When it comes to the topic of “digital workplace,” thriller-like scenarios of a concerning nature sometimes come to mind, like cyber attackers encrypting your data and demanding a big ransom. Other perpetrators get people’s sensitive data by tricking them on the phone, or by using artificial intelligence and “deep fake” videos. Indeed, these types of things are becoming ever more frequent, and the perpetrators are getting more sophisticated. One wrong click on a URL, careless sharing of sensitive company data, sharing too much information with third parties, or misplaced trust in someone we think we know … that’s all it takes to become a victim.
Falling prey to such schemes can have serious consequences for the victim. It is thus extremely important to be aware of the dangers out there and protect yourself accordingly, preparing for a serious incident.
In an interview, Roman Usiatycki, Team Lead Service Specialists at EBF, talks about effective methods of protection against attack, and why the crucial issue of security comes with so many challenges.
Roman, companies are exposed to rising risk of falling victim to attacks. What kind of impact is this having on businesses?
We have observed a heightened focus on security among our customers. Events over the past few months in particular have demonstrated how security is now more crucial than ever. More and more companies are looking to take advantage of existing opportunities to tighten security, including in a mobile and UEM environment.
Context-based access controls, known as “Conditional Access”, are becoming increasingly important, for example, as a technique for ensuring a security level appropriate for the situation. More and more customers are deploying Conditional Access solutions because of how it meets their needs, enabling them to control the factors necessary to access a particular service. This may involve the referencing of certificates, specific required applications like a UEM client or defined network areas that can only be entered via a specific VPN gateway. This means that only users who are registered and have managed devices are able to access services or content. UEM systems allow configuring the necessary conditions in a streamlined process.
And these systems offer another major security advantage. Since all operating systems can now be managed via many UEM solutions, the ease of management many are familiar with from smartphones is now possible with desktop devices as well. Controlling compliance and security is thus quite simple, as corresponding policies and actions are definable for all devices.
Security is a priority in other respects as well: The log4j vulnerability last December, for example, made clear how a lot of the time we are not as secure as we think we are. This vulnerability was identified in a framework utilized by many systems. This was in fact a system-based vulnerability, but in combination with a range of other factors this caused a resurgence of debate about security, also revealing how critical swift response is. But that is not always possible, because relevant information is often missing. Despite regular information flows, it can be difficult to obtain the latest data during such incidents. And a host of other tasks usually have to be dealt with at the same time, as incidents requiring quick reaction seem to occur most often when you are having a really stressful day. It is thus key to have a well-organized IT department or work with an external IT service provider who is capable of flexible and rapid response to such problems. Preventive measures are instrumental as well for reducing risk.
What technologies in addition to conditional access are there to help companies meet the challenges?
The chief goal is always to ensure security within the infrastructure and on the clients.
Scanners, for example, are a system-based security element useful for risk-based analysis, enabling response to known vulnerabilities by referencing available databases.
For clients we primarily utilize mobile threat defense solutions as a preventive measure. These ensure security on local devices and help identify phishing attacks, for example, with no connectivity required in many cases. This is because many providers insist on secure clients even when there is no connection. Enabling local action is important as well. MTD solutions are effective for detecting man-in-the-middle attacks, as these notice if anything has been interposed when connecting to a Wi-Fi network and elicit a response from the client. Such actions are often implemented via APIs offered in UEM systems that enable mobile threat defense solutions to perform the necessary actions on the device.
What other options are there for securing clients?
Multi-factor authentication is highly important, principally as extra protection on top of regular authentication. This may be implemented in very different ways, such as a certificate or an IP address from which accessing must occur. In many cases this will be an application or an SMS with a code sent to a verified phone number which is required for access.
This additional security factor means administrative accounts can no longer be used for abuse. A second security factor also means user accounts can no longer be exploited by unauthorized individuals to access user content or data.
Ein Thema, was es schon lange gibt, aber im Kontext Sicherheit noch mal ein anderes Gewicht bekommen hat, ist das Thema Single-Sign-On. Single sign-on has been around for a long time as a method, but became a focal point of security considerations. The issue is bundling authentication with secure protocols so that users don’t have to log in multiple times. Users log in one time, using a token or other mechanism, to get simultaneous access to multiple services. Users thus don’t need as many passwords and don’t have to enter credentials as frequently.
And that discourages users from utilizing simple passwords. This even makes it possible for users to work nearly without entering passwords at all. A password is required once to set up a device, but after that no more. The “password factor” thus falls more into the background. That’s ultimately a convenience issue around security, when users don’t have to enter passwords so often.
Thank you very much for all the valuable insights!