Phishing

Blog, IT Solutions, Security, Technology, Uncategorized

The New Hero of Cyber Security; Zero Trust


No Comments

The ability to work from anywhere, on any device, has quickly become one of the greatest developments in the workspace of all time. It’s not an exaggeration either. In the UK, 4.2 million people were working from home in 2015. In fact, between 2012 and 2016, the mobile workforce increased by 12.35%, and that percentage is growing exponentially year on year. It’s widely predicted that by 2020, half of the UK workforce will no longer be plonked in an office all day. That means that it’s time to invest in nice shoes and/or new pj bottoms. And while that’s an amazing turn of events, it will cause some significant security concerns for everyone concerned. With so much of your workforce wandering the plains of the UK, your network is no longer secure by actual brick and mortar perimeter.

Today’s increasingly decentralised enterprises have become a bit of a headache for IT, who now have to keep you secure even when you’re not potentially clicking on some dodgy email phishing links. Zero trust has evolved to answer the issue. Back when cybercrime was still all the way at Gen III, most organisations assumed that their security protection was robust enough to keep them safe. Those few who did err on the side of caution deployed security operations centres or other cyber monitoring solutions, but for the most part IT departments assumed that anything inside the perimeter was safe. Oh, but those were far simpler times.

By working on the assumption that any resource in the network might be compromised, zero trust puts monitoring solutions in place so that you have the power to take remedial action if it’s needed. With this new solution, no one service or server is considered more secure than the next. It’s basically a data-centric network design that puts micro-perimeters around specific data or assets, giving you the flexibility to apply more-granular rules can be enforced. It solves the ‘flat network’ problem of hackers infiltrating your network and scurrying around undetected. With the right guidance (you’re welcome in advance) and a little bit of know-how, it only takes a couple of steps to get started with zero trust.

Identifying your sensitive data is the obvious first step. It sounds like an easy way to start the process, but it’s a little more challenging than you’d think. You can’t possibly protect data that you can’t see or know about. You need to know where your employees store their data, exactly who uses it, how sensitive it is and how they, your partners and customers use it. Without knowing all of this, you’re putting your data and your organisation at risk. And you can’t exactly start investing in security controls until you know what it is you’re actually trying to protect. When you have a better idea of what you’re dealing with, it’s time to classify it all. I suggest procuring the help of your most organised member of staff before moving onto mapping your data.

To understand how you’re going to employ zero trust, and therefore micro-segmenting specific sensitive data, you need to know how it flows across your network as well as between users and resources. This is a fun (probably not) exercise to have with your stakeholders, such as application and network architects, to fully understand how they approach information. To give yourself a bit of a springboard, security teams should streamline their flow diagrams by leveraging existing models. A zero trust network is based on how transactions flow across a network, and how users and applications access data. Optimising the flow to make it simpler, and start identifying where micro-perimeters will be placed and segmented with physical or virtual appliances. In a network where the compute environment is physical, the segmentation gateway will usually be physical as well, whereas a virtualised compute environment will deploy a virtual segmentation gateway.

Micro-segmentation is the name of the game after you determine the optimum traffic flow, by determining how to enforce access control and inspection policies at the segmentation gateway. The point of zero trust is to enforce identity rights, so that you can control who has the privileges to access specific data, so it’s important to know exactly which users need to access what data. You need to know more than the source address, port and protocol for zero trust to work, since security teams need to understand the user identity as well as the application to establish access rights. Having created your ecosystem, it’s important to ‘Big Brother’ it to identify malicious activity and areas of improvement. There’s no point only logging traffic if it comes from the internet- god only knows what kind of infectious diseases your network could contract from a wild-spirited USB. With your shiny new zero trust network, the segmentation gateway can send all of the data flowing through it, which includes traffic destined for both internal and external network segments, straight to a security analytics tool that inspects it properly.

Now that you’re the proud owner of a zero trust network, you can rest easy knowing that your network is being monitored effectively. Here at Cetus, we believe that building the best architecture is just as important as keeping it safe. We’re experts in all things datacentre and cloud, so make sure to have a chat with one of our specialists who can help you through all of your security challenges. And while you’re at it, book yourself in for our complimentary security posture review to identify where your organisation is being exposed to the nasty things that lurk on the outside of your perimeter.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Check Point, IT Solutions, Security, Technology, Uncategorized

Here Phishy, Phishy, Phishy….


