The hybrid workforce is a permanent reality for most companies these days. The sudden onset of the pandemic and associated shutdowns gave organisations very little time to prepare for such large-scale remote work, let alone time to think about how to secure their work from home users who still needed to access enterprise applications in the cloud, and work with and store corporate data on their devices.
Security teams now have to think about protecting corporate resources and data as employees are working outside the corporate perimeter. The existing paradigm where the security stack is located within the corporate network is no longer sufficient to protect these teleworkers. Teleworking also exposes the company to a much broader attack surface, as workers add personal devices and home and public Wi-Fi networks to the corporate network.
Bad actors are taking advantage of the chaotic nature of these times, by launching coronavirus-themed cyberattacks and impersonating well-known websites that try to provide useful, timely information for the public. Indeed, Covid-19 has become the subject of choice for phishing and spear-phishing campaigns that seek to take advantage of the heightened level of fear and concern.
While there are several different solutions available to protect remote workers, one of the best and most cost-effective is DDI.
In this scenario, cybersecurity needs to be rolled out from day one, or else companies and their employees will be at serious risk from partially secured cloud deployments, data breaches, insecure applications, and remote locations where the security and management of the remote user and the local branch LAN is often ignored leaving end-users vulnerable.
While there are several different solutions available to protect remote workers, one of the best and most cost-effective is DDI, DNS, DHCP, IPAM. DNS is the foundation of the Internet and so every connection to the Internet goes through it, making it an ideal service that can be used to secure the network.
Companies have a responsibility to have structured security policies which address all security gaps.
In the corporate environment, DNS is often provisioned by the internal security team, but when working from home, employees typically use public DNS or DNS provided by their service providers, both of which seldom do security enforcement on DNS.
BloxOne Threat Defense from Infoblox leverages the power of DNS to protect users, devices, and systems no matter where they are, extending enterprise-level security to remote locations, and work from home environments. It does the following:
- Detects and blocks phishing, exploits, ransomware, and other modern malware, preventing teleworkers from accessing malicious web destinations using DNS as the first line of defense.
- Blocks access to objectionable content restricted by policy.
- Uses unique patented technology to prevent DNS based data exfiltration and keep protected data safe, and
- Monitors for advanced threats including the rising threat of lookalike domains.
Access to cloud services is through the lightweight Infoblox endpoint agent, which is easy to deploy on your remote users’ devices from the cloud, simple to manage, and securely redirects the endpoint’s DNS to Infoblox cloud for anytime, anywhere protection and monitoring.
In many cases employees working remotely ignore basic cyber hygiene rules like updating the operating system, using an effective antivirus or strong passwords, and backing up data regularly. However, companies also have a responsibility to have structured security policies which address all security gaps. These need to be implemented and adhered to by all employees.
End-users will always have the primary responsibility of being aware of increasingly sophisticated cyberthreats, provided the organisation provides proper education and training, and enforces security policies. It is important to consider the risks in consumer grade Wi-Fi connections, as home routers are usually not secure or patched.
There are also risks in using shared documents on cloud folders. Additionally, home browsers configured with plug-ins and certain applications may introduce substantial risk. BloxOne Threat Defense from Infoblox includes a lightweight endpoint agent that helps end users with all of these vulnerabilities and more.
Remote workers and end-users will likely be active on a variety of mobile devices, home networks, and public Wi-Fi networks which make them more likely to face cyberattacks. Leveraging the position, a core technology like DNS security has in the network can play a critical role in preventing attacks like lookalike domains, DOH/DOT, data exfiltration, and content vulnerabilities.
The pandemic, widespread remote work, and the adoption of new technologies have brought in changes that traditional network architectures cannot deal with.
Without a security control like Custom Lookalike Domain, for example, that can monitor such risks, teleworkers will be more easily targeted and vulnerable to attacks, especially in an age where character substitution is increasingly employed by cybercriminals to manipulate users into exposing credit card numbers, passwords, and other sensitive data.
Recommendation for CISOs
• Today a company’s traditional network parameter has basically disappeared.
• The pandemic, widespread remote work, and the adoption of new technologies have brought in changes that traditional network architectures cannot deal with.
• The Internet, cloud technologies and the onslaught of wireless all contribute to a massive increase in the attack surface.
• This requires a different security skill set and an increased awareness of the vulnerabilities of today’s IT environment.
• Today’s security decision-makers need to have a variety of skills, and an ability to understand the impact that new technologies like SDN, SD-WAN, multi-cloud, and Network Functions Virtualisation have on their ability to assess the risk of such deployments and respond with the right security models and tools for the organisation.
Security teams now have to think about protecting corporate resources and data as employees are working outside the corporate perimeter.