Protecting devices at the edge of the network has become more pertinent than ever in this COVID-19 pandemic period. With so many more people now working from home rather than at the office, they are thus working outside the edge of the company network, with their cybersecurity not necessarily being managed by third-party security. We’ve therefore seen an increase in targeted attacks, and the risks have increased substantially.
At the same time, vulnerability types remain the same whether we are looking at the pre- or current COVID eras. Within the vulnerability management space, any PC arguably has vulnerabilities at any given moment, and so, whether at the endpoint, server or host, a malicious attack can come from anywhere.
For endpoint protection, it is therefore imperative to ensure that outdated software on your machine receives notifications to be patched, so the vulnerability does not lie with any device.
Some of the current vulnerable devices include headless IoT devices, meaning anything with an IP address that doesn’t need a monitor, keyboard or mouse to function. This could include online appliances such as CCTV, fridges and wearable tech such as watches: pretty much anything that can connect to the Internet without the necessary security elements being taken into consideration. These online devices and applications pose significant security risks.
The only way to protect them, as with your laptops working from anywhere, is via a next generation antivirus that is up to date, connecting to your corporate firewall that will steer all traffic through it and thereby protect your edge devices from the outside.
The ‘bare essentials’ around vulnerability management involves keeping all software updated. In a smaller environment this is an easy task to manage. However, when looking at enterprise networks with hundreds of IPs to manage, the organisation needs to invest in a leading vulnerability management tool that will allow you to take daily snapshots to allow your team to prioritise patching
Getting the fundamentals right from the very beginning should be sufficient to protect you most of the time – although of course a new threat will obviously need new technology to cover users. However, from the perspective of just ‘getting the fundamentals right’, our best practice advice is to make sure that your subscriptions are active to receive the latest updated threat protection. This should alleviate most of your risk associated with being outside the edge of the network.
Additionally, sandboxing could also be offered, but this is a very small vector to target. Similarly, web application firewalls need not be necessary for those organisations that are not offering online financial transactions.
At Networks Unlimited, we have obviously also embraced remote working for our employees and we took steps to keep the edge secure as follows:
• We have a proper mail system in place, which is subject to email scrubbing.
• We have applied endpoint protection from SentinelOne.
• We utilise the functionality of Fortigate to sanitise the connection before it enters the network.
Fundamental best practice dictates that whatever the circumstances, organisations should prioritise cybersecurity before an attack happens. Right now, this means being aware of the increased need to protect the edge of the network.
© Technews Publishing (Pty) Ltd | All Rights Reserved