So, you’ve finally got your team onboarded with the new WFH system. Remote meetings are working; check. Virtual productivity managers; check. Collaboration tools; check. And, it’s all going smoothly until someone gets hacked because they’re using the open Wi-Fi at the coffee shop in Plett. Vulnerable endpoints are the primary access point for hackers, and your staff – unwittingly – is your most significant risk when it comes to protecting your company’s data.
Before lockdown, laptops were usually reserved for the few remote and travelling workers. Nowadays, it means laptops for everyone. Understandably companies have had to relax security measures to “get on with the job” while their CIO, CISO, and IT teams are scrambling for solutions. VPN subscriptions, typically reserved for the small number of travelling workers, were insufficient to cover an entire workforce now working remotely. And with pricey VPN providers battling to meet demand, companies are looking at holistic security solutions to protect users, endpoints, servers and other vulnerabilities.
Zero Trust frameworks are one of the critical solutions to restrict an average user’s (including potential threat actors or malicious insiders) movement across your network architecture. Traditional security models operated on the incorrect assumption that everything inside the organisation’s network should be trustworthy. Now known as the “broken trust” model, it was always assumed that a user’s identity is verified and that all users would act responsibly and are trustworthy. Conversely, the Zero Trust framework believes that trust itself is a vulnerability. Summed up in the White Hat mantra, “always verify, never trust”, Zero Trust architecture makes use of network segmentation which prevents the unfettered lateral movement of users across different aspects of your network.
Simply put, if a hacker were to get in, they would be restricted to a particular (and often low-risk) segment of the network, minimising the opportunity of further movement across the system or access to sensitive data. Remember that the point of entry for a hacker may not be their intended target. Malicious actors actively pursue poorly protected entry points such as smart printers, open Wi-Fi sources or an unprotected laptop as a foothold to enter a network and then spread across it in search of their target.
Other entry mechanisms include tactics like phishing emails masquerading as company announcements, “WIN! Click on this link to win R30 000.00 in the company’s lottery”. As innocent as the user’s mistake may be, the impact on your business could be devastating. “Sorry, I didn’t know” won’t help when the company is locked out of its payroll system. The implementation of a Zero Trust framework means that user control becomes granular. And, while it may be a grudge for your staff, these layers of protection are even more essential in a remote working world. When looking for a cybersecurity partner, IT specialists Altron recommend that you seek solutions that include safeguards like multi-factor authentication, identity governance, dynamic authorisation and privileged account security.
Cybersecurity experts recommend a holistic infosec strategy that considers multiple variables and risks to define the ideal outcome for your business, especially when you have a large number of remote workers, which means a large number of new vulnerabilities. When it comes to protecting your valuable digital assets, prevention is definitely better than cure. Once a hacker is in, it’s incredibly costly and difficult to isolate and remove them from your system.
Remember, a hacker or disgruntled employee only needs to get lucky once. Make sure they don’t.
Altron Managed Solutions