Selecting a Secure SD-WAN Solution That Addresses All Key Requirements

Selecting the Right SD-WAN Solution

It is no secret that organizations are turning to SD-WAN solutions to ensure fast, scalable, and flexible connectivity across the corporate network while lowering total cost of ownership (TCO) and improving user experience. Few other solutions have ever provided so many benefits in a single package. But not all SD-WAN solutions are created equal, and while the right SD-WAN can provide a number of benefits, the wrong solution can introduce new (and critical) risks to your organization.

That is why distributed enterprises must ensure that they adopt a Secure SD-WAN solution that is built with the following five requirements in mind:

1. It Must Address the Needs of All Network Edges

Because SD-WAN has the ability to manage and optimize connections, accelerate cloud on-ramp, and rapidly scale to support a number of locations, many organizations have turned to SD-WAN primarily to support complex branch deployments and replace legacy branch routers. While such core functionality is exceedingly important, it is also critical that distributed enterprises select an SD-WAN solution that can be extended to address all network edges—including home offices for teleworker use and distributed cloud environments. And to further support cloud on-ramp, an SD-WAN solution should also include virtual versions that are compatible with each of the major cloud providers.

2. It Must Include Intuitive Orchestration and Zero-Touch Deployment

Adopting an SD-WAN solution with intuitive orchestration and zero-touch deployment enables organizations to ensure rapid configuration rollouts at scale. This enables them to support the high performance requirements of critical collaboration applications—including VoIP, video conferencing, and SaaS applications—for all users, anywhere.

3. It Must Prioritize Business-Critical Applications and Enable a Self-Healing WAN

Traditional WAN solutions struggle to support bandwidth-heavy business-critical applications, slowing down operations and negatively impacting employees and customers alike. To ensure enterprises operate at business speeds—regardless of whether employees are working from branch offices, home offices, or other remote locations—SD-WAN must enable dynamic path selection to intelligently identify applications and determine the best route to maximize functionality of the application. Further, in the event of an outage, an SD-WAN solution needs to be able to leverage self-healing capabilities to automatically re-route traffic to the next best available link, ensuring business continuity and quality user experience.

4. It Must Integrate its Security and SD-WAN Capabilities

While many SD-WAN solutions address the connectivity needs of distributed enterprises, there is one key requirement often forgotten by these solutions: security. Because of this, many solutions require costly overlay security solutions that can leave significant gaps in the network while significantly impacting IT staff overhead. Others choose to go with the minimal firewall and VPN capabilities some come with, without adequate security controls, the corporate network is left exposed to cyber threats and compliance challenges. With a Secure SD-WAN solution in place, organizations can reap all the benefits of a traditional SD-WAN solution with the added benefit of a full stack of integrated, enterprise-class security to protect the entire digital attack surface—especially as digital innovation efforts introduce new cyber risks. 

5. It Must Include Comprehensive Analytics and Reporting

Any quality SD-WAN solution must also provide comprehensive analytics and reporting through a single console to provide organizations with real-time insight into network and application performance as well as security states and issues. This enables IT teams to troubleshoot and resolve network and security issues quickly, reducing down time while ensuring that these twin functions are operating as a single system. Organizations should also be able to leverage these reporting dashboards to fine-tune their business and security policies to ensure the best possible user experience.

Selecting a Secure SD-WAN Solution That Addresses All of These Requirements

As workforces increasingly migrate to remote or non-traditional locations, and an explosion of new network edges present themselves as a result of ongoing digital innovation efforts, deploying a Secure SD-WAN solution is more critical than ever before. And the best solution is one that incorporates all five of the requirements listed above in a single, integrated solution. Distributed enterprises require a solution that ensures continued connectivity, improves application performance and user experience, accelerates the cloud on-ramp, provides advanced security to protect against evolving cyber threats, and enables unified analytics and reporting for improved visibility and control.

By adopting a Secure SD-WAN solution that meets each of the above requirements, organizations will be well equipped to address not only the current needs of their networks, but also any future needs that result from digital innovation initiatives.

Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.

Read these customer case studies to see how De Heus and Burger King Brazil implemented Fortinet’s Secure SD-WAN to alleviate network complexity, increase bandwidth, and reduce security costs.

