sb-nz logo
Story image

In IT security, ‘good enough’ is no longer good enough

18 Jun 2020

Article by Bufferzone Security technology entrepreneur Greg Wyman.

As organisations start to return to work from the COVID-19 crisis, ensuring adequate protection is more critical than ever. Organisations of all sizes have been forced to enable remote workers hastily, with their number one priority being connectivity.

But all the hurry has exposed many organisations to serious exposure and risk. Now that organisations are starting to return to work, this does not mean the threats have stopped or reduced.

Cyber attackers live by the motto ‘Never let a good crisis go to waste’, and COVID-19 delivers a perfect storm of opportunity for them.

Let’s look at just the top three issues facing almost every business in the past eight weeks:

  1. Users have quickly moved from corporate systems to remote systems.
  2. 94% of data breaches start with email or the web, according to Verizon in 2019.
  3. If a user clicks a link or opens a malicious email – a hacker can enter and infect the entire organisation.

An extra layer of protection is required immediately to protect arguably the most vulnerable and largest attack surface of any organisation - the user’s desktop or laptop. Once compromised, cyber criminals have the proverbial ‘keys to the kingdom’.

What is needed is a defensive posture that changes the rules in the fight against the bad guys, protects endpoints from the attackers, and prevents hackers and ransomware from gaining access to corporate networks and data.

In an ideal world, traditional security – like anti-virus and next-gen AV –  should form the outer layer of a protection strategy to stop known (traditional) malware and spam. 

They often have a 95% to 99% success rate for detecting known malware – which is good, but that also means that for every 100 emails, one to five will make it through traditional detection technology.

Yet if a single email succeeds in getting through, the hacker can breach an entire company. Is that good enough today?

The solution is to add an additional layer of security in the form a lightweight secure virtual container that contains the threats. 

Malware, ransomware and hackers simply cannot move outside the container and infect corporate systems. To eradicate the virus or ransomware on the user’s computer simply requires a single button click – empty the container and malware is eliminated.

Today, issues arise when users visit compromised websites, download files from the web or have email attachments that may contain hidden or embedded malware, VBS scripts or macros.

As a default, no files should be allowed into the corporate network unless they have been sanitised and all malware removed from the file – not just running anti-virus on the file.

Using the latest technology, inbound files can be broken down to their actual components and then reassembled leaving behind any malware, VBScripts, macros and so forth. The reassembled document is identical to the original – and it is malware-free.

The ultimate goal for most organisations should be to protect against known threats (with traditional anti-virus) and contain unknown threats to help ensure that no infected files can enter the organisation to enable a hacker to deliver their malicious payload and compromise an organisation.

The hackers hope that users stay with their ‘good enough’ detection products, as these allow relatively simple access to penetrate an organisation.

Story image
Rackspace and Cloudflare join forces for managed edge security
Rackspace and Cloudflare join forces for managed edge security The solution includes a web application firewall, DDoS protection, DNS services and a global content delivery network, backed by 24/7 support.More
Link image
The future of working is remote - make sure it's also secure
Join an immersive and informative webcast series to learn how to better secure your mobile workforce in the evolving threat landscape.More
Story image
Keyfactor and Primekey announce partnership to automate PKI
“PrimeKey and Keyfactor share a mutual respect and mission to provide trust and security in zero-trust networks and manufacturing environments.”More
Story image
Banks failing customers when it comes to mobile app security
"Through these vulnerabilities, hackers can obtain usernames, account balances, transfer confirmations, card limits, and the phone number associated with a victim's card.”More
Story image
Fortinet resolves to help communities through new Corporate Foundation
“Through the establishment of a Corporate Foundation, we are extending investments in security training and education, employee community engagement and disaster relief efforts to empower and protect our communities, as well as positively impact our business, employees, customers and shareholders.”More
Link image
How to deploy containerised apps in your cloud infrastructure
Move your business into the future - take advantage of a free consultation to pinpoint how container-based applications can propel your cloud infrastructure to new heights.More