Connect with us

GRTech

Protecting Assets in a Remote-first (and potentially Hostile) World

With both persistent attacks and post-pandemic remote work here to stay, modern security solutions must assume the endpoint device or phone operates in a dangerous environment at all times, writes Chester Wizniewski

Published

on

Protecting assets in remote work environment

I live in a city center and the lunch hour certainly isn’t like it once was. While some people have returned to working in an office, it seems that the majority have not. Looking back, the pandemic will have been a turning point for many things around the world, and the rhythms of office-centered worklife will be something that will never return to the old ways.

With this increased flexibility employees are not just working from home behind consumer-grade Wi-Fi routers; they are also spending part of the day at the park or coffee shop, or perhaps even having a “working holiday.” Those in charge of protecting enterprise assets have to assume these endpoints are always in hostile territory.

Even before the pandemic, organizations working toward improving their security maturity were often trying to “push left.”  What is pushing left? At its most basic level it means moving things closer to the start. It originates from software development where the stages of the development process are conceptualized from left to right, left being the beginning. In applied security we also use the term “pushing left,” but rather than referring to the software development process we are referring to the attack chain, which moves from reconnaissance on the left through action (exfiltration or other attacker goal) on the right.

For many years, the most comprehensive security strategies have involved defense in depth. The idea is that not all technologies are suitable for detecting a given threat type, so it is best to deploy them in layers. These layers often directly correspond to how far “left” something is in the attack chain. If you can detect something at the network border through your firewall, email, or web filters, you have contained the threat before it has any negative impact on operations.

Ideally you want to detect and block an attacker as far left as possible, i.e., as early as possible. Pushing detections left also alerts security analysts that an intrusion may be underway, initiating more focused threat hunting to anticipate gaps in defenses your attacker may be attempting to exploit.

For employees at the office, you can centralize control of these defenses and provide optimum protection. The question is, are you able to provide the same protection for remote workers regardless of their location? Can you monitor and respond to threats being detected on those assets when they are out of the office? As many have observed, this did not work as well as we would have liked when we all went into lockdown, many of us without a plan.

While there are still many benefits to monitoring the network when you have control of it, including reduced endpoint overhead and the ability to keep threats at a distance from sensitive assets, we need to ensure we can take as much of this protection as possible with us when we are out and about.

We must ensure not only that protection is optimized, but also that we don’t lose our ability to monitor, detect, and respond to attacks targeting these remote assets. Most organizations have moved to utilizing EDR/XDR solutions (or plan to in the very near future) , which is a great start, but not all solutions are comprehensive.

In the remote-work era, insufficiently protected remote users can encounter plenty of issues – malicious URLs and downloads, and networks attacks, to name only the most mundane – that in the Before Times would have been handled by machines guarding the corporate “fort.” The biggest missing components when users are “outside the fort” are HTTPS filtering and web content inspection of the sort that is typically implemented within next-generation firewalls. When you add these technologies to pre-execution protection, behavioral detection, machine learning models, client firewalls, DLP, application control, and XDR, you are starting to look at a comprehensive stack of defenses for attackers to overcome – even if the endpoints themselves are now free-range.

For initiatives like zero trust network access (ZTNA) to be effective, we must not only wrap the applications we interact with, but we must also wrap the endpoints that connect to them. Simple checks like whether the OS up-to-date and whether it has security software installed may be a good start, but not all protection is created equal.

With most devices being connected to the internet whenever they’re in use, we can leverage the power of the cloud to help provide ubiquitous protection and monitoring. Modern security solutions must assume the endpoint device or phone is in a hostile environment at all times. The old idea of inside and outside is not only outdated, it’s downright dangerous.

The writer Chester Wizniewski is a Field CTO Applied Research at Sophos

GrassRoots.ng is on a critical mission; to objectively and honestly represent the voice of ‘grassrooters’ in International, Federal, State and Local Government fora; heralding the achievements of political and other leaders and investors alike, without discrimination. This daily, digital news publication platform serves as the leading source of up-to-date information on how people and events reflect on the global community. The pragmatic articles reflect on the life of the community people, covering news/current affairs, business, technology, culture and fashion, entertainment, sports, State, National and International issues that directly impact the locals.

Continue Reading

Business

Meet Kingsley Adonu

Published

on

In the dynamic world of entrepreneurship, there are visionaries who not only navigate the business landscape but redefine it. Meet Kingsley Adonu, the Founder and Chief Executive Officer of the SMobile Group, a conglomerate that stands as a beacon of excellence and diversity in the global business arena.

Kingsley Adonu is a visionary entrepreneur and the Founder of the SMobile Group, a conglomerate synonymous with excellence and diversity. As the Chief Executive Officer, he has steered the group to remarkable heights, overseeing a spectrum of businesses that span across Telecommunications, Oil and Gas, Real Estate, Hospitality, Water Production, Agriculture, Technology, E-commerce, Energy, Sports, Entertainment, Education, Health, Logistics and Financial Services, with branches extending globally to UK, USA, China, South Africa, and Canada.

Under Kingsley’s astute leadership, SMobile Group has emerged as a major partner for MTN, evident in the impactful presence of the SMobile brand in the telecommunications landscape. His strategic insights and forward-thinking approach have positioned the group as a dynamic player in multiple industries.

