Consider this: If you or an employee is using free Wi-Fi in some local café, in a matter of seconds a hacker can manipulate your machine into a "man-in-the-middle" scenario, where the device is now a conduit that sends data right to the bad guy. Once a device is compromised, login credentials (corporate mail server, bank accounts, LinkedIn.com, Facebook.com, etc.) can be harvested by using SSL Stripping.
Unfortunately, unless trained to detect such intrusions, end users don't notice anything unusual happening on their devices. To prevent hackers from entering corporate networks via open access hotspots, the following cautionary steps can be taken:
* Use multifactor authentication on VPN connections. Both Google and Facebook support this.
* When working off-site, use a "no split" connection for VPN access. This configuration forces all traffic headed to the Internet to go over the VPN and out to the Internet from there. "No Split" basically means Internet traffic is not split off from the VPN traffic to the office. This strategy also reduces the possibility of a man-in-the-middle situation.
No-split, however, has an obvious downside: it increases traffic volumes on the corporate Internet connection. For this reason, it should be reserved for use in highly public areas such as airports or when working on sensitive corporate documents. At home, a regular VPN is usually fine especially if users are engaged in a lot of personal Web browsing and not connecting to servers that host confidential information. Obviously it's a practice of balancing risk scenario where the end user needs to consider the environment they are in before deciding to make a VPN connection.
To enforce the use of no-split VPNs, server administrators should ensure that their sensitive servers cannot reach the Internet. Generally, they are blocked at the Internet router. Scheduled access can be granted for updates then blocked again once the updates are complete.
* If public Wi-Fi access is necessary, refrain from conducting any financial activities or visiting sites where you need to enter login information. Instead use a cellular connection for bank transactions when it is absolutely necessary. Pick up a mobile hot spot device from your cellular provider if you need to access protected resources where only public Wi-Fi is available.
Beyond these infrastructure tweaks, here are some additional security tips that bear repeating:
* Use common sense - don't stick USB keys into your computer that you find on the ground.
* Tablets and smart phones controlled by the company should have a lock code, and they should be configured to allow remote wiping.
* When lost or stolen equipment is reported, VPN appliances should be configured to send the IT department notification if device traffic continues.
* Some VPN clients can be configured to auto-connect with "no-split" as soon as the PC is turned on. This strategy is a second level security step for users who tend to forget about best security practices.
Ongoing analysis will also help expose malicious activity. Administrators should send flows created by VPN connections to a NetFlow/IPFIX analyzer. Enterprise-level flow collection appliances scour the flows for odd behavior signatures such as:
* Host reputation lookups: Hosts communicating with other hosts with poor Internet reputations
* Observation of TCP flags to uncover various types of network scans
* Comparing current to archived baseline behaviors
* Calculating flow ratios as well as byte/packet counts to unique destinations.
The advantages of cloud computing – speed, agility, efficiency, and economies of scale – have empowered enterprises to initiate digital transformation. Multi-cloud strategies, augmented by modern agile development practices like...
The number of security incidents involving mobile devices has increased over the past year, but companies are not protecting their mobile assets as well as they do other systems. One in three organizations admitted to suffering a compromise due to a...
Digitally transforming enterprises are now able to seamlessly integrate a myriad of service providers and business partners globally through diverse private interconnections. Equinix’s Global Interconnection Index volume 2 (GXI2)...
The growth of data’s influence on our personal and business lives over the past few years has been faster than anyone could imagine. Take for example the development of the National Digital Identity (NDI) system, where Singapore citizens and...
Slack has given large business customers control over the keys used to encrypt and decrypt data created in its team collaboration application. The enterprise key management (EKM) feature was initially unveiled at the company’s...
Rapid digitalisation has resulted in a surge in both the number of endpoints and the means by which cybercriminals can infiltrate enterprise networks. Around the globe, the total financial damage due to cybercrimes is predicted to reach $8 trillion...
Enterprises undergoing digital transformation demand capabilities that support ever increasing data volumes and data rates. Hence, to future-proof data center (DC) networks, IT and facilities teams require the right technologies that align with...
Public cloud services are a strategic weapon for CIOs. More than a way to cease operating data centers, the public cloud offers CIOs the ability to focus on strategic projects aimed at boosting the bottom line. “As organizations pursue new...