users’ tickets allows organizations to compete effectively in today’s ever-changing marketplace. Critical to cloud adoption growth is the understanding that sensitive data now lives in the cloud and must be protected. The cloud also introduces a different set of risks that need to be understood properly in order to prevent potential cyber.

The expansion of cloud services being implemented by organizations means that it can be confusing to clearly understand where and which data is being exposed to risk. Storing data without encryption and lack of multi-factor authentication for access can lead to loss of intellectual property, loss of management control, exposure to malware, compliance violations, massive data breaches with customers and partners and ultimately loss of customer trust and loss of revenue. As we learned in the Capital One data breach, we need a clear understanding of which cloud services are being used and which data is being uploaded in order to implement specific security policies.  

Organizations that introduce company-wide identity access policies provide another layer of security for their employees and their customer’s data. This is where the idea of Network as a Service is introduced. 

What is a Network as a Service?

To understand if Network as a Service is the right solution for your organization, we need to understand what it actually is and why it’s the modern solution for cloud network security

Network as a Service is the model of delivering enterprise network services virtually on a subscription basis. Configuring and operating business networks and protocols routers can be time-consuming and complicated. With Network as a Service (NaaS), the entire network operations can be handled by a third-party service provider, such as Perimeter 81.

Small to midsize businesses are the classic NaaS buyers, however, with the rise of SaaS and other service models, enterprises and large organizations are becoming more interested in the network model. NaaS can also be appealing to new business owners because there is no need for a large investment for traditional network hardware. This model also reduces the amount of staff time required to maintain the network and reduces the level of training and skill required of network staff.

In the NaaS business model, IT Security teams can manage the organization’s network through a portal rather than through network management tools and out of date hardware. A new virtual network can be added to the organization’s WAN by connecting it to the NaaS provider’s nearest point of presence (POP) either directly through a leased line to a nearby data center or over the internet.

Now that we’ve explained the advantages of a Network as a Service, read on to find out how this particular model can benefit your organization. 

Benefits of Network as a Service

Network as a Service will become the ideal business model for delivering scalable network services using a subscription-based application and enables vendors to scale the service by the customer needs and add new functionality and features on-demand. 

Additionally, businesses can easily deploy custom routing and user access protocols. Further, by modifying the content of the network, businesses can efficiently implement advanced network services, such as in-network data aggregation, redundancy elimination and more. 

Here are some key benefits when implementing a NaaS for your business:

Reduced Costs

Implementing a Network as a Service reduces many IT costs including infrastructure, hardware, software, operations, and maintenance. The lowered expenses are due not only to outsourcing but also to the knowledge and expertise that NaaS providers can bring to the table. The right NaaS partner can make the transitional period as smooth as possible, minimizing expenses and mistakes as you implement new processes and equipment.

Continuous Maintenance 

Network as a Service provides a continuous monitoring service to ensure that threats are easily preventable, and notifications can often be configured so that major issues can be identified and resolved.

Enhanced Security

With Network as a Service, service providers can protect and secure sensitive data, applications, and resources. 

Increased Levels of Uptime  

Many Service Level Agreements (SLAs) are created with managed network service providers that guarantee levels of their availability, network uptime, and response and resolving services for addressing network issues. Employing a Network as a Service with a reputable provider is an easy way to ensure these service level guarantees, and provide organizations with confidence that they have a dependable and stable communications system.

The Future of Network as a Service

Software-defined wide area networks have opened new opportunities for network service providers to offer Network as a Service to more enterprise businesses. While organizations today are expanding globally, relying on data and applications on the cloud and driven by the mobile workforce, SD-WAN is addressing the right IT needs. This new network service approach allows security vendors to provide one network with one security framework for all users and applications, which makes IT leaner, more agile. While a software-defined wide area network has played as a strong variable with today’s evolution of the wide-area network, it has successfully encouraged businesses to adopt Network as a Service by bringing a new vision for networking and security to today’s business.

When looking into the future of Network as a Service, another phase is now developing. While still being defined, some of the attributes that are emerging include the expansion of running Network as a Service workload in public clouds.

The transition of running cloud services in the public cloud domain will likely be a gradual process, but there is already an initial demand for this capability for applications. The attraction here is that the public cloud is well-suited to deliver any service that requires cloud computing. 

As a result, future phases of NaaS will continue to expand with the increasing adoption of cloud services. Every business will have its own strategy for migrating to the internet. However, given the fact that Network as a Service is always evolving with the cloud, IT managers will have a lot of different network options moving forward.

We hope you found this post helpful! If you’d like to learn more about the many advantages of a Zero Trust Network as a Service, check out our blog 5 Non-Disruptive Tips to Get Started with Zero Trust Network Security.

Read More