Home Posts tagged protecting

Tag: protecting

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , , ,

Remote and hybrid work is here to stay. In an increasingly complex security environment, no challenge looms larger than how to protect remote devices that tie back into the corporate network.

In fact, modernizing networking technologies ranks among the top IT goals for 2022 according to an IDG survey conducted on behalf of Insight Enterprises. 

With more users working remotely, tools and processes designed for corporate networks are less effective for endpoint protection, leaving IT teams scrambling to keep their users protected. By some estimates, cybercrime could cost companies an estimated $10.5 trillion annually by 2025, up from $3 trillion in 2015.

When polled, CIO Experts Network of IT professionals and industry analysts stressed the need for employee buy-in, as well as a commitment to device management and endpoint security.

Most importantly, however, is building a strong security culture that encourages best practices across the organizations. The IDG survey found that 36% of respondents say that mitigating risk with stronger cybersecurity programs is a top objective for 2022. 

According to several influencers, that requires acceptance and buy-in from leadership:

“Corporations should look at homes as an extension of their organization’s boundaries. Which means that the same/similar tools, technologies, processes, and safeguards should be taken into consideration for people working from home.”

— Arsalan.A.Khan (@ArsalanAKhan), a tech advisor

“All devices, regardless of home use or business use, should incorporate cyber security and accessibility. It is critical to understand any potential security issues that might crop up on their home networks. Creating processes that incorporate these best practices will help you keep your employees’ technology and devices safe.”

— Debra Ruh (@debraruh), Ruh Global IMPACT and Executive Chair of Billion Strong

“When someone says, ‘do as I say, not as I do,’ it means they are a hypocrite. Security hypocrisy is when firms don’t enforce the same level of security controls for remote workers as they do on-premises. Firms serious about security must ensure that remote users follow the same robust security controls their onsite brethren do.”

— Ben Rothke (@benrothke), Senior Information Security Manager at Tapad

When leadership takes protecting remote devices connecting to the corporate network seriously, there are three simple steps to take to build a robust security framework for their network. 

“There are three device attack protection vectors to consider: the user, their applications, and the network,” says Adam Stein(@apstein2), Principal at APS Marketing. “For the user, keep up to date with ongoing security threats that could possibly impact their work at home. The user’s applications also need regular updating for ideal end-point protection.” 

Building Employee Trust and Buy-In

Security is only as strong as its weakest link. For Gene Delibero (@GeneDeLibero), CSO at GeekHive.com, ensuring strong security requires a strong security culture that educates and empowers workers.

“First, and perhaps most important, is creating a culture of accountability around security; it’s not just the company’s problem, it’s everyone’s problem,” says Delibero (@GeneDeLibero). “Organizations can’t expect remote employees to execute security measures effectively when they haven’t been trained on the company’s security policies.”

Steve Prentice (@cloudtweaksteve), a technology integration specialist, argues that truly dedicated organizations should build an entirely new architecture to make sure remote workers, and their devices, are up to the task. “This should become a new branch of internal IT security — specifically investigating, securing, and even penetrating the home offices of employees the same way as is done in an office. Employers should treat their employees’ home workspace and mobile technologies as branch offices — still a less expensive option than paying for building floor space, cubicles, etc.”

Isaac Sacolik (@nyike), President of StarCIO and author of “Digital Trailblazer,” adds that building a security culture should go hand in hand with building a positive work environment. “It all starts with the mindset and practices aimed at improving productivity and supporting work-life balance through flexible remote and hybrid work technology options. As employees gain trust with IT, they’re more open to learning and improving security, including locking down home networks, protecting data, and following IT’s recommendation on protecting devices.”

Securing Individual Devices 

After earning buy-in from employees, organizations still need to secure their devices. 

“Organizations should invest in a combination of asset management, endpoint detection, data loss prevention, cloud-based managed detection and response, and patch or vulnerability management,” says Kayne Mcgladrey (@kaynemcgladrey), Field CISO at Hyperproof and Senior IEEE Member. “Of those, asset management is the starting point, as an organization should have visibility into the devices accessing corporate data and be able to select and apply appropriate controls to those devices. Those controls then may include endpoint protection or data loss protection, for example, if exfiltration of sensitive corporate data may result in compliance violations.” 

Employing this strategy empowers an organization’s IT team to protect the corporate network from a wide range of threats, according to Will Kelly (@willkelly), a writer and analyst. “My best advice for protecting at home devices starts with a solid and robust mobile device management (MDM) solution and supporting processes. An MDM automates operating system updates, security patches, virus scanning, application updates, and device security configuration, such as setting a lock screen.”

Jack Gold (@jckgld), President and Principal Analyst at J.Gold Associates, LLC., takes that one step farther. “It’s important to segregate work at home devices from other users in the family. You probably don’t want your kids playing games or web surfing on the PC you use for doing work. That could be enforced by giving workers a corporate furnished — and managed — PC exclusively for their use.”

Ensuring Endpoint Security

Kieran Gilmurray (@KieranGilmurray), CEO at Digital Automation and Robotics Limited, feels that securing the corporate network relies on implementing quality endpoint security practices. 

“Threat actors have taken advantage of the pandemic by targeting unsuspecting remote workers. Every ‘at home’ network connected device is a potential entry point for criminal activity,” says Gilmurray. “So now, employees are provided with a secure VPN between their home network and their corporate offices. The only way to protect remote devices is to apply best practice corporate ‘endpoint’ security practices to every device attached to a home network.”

To compensate, organizations can take a strategic approach that prioritizes high risk accounts and devices. Peter Nichol (@PeterBNichol), Chief Technology Officer at OROCA Innovations instructs to “Start with what the employer can control. Be sure to prioritize energy around high-risk endpoints. Specifically, privileged accounts or accounts with elevated access should be managed within privileged access management (PAM). Companies who act on endpoint security today will save themselves big headaches tomorrow.”

Robust endpoint security helps reinforce human weaknesses in the corporate network, says Frank Cutitta (@fcutitta), CEO & Founder HealthTech Decisions Lab. “The human vulnerability overpowers any technological protection one can install. We’re always just one errant click away from ransom or breach. While it sounds incredibly obvious, setting your computer to lock after a short period of time can also minimize external access along with changing passwords frequently. Face or fingerprint recognition software adds added security.”

While endpoint security is an important part of a robust security apparatus, it won’t protect an organization’s corporate network on its own. “Some advanced precautions might seem like overkill for a home office, but not if we view the home office as a mere extension of the corporate network,” says Scott Schober (@ScottBVS), President/CEO at Berkeley Varitronics Systems, Inc. “Endpoint visibility and detection at each home office allows IT to view the actual number of endpoints that need protection.” 

The ultimate answer may come via strong partnerships: The same IDG/Insight survey found that 87% of respondents will rely on third-party providers for support with challenges around infrastructure, operations, and culture. 

“‘Endpoint anything,’ including protection that is based with on-premises technology, is limited in what it can do and what it can reach in today’s world. On-premises requires a lot of extra configuration and cost to support devices that are mostly remote when compared to a cloud-based solution in which touching or accessing a device from any location is just native with minimal infrastructure,” says Joseph Flynn, Director of Modern Workplace at Insight. “Endpoint security is harder to drive XDR types of services in an on-premises solution, as AI is usually in play. This tends to drive much of the automation and protection to streamline and increase capabilities. Having those capabilities on-premises in most tools is not possible unless they connect to some cloud platform”

Insight Enterprises, Inc. is a Fortune 500 solutions integrator helping organizations accelerate their digital journey to modernize their business and maximize the value of technology. Insight’s technical expertise spans cloud- and edge-based transformation solutions, with global scale and optimization built on 34 years of deep partnerships with the world’s leading and emerging technology providers.

Chrome Enterprise Upgrade (CEU) from Insight provides a simple and secure way to manage your devices. Try for free today

Data and Information Security

Posted on Posted in Digital transformation, General topics Tagged with , , , , , , , ,

By Thyaga Vasudevan, VP of Product Management, Skyhigh Security

As enterprises consider adoption of security service edge (SSE) solutions, they are raising questions about how best to secure data that touches the cloud in any way – whether data is accessed by or stored in websites, Software-as-a-Service (SaaS) applications, or private applications that reside in the cloud.

When evaluating SSE vendors, it’s critical to ensure their cloud-delivered security services provide consistent and unified data protection. And they follow the same corporate policies from managed and unmanaged devices and across every component – from the secure web gateway (SWG) to the cloud access security broker (CASB) to zero trust private access, and even on-premises devices.

Let’s take a look at some real-world examples of how various data protection technologies come into play in a data-aware, cloud-native SSE.

Use case 1: medium- to high-risk unsanctioned IT applications

Your executives go from meeting to meeting using note-taking software such as Evernote that syncs data to the cloud. Even though Evernote is not approved by IT and considered to be an unsanctioned application, you may still want to allow certain employees to use it in the interest of productivity. But you’re worried about sensitive data being uploaded to or exfiltrated from a potentially risky application.

The best way to protect your data in this scenario is to tune your SWG policies so they are more granular or to introduce additional data security checks. You can use your corporate policy framework and apply it to an SWG, which operates inline at the network level and detects sensitive data flowing through traffic.

Use case 2: sanctioned cloud applications

Every day, your employees access IT authorized, or sanctioned, cloud applications like Microsoft 365, Salesforce, Box, and other SaaS applications. In this situation, a cloud access security broker (CASB) that enforces your corporate policy offers the best protection. Even though you trust these sanctioned cloud services, you may not want users to share sensitive data across multiple applications. A robust CASB can detect sensitive data stored, in use, or in motion in the cloud and disallow sharing based on policy.

Use case 3: proprietary applications in the public cloud

Many DevOps teams create and deploy applications in public cloud platforms like Amazon Web Services (AWS). All too often, developers leave their S3 bucket in rewritable format, so if any sensitive data is used in that application, the data is exposed to the entire internet.

