Understand Behaviors to Keep Data Safe

January 12, 2021

The past two years have seen a series of big, targeted data breaches and high-profile cyberattacks against organizations, financial institutions, government services portals, and prominent people exposing personal information of hundreds of millions of people. The SolarWinds hack by supposedly Russian attackers accessed sensitive data belonging to several US government agencies and other public-service institutions such as hospitals and universities. Personal information of at least 5.2 million guests was stolen from the franchise partner’s account of Marriott International. The New Zealand stock exchange was hit by cyberattacks that halted its operations many times. These are just to name a few. The list is growing fast and fat.

 

What followed has been a rethinking of the cybersecurity paradigm, says Frank Dickson, program vice-president, cybersecurity products at IDC.

 

“Instead of more cameras on the door, let’s put a fence around the house so you can’t get to the door. Let’s reduce vulnerabilities. Let’s re-architect and fundamentally make the house more secure,” he says. This evolution has continued with the proliferation of cloud-based business solutions paired with an increase in remote work, trends accelerated by the COVID-19 pandemic. The old perimeter, he says, has disappeared, and previous conceptions around cybersecurity should disappear, too.

 

“Our applications, data and people have all left the premises,” he says. “And so when that happens you have to fundamentally take a different approach.” Protecting data in this context against breach, that moment where it leaves the control of the enterprise, requires the ability to detect and contain threats faster.

 

Personalize security by user behaviors

In a data landscape where the local coffee shop might serve as an office and mom’s work computer can double as a third grader’s game console, where should cybersecurity efforts be focused? The answer lies in understanding how people have become the new perimeter.

 

Preventing data from escaping the enterprise-what cybersecurity experts call staying “left of breach”-becomes a matter of understanding the digital behaviors of those with access to information. It’s a mindset that says, “Wow, I need to make sure I can understand behavior as it’s unfolding, not after the fact.” To turn the spotlights on and be in position to take action based on what’s being seen. It’s a continuous risk assessment, like putting a heart monitor on and taking the pulse of everyone trusted to be on the network.

 

It’s also a framework that is proactive and adaptive in a world that demands both Automated tools help establish “normal,” not just for the organization as a whole but for the digital behaviors of individuals as well. When those behaviors are safe, security should work entirely in the background. If that changes? As the risk-score shifts upwards, it allows the tool sets to adaptively enforce policy to the individual, not on a universal, all-or-none perspective. Being as frictionless as possible to the end user is critical until friction is warranted.

 

Make security invisible

Fundamental to staying left of breach is the partnership between employer and employee. Building a culture that believes security is important is everyone’s responsibility. The enterprise can provide a user experience around security that is as seamless as the ones employees use in their personal lives, whether ordering groceries online or streaming video. It can move as they move, from location to location, app to app, device to device.

 

Users, in turn, understand the security infrastructure around them is designed to protect the enterprise by protecting them from mistakes (clicking on a bogus email or sending unsecured files, for example) that might unwittingly allow unauthorized access. It’s a way to build trust in how the concept of monitoring and the concept of continuous assessment has the appropriate framework in place for people.

 

In this context, the idea of “friction” itself evolves. Security is invisible until needed and, when needed, is a safeguard, not an impediment. A great user experience means employees are far less likely to bypass security measures in the name of efficiency and productivity, significantly lowering the risk of breaches.

 

The goal is for security and usability to work in concert, not opposition. To IDC’s Dickson, favoring one over the other represents something of a false choice. “Let’s do both right,” he says. “Let’s improve security by making it easier to use. Let’s create the incentives, so people actually want to use the platform we’re using because they improve the user experience.”

 

And when user experience and security converge in the most ideal way, what does that look like? According to Dickson, it doesn’t look like anything, and that’s exactly the point. The measures we take to improve our security are so embedded and ingrained into our applications, we don’t even know they’re there. They are free and enabling.