Sourced from Fortinet

Prioritize Cybersecurity Awareness in Reopening Plans

Industry Perspectives

This is a summary of an article written for Modern Restaurant Management by Courtney Radke, Retail CISO at Fortinet. The entire article can be accessed here

As restaurants around the country start to reopen, there are many lessons to be learned from the events of the COVID-19 pandemic. Establishments that did not close entirely were forced to adapt their business models to accommodate for things like curbside pickup and delivery, both of which led to a heavy reliance on wireless technologies. While these technologies have enabled business continuity, they have also caused cybersecurity to become a more substantial part of the conversation. 

Dining in the Era of Digitalization 

COVID-19 turned the entire hospitality industry on its head. It became a matter of survival for companies to adapt to new business models, leading to an increase in things like drive-thru expansions, home delivery, and even pop-up or satellite locations. For the most part, these strategies have leveraged the use of either touchless, contactless, or low-contact payment methods that, while convenient, also represent a new attack vulnerability. With restaurants reopening and seeking to provide additional ways to minimize person-to-person contact, these payment methods are only going to see more use.

Those restaurant owners who were already using omnichannel and digital practices were able to reap the benefits immediately, seeing higher numbers of repeat visits (and higher sales numbers in general) than those who had to scramble to adopt digital strategies to stay afloat. Late adopters, on the other hand, had no time to waste when it came to building or expanding their digital capabilities to meet the demands of their customers – in many cases, this led to the installation of new hardware or having to use existing infrastructure in new ways. Suddenly, a wireless network that was meant to support guest access or internal operations now had to secure curbside, drive-through, and pop-up transactions. 

However, while being versatile and adapting to new conditions may have saved the business, it also often meant that cybersecurity suffered as a result. The truth is that, in the face of the coronavirus pandemic, many operational responses did not fully take cybersecurity into account. Rapid, and perhaps even slapdash deployment of these technologies to keep up with consumer demand ultimately resulted in both the increase of existing threats and new risks coming to light. Meanwhile, all of this occurred against a backdrop of relaxed controls and reduced security expenditures due to IT departments being pushed to complete work without being mindful of the usual change protocols. It’s this lesson that restaurant owners need to consider as they prepare their reopening strategy.

New Security Risks Accompany New Models

And now, yet another phase of transformation awaits restaurant owners: remaining in compliance with state and local guidelines while reopening for indoor and outdoor dining. Not only are there physical accommodations that must be made to promote social distancing, but many restaurants are also being encouraged or, in some cases, required to use technologies such as contactless payments to provide additional layers of physical safety.

These changes can be expensive, making it tempting to continue to let cybersecurity concerns slide. This could be disastrous, however, especially with many restaurants relying on cloud-based technologies in the wake of COVID-19. Now more than ever, cloud capacity needs careful monitoring and security, including the management of any misconfiguration errors that could be exploited.

Although digital and contactless payment methods are more inherently secure than traditional card-based transactions, it is still possible for cyber criminals to see and capture them. And lateral attacks against restaurants, which can lead to cardholder data compromise, are made easier by misconfigured systems, which means extra care must be taken. This makes it necessary for business owners to not just transition to new payment models but also take steps to protect their customers’ payment card data, especially when considering industry standards such as the Payment Card Industry Data Security Standard (PCI DSS). By the same token, restaurants have to place restrictions on patrons or other outsiders from attempting to access other parts of their business without being authorized to do so.

Considering all of this, it is critical that cyber hygiene not only remains at the forefront but that it also be strengthened. 

The New Normal is Change

In this new normal, the nature of retail transactions has changed and will continue to do so for the foreseeable future. In spite of this, business owners need to provide safety and consistency when it comes to the customer experience, going beyond the quality of products and services to also encompass customer digital security. Restaurants can help keep their businesses viable by embracing new digital innovations in customer service, but it should not stop there. Keeping customers safe from unnecessary public exposure and meeting their demands while also keeping their payment card data secure is now a core requirement for continued success.

Learn how Fortinet offers retailers a broad set of network and security technologies that are seamlessly integrated and automated with the Fortinet Security Fabric.

