How to protect the new, expanded business "perimeter".
Traditional cybersecurity systems were set up to defend the old “perimeter” – the office network. However, the sudden, mass shift to remote working has underscored just how far the perimeter has expanded. With business data scattered across employees’ homes, many companies may need to rethink how they secure that data.
Compounding this shift, security vendor Trend Micro had, at last count, detected more than 900,000 COVID-19-related threats, including malware, ransomware, email scams, malicious websites, social media messages and mobile apps.
Here are some ways to protect against the new or increased cybersecurity risks.
Protecting office networks with network firewalls and other traditional tools is still important. However, the expanded distribution of business data means it’s more important than ever to secure the endpoints – the PCs and other devices accessing that data.
Antivirus software is the bare minimum. F-Secure SAFE and Trend Micro Internet Security, for example, are good options for individuals, having topped the results in the latest round of Windows malware testing by security research institute, AV-TEST.
However, for better security across the company, consider upgrading to a business-grade endpoint protection solution. These solutions provide advanced management tools, ensuring that every device accessing business data has up-to-date antivirus software. They also provide multi-layered protection, such as sending alerts if any employees’ devices are infected.
Options include Bitdefender Endpoint Security, F-Secure Protection Service for Business, Symantec Endpoint Protection and Trend Micro Apex One, all of which achieved excellent AV-TEST results.
Those vendors’ mobile apps also performed well in AV-TEST’s Android tests, and the likes of Symantec Endpoint Protection Mobile add advanced features such as the ability to scan wi-fi networks and integrate with enterprise security systems.
For businesses that use Mac systems, Symantec Endpoint Protection and Sophos Endpoint scored highly in AV-TEST’s macOS tests.
Keep software up to date
Out-of-date software is one of the biggest causes of computer vulnerabilities to malware and hackers.
Individuals can reduce this risk by downloading and installing operating system and application updates when prompted. Not all software makes this easy, but thankfully third-party tools can help by monitoring, downloading and installing updates for a wide range of apps.
Avast’s Software Updater, for example, is included with its antivirus products. However, a centralised patch management process can help reduce the risk across all your business computers. ManageEngine’s Patch Manager Plus, for example, can ensure software is updated in a systematic and timely manner across Windows, Mac and Linux systems.
The email scams known as phishing are responsible for 90 per cent of successful cyber attacks globally, according to Verizon’s 2020 Data Breach Investigations Report (DBIR).
Antivirus tools often include browser add-ins that warn users against visiting the fake sites that phishing emails promote.
However, a business-grade service such as MailGuard uses advanced filtering techniques to prevent phishing, spam and other malicious emails reaching employees.
Use a virtual private network
The security of home wi-fi networks can vary, which could mean business data is open to hackers. A virtual private network (VPN) service such as ProtonVPN adds another security layer by encrypting data being transferred to and from a computer, smartphone or another device.
For protecting devices across an organisation, however, consider a business-grade solution such as Perimeter81.
In addition to being a VPN, Perimeter81 provides advanced cloud-based network security management features.
These features include the ability to assign specific access permissions for different people and monitor all network activity across the business.
Protect user credentials
Cloud services are an increasingly popular target for hackers – and 77 per cent of cloud breaches involve stolen log-in credentials, according to Verizon’s DBIR.
A password manager will make it harder for hackers to steal log-in credentials, and a business version such as LastPass Team will ensure all employees use strong passwords. LastPass Team can also enable you to manage employees’ access to your business apps, making it easy to remove access if they leave the company.
For larger organisations, an identity and access management (IAM) solution such as Okta goes further by enabling you or your network administrator to manage user authentication and access for all your business apps and systems.
Consider advanced solutions
Other advanced security solutions could also be worth considering. For example, an endpoint detection and response (EDR) solution such as VMware’s Carbon Black Cloud goes further than traditional endpoint protection by using analytics to detect and contain security incidents, and provide guidance on how to fix the problem.
Another option is a data loss prevention (DLP) solution like Digital Guardian, which inspects network data and traffic to help prevent sensitive information from leaving an organisation.
We’ve only just scratched the surface of cybersecurity solutions and techniques here. To learn more, the Australian Government’s StaySmartOnline offers a good source of guides on how to protect smaller businesses, while the Australian Signals Directorate offers more advanced strategies for larger organisations.