The present global situation is showing businesses just how important it is to strengthen their security operations, especially with a majority of the workforce working from home. An increase in cyber attacks and cybersecurity threats in the recent past has highlighted redundancies in the traditional practice of on-prem installed firewall with DMZ and trusted networks. With organizations adopting more distributed environments, exposure to cyber threats and data thefts has significantly increased.
We look at some of the most vulnerable touchpoints in the digital ecosystem and explore ways to secure a boundary-less organization.
1) Mobile workforce:
BYOD is on the rise, and more and more employees are plugging into corporate networks using personal devices. These mobile devices open entry points in the organization’s network that can be easily compromised. An attacker can remotely carry out phishing attacks for sensitive information, passwords, and account data. As an example, stored passwords on a mobile device can give access to an organization’s sensitive data. Virtual Private Networks (VPNs) provided encrypted connections for remote users back in the corporate firewall days; however, in a compromised device with VPN access, a hacker can gain access to almost everything, which is too dangerous in today’s digital business age.
Some of the cybersecurity threats caused by an increasingly digital workforce are:
Malicious apps and infected devices: The weakest point of entry is almost always user behavior. Unknowingly, users may install malware-laden apps that comprise device security and help hackers take control of the device. Running an outdated operating system without applying necessary security patches will also lead to security vulnerabilities.
Data leakage: Instances of data theft due to stolen or lost devices are widespread. Some users also ‘jailbreak’ their devices to gain more control over the operating system. This poses a significant security risk to an organization’s data.
Lack of centralized control and policies: Mobile devices, whether employee-owned or company-owned, come with risks associated with loss of control. The moment the endpoint is out of ‘an organization’s network, it is vulnerable to cyber threats.
2) Cloud Adoption:
While the benefits of cloud computing cannot be disputed, the technology brings its own set of challenges. According to a survey conducted by Forrester[1], 86% of the respondents characterized their organizations’ cloud strategy as ‘multi-cloud,’ identifying most with the description ‘Using multiple public and private clouds for workloads.’ Every cloud service provider is making substantial investments to strengthen cloud security. Still, due to the Shared Responsibility Model of Security, providers are not entirely responsible for the security of cloud assets. Especially with the data layer, where the responsibility always lies with the customer to ensure fail-proof security. According to Gartner, ‘Through 2025, at least 99% of cloud security failures will be the customer’s fault.’[2]
The security threats associated with cloud computing are:
Reduced Visibility and Control: Organizations lose visibility and control over those assets/operations where responsibility for the policies and infrastructure moves to the CSP (Shared Responsibility Model).
Unauthorized Use: Cloud environments make it easy to provision new services. There is an increased probability of unauthorized use due to the lower costs and ease of provision. Any unauthorized use, for example, users who have more access to systems than required launch services without following necessary security protocols or bypass security controls, can lead to a compromise in organization-wide security.
Compromised Management APIs: Cloud service providers offer management APIs for interaction with cloud services. If these APIs are compromised, the entire cloud infrastructure can be hacked.
Data Security Risk: Data in the cloud is spread over a number of different storage devices, and organizations have reduced visibility into where their data is physically stored. There is also a risk of data remaining on the cloud provider’s infrastructure (physical disks), even after deleting it from the company’s records.
3) Collaboration with partners:
Companies are required to provide some level of network access to vendors and partners to do business effectively. Unfortunately, these third and fourth-party connections create substantial cybersecurity risks. This could open the door to an attack coming through assumed “trusted connection” with authorized access from Third Party Providers end and vice versa.
4) Internet of Things (IoT):
With IoT, devices deployed at different locations connected to various networks gather, communicate, analyze, and process information. Most of these IoT devices send messages to the network without any encryption, which can be accessed by threat actors. OEMs of many prevalent IoT products do not deploy regular security updates. This also creates a new attack surface for all that information to be compromised. Within the IoT ecosystem, devices have access to sensitive data such as patient health-related information. As a result, the risks also become exponentially higher.
Summary:
Given these four risky access points, it is imperative to introduce a new layer of security to outpace this rapid adoption of IoT, social, mobile, analytics, and cloud (ISMAC) technologies. Some of the high-level strategies to secure such boundaryless organizations are Zero Trust Systems, Identity and Access Management, Data-Centric Security approach, End-point protection, and Threat Intelligence, Monitoring, and Alerting. These topics are covered in detail in our Hitchhiker’s Guide to Cloud Transformation.