Sourced from Fortinet

Bridging the Cybersecurity Skills Gap as Cyber Risk Increases

The uptick in cyberattacks to date during the pandemic is well documented at this point. Networks are being transformed to accommodate the newly expanded remote workforce, and ransomware, phishing, insider threats, and other types of attacks are increasing as a result. IT and business leaders are already anticipating an increased need for more cybersecurity professionals in spite of the fact that the industry has been dealing with a skills gap for years now. However, the one silver lining in all of this is that for those individuals looking to change careers or reskill, there is a lot of opportunity in cybersecurity.

The Pandemic and the Rise of Cyberattacks

The shift to remote work has become a tempting vector for bad actors to pursue. FortiGuard Labs has observed a significant rise in cyberattacks directly related to this shift. Cybercriminals are the ultimate opportunists, and threat researchers saw a surprising volume of new threats aimed at remote workers in a short period of time, while more network-focused attacks declined. Rather than let a crisis go to waste, bad actors capitalize on it with an agility that enterprises only wish they had.

Remote work isn’t the only change that bad actors have been exploiting. There’s also the matter of FUD. It’s not news that cybercriminals will take advantage of fear, uncertainty, and doubt, often as part of social engineering campaigns, but we’ve seen that kicked into high gear over the past few months. It’s taking the form of campaigns related to COVID-19 that are targeting hospitals, medical equipment manufacturers, and health insurance companies, leveraging the fact that there is a shortage of medical equipment and supplies. There has been a similar uptick in attacks leveraging the Black Lives Matter movement.

The Need for More Skilled Professionals 

The global shortage of cybersecurity professionals has now surpassed 4 million – according to a study conducted by (ISC)2 – which means the global cybersecurity workforce must now grow at a staggering rate of 145% each year just to meet the growing demand for skilled talent. This issue has become even more critical with the transition to a remote workforce model. IT teams are stretched thin as they work rapidly to scale and secure their network to meet new demands. Some organizations have even had to “repurpose” their cybersecurity staff to perform IT-related functions as the work-from-home shift occurred, making securing the new teleworker network configuration even more challenging. 

Results are just about what you’d expect. 23% of respondents to the COVID-19 Cybersecurity Pulse Survey say  security incidents have increased, with some reporting that incidents have surged as much as 100%. Fifteen percent of respondents felt their IT security teams do not have the resources they need to support a remote workforce. And while another 34% said they do, it is only for the short term. 

Additionally, global shortages in talent also introduce risks. A recent survey showed that 73% of organizations had at least one intrusion/breach over the past year that was partially attributed to a gap in cybersecurity skills. Clearly, the need for skilled cybersecurity professionals is great—possibly the greatest it has ever been, in large measure due to current circumstances. 

Bridging the Skills Gap with Artificial Intelligence

One way many organizations are choosing to tackle their skills gap challenge is with high-tech automation solutions. Security technology powered by artificial intelligence (AI) is helping organizations strained by the lack of security personnel quickly detect and respond to sophisticated threats. Organizations are able to help their limited security staff and fill critical voids by automating manual processes and threat alerts. An effective AI system deployed in a SOC, for example, can perform the tasks of several security analysts, and at much greater speeds. While this is one way to address the talent shortage, there are still many higher-order security tasks that are being left undone. Organizations must also look to their current resources, including their teams, to fully address this issue.

New Talent Pools, New Opportunities

As the concept of remote work becomes the norm, and infrastructures become more distributed, the need for IT professionals that have timely security skills and knowledge will only grow. Security specialists with cloud and DevOps expertise are especially valuable.

Employers and employees must find new ways to address this skills gap. To start, organizations must go beyond the traditional means of recruiting talent to fill security roles. This includes focusing on individuals with technology certifications, recognizing that such certifications demonstrate needed cybersecurity knowledge and expertise.

Certifications can update and enhance collegiate studies for working professionals, grounding them in the practical application of their knowledge. They can also help non-traditional candidates – those without a technical background – transition into a cybersecurity career. By stressing the value of certifications, organizations can expand their talent pool to cover non-traditional candidates, degreed professionals from other fields, and other groups that may not have been considered in the past.

