Disruption creates two distinct sets of challenges for security professionals. The security team has to keep up with strategic IT demands, and do daily battle with a sophisticated threat landscape.
According to a report by MIT, 34% of Americans who were previously commuting to work reported that they were working from home by the first week of April. IT departments have had to quickly adapt to this new normal – enabling employees to remain productive while staying safe at home.
IT and security teams have been setting their entire workforce up on laptops. They’ve been provisioning VPN access for hundreds or thousands of people. And securing personal phones accessing corporate data. This has likely felt like a herculean feat for many organizations, but unfortunately, there’s another layer to it all for CISOs and their security teams.
As noted by our Talos Threat Intelligence Group, online attackers take advantage of chaotic times like these to slip between the cracks and infiltrate vulnerable networks. They know that swift, unexpected changes in enterprise infrastructure can sometimes introduce vulnerabilities. They know that IT and security teams may be too preoccupied to notice their attacks. And they know that employees are hungry for any information they can get about current events, and may not be as vigilant in second guessing links they see online or in their inboxes.
Let’s break down Cisco’s approach to this twofold challenge, and how some of our customers are benefiting from our solutions. In my last post, I talked about the concept of zero trust for securing a dynamic enterprise environment. Zero trust has never been so important as it is now. How do we know that the person trying to connect to our network is really who they say they are? And how do we know that their device isn’t infected with malware that could spread to other users and devices?
And what about when users aren’t on the network? How do we prevent them from visiting malicious sites on the Internet that may infect their devices, and in turn, the rest of our environment?
Cisco Secure Remote Worker combines several security technologies designed specifically to protect users working from anywhere, at any time, on any device. We are currently offering extended free trials and expanded usage counts for these technologies to help organizations more efficiently cope with today’s unprecedented challenges. We want to make it simple, quick, and cost-effective for you to get started with or scale your organization’s use of these capabilities to help alleviate current, tremendous burdens.
“Great,” you say, “but how do these technologies work? What exactly do they do to protect us?”
Demand true, secure mobility from your VPN client
The initial step for enabling users to securely access your corporate resources is to set up a VPN. With the Cisco AnyConnect Secure Mobility Client, you can empower your employees to work from anywhere, on company laptops or personal mobile devices, at any time. It also provides you with full visibility into everyone and everything trying to connect to your network so you can ensure that they are doing so safely. Additionally, Cisco AnyConnect integrates with other security solutions such as Cisco Duo Security, Cisco Umbrella, and Cisco AMP for Endpoints to provide more than just basic VPN functionality.
Use multi-factor authentication to stop bad actors from logging on
Protecting your VPN access with multi-factor authentication (MFA) adds an additional, much-needed layer of defense. MFA verifies the identity of all users with a second factor before granting access to corporate applications. With Cisco’s Duo Security, you can verify the identity of all users, and also inspect the devices trying to access your network to determine their security posture and trustworthiness.
Duo allows for a variety of authentication options, including a simple push notification to a user’s smartphone. According to Ben Hughes, network security manager at Etsy, “Duo Security was the first company in this space to really grasp that ease of use and user experience are vital for people to actually use security solutions.”
Since it is cloud-based, Duo is also simple for IT and security teams to roll out. It can be used to authenticate users accessing both the network and cloud-based applications. According to John Kennedy, senior network engineer with True Religion, “Once I saw that Duo could easily integrate with our VPN services and several cloud applications that we use, the decision was easy.”
Deploy cloud security as a first line of defense
“That sounds awesome, but what if my employees are using their laptops while not logged into the VPN?” you ask. “Will my devices be at the mercy of the Internet and its many devious actors?” Not with Cisco Umbrella.
Cisco Umbrella is a cloud-based solution that blocks malicious and unwanted domains, IP addresses, and cloud applications before a connection is ever established. It protects users and devices from attacks such as malware, phishing, and ransomware, and works whether they are on or off the corporate network.
Umbrella can be implemented quickly to cover thousands of locations and users in minutes. More than 85% of Cisco Umbrella customers report a time to value of under a week, and more than 50% report a time to value of under a day. Additionally, more than half of Cisco Umbrella customers have seen a reduction in malware infections by 75% or more.
According to Lee Cullivan, the CISO at Boston Medical Center, “While other security products slow down requests to the Internet by filtering them through inline devices, Cisco Umbrella delivers security from the cloud without added latency, which is crucial because every millisecond counts in patient care.”
Endpoints are the last line of defense
Recently added to our free and expanded offerings for remote workers is Cisco Advanced Malware Protection (AMP) for Endpoints. The endpoint is a primary target for today’s attacks, and as your endpoints expand, so does your risk.
With AMP for Endpoints, you can quickly identify, investigate, and isolate any infections on end-user devices – whether it’s a laptop or mobile phone. This can reduce threat investigation and remediation time from days to just hours.
AMP for Endpoints blocks known malware from infecting your endpoints, and simplifies threat hunting for advanced malware that evades frontline defenses. It provides a comprehensive solution for blocking, analyzing, and containing malware on a wide variety of devices across your environment.
According to Chris Childers, IT manager for American Financial Group, “Our investment in Cisco AMP for Endpoints enhanced our threat hunting capabilities and led to overall better protection and prevention against ransomware, fileless malware, and other advanced threats.”
Take a platform approach with Cisco SecureX
A key benefit of these technologies is that they are all integrated and work together through our recently announced security platform, Cisco SecureX. SecureX leverages evolving technology including automation and machine learning to make security stronger and more seamless.
According to our 2020 CISO Benchmark Report, 93% of respondents who say they are suffering from cyber fatigue are receiving more than 5,000 security alerts every day. What’s more, 17% of our survey respondents are dealing with 100,000 or more daily security alerts – which is completely unsustainable.
SecureX brings together the various capabilities across our Cisco Security portfolio, as well as third-party technologies, to enable intelligence sharing and coordinated response – preventing threats from bypassing overwhelmed security teams. SecureX is not a separate solution, but rather a part of our security fabric that is woven into all of our security products. It makes our technologies better and your life easier.
Many of our free and expanded Cisco Security solutions are fast and simple to get up-and-running, and can be deployed immediately to help with today’s unique challenges. You can learn more about them in this quick, informative session.
Explore the below pages to learn how we can help you secure your newly remote workforce.
The post The World Has Changed – Security Should Transform to Stay Ahead appeared first on Cisco Blogs.