Johannesburg, 24 Oct 2022
While many people have returned to corporate offices post-lockdown, there are still many who choose to continue working from home or adopt a hybrid work scenario. CICT (an Elvey Group company and part of the Hudaco Group of companies) has gathered several solutions that work together to ensure maximised cyber security for employers and employees. These include remote workforce security, e-mail security and secure data backups.
Remote workforce security
In the Cybersecurity Insider Remote Workforce Security Report, supported by DTEX, respondents said: “The biggest remote work security concerns stem from data leaking through endpoints (27%), loss of visibility of user activity (25%) and maintaining compliance with regulatory requirements (24%).”
The report states that one of the biggest issues is: “Users start to mix personal use and corporate use on their work laptops, increasing the risk of drive-by-downloads (25%), users are more susceptible to phishing attacks at home (15%), and the organisation no longer has visibility since most remote workers operate outside the corporate network (13%).”
When asked how many organisations were prepared for the complete shift to remote working during the COVID-19 pandemic, only 30% confirmed that they were fully prepared from a security perspective. Similarly, when asked about security controls, only 34% reported having any endpoint compliance and 18% having cloud DLP. This is a rather disturbing trend as, according to the report: “When organisations enable cloud, BYOD and remote work, they must deploy the proper security tools to do so safely. Consequently, these numbers, as well as those of solutions like CASB, UEBA, ZTNA and web filtering, ought to be higher.”
User awareness and training ranks highest (30%) on the list of key security challenges facing organisations that are increasing their remote workforces. This is followed by sensitive data leaving the perimeter (24%), lack of visibility (18%) and unsanctioned use of cloud apps (10%).
DTEX dynamically correlates data, application, machine and human telemetry to stream context-rich user behaviour and asset utilisation analytics that deliver a first-of-its-kind human-centric approach to enterprise operational intelligence.
E-mail security
According to Sendmarc: “Without exception, everyone who uses e-mail is a potential target at any time and cyber criminals are growing in number, skill and daring. They are using increasingly sophisticated methods to infiltrate organisations and trick employees with almost undetectable forgery of e-mails and websites, and as a result, ‘defraud’ organisations of huge sums of money.
“An easy-to-use and fast tool for business communication, e-mail usage continues to grow and it is predicted that by 2025, around 376.5 billion business and consumer e-mails will be sent daily. The e-mail environment is constantly, and at unprecedented speeds, dealing with traffic from multiple internal and external sources.”
Sendmarc cautions that there are design differences between the two directions of e-mail traffic. “It is critical, therefore, to mitigate the different security risks that each present. This requires companies to adopt a targeted, layered and interconnected cyber-security defence. To fully protect the e-mail environment and safeguard their brand, employees, partners and suppliers, organisations must ensure that every area of potential vulnerability open to exploitation by cyber criminals is secure and safeguarded. Business must start by implementing the appropriate technology that addresses each particular security hole.”
Sendmarc suggests that organisations employ both DMARC and perimeter e-mail security to fully secure and safeguard their financial, operational and reputational integrity, and to mitigate security risks. It’s important, though, that attention be paid to the correct implementation and use of both, because a company’s e-mail security will otherwise be compromised, and result in their brand, employees, customers and partners being put at risk.
Sendmarc’s DMARC implementation methodology takes into consideration a business’s perimeter e-mail security solution, ensuring that DMARC and perimeter e-mail security are working seamlessly together and each is providing the designed security measures.
Secure data backups
Redstor reports that ransomware attacks are becoming smarter, more common and more disastrous. Leading researcher Cybersecurity Ventures predict that on the current growth trajectory, the cost in damages to businesses globally will be $265 billion per year by 2031, with an organisation falling victim every two seconds. Malware is continually evolving, and anti-virus software is struggling to keep up. Once an infection has occurred, removing the ransomware is almost impossible.
To increase the likelihood of payment, attackers often target backups on the same network, which would make data recovery impossible. Therefore, says Redstor, recovery should be at the forefront of your defence plan. Backups need to be isolated from your live environment, in an offsite location, preferably in a cloud service designed for this purpose.
Since ransomware can sit dormant on a network for up to 180 days before executing – just to ensure that it has compromised all retained backups – having no clean versions to restore means you might as well have no backups at all. With Redstor, you can keep multiple retention points to ensure there is always a safe copy of your data available by utilising Redstor’s AI Malware detection in backups as an additional layer of security.
Most businesses have a disaster recovery (DR) plan in place, but it’s not worth much if it doesn’t work. You need to regularly test that you can in fact restore data from your backups. Invoking DR, even as a test, can cause disruption and involves time and planning. Redstor’s InstantData technology streams your data for instant access from any location, allowing you to recover critical data in moments. While other files are recovered behind the scenes, users can start working on the files immediately – perfect for testing. This allows you to recover data temporarily or permanently to a physical machine, virtual machine or the cloud.
For more information, contact CICT, +27 (0) 10 590 6177, info@commercialict.co.za www.commercialict.co.za.
Share