ARTICLE
Remote working

Our Top 4 Security Hotspots and technologies to remedy them

Read the article

Share this story

Read Time: 5 minutes

With remote working now destined to be a part of our everyday working life, what are the biggest threats facing IT security teams?
We’ve pulled out our top 4 areas in need of instant attention.
1. Email

Most email platforms were designed when users sat within the security perimeter, but now they’re outside and many email platforms are no longer fit for purpose.

Email security threats continue to be one of the biggest risks to organisations globally, with over 90% of all hacking attacks originating from email.

As remote working and workplace automation increases, reliance on email increases too and according to research by Libra ESVA, a leading email platform provider, as much as 77% of company email traffic can be either malicious or unwanted - the average is 30%.

As much as 77% of company email traffic can be either malicious or unwanted - the average is 30%.

Libra ESVA used their automated email assessment tool as part of their research and found a broad range of malicious file types in assessments of business email systems. In almost every case, the perception of the business completely changed when they saw the results.

Guidance from both the UK and US government is for more visibility and control of network traffic, with email security one of a number of most critical areas. Threat detection specialists, CyGlass, point out that you can’t stop what you can’t see and, with many threats remaining hidden from detection, managing who and what’s on a network is essential for businesses if they are to offer any effective protection.

With all the recent changes to our working practices, don’t assume that what worked 4 months ago still works now. You can use the Libra ESVA email assessment tool to see how your systems stacks up and CyGlass offer a free trial that exposes all network traffic.

2. Workplace Automation

A recent survey found that over 70% of all businesses had initiated or completed a digital transformation to workplace automation. The only surprise with this is that the number isn’t greater.

Workplace automation offers significant performance benefits to businesses, particularly for SMBs, with some of the leading products both affordable and easy to implement. But these products often fall short on security, leaving organisations at risk and under the illusion that they’re fully protected.

The government guidance specifically referenced both VPNs and office automation products, recommending additional measures for greater visibility and control.

Both CyGlass and Libra ESVA can help determine how secure your business is, with CyGlass boasting 100% visibility!

3. Insider Threats

According to some of the best known organisations in the IT security space, 90% of all breaches are as a result of human error.

From government advisors to security industry experts, the consistent message is that the source of our greatest threat is from within and, for IT security teams, stopping those errors has become a top priority.

According to some of the best known organisations in the IT security space, 90% of all breaches are as a result of human error

Even before Covid 19, the message was clear. Businesses needed to address the risks from human error and the recent move to remote working for all just increases that risk.

Once again, one of the most important steps to greater protection is better visibility and control of network traffic. By monitoring traffic, it’s possible to identify anomalies in behaviour or policy and to take steps to stop it. Insider threats can result from nothing more than carelessness and, by tracking behaviour, security teams can ensure mistakes don’t become disasters.

Another key consideration is greater protection of assets and encryption is fast becoming an essential security tool. Encryption reduces the impact of human error by making data unreadable if a breach occurs.

There are a lot of perceptions around encryption and its effect on business performance, but the latest products address that, providing greater security without impacting on productivity. Our recent article - The magic and the myths - looks at both the benefits and the misperceptions around encryption.

Most business applications encrypt data in transit, but this leaves data unprotected when inactive, or ‘at rest’. Remote working has placed larger numbers of assets outside our protective perimeters, increasing risk to data ‘at rest’, and there’s been a radical rethink around encryption as a result.

There are products that address this by encrypting data whether ‘at rest’ or in transit. Look at HyTrust, which is a leader in this space and provides products suited to both enterprise and SMBs.

4. Videoconferencing

Where would we have been without videoconferencing over the last 3 months. But how safe is it? Well not as safe as you may have thought.

There’s no doubt the videoconference is here to stay, so now’s the time to put the right protection around it.

First, consider some of the risks that have surfaced in the last couple of months. US defence contractors have a vigorous set of regulatory requirements for the sharing and communication of information and data, so imagine the surprise when a top level teleconference was interrupted by a junior overseas administrator.