Beyond the boardroom, Kingsley Adonu is a dedicated philanthropist, committed to making a positive impact in communities. His philanthropic efforts extend beyond business, reflecting a deep-seated belief in the responsibility of successful individuals to contribute meaningfully to society.

Kingsley’s influence is not confined to national borders; he has actively participated in numerous international telecom conferences, further enriching his understanding of global industry trends and fostering valuable connections with industry leaders worldwide.

With an unwavering commitment to excellence, Kingsley Adonu continues to inspire and lead the SMobile Group towards new horizons, blending business acumen with a passion for positive societal change.

Continue Reading

GRTech

SHELT Global Unveils Security Operations Center, Training Academy

Report by SANDRA ANI

Published

on

SHELT GLOBAL PHOTO
Mr. Youssef Abillama, Managing Partner (3rd right); Walid Bou Abssi, country manager of SHELT Cyber Immune Limited (2nd right), in company of business leaders and guests at the unveiling of SHELT Global Limited SOC and training academy in Lagos on February 16, 2024

Training Academy

SHELT Global Limited recently held a cocktail party at its new headquarters in Nigeria to unveil their upgraded Security Operations Center and the SHELT Training Academy.

SHELT has been operating in Nigeria across Lagos and Abuja for six years, serving the country’s leading financial, telecom, and government institutions in their cybersecurity needs.

This headquarters relocation consolidates the determination of SHELT in investing in Nigeria’s economy and in growing cybersecurity talent for the country.

SHELT GLOBAL PHOTO
Mr. Youssef Abillama, managing partner of SHELT Global Limited flanked by the team, at the unveiling of SHELT Global Limited SOC and training academy in Lagos on February 16, 2024

The party was attended by SHELT’s clients and partners, and the guests were taken on a tour of the newly opened premises.

The new SHELT Headquarters boasts a state-of-the-art 24/7 SOC to support the needs of the company’s clients all over Nigeria and the rest of Africa.

SHELT also revealed its Training Academy where young talents and experienced cybersecurity professionals looking to enhance their cybersecurity skills can enroll and benefit from the knowledge and experience of the company’s experts.

SHELT Training Academy will be issuing certifications to students in coordination with international cybersecurity bodies and affiliations.

Mr. Youssef Abillama, Managing Partner of SHELT Global Limited, said: “Our Nigeria offices are quickly turning into the company’s flagship, and we believe the country is playing its part as a role model to the rest of Africa when it comes to cybersecurity regulations. Today, with the launch of this new headquarters and the opening of our Training Academy, we can give back to the community that welcomed us from the start.”

Mr. Walid Bou Abssi, Country Manager of SHELT Cyber Immune Limited, said: “I see so many opportunities ahead of us in the future with the launch of the Academy. We hear of so many people wanting to enter the field of cybersecurity and we will be working hard to support the youth and cybersecurity professionals in their careers.”

Source: Techeconomy

Continue Reading

GRTech

Sophos Expands Commitment to the Channel with New Dedicated Partner Care Offering

By; SANDRA ANI

Published

on

Sophos
  • Partner Care Delivers 24×7 Administrative and Operational Support to Boost Channel Partner Profitability

Sophos, a global leader in innovating and delivering cybersecurity as a service, is expanding its commitment to the channel with the addition of Partner Care, a new offering in its global partner program that features a dedicated, 24×7 team of Sophos experts who handle non-sales related questions and operational support.

The offering is designed to speed up response times for Sophos partners and Managed Service Providers (MSPs) needing assistance with administrative and operational tasks, freeing them up to focus on selling and securing their customers with Sophos’ portfolio of innovative managed services and endpoint, network, email, and cloud security solutions.

“Based on our decades of experience successfully supporting partners who sell to mid-market and small business organizations, we know that administrative and operational issues take away valuable time needed to build customers relationships, pursue prospects and close new business deals,” said Kendra Krause, senior vice president of global channels and small business sales at Sophos. “Partner Care reinforces Sophos’ longstanding strategy to be ‘channel-best,’ which is our commitment to provide partners with optimal, conflict-free revenue and profitability opportunities, curated training and support, and advanced security solutions that defend customers from data breaches, ransomware and other debilitating cyberattacks.”

Sophos Partner Care offers a single point of contact for quoting, navigating the partner portal, addressing licensing queries, Not For Resale (NFR) requests, and more. With this high level of service, partners working with small and mid-market organizations can better boost their productivity and increase profitability.

“Being busy with administration can consume a lot of time and cost, so the idea that Sophos now has a focused Partner Care program and dedicated team to handle it is unbelievably beneficial,” said Richard Wenger, account executive, Point Broadband LLC, a Sophos channel partner based in Alabama. “We are looking forward to the training and enablement of the ‘tool,’ so we can start executing right away. Every bit of time away from the sales cycle is time away from building relationships and being trusted advisors to our customers. This Sophos Partner Care program is essential to my business.”

In addition to Partner Care, Sophos is offering several enhancements to its global partner program, including an additional 5% reward on top of a deal registration discount for partners selling Sophos Managed Detection and Response (MDR). This expires March 31, 2024.

Continue Reading

Trending