The coronavirus pandemic has exposed business continuity inadequacies at many organizations, and highlighted the slow pace of progress in digital transformation. This new reality necessitates a departure from a traditional network-centric security model that assumes every device and user within the network should be trusted.
With so much at stake for these businesses, MSPs can play a critical role in bringing zero-trust security to a woefully underserved market, at a time when the need for such protection has never been greater. In this eBook we will explore how the dynamics of COVID-19 have impacted security, outline the importance of a zero-trust approach, and discuss how WatchGuard can help you deliver the security your customers need during these trying times.
Remote Work is Accelerating Security Breaches
With all that changed as a result of COVID-19, some things stayed the same, as the threat to businesses posed by cyber attacks continued unabated. Unfortunately, while some businesses focused on “survive to thrive” mode, cyber criminals jumped at the opportunity to identify vulnerabilities and prime targets.
- Phishing attacks skyrocketed with dozens of malicious domains exploiting coronavirus anxiety appearing every day. At the peak of the crisis, Microsoft reported 70,000 COVID-19 themed attacks daily in the US alone. Many of these campaigns used well-known phishing kits, simply repurposed for the times.
- As video conferencing platforms like ZOOM exploded from 10 million concurrent users to over 200 million, the CISA issued a warning that malicious cyber actors were seeking to exploit the increased use of popular communication platforms by sending phishing emails that include malicious files.
- In the first weeks of the crisis alone, security researchers noticed a 41% spike in the number of devices exposing RDP to the Internet using RDP’s highly vulnerable default TCP port 3389.4
- Fake websites, appearing to offer legitimate VPN clients, and promising to protect people, instead fooled users into downloading and installing malware onto their machines.
- Nefarious neighbors could exploit the fact that their building is full of folks working from home, with Wi-Fi making up nearly 50% of all IP traffic.
Deploying Zero-Trust Networks
Are you providing a security framework that focuses on avoiding breaches by eliminating undue trust? Whereas a traditional network is built around the idea of inherent trust, a zero-trust framework assumes that every device and user, on-network or off, represents a security risk. Conceptually, zero trust can be thought of as a “never trust, always verify” approach to security that uses multiple levels of protection to prevent threats, block lateral movement and enforce granular user-access controls.
The zero-trust framework is based on three principles:
- Identifying users and devices: Always know who and what is connecting to the business network: As companies grapple with having the predominance of their workforce working remotely, securing access to internal tools presents a major challenge. At the same time, cyber criminals are utilizing a variety of techniques to acquire usernames and passwords, such as spear phishing, social engineering, and stolen credential purchases on the dark web, to gain network access and then steal valuable company and customer data. Cloud-based multi-factor authentication (MFA) services offer mitigation against credential theft, fraud and phishing attacks.
- Providing Secure Access: Limit access to business critical systems and applications to only those devices that have explicit permission to access them: In the zero trust framework, the goal of access management is to provide a means to centrally manage access across all common IT systems, while limiting that access to only specific users, devices, or applications. Access decisions should be made in real time based on the policies defined by the business and the context of the access request. Single sign-on (SSO) technologies, combined with MFA, can improve access security and minimize the password burden on users.
- Continuous monitoring: Monitor the health and security posture of the network and all managed endpoints: Malware and ransomware threats have only accelerated as a result of coronavirus. And the risk of infection has never been higher, as users may no longer benefit from the protection of a firewall when working from home. Keeping users safe as they navigate the Internet is more difficult when they are connecting from outside of your network. With employees stuck at home, chances are good that company laptops will be used for a hefty amount of personal web surfing and email checking. Staying on top of threats requires persistent, advanced security that goes beyond traditional endpoint antivirus.
While the response to coronavirus has been unprecedented, for many businesses this “work-from-home” experiment launches them into decidedly unfamiliar territory. With the bulk of end users now working remotely, zero-trust security approaches can help businesses maintain continuity and security. But many midsize businesses lack the cyber security skills needed to effectively deploy zero-trust networks.
MSPs can play a critical role in bringing zero-trust security to a woefully underserved market. With WatchGuard, managed security service providers (MSSPs) are equipped with a flexible program, a powerful and diverse product portfolio, and an ecosystem of technology integrations that enable MSSPs to leap ahead of the pack in an increasingly competitive and growing marketplace.