Let’s take a financial institution that builds an internal application deployed on a public cloud. A user accesses the application, which resides in an unsecured, rewritable AWS S3 bucket, and uploads their W2 form containing personally identifiable information (PII). If the data leaks out, the financial institution is ultimately responsible for the breach. The best way to prevent this is to leverage cloud-native application protection that blends in data context. This not only helps organizations gain visibility into sensitive data stored in the public cloud and identify vulnerabilities, risky behaviors, and malware in these applications – it also helps them automatically identify and remediate threats.

Use case 4: remote access to private applications

Today’s work-from-home culture has proven that VPNs were never designed for tens of thousands of remote employees. Additionally, VPNs offer minimal data protection at higher costs.

Zero trust network access (ZTNA) solutions directly connect your users to authorized private applications by applying least privilege, zero trust principles. The problem is many of these solutions miss out on data context. For example, employees may be using their corporate-issued laptops to access GitHub, but they failed to update their antivirus, so their devices may have vulnerabilities. You don’t want to block these users from being productive and doing their jobs, so you can route them to a remote browser isolation session. That way, to the user, it’s seamless and they can view GitHub or other approved applications, but they cannot download anything. You can extend this technology to your on-premises endpoints and unmanaged personal devices and apply the same policies across the board.

When you’re evaluating an SSE vendor, make sure their built-in data loss prevention (DLP) technology protects data on the cloud, by device, and on premises through consistent policy enforcement and data classification. DLP technology needs to be cloud-native and incorporate unified policies that are integrated across SWG, CASB, ZTNA, and remote browser isolation (RBI). It needs to be intelligent enough to apply these unified policies and controls to block multiple attempts to exfiltrate data. 

Ideally, an SSE should provide a single DLP engine with a single centralized management and reporting dashboard, a single policy framework across all data exfiltration vectors, and a multi-layered set of security technologies that cover all possible use cases across your environment.

To learn more about Skyhigh Security’s approach to DLP in the cloud, click here.

Data and Information Security, IT Leadership

Posted on Posted in Digital transformation, General topics Tagged with , , , , , ,

In a previous article, we talked about the need for organizations to secure data wherever it resides. The complexity of today’s supply chains brings that need into sharp focus, while highlighting some of the challenges of successfully protecting data.

Many organizations today depend on a complex web of partners, vendors, and suppliers to run their business. As the size and complexity of the digital supply chain grows, so does an organization’s vulnerability.

One need only look at the infamous Target breach of 2014, which exposed the data of nearly 110 million individuals due to a backdoor that a contractor inadvertently created, to realize that an organization is only as secure as the weakest link in its supply chain.

The scope of this problem is serious enough that it has gotten the attention of the US government’s Department of Commerce, which released new guidelines for addressing cybersecurity supply chain risk in May 2022.  

The bottom line? If organizations are going to be sharing sensitive data with an extended supply chain, they need to take the proper steps to do so in a secure manner. 

“Collaboration within and across company boundaries is pushing sensitive data around the globe at record speed, which means that securing how data is used, shared, and created is just as important as how it’s accessed. At Skyhigh Security, we protect your critical data anywhere you do business,” said Anand Ramanathan, Chief Product Officer, Skyhigh Security.

Securing the cloud

To collaborate across the extended enterprise, many organizations have turned to the cloud. It’s not uncommon to create a link to content in a system that can easily be shared with a third-party contractor or supplier, or to invite them to be a member of a specific Teams group or Slack channel.

Those collaboration models are all fine and well, but what are the security implications?

First and foremost, the security professionals at organizations need comprehensive visibility into who has access to a particular set of sensitive data that is made available through a cloud solution. Not only who has access, but what level of access they have, what they are doing with the sensitive data when they interact with it, and whether their access can easily be revoked once the project comes to an end or circumstances change.

“Skyhigh Security’s solutions help data protection professionals gain visibility into what data’s being shared with the larger supply chain, while better understanding dataflows and ensuring adherence to security policies,” said Ramanathan.

Don’t forget internal applications

Securing the supply chain is further complicated by the fact that partners and vendors often need access to any number of an organization’s internal, proprietary applications. Historically, access has been managed by requiring third parties to work on the official company network or to work on a company-issued device.

In today’s hybrid work model, where people are just as likely working from home on a personal device as from an office, that approach doesn’t work. The new model is all about working from anywhere and working from any device – while having the right security controls in place to allow third parties to access internal applications.

Manage the risk

The simple fact is that partners and suppliers need access to an organization’s data in order to be productive. It’s up to organizations to make sure they’re managing the risk that comes with sharing sensitive data with their supply chain.

“While malware gets most of the attention in the public imagination, users remain a bigger risk when it comes to security. Organizations don’t just have their own users to worry about, but the users in their entire supply chain. Skyhigh Security has an approach that follows data and users wherever they are, inside and outside the organization,” said Ramanathan.

Data that resides across an extended supply chain requires a new approach to security. To minimize risk, CIOs and CISOs should ensure that they have full visibility into their data, regardless of whether it resides in the cloud or in a proprietary system, as well as the ability to effectively govern and secure that data – all without hampering their ability to seamlessly collaborate with the vendors, suppliers, and other third parties that they rely on to get business done.

For additional details about data-aware security, click here. 

IT Leadership, Supply Chain Management Software