Any cybersecurity expert who claims to have never clicked on a malicious email link or two in their career is, to say the least, being frugal with the truth. Every user of technology connected to the Internet is able to put himself and his employer at risk on several occasions, on a daily basis.
Since every business on the planet is at risk, it is only a matter of time before an attack on the organization is successful. This is a case of when not if. How then, to do âwhenâ as far into the future as possible?
If we focus on the motivations of the attackers, it quickly becomes clear that in 99.999% of cases, sheer economic opportunity is the determining factor. The easier the victim is to find and pierce, the better. After all, no business – and make no mistake, hacking is a business – wants to incur high costs, and annoying potential victims will likely be ignored for simpler, softer targets.
Every business can take steps to remove themselves from the handy fruit category of potential victims of cyber attacks and dramatically reduce the chances of being compromised. With the most advanced protection technologies available today, businesses should take at least some (but preferably all) of the following actions:
– Maintain granular security layers. Even the most privileged users (in IT terms) don’t need global root-level access throughout the connected enterprise.
Granular security levels should be defined not only by application, but can also be assigned by cloud, VLAN, subnet, and role. A high-level database administrator, for example, might need edit privileges on the financial application back-end data kernel, but does not need administrator privileges to log in. to the graphical interface.
– Geofencing by default. Even with a widely distributed workforce, it’s relatively straightforward to set up geo-fenced IP address pools from which access is allowed. Organizations need the ability to move beyond simple controls that are easily bypassed, such as MAC address whitelisting, to a more complex zero trust framework.
– Cloud (s) and on-site. Enterprise IT will have evolved into a complex mix of on-premises topologies, multiple clouds, and everything as a service (XaaS).
Security systems must be independent of what they protect and where what is valuable is hosted or executed. Without such elastic ease, the organization’s strategic choices are limited by what can be protected, rather than determined by solutions that are in the best interests of the business.
– MFA choice. It is important to offer AMF in several forms, either as alternatives (you can use Where fingerprint recognition as a second factor) or in combination (SMS and Google Authenticator).
Your end users will make mistakes online, so providing convenience through choice can help significantly reduce security risks. For example, authentication anywhere can be completed with physical keys, like a FIDO2 device, like those from Yubico.
– Integration with the existing stack. Legacy cybersecurity measures represent a significant investment and do not necessarily have to be written off. As new technologies become available, each organization will have to consider its merits, but a general rule of thumb is that no single platform is sufficient, despite claims from the marketing departments of many vendors.
Endpoint protection agents, SSO mechanisms, Active Directory policy engines, firewalls, and even ingress smart cards to physical premises all have a role to play. The secret sauce is having the means to monitor and control all protective measures in the simplest possible way.
– The conundrum of conformity. Proving an organization’s compliance with local and international data governance doesn’t have to be a significant waste of resources. Data repository security audits that take weeks to compile are a sure sign that security policy (and methods) are not coordinated. Look for tools and platforms that turn data collection exercises and reporting into a few clicks.
Over the next few weeks on Tech Wire Asia, we’ll be looking at several vendors in the cybersecurity arena that offer the kind of modern, rapidly deployed, and multi-functional cybersecurity frameworks that cover many aspects detailed above.
The first company in our spotlight is Duo security, a cybersecurity provider whose ease of use and deployment belies its internal power and complexity. In fact, its approach can be summed up at the highest level into three stages of trust: identifying and authenticating the user, examining the device used to request access, and finally enforcing highly elastic and granular security throughout the process. user interaction with any system, in any cloud or on-premises.
Zero trust is one of those very topical buzzwords that is often overly complicated and over-interpreted – the tech press is particularly to blame in this regard. It is often misinterpreted as making all employees into potential bad actors. Duo Security makes every effort to avoid this simple trap.
Instead, it seeks to provide a broad and rapid range of cybersecurity measures to respond to evolving threats. Its cloud-based service is available as a free trial, so the best way to test the Duo product line is – literally – to test it for yourself.
In a future article here on Tech Wire Asia, we’ll take a closer look at Duo Security’s offerings (Duo MFA, Duo Access, and Duo Beyond), but until then, check out the trial period for yourself, or get in touch directly with the company.