Enabling easier security in an age of the dissolving perimeter
We have been accelerating towards an off-premise world for some time, and this has significant implications for security. Growing numbers of small and medium-sized businesses are pushing more services up to the cloud. Although this has helped reduce the number of servers they physically host in their own offices, it has been accompanied by an increase in the number of other computing devices that are now used.
This trend has allowed employees access to business services from anywhere, but while it has improved productivity it has increased security challenges for administrators who need to maintain visibility and control over those roaming assets. As the traditional network perimeter effectively dissolves, businesses need to do more to ensure robust security.
With the number of devices the typical roaming user owns growing, it is still important to deploy endpoint security and provide Web filtering for those users on those devices, but that’s effectively just table stakes and can be challenging to gain 100% coverage especially with BYOD.
A solid strategy to protect those software-as-a-service apps is to offer multi-factor authentication (MFA), which is a useful way to prevent logins to sensitive services from being compromised. The administrator can strike the balance with security and user experience by employing IP whitelisting on these services to only enable MFA to SaaS services from unknown IPs or increase security further by blocking access entirely from unknown IPs, effectively ensuring employees who are accessing applications on the move to use the company’s VPN.
The next issue to address is the classic scenario involving remote workers catching up on emails while they’re connected to a Wi-Fi hotspot. At Webroot, we have been tracking an interesting attack that uses what’s commonly called a Wi-Fi pineapple: this is a cheap device that steals data from public wireless networks.
It exploits the fact that devices continuously attempt to reconnect to previously accessed networks – and imitates these previous networks fooling the device into connecting to it. The risk is that employees within range of are leaving themselves open to having their credentials stolen. This could potentially give attackers access to personal online banking services, or business applications which could be a way in to the company network.
Awareness of these attacks is critical for businesses and their employees, as mitigation comes with ensuring that you never connect to an open Wi-Fi network, also, always using a VPN when connecting via any untrusted network is vital.
Webroot believes that the employee is often the weakest link in your security, so we recommend that a robust security awareness programme should be at the centre of all security initiatives. This can dramatically reduce the downstream cyber security risk for the company.
Webroot also understands the problem small to medium businesses face, with limited budgets and a lack of skilled in-house resources. At Webroot, we try and help address this challenge by building automation into our security services.
Whether the issue calls for blocking malware, filtering web traffic or even educating employees on security best practices, this minimises the need for administrators to intervene and allow them to focus on other aspects of managing the IT for their business.
For SMBs that are pressed for time, talent, and money, we feel this move towards greater education and automation is an important development in helping them to stay on top of their company’s security.
Paul Barnes, is senior director, product strategy, at Webroot
Webroot is giving TechCentral readers a free one-month trial of its business products. To avail of this exclusive offer, visit www.webroot.com/Bundle-Free-Trial/Media-Team.