It soon became apparent that videoconferencing products don’t offer the security and privacy expected, providing access to sessions and the control of cameras by outsiders.

Human error comes into play here, too. The employee lying naked on his bed during a global team videoconference in a major international news organisation will think twice about his camera setting in future!

If videoconferencing is to become an essential business tool, then make sure it’s as secure as everything else on your network. Look at a new product from Highside that uses adaptive authentication and encryption, so only those invited can join your meetings. Highside works with most products, including Teams, to make a compromise near-on impossible.

Our most important take-out is not to assume that what worked before is right for the new realities of remote working. Products that performed perfectly inside our networks don’t necessarily work now that most of us are outside.

Take note of guidance from government experts. They don’t issue it lightly and do so only when they see significant risk.

The number one action is to get visibility and control of network traffic - as CyGlass says, you can’t stop what you can’t see.

And don’t think it won’t happen to you. Statistics prove that most businesses will be affected by breaches at some point. Make sure that, when that occurs, you’re fully prepared.

If you’d like to know more about any of the technologies mentioned in this article, click here and we’ll put you in touch with the right people to help.

VPN’s need better monitoring

Highlighted Technologies
CyGlass:

A Nominet company, CyGlass is a network centric, dark threat detection solution, allowing you to uncover, pinpoint, and respond to advanced cyber threats.

CyGlass delivers a virtual, cloud based SOC (VSOC) that can be deployed in minutes and that provides customers with continual network visibility. Ideal for SME’s with compliance or regulatory considerations, key benefits are ease of implementation and affordability.

Read more about CyGlass here

HyTrust:

This workload Security Solution reduces cloud security risks by automating compliance & enforcing security-based policies for private & public clouds.

While HyTrust has a number of security features, it was selected by Securefort for its encryption and key management capabilities, which complement the other technologies in the Securefort portfolio.

Libra ESVA:

An email content gateway solution ESVA – Email Security Virtual Appliance – won the Computing Security Award as ‘Antispam of the Year’ solution 2014-2016.

It was recognised by the prestigious Virus Bulletin as one of the best and effective systems of protection and analysis of email content, Libra ESVA was selected by Securefort to address email security in the SME sector.

Highside:

Highside is a secure and compliant remote work platform, perfect for security conscious organisations, companies handling regulated data, such as healthcare and financial sectors, and empowering teams working from home.

From video conferencing to file sharing, email security to MFA, Highside helps you increase productivity while drastically reducing risk from cyberattacks.

User Rating
Rate the Article

Click the link below to rate this article

Rate this article
Have you also seen...
Test your Email Security Now

This tool tests if your email server is correctly configured to stop common threats.

Learn more
Remote working ‘Must Have' Technologies

90 days no cost, no commitment, no fuss technology deals for remote working quick wins

Learn more
Forrester predictions 2023

Get your free Predictions 2023 Guide.

Learn more
Bright Security - Web Application Security: Top Threats and 6 Defensive Methods

Top Threats and 6 Defensive Methods

Learn more
Teams: the one-stop IT app

The one-stop IT app

Learn more
AppJacking

Mitigating risk from endpoint apps

Learn more
About Libraesva

An email content gateway solution ESVA – Email Security Virtual Appliance – won the Computing Security Award as ‘Antispam of the Year’ solution 2014-2016

It was recognised by the prestigious Virus Bulletin as one of the best and effective systems of protection and analysis of email content, Libra ESVA was selected by Securefort to address email security in the SMB sector.

Learn more
You can’t protect what you can't see!

30 days no cost, no commitment, no fuss technology deals for remote working quick wins:

Learn more

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Other articles in this category
Managed Security
+
Easy affordability

Outsourcing has never been more attractive

Friday, May 01, 2020
+
Network security is broken

Despite record spending on cyber security, breaches have become commonplace.

Tuesday, June 23, 2020
Interested in what you see? Get in touch, and let's start a conversation Get in touch