Roman, the risk of companies becoming victims of an attack is growing. How is this affecting companies?

“We are seeing that customers are placing an increasing focus on security. The events of recent months in particular have led to security playing an even greater role. In the mobile sector and in the UEM environment, too, more and more companies want to take advantage of the opportunities available in this regard.

For example, context-based access security is becoming increasingly important. This can be implemented using conditional access, which ensures a level of security appropriate to the situation. More and more customers have this requirement and are using conditional access solutions. This allows them to control what is necessary to access a particular service. For example, certificates are requested, or certain applications such as the UEM client or defined network areas are required, which can only be accessed via a specific VPN gateway. This means that users only gain access to the service or content if they are registered and their devices are managed. UEM systems offer the possibility of simplifying the implementation of the necessary conditions for this.

And these offer another major advantage in terms of security: since all operating systems can now be managed equally via many UEM solutions, the simplicity of management that we are familiar with from smartphones is now also extending to desktop devices. This means that compliance and security management is also very easy, and corresponding guidelines and actions can be defined for all devices.

But security is also a focus in other respects: examples such as the log4j security vulnerability in December make it clear that we are not as secure as we often think. This involved a vulnerability found in a framework used in many systems. Although this was a system-based incident, it, along with many other indicators, intensified the general discussion around security and showed that it is particularly important to react quickly. However, this is not always possible, partly because relevant information is lacking. Even if you keep yourself regularly informed, it is difficult to obtain up-to-date information at such a moment. After all, there are many other issues to deal with at the same time. And as luck would have it, it is usually a particularly stressful day when such an incident occurs and you have to react. That is why it is important to have a well-established internal IT department or to work with an external service provider who can respond flexibly and quickly to such problems. Preventive measures also help to reduce the risk.”

What technologies—besides conditional access—are helping to overcome these challenges?

“The primary goal is always to ensure security in the infrastructure and for clients.

For system-based security, for example, there are scanners that can be used to perform risk-based analyses and respond to known security vulnerabilities using accessible databases.

When it comes to clients, we primarily use mobile threat defense solutions for prevention. These ensure local security on devices and help to detect phishing attacks, for example – often even without connectivity. This is because many providers focus on securing clients even when there is no connection. It is important here to also enable local actions. Man-in-the-middle attacks are also detected by MTD solutions: they notice when something has been interposed when connecting to a WiFi network and trigger a response from the client. Such actions are often implemented via APIs offered by UEM systems. This allows a mobile threat defense solution to perform the necessary actions on the device.”

Mitarbeiter in einem Workshop

What other options are there for securing clients?

“Another very important topic is multi-factor authentication. This primarily involves adding an additional factor to normal authentication. This can take many different forms: it can be a certificate or an IP address from which access must be made. We often talk about an application or the option of sending an SMS to a verified number containing a code that must be used to gain access.

For admin accounts, the additional security has the advantage that this administrative account can no longer be used for misuse. And even with user accounts, unauthorized persons no longer have the ability to access the content or data of users if a second factor provides additional security.

One topic that has been around for a long time but has taken on new importance in the context of security is single sign-on. This involves bundling authentication with secure protocols so that users do not have to log in multiple times. Users log in once – e.g., using a token or other mechanisms – and are thereby authorized for several services at the same time. This reduces the number of passwords users need and also the number of entries they have to make. And that, in turn, prevents users from tending to use simple passwords.

This also makes it possible for users to work almost without passwords. This means that a password is used once to set up a device, but not again. As a result, the password factor becomes less important. Ultimately, this is not only a security issue, but also a clear issue of convenience, as users do not have to enter their passwords as often.”

Thank you very much, Roman, for the valuable insights!

Contact us

The risks surrounding the digital workplace continue to grow. Are you well prepared? Feel free to contact us to discuss security measures and increase security in your company.