How COVID-19 Has Changed Business Cybersecurity
The COVID-19 pandemic has changed how many businesses operate. Implementing remote work, contactless pickup, and e-commerce solutions are all ways which businesses have adapted. While the pandemic’s effects on business operations are obvious, the effects on business cybersecurity may be more subtle.
Cybersecurity experts have seen a surge in online threats since the outbreak began. In fact, Barracuda reported that 46% of global businesses “have encountered at least one cybersecurity scare since shifting to a remote working model”, with 51% of the businesses surveyed reporting an increase in email phishing attacks.
This increase in cyber-attacks has forced many business IT security experts to change the way they implement cybersecurity. In this article, we explore some of these changes.
Zero-Trust Network Access
In the traditional network security model, network access is secured against devices outside the network, while devices within the network are trusted by default. VPNs connect outside computers and devices to the corporate network, providing a similar experience as being in the office, which means they are also trusted by default. Since these external devices can be compromised by cyber attackers, using traditional VPN solutions for remote work is a potential security risk.
As result large technology companies and many enterprises have moved to replace VPNs with zero-trust network access (ZTNA) technologies like Google’s BeyondCorp. Zero-trust network access prevents many of the security issues associated with VPNs, because no device, internal or external, is trusted by default. This change is a big factor in preventing data breaches especially with the huge numbers of people accessing company resources remotely during the pandemic.
Extended Detection and Response (XDR)
There has been an increase in email phishing and malware attacks since the switch to remote work. These attacks have become even more sophisticated. To efficiently detect and protect against them, traditional endpoint security (like antivirus and firewalls) will not suffice. As a result, security experts are now utilizing extended detection and response (XDR) solutions, which allow them to respond to fast-moving threats more efficiently, and better protect valuable company data.
With the huge amount of data generated by modern intrusion detection software, efficiency in data processing is key. XDR helps to combine data from multiple sources to save valuable time during an active cyberattack. By combining information from an entire fleet of devices using artificial intelligence, XDR solutions can separate real attacks from false positives with much better accuracy than earlier technologies.
XDR has really taken off over the last few months especially for incident response teams which are not in a central office location, because incident response can be better coordinated and requires less manual communication.
Hardware Security Keys
Due to the increase in remote work, most companies now require that employees use two-factor authentication or multi-factor authentication to login into their accounts. One of the most common multi-factor authentication solutions is one-time password (OTP) applications. With this solution, users scan a QR code with a mobile application like Google Authenticator. After scanning this code, the mobile application generates six-digit codes that change every thirty seconds. Even if an attacker is able to compromise a user’s password and capture a single six-digit code, they would be unable to log into the account after the code has changed.
Although OTP is a convenient way to enable multi-factor authentication because it does not require any additional hardware, its resistance to phishing attacks is limited. If a phishing website can automatically log into an account immediately after the OTP code is entered, the attacker can take over the user’s account. As a result, hardware security keys are becoming the new standard for many organizations.
Hardware security keys are generally small USB keys that can be added to a keychain. Modern web browsers make it easy to register and use these security keys. When it comes time to authenticate an account, users type their password and then insert their security key into a USB port. A button is then pressed on the key itself, and the user is allowed access to their account. Some security keys also include NFC or Bluetooth connectivity. Since the browser prevents security keys from being used with unrecognized websites, security keys are significantly more phishing-resistant than OTP codes.
Identity and Access Management in the Cloud
The COVID-19 pandemic has made it more expensive and less beneficial to run an on-premises datacenter. As a result, many companies are moving their workloads into the cloud. This transformation has changed the way IT infrastructure is secured. Physical security is no longer as important, while identity and access management has become more paramount.
As a solution to this problem, centralized user identity and explicitly defined role-based permissions within the identity and access management systems provided by cloud services, are now being utilized more frequently. This enables business organizations to more easily and efficiently secure cloud resources.
Reliable Business IT Security
With the one-two punch of remote work and more sophisticated cyber threats, the COVID-19 pandemic has influenced many changes in business cybersecurity. Outsource IT has years of experience helping our clients keep their valuable data safe regardless of the changes in the world. Contact your Outsource IT account manager to learn more about our Business IT Security services.