Multi-Factor Authentication – A Much Needed Safety Net Against Cyberattacks

January 12, 2021

2021 is the dawn of a new decade, with the new decade the Indian tech industry is ready to witness a revolutionary change surrounding various factors and one of the most important factors that is to undergo this change is ‘Cybersecurity’. This change is validated with the continuous emergence of reports on the increasing number of cyberattacks against India’s government agencies, private organizations and individual users. According to a report by Kaspersky, India witnessed 36 million cyberattacks between January and November 2020, whereas the number of attacks in 2019 for the same months was 18 million. This only emphasises the need for a better cybersecurity measure to be brought in to keep the data safe from cyberattacks. Multi-Factor Authentication (MFA) is one of the best ways to keep threat actors at bay.

In 2020, many organizations had to do a complete overhaul of their cybersecurity measure, a few other organizations had to rejig their security features, especially with remote working culture coming into the picture. All of this leads to one problem – IT Complexity. The best solution for IT administrators is to provide easy safety access for employees who are remotely logging in. Using Array’s AG Series Secure Access Gateways, organizations can provide tokenless, secure and easy-to-use Multi-Factor Authentication. Through interoperability with 3rd party dual and MFA solutions, the AG Series adds an additional layer of defense against unauthorized access and misuse of data and applications. Using this, administrators can adapt the level of support needed using contextual information, such as login behavior patterns, geo-location and type of login system being accessed,” says Shibu Paul, Vice President – International Sales at Array Networks.

Many a time threat actors find it easy to breach the security set up by IT administrators due to the loopholes that come into existence as a result of complex cybersecurity setup. If MFA is provided at the user end, there will be an additional security that will help the users prevent any sort of breach from their end. This will in-turn help in avoiding identity theft, use of stolen credentials, avoiding data breaches due to malicious attacks and so on. While firewalls and antivirus solutions keep the systems safe via backdoor entry, it’s MFA that guards the front doors.

As per Global Multi-Factor Authentication (MFA) market report, the MFA market revenue which was $8,967 Mn in 2019 is estimated to reach $16,105 Mn in 2025, with a CAGR of 10.25% during 2020-2025, thus showcasing the opportunity and the demand MFA is set to rise in the next five years. This leads to the question of why now more than ever MFA is of importance. MFA is easy to implement and is considered an inexpensive security add-on by IT administrators. It is considered beneficial as it will enhance the organization’s security by requiring users to identify themselves by more than a username and password. Using MFA an organization can achieve compliance, increase flexibility and productivity by bringing-in stability with streamlining login process and it complies with Single Sign-On (SSO) solution. While providing cybersecurity is now a complex matter since the threats posed by the actors is equally proportional in complexity, a simple add-on such as Multi-Factor Authentication helps take users and organizations one step closer towards keeping the data safe.

# # #

About Array Networks

Array Networks solves performance and complexity challenges for businesses moving toward virtualized networking, security and application delivery. Array addresses the growing market demand for network functions virtualization (NFV), cloud computing, and software-centric networking. Proven at more than 5,000 worldwide customer deployments, Array is recognized by leading analysts, enterprises, service providers and partners for pioneering next-generation technology that delivers agility at scale. Visit:  www.array-networks.co.in to know about Network Functions Virtualization (NFV), cloud computing, and software-centric networking.


Building a Pandemic-Centric Business Continuity Plan

January 12, 2021

By Nikhil Korgaonkar, Regional Director, Arcserve India.

India is not new to natural disasters. Every year, the country faces disruption in the day-to-day life due to floods, earthquakes, landslides, forest fires, and from many other natural mishaps. According to the Global Climate Risk Index report 2019, India is the 14th most vulnerable country in the world. In such a vulnerable landscape, the question arises how should an organization prepare to protect its assets from disasters and ensure business continuity?

In the advent of a disaster, enterprises risk damaging not only their physical assets, but their digital assets as well, which might be stored in data centers stationed in high-risk zones. Various economic factors such as introduction of the GST (goods and services tax) and technology-driven programs such as Digital India, the Smart Cities Mission have pushed organizations to increase their level of digitization. This has led to the level of cyber threat going up by several notches.