3 Comments

A couple of weeks ago, there was a mandatory ‘here’s how to help keep the company from falling prey to cyber attacks’ lecture at Cetus. We all trooped downstairs, cramming into one of our board rooms, mugs clinking and teas sloshing. One of the lovely ladies from Barclays came in to give us a word of warning- or forty- on how to spot nefarious activity and not fall prey to a scam. By the end of it we were all ready to delete our Facebook, Twitter and Instagram accounts, never use an ATM, and I seriously started questioning my role within social media. It was quite the terrifying afternoon. Between social engineering, ransomware and phishing, it’s a miracle we all aren’t in debt from scammers. But the most terrifying aspect was learning just how prevalent phishing attacks are.

Big ransomware scams make the news constantly- splashed across the news, Sharon from HR standing at the water cooler to share the details in whispers to anyone who passes by- but phishing is the bigger threat here. In reality, a ransomware attack usually only demands several hundreds of pounds from the organisation it invades, while a phishing scam generally scams thousands of pounds from the victim. Not only that, but it’s easier for the cyber criminal to carry out a phishing attack. Now that I’ve given you something short of a heart attack (sorry), let’s turn this around shall we? Here are a few key ways of keeping you off the phisherman’s hook.

Beware of the sender
It doesn’t really matter whether it’s personal or corporate, receiving an email either makes you want to go on an extended holiday or celebrate. At work you’re usually too busy opening and replying in record time to get on with the mountain of tasks that grows with every email. It’s fair to say that you don’t always check who the sender is. I mean, we’re all weary of any Arabian Prince trying to get into contact, but aside from that we’re pretty chill for the most part. If they’ve gone to the trouble of finding your email address (I still can’t figure out how people manage to find me) then chances are they really need to chat, right?

Depending on how much of a nightmare you are in life, you probably won’t know the hacker. So before you jump into your emerging pile of unopened emails, take a quick look. If you suddenly get an email from someone you don’t speak to regularly on the topic of something that you don’t normally think about, be slightly weary. Check the sender’s address- does it look a bit weird? Is there a random ‘0’ instead of an ‘O’? Could that ‘i’ actually be Vietnamese character ‘ỉ’? Is there an extra letter or number in the address that shouldn’t be there? If you see one of these little tricks, bonus points for your great eyesight, and definitely get the email checked out.

‘I get scammed with a little help from my friends’
Did the email check out, but you’re still not 100% sure if you need to detonate your computer immediately to avoid any viruses escaping through the network? Take a quick look at the list of people that received the email. Do you know them? Is it a strange group, ie the sales group being added one name at a time instead of the group link? The cyber criminal might be targeting a large number of people in your organisation, so if you see people on the list that you wouldn’t normally be in contact with, or from a department that has nothing to do with yours, be extra careful.

Bit of a dodgy subject line
Aside from Sharon’s bi-monthly suggestion for drinks in the pub across the way after work on a Monday night, you should really only be getting emails that directly relate to your job function. That is, unless you’re in marketing- we seem to get our noses into plenty of unrelated jobs. If you’re getting emails about things that you know you’re not privy to or they make absolutely no sense to you, don’t open it. If it’s not spam, it’ll be malware. If you do happen to open it (oopsie), check if the email is a reply to one that you didn’t send. Does the message match the subject line? A misalignment of the two should send up an army of red flags. Also, while we all have the office oddball that likes to reply to emails at 3am, is it normal to be receiving this email from this sender at this particular hour?

Attachments and hyperlinks of doom
We’ve all opened random attachments or clicked on hyperlinks that we weren’t quite sure about and sighed with relief when it was just a video of cats acting strangely. We know we shouldn’t, but that curiosity can’t be helped. Besides, it could be important, or cats, after all. A few things to check before you right click; did you expect the attachment? Is it a common file type that you would normally receive? Does it have a weird name, or strange symbols in the file name? If you answer yes to these, maybe don’t open it. It’s quite likely to be malicious.

Not quite what you were expecting?
If you receive an email that contains unsettling, startling or urgent content that requires immediate action on your part, it’s most likely a phishing attack. There have been so many of these popping up recently, panicking the nation. At the moment, a common scam is an email from your bank claiming that your account has been hacked and you need to login straightaway, or even move the rest of your funds to another account. For the Netflix lovers among you, there have also been emails being received saying that billing information needs to be updated. Don’t fall for it. If the email includes a link to login or change account details, be extra weary. Don’t use links, web addresses or phone numbers.

Keeping yourself protected from any cyber crime can be a scary business, but even more so when it’s something you could very well unwillingly stumble into. It takes more than trusting your spam filter to keep yourself safe, having a strong cyber security solution is crucial. We work very closely with Check Point to craft solutions that stand tall against phishing, ransomware bots and all kind of nasties, using their SandBlast advanced endpoint threat prevention. Have a chat with our experts to see how we can whisk some cyber security into your perfect infrastructure solution so that it’s one less thing you need to worry about.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.