How To Be Secure When Working Remotely

Today, more and more companies have opened their doors and stepped outside the four corners of their office. Times have indeed changed and remote work is now slowly taking over.  For the employees who work from home they don’t need to spend for transportation and stress that comes with commuting. As for the employers having some of the staff work remotely means they no longer need to pay serious amounts of money for a huge office space as well as for the electricity consumption.

Despite the numerous benefits of going remote, there are serious risks that still come with this trend. Risks that if left unaddressed early could mean serious losses for companies. These risks involve losses of valuable, confidential data and sensitive information that are not for public consumption. Here, security awareness training is key to equip your employees with the right knowledge, tools, and mindset that will keep them from falling prey to cyber attacks outside. Some of the tools that will help achieve those goals of protecting valuable data and information are discussed next:

Virtual Private Networks. Similar to what a firewall does, VPNs protect your laptop’s data online, with the front end retaining the same security, functionality, and appearance despite being a Wide Area Network. VPNs combine encryption protocols and dedicated connections to create virtual P2P connections, which in turn keep hackers from accessing transmitted data that they may have managed to obtain. A number of VPN security protocols have been developed through the years each offering different features:

  • Point-to-Point Tunneling Protocol (PPTP). PPTP is a VPN protocol that is known to be flexible in terms of its ability to be installed in different kinds of operating systems. It is, however, incapable of performing an encryption; rather, what it does is encapsulate the data packet.
  • Transport Layer Security (TLS). This type of VPN is commonly used by service providers and online retailers. It features a “handshake method” which generates the cryptographic parameters that serve as a means for the two systems to create a secure connection, as well as authenticating the session and exchanging encryption keys.
  • Secure Shell (SSH). This type of VPN creates the VPN tunnel as well as the encryption that provides the protection to the former. This feature enables remote workers to safely transfer information by routing traffic from remote file servers, using of course, an encrypted channel.
  • Layer 2 Tunneling Protocol (L2TP)/IPsec. Similar to the PPTP, the L2TP is likewise incapable of encryption. Nevertheless, it compensates by creating the tunnel while the IPsec takes care of the encryption (as well as data integrity checks).
  • IP Security (IPsec). The partner of the L2TP, the IPsec can no less stand on its own as it operates in two modes: first, the tunneling mode, wherein it encrypts the data packet in its entirety, and second, the transport mode, wherein it only encrypts the data packet message.

Firewalls. A firewall software functions by filtering the information coming through the Internet connection and into your company’s computer system or private network, in the case of homes. Basically, it serves as a “checkpoint” wherein they bar packets of information that are flagged by filters.

Connectivity Guidelines. Business owners should come up with security standards and policies that all remote workers should follow to the dot, and without any compromise. These guidelines may include rules that prohibit remote workers from accessing unsecured connections, unrecognised Bluetooth connections, and the like.

Going Cloud. Another excellent option that is becoming more popular among companies that are looking to improve their remote security are web-based cloud solutions. Cloud-based solutions and apps tend to be compliant with industry regulations and generally data within the cloud is encrypted. Business owners and managers can also regulate the access abilities of their employees.

Advertisements

Docker Security Concerns

Docker is a popular platform for OS-level virtualization instances known as containers. Flexible containerization is completely changing the way we build and maintain applications at scale.

With positivity and momentum of growth in mind, we must keep information security in mind. Let’s take a look at four potential threats and strategies to help secure your container deployments:

1. Vulnerable images:  Anyone can publish a new repository on Docker Hub, so check that you’re familiar with the project maintainer before deploying. Running untested builds from spurious sources may lead to the unintentional introduction of vulnerable components, or even malicious code execution. It is best to check for the official Docker Store and “Certified” program that offers a variety of assured and deployment-ready packages. Paid plans on the Hub feature a “Security Scanning” tool that can check images for known vulnerabilities.

2. IAM breaches:  Cloud providers, such as Amazon Web Services, aim to provide hardened Identity and Access Management (IAM) role structures by default. These can be used in tandem with your Elastic Compute Cloud (EC2) instances for example to ensure your users have been issued the appropriate access rights as per the Principle of Least Privilege. When deploying containers ensure that your registry is sufficiently protected, possibly with two-factor authentication.

3. Excess resource usage: By default, a Docker container has no resource constraints. As a result, actively deploying containers without resource limits could lead to severely degraded host performance. Make sure to set limits on memory, bandwidth and disk usage to mitigate performance issues. Such issues could be caused also by malicious code (such as denial of service code execution).

4. Container breakouts: An adversary that gains access to one of your containers should not be able to move laterally to other containers or the Docker host. However, Docker is evolving quickly and privilege escalation exploits may arise, so take care to build infrastructure with a layered defense-in-depth approach in mind.

Has Your Information Security Strategy Gone Obsolete?

The DDoS attacks of 2016 and the WannaCry ransomware that recently affected thousands of computer systems have compelled businesses to look into their security mechanisms and identify pitfalls that might make them prone to cyber threats. Verizon had already highlighted the intensity of upcoming challenges in their annual 2016 Data Breach Investigations Report as: “No locale, no industry or organization is bulletproof when it comes to the compromise of data.”

Although cyber security agencies, IT security teams, and security engineers are striving to overcome the menace of threats with all their might, the increasing number of incidents clearly indicates that cyber criminals have taken the lead and by a great margin. Statistics reveal no good signs for the future estimating that by 2021, the cost of the damage caused by cyber attacks will exceed more than $6 trillion. Here are five some signs that may indicate your IT security strategy needs a revamp:

1. System Performance has Changed: Computer systems connected in the circuitry of your overall organizational network are experiencing extreme fluctuations in terms of speed and performance. This could be a sign that your system is running a lot of programs, perhaps malicious payloads, in the background.

2. Malicious Login Activities: Unauthorized login is still the primary method of breaking into an organization’s system. Network administrators need to keep a check on the logins and their relevant IPs to identify any malicious activity in real time. Similarly,  one needs to keep an eye on any malicious insider activities.

3. Data Mines Have Been Compromised: If the backups you made recently have become unresponsive, some files went missing, or the arrangement of your data logs looks different, it is an indication that your IT security strategy needs a revamp.

4. Abrupt Increase in Spams: Unrecognized requests, spammy emails , pop-ups, and messages saying “Program Unresponsiveness, Click Ok to make it faster” or “New Version found: Click Ok to update” could all be signs that your system has been infected by malicious software.

5. Routine Shutdowns and Downtimes:  When a system is infected with a Trojan or virus, downtown and automatic shutdowns become routine. Merely notifying your IT department won’t resolve the issue. You need to address it through more stringent security measures.

With the number and sophistication of attacks on the rise, companies need to invest in sound security strategies in order to protect their valuable data. By revamping your security strategy, you’ll be in a better position to provide sufficient protection, allowing your business to continue to thrive without fear of becoming a victim.

More information: http://www.verizonenterprise.com/resources/reports/rp_DBIR_2017_Report_en_xg.pdf