Enterprises also had to prepare for ensuring business continuity for a completely different kind of disruption enforced by COVID-19. A sudden transition to remote work caused enterprises to provide its employees with data access and connectivity to the corporate network within a very short span of time. In this hustle, organizations found themselves left with loose-ends in both their physical and digital data protection strategies.

In the last six to seven months, there has been a surge in ransomware attacks targeting remote workers. As most employees don’t have the same level of security infrastructure preparedness in the home environment as they had in the office, they are at a greater risk of being targeted with ransomware. Weak passwords, unpatched systems and use of unsecured devices are a few of the key reasons for home devices to be targeted by cyber criminals.

The most vital aspect of data protection, therefore, is for companies to have an effective Business Continuity and Disaster Recovery (BCDR) plan.

Important Aspects of a BCDR Plan

There are many aspects of a business continuity and disaster recovery plan and each is as important as the other. While designing an effective BCDR plan, here are a few things to take note of:

  1. Business Impact Analysis: Create a detailed business impact analysis plan that highlights the key components for your business to survive. This will help enterprises in identifying the most critical applications and the associated infrastructure required to run the business. This activity must involve all the key stakeholders and top management.
  2. Deployment Strategies: The BCDR plan must clearly specify the steps, processes and people who will be involved in the case of a disaster. This must also specify recovery objectives. For example, in the case of a stock exchange, any downtime, even if it occurs for a few seconds, can cause losses in millions. The BCDR plan must hence specify the maximum time frame required to deliver access to critical IT applications.
  3. RTO & RPO: In the case of a BCDR, Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are extremely important. RPO refers to the maximum acceptable data loss in terms of time, whereas RTO denotes the amount of time between an outage and the restoration of operations. Depending on the business requirements, enterprises can decide to choose the required RPO and RTO. A BCDR plan must also include a clear communication process, wherein each stakeholder – employees, customers, suppliers – is apprised of the impact of the disaster and key initiatives taken.
  4. Location-centric BCDR Plan: The consulting firm McKinsey suggests that companies need to classify disaster recovery roles into either fully remote, hybrid remote, hybrid remote by exception or onsite. This will allow firms to gauge how they can operate business in an environment where most resources are working from scattered remote locations. This will also help them plan and build for remote capabilities, such as for Tier II or Tier III locations in India, where reliable bandwidth can be an issue.
  5. DR Drills: For different scenarios and locations, organize data recovery (DR) drills at regular intervals. This will help enterprises in preparing a more realistic assessment of actual situations on the ground and close gaps progressively.
  6. Cloud-based BCDR: Today, the cloud is a pivotal point for any BCDR plan. A cloud-based BCDR will help the enterprise assured access to critical IT assets from anywhere. Cloud-based backup systems are also a must, as they can back up larger amounts of data in a far lesser timeframe than traditional backup systems. As cloud-based backups can be accessed from anywhere, they ensure access to backups in the event of a disaster.
  7. Integrated BCDR plan: Enterprises must choose vendors that have an integrated approach to data security and business continuity. This is specifically important as recent trends have shown that hackers are targeting backup systems to increase their chances of getting payment from installing ransomware. This is also important as working from home increases the number of remote endpoints.
  8. Employee Awareness: To ensure robust security, organizations must improve awareness and make employees aware of the dangers of phishing or using unofficial apps or websites for storing or transmitting data. As part of the security policy, employees must also be regularly encouraged to keep changing their passwords, as weak passwords are responsible for a majority of unauthorized access.
  9. Other security measures: Regular patching of systems must also be enforced. Secure access of information can be provided using VPNs. Similarly, virtual desktops can be provided to employees for ensuring secure access to data and applications. Another layer of security can be added by using two-factor or multi-factor authentication.

A BCDR plan can only work if right tools and applications are available and accessible to the people who run your business. By considering remote workforce as a vital part of your process, and using a cloud-based BCDR plan, enterprises can ensure business continuity in any disaster or pandemic situation.


%d bloggers like this: