RSS feed Get our RSS feed

News by Topic

BizReport : Internet : June 04, 2020

The three security strategies businesses must update

Through the COVID-19 pandemic more and more businesses have gone to a work-from-home model. Even now, with many pandemic restrictions lifting, businesses are expecting to see more people opting to work from home at least partially. This means merchants and brands must update their security measures so that their business isn't put at risk. Here are three strategies that should be updated.

by Kristina Knight

"When the COVID-19 pandemic first hit, we saw many companies facing a situation where they lacked remote user VPN capacity to handle the immediate surge of most, or some cases all, employees working from home all the time," said Tim Knudsen, VP of Product Management, Akamai. "And in some cases, companies had significant portions of their workforce that had prior to that point been exclusively using desktops at the office. That meant now they were faced with the challenge of the workforce only having personal unmanaged devices to remotely access private corporate applications."

This move shone the spotlight on two specific security issues for businesses: the use of work devices used at home for recreational surfing, gaming, and social networking. And unmanaged devices - personal, in many cases - being used to log-in remotely to business networks. What can be done about these two threats?

First, Knudsen suggests going to a Zero Trust application.

"[Business must move] away from network level access via traditional remote user VPN to Zero Trust granular application or resource-specific access with Multi-Factor Authentication (MFA) and conditional authorization. Said another way, restrict to what is absolutely required, after varying identity and the device can be trusted so the attack surface is as narrow as possible and lateral threats are largely mitigated," said Knudsen.

Second, implement SWGs for employees.

"[Brands must] intercept all the traffic from the device using a Secure Web Gateway (SWG), starting with the DNS request, to mitigate compromise and data exfiltration. Said another way, inserting as early as possible in the kill chain to prevent malware from even getting to the device and block all communications to remote command and control points," said Knudsen.

Third, consider taking security to the cloud.

"[These shifts] have further made cloud / edge-delivered security services as the preferred architecture and solution model because the access decision can be made outside of the data center or IaaS platform where the apps are, and the threat blocking can happen before the malware even gets to the device," said Knudsen. "In addition, the cloud / edge delivered services have the advantage of elasticity, eliminating the concerns of having stacked enough 'boxes' to handle the load."

Tags: Akamai, brand security, cybersecurity trends, ecommerce security, SMB tips, SMB trends

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.