Staying Out of the Firing Line: Cybersecurity Measures in Practice
Any cybersecurity expert who claims they’ve never clicked a rogue email link or two during their career is, to put it mildly, being economical with the truth. Every user of internet-connected technology is in a position to put themselves and their employer in danger on multiple occasions, daily.
Given that every company on the planet is at risk, it’s only a matter of time until an attack directed at the organization will be successful. It’s a case of when not if. How then, to make “when” as far into the future as possible?
If we focus on attackers’ motives, it quickly becomes clear that in 99.999% of cases, simple economic expediency is the driving factor. The easier the victim is to find and breach, the better. After all, no business — and make no mistake, hacking is a business — wants to incur high costs, and troublesome potential victims will likely be ignored for simpler, softer targets.
Every company can take steps to remove themselves from the low-hanging fruit category of potential cyber-attack victim and significantly reduce the chances of being compromised. With the more advanced protective technologies available today, companies should take at least some (but preferably all) of the following measures:
– Maintain granular security strata. Even the most privileged (in computing terms) of users does not need blanket, root-level access everywhere across the connected enterprise.
Granular security levels should be defined not only on a per-application basis but can also be assigned per cloud, per VLAN, per subnet, and per role. A high-level database administrator, for example, may need edit privileges to the data core of the financial application’s back end but not need anything like admin privileges to log in to the GUI front end.
– Geofencing as default. Even with a highly distributed workforce, it’s relatively pain-free to set up geo-fenced pools of IP addresses from where access is permitted. Organizations need the facility to go beyond simple checks that are easily circumnavigated, like MAC address whitelists, to a more complex, zero-trust framework.
– Cloud(s) and on-premise. Companies IT will have evolved into a complex mix of on-premise, multiple cloud, and anything-as-as-service (XaaS) topology.
Security systems need to be agnostic about what they protect and where what’s precious is hosted or run from. Without such an elastic facility, the organization’s strategic choices are limited by what can be protected, rather than determined by what solutions are in the business’s best interests.
– MFA choices. It’s important to offer MFA in several forms, either as alternatives (you may use facial or fingerprint recognition as a second factor) or in combination (SMS and Google Authenticator).
Your end users will make mistakes online, so offering convenience through choice can help significantly lower security risks. For instance, authentication anywhere can be supplemented with physical keys, like a FIDO2 device, such as those from Yubico.
– Integration with the existing stack. Legacy cybersecurity measures represent a significant investment and should not necessarily be written off. As new technologies become available, every organization will need to consider its merits, but a general rule of thumb is that no single platform is sufficient — despite the claims of many vendors’ marketing departments.
Endpoint protection agents, SSO mechanisms, Active Directory policy engines, firewalls and even physical premises entry smartcards all have a role to play. The secret sauce is having means of oversight and control over all protective measures in ways as simple as possible.
– The compliance conundrum. Proving an organization’s compliance with local and international data governance doesn’t have to be a significant drain on resources. Audits into data repository security that take weeks to compile are a sure sign that security policy (and methods) are not coordinated. Look for tools and platforms that turn data gathering exercises and report formulation into a matter of just a few clicks.
Over the next few weeks on Tech Wire Asia, we’ll be looking at several vendors in the cybersecurity space that are offering the kind of modern, quickly deployed and multifunctional cybersecurity frameworks that cover off many of the aspects detailed above.
The first company in our spotlight is Duo Security, a provider of cybersecurity that has an ease of use and deployment that belies its internal power and complexity. In fact, its approach can be summed up at the highest level in three stages of trust: ascertain and authenticate the user, examine the device that’s used to request access, and finally apply highly elastic and granular security throughout the user’s interaction with any system, in any cloud or on-premise.
Zero-trust is one of those very current buzz phrases that’s often over-complicated and over-interpreted — the technology press is particularly guilty on that score. It’s often misconstrued as casting all employees as potential bad actors. Duo Security takes great pains to avoid this simple trap.
Instead, it looks to provide a broad-reaching and quick-to-deploy range of cybersecurity measures responsive to changing threats. Its cloud-based service is available as a free trial, so the best way to test Duo’s product range is — literally — to test it for yourself.
In a future article here on Tech Wire Asia, we’ll be looking in more depth at Duo Security’s offerings (Duo MFA, Duo Access, and Duo Beyond), but until then, check out the trial period for yourself, or get in touch with the company directly.
- Does Meta’s AI strategy stand a chance against OpenAI’s advances?
- Japanese start-up builds a Gundam-like robot
- Mobile gaming is dominating consumer spending on games in 2023 compared to other platforms
- Fortifying Australian cyber-resilience through attack surface management
- What is Cyber Threat Intelligence, and why do I need it?