Cybercrime has to be taken seriously. Firms can no longer sit idly by, believing that criminals only target large corporations or businesses online. Preventing data theft requires a proactive commitment. Fortunately, many firms have taken warnings from the headlines and made steps to secure their corporate network and data. For firms that have not had serious discussions about securing their network, moving to the cloud can be a prime opportunity to put practical defenses in place.
In theory, moving to the cloud with a legitimate provider increases the physical security of a firms’ data. Data centers are often much more secure and prepared for contingency than the server room in the back of the office that has traditionally served as the home for many networks. A competent cloud provider should also be able to provide virtual security within their cloud environment, including server antivirus solutions and firewalls protecting the data center. However, a secure cloud at first look does not always guarantee protected data or a secure firm. While it’s true that after a cloud conversion servers and data are located in secure data centers, users and their workstations are still located in the real world on the outside of the data center’s defenses. It’s in this gray area between the cloud and the ground that hackers are currently focusing their attacks. In order to truly gain the security benefits of working in the cloud, protection around the edges of the cloud has to be implemented.
Most firms are already aware of the basics of securing a local network. Even though primary applications and data are stored in the cloud, firms simply can’t ignore their local office network and the workstations that they use to access the cloud. This is not to say that bulky or expensive solutions are required in every office. Simple steps can be made to secure local networks and workstations. At Xcentric, we start with a custom configured Cloud Appliance and Next Generation (NGFW) firewalls to secure local networks.
Antivirus software is not new, and every firm’s IT admin is familiar with the process of installing operating system updates and patches. But many firms do not have tools or processes in place for managing antivirus rollouts and ensuring that the latest OS patches are pushed to machines and installed correctly. A single forgotten machine with an out-of-date operating system or old virus definitions could be the weak link that allows hackers into an otherwise secure network. At Xcentric, we use Kaseya on local networks to provide insight into workstations, enforce antivirus proliferation and maintenance, and perform operating system patch management.
Do I need more than Antivirus and a Firewall?
As technology progresses, so does the sophistication and nature of attacks used by hackers. Firewalls and antivirus software are necessary and integral parts of a secure cloud perimeter but by themselves are not a complete solution. To fight back against new and constantly changing cyber threats, Xcentric has partnered with DUO and Mimecast to provide smart email services and dual factor authentication.
Email is the most common pathway that data uses as it travels into and out of a network. Mimecast provides a robust additional layer of email security. In addition to spam filtering, Mimecast also provides targeted threat protection to defend against social engineering and impersonation attacks, malicious URLs, and dangerous weaponized attachments. Mimecast also offers the ability to send encrypted email to ensure that data is secure, even after it leaves the cloud environment until it’s delivered to your end users.
The ultimate prize for many hackers is to gain surreptitious access to a network so that they can log in and log out – taking data at their convenience. In order to gain login credentials to do this, hackers will utilize a variety of phishing or social engineering tactics to gain access to a user’s login name and password. Dual factor authentication from Duo ensures that even if a criminal successfully steals a password, they still cannot gain access to the network. Dual factor authentication operates on the principle that a user needs both a password and a physical device to gain access to firm data and applications. Through the use of a telephone, smartphone, or a physical key, firms can ensure that only authorized users are logging into their network. This greatly reduces the threat of stolen credentials resulting in a data breach.
In a world of increasing cyber threats, moving to the cloud can be a decision that greatly improves the security of your firm. In order to truly gain the security benefits of moving to the cloud, firms need to ensure that their provider has a plan and the capability to provide a secure perimeter around sensitive data and applications. Core security is common and good, but protection on the edges needs to be implemented to stay ahead of criminals eagerly looking to take advantage of firms who are not prepared.