This includes veterans and their spouses. These workers typically demonstrate a strong work ethic and attention to detail, have spent their careers in an environment focused on physical and cyber security, and are successful in fast-paced, high-stress environments – skills that complement the cybersecurity industry. Because they can play a vital role in closing the cybersecurity skills gap, organizations should do more to recruit them, including investing in the appropriate resources to fully leverage their specialized skill sets with training programs and specific hiring processes.

Because the need is great and resources are scarce, some organizations are currently making free training available. It’s an ideal opportunity for organizations to upskill their employees and for all who are interested in cybersecurity to learn or add to their skills base. This is especially valuable when considering moving potential candidates from within the organization’s IT team.

Overcoming Increased Risk 

With the pandemic creating a massive shift to remote workers, and the consequent rise in cyber risks, finding individuals with cybersecurity skills is harder than ever. Employers and employees alike can help overcome this dilemma by making use of training and certifications – some of which are now free – to bring greater security to their organizations in the midst of these uncertain times.

Find out how Fortinet integrates AI and machine learning capabilities across our Security Fabric to detect, identify, and respond to threats at machine speed. 

Sourced from Fortinet

Themes and Lessons Learned from COVID-19 Cyberattacks

This is a summary of an article written for Dark Reading by Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs. The entire article can be accessed here

Throughout the pandemic, cyber threat actors have not let a single opportunity slip by. They have preyed on fear and concern around COVID-19 with phishing attacks while also capitalizing on security flaws within the remote workforce. And that, in turn, has had a significant impact on security professionals’ roles — a recent survey from (ISC)² found that 81% of respondents’ job functions had changed during the pandemic. 

The good news? There are plenty of lessons to be learned from the attacks that have been executed, ones that will shape the direction that organizations take regarding cybersecurity for years to come.

Cyber Criminals Benefit From Panic and Emotional Distress

Social engineering attacks remain the fastest way to exploit a target – they can be quickly spun up and also have the highest rate of return as compared to other techniques. Even during normal times, these cyberattacks prey on vulnerabilities and panic, so it is no surprise that the pandemic has only underscored the value and effectiveness of this method for cybercriminals who hope to capitalize on the situation. 

Many of the COVID-19 phishing campaigns that security teams have seen over the past few months have targeted hospitals, medical equipment manufacturers, and health insurance companies. Where many see panic in the shortage of medical equipment and supplies, attackers see ideal opportunities to capitalize on fear and misinformation. A major theme among these campaigns has been the creation of texts and emails that look like they were sent by organizations like the Centers for Disease Control (CDC) or the World Health Organization (WHO). By sending communication that appears to be coming from organizations as familiar as these two, threat actors know that recipients are more likely to open the message and then click on a link or download an attachment. 

This displays a perennial problem with security, regardless of how many measures you take, the human psyche remains the weakest link. Where humans face emotional, physical, and financial distress, they can become targets for attackers. 

Tried and True Cyberattack Methods Come Out on Top

The majority of attacks during the pandemic have been delivered via email, meaning mass spam campaigns have been taking place. This is backed by the fact that, in March alone, the FortiGuard Labs team saw a 131% increase in viruses, which should come as no surprise considering email attachments are the most common vendors of such malicious content.

Some of these attacks have been targeted, some are part of a “spray and pray” tactic. Others fall under the category of distributed denial-of-service (DDoS). And the sheer volume of remote work has also played a significant role in how effectively these attacks are executed. Today, almost everyone is connected to the Internet for the bulk of the day. It’s their primary connection to the outside world, whether it be for work or fun. Unfortunately, this activity often happens on the least secured networks or devices, rather than in far more secured corporate environments, offering attackers an effective springboard to access critical information.

While email is being exploited to deliver malware such as viruses or ransomware, that is because bad actors know that businesses are more likely to pay a ransom if it cuts off access to the critical infrastructure and information their users and customers need to ensure business continuity.

Interestingly, these attack methods themselves aren’t new. In fact, many of the techniques used in cyberattacks during the pandemic have not been innovative or novel – they’re all the same tricks bad actors have relied on for years. 

This is a matter of practicality, as attackers are unlikely to change tactics until they see a diminishing rate of return. And while systems behind the corporate firewall may have been hardened, many of the devices and networks being used by remote workers have not. Bad actors are also aware that people’s cyber hygiene may be worse than usual – a byproduct of fear and anxiety. This makes it even easier to execute the same attacks they’ve always relied on.

Due Diligence is More Important Than Ever

Now more than ever, the importance of due diligence cannot be overstated. While some may argue that too much caution is counterproductive, it’s far less counterproductive than having your entire company grind to a halt. Technical solutions like a robust email security solution remain essential, and email gateways and web application firewalls need to include things like Advanced Threat Protection (ATP), Content Disarm and Recovery (CDR) solutions and sandboxing, and endpoint devices need to add Endpoint Detection and Response (EDR) solutions to their AV/AM software to root out and stop malicious attacks. And because humans will still remain the weakest link in your security chain, cybersecurity user awareness training also continues to be crucial. Each individual should be able to understand the role they play in protecting your network – something that only comes with training. In many ways, the pandemic provides a valuable learning experience, even once businesses begin the slow process of reopening. 

Learn more about FortiGuard Labs threat research and the FortiGuard Security Subscriptions and Services portfolioSign up for the weekly Threat Brief from FortiGuard Labs. 

Learn more about Fortinet’s free cybersecurity training initiative or about the Fortinet Network Security Expert programNetwork Security Academy program, and FortiVet program.

Sourced from Fortinet

Staying Up-to-Date with Today’s Evolving Cyber Threat Landscape

FortiGuard Labs Perspectives

Digital transformation has unlocked massive potential for organizations and recent shifts to remote work have forced new learnings in business agility. Both have also paved the way for a new wave of advanced cybersecurity threats. Cybercriminals are becoming more sophisticated, using tools such as machine learning and AI to take advantage of the expanding attack surface and bypass traditional safeguards. Faced with endless alerts and a flood of data being collected from endpoints, network and IoT devices, cloud environments, and other areas, IT teams are struggling to keep pace, let alone stay ahead of threats. 

To learn more about important takeaways for the threat landscape, we asked Aamir Lakhani and Jonas Walker from Fortinet’s FortiGuard Labs threat intelligence team to share their perspective on what threat teams and organizations should be aware of as the landscape has shifted so dramatically recently.

Overall, if you had to look at the threat landscape at a big picture level, is it getting more intense, or is everything relative?

Jonas: It gets more intense as many organizations proceed to adopt the digital transformation. These days, organizations manage physical networks, private and public could network, IT/OT devices, and are moving many devices to the edge. On top of that, the current pandemic accelerates many of these processes, and unfortunately, security is often not a priority and implemented too late. Malicious threat actors are well aware of this and come very well prepared. Devices that connect to the Internet are targets for cybercriminals. The more devices, the larger the attack surface, and the more likely an attacker will be successful with initial access attempts before moving laterally through networks. 

Aamir: It is more intense. In the past, we only had to protect users from applications and networking threats. Today, there are exponentially more applications being used, more attacks, and more opportunities for attackers. Instead of just worrying only about Windows, we need to protect Mac OS, Linux, iOS, Android, and IoT operating systems. Cybersecurity not only needs to protect information services but also operational (OT) security as well. The threats are well beyond what is on a traditional computer screen and are now present in cars, manufacturing equipment, and critical infrastructure. Our likes, dislikes, bank accounts, preferences, and authentication access questions have been digitized and are targets for attackers to steal, use, and profit. The volume and velocity of attacks are on a scale that sits between ridiculous and insane. Additionally, attackers increasingly understand technology better and better and in some instances have more resources and support than in the past. In the spirit of Aldous Huxley, let’s say it is a brave new world.

Do you think organizations or users, in general, are more informed and are savvier today than from when you first entered the field?

Jonas: Employee awareness has increased, but it’s far from where it needs to be. Before we are allowed to drive a car on the street, we need to get a driver’s license. With the Internet, it’s different. Everyone who can purchase a smartphone, a laptop, or even an IoT device can connect to the Internet and do whatever they want. There is no license to use connected devices or to install software on your systems. On the other hand, you have sophisticated attackers who are specialized in offensive measures and can attack you from all over the world as long they have internet connectivity. 

On the bright side, ransomware – especially WannaCry – was a big wake up call for many organizations. It can hit anyone, and the impact will be substantial. Overall awareness and the average security skillset is increasing, which is good. Nevertheless, there is room for improvement since any environment is only as secure as its weakest link. 

Aamir: I first started playing around cybersecurity when I was ten years old, and I would say most ten-year-olds were not that savvy about cybersecurity. In all seriousness though, I think people are much more aware of cybersecurity problems and how their data can be at risk. 

Today, most people understand what a basic cyber scam is and that they may attempt to steal their identity or trick them with a phishing email. Granted, not everyone can recognize the attack, but they understand the basic script for the attack. Users have also gone through media sensationalism on significant data breaches, which has raised their overall awareness, but such coverage may lead to people getting numb to new attacks and breaches. 

In the past, large corporations almost looked at their InfoSec divisions as a burden rather than partners. I think as we have seen a more cooperative relationship between InfoSec and other organizations within companies, we have also seen a corresponding rise in awareness. We have also seen a much larger emphasis on user awareness training, which is on the roadmap of almost every CISO, which means users understand the potential risks. 

We are starting to see differences in the way people use social media. Social sharing is becoming more familiar with Generation X. Generation Z and some Millennials prefer more ephemeral networks where they can control the conversation. Some people may attribute that to the lack of interest in participation in Generation Z, but I think it is that they are more aware of the dangers of information leakage.

Lastly, we are making technology easier to consume with privacy. People are starting to understand that when they do not protect their information or their data, it can be a trade-off for long-term gains. 

What are some of the “low-hanging fruit” threats that you think not everyone knows about?

Jonas: From an offensive view, it has never been as easy for attackers to practice social engineering with all the public information available. This kind of information is not per se bad, but can be leveraged effectively for social engineering attacks. This digital data is an opportunity for cybercriminals.

To protect environments effectively, organizations must first realize that cybersecurity is priority one. Otherwise, it’s a lost fight long term! A robust cybersecurity strategy is critical to surviving in the long term. It’s perfectly fine to realize that help is needed and bring outside help to tackle the challenges. Penetration testing is very effective if done correctly and shows exactly how attackers would exploit vulnerabilities in corporate environments. From a technical point of view, it’s important to keep track of administrative accounts and passwords in general. In my opinion, every employee should use multi-factor authentication wherever possible and use a password manager. Last but not least, invest in your people as much as possible. Awareness training and explaining why rules exist can make a big difference. 

Aamir: We are often asked by many customers what recommendations we can give them. Overall, it isn’t easy to answer because of the uniqueness of each environment we see. I regularly discuss this challenge with my FortiGuard Labs colleague Anthony Giandomenico, who has coined the phrase Core-4 around the solutions organizations use to address the “low hanging fruit” regarding cybersecurity. Core-4 is about what organizations should think about when protecting and understanding their four core pillars of cybersecurity. These four areas include:

  1. Identifying authorized and unauthorized devices on your organization’s network
  2. Reduce unnecesary access 
  3. Patching
  4. Adding applications to the safe list

What is one threat on the horizon that is not being talked about much that will deserve attention in the coming months or years?

Jonas: I firmly believe fully self-driving cars will disrupt the auto and travel industry entirely in the next years. Cars are no longer cars as we know them, it’s a super-powerful computer on four wheels. It is fascinating and I cannot wait to experience it. On the other hand, if security is not treated with the absolute priority, it will be a big cybersecurity concern.

Aamir: I think Jonas was spot on when he spoke around cars and IoT in general. Medical devices, manufacturing equipment, and even restaurant supplies incorporate IoT devices that are connected, they have automatic updates, and use the Internet to add functionality. Current connectivity technologies have prohibited some of the widespread adoptions of these devices. I do think 5G technologies are going to be a game-changer in this manner. Not only does 5G make the Internet ubiquitous globally to IoT devices. The reduction in latency and the ability for efficient meshes means more concentration of devices in a single area. 5G is not only addressing bringing the Internet to rural areas and areas not previously covered by broadband Internet, but it is also expanding the attack opportunity for threat actors.

Learn more about FortiGuard Labs threat research and the FortiGuard Security Subscriptions and Services portfolioSign up for the weekly Threat Brief from FortiGuard Labs. 

Learn more about Fortinet’s free cybersecurity training initiative or about the Fortinet Network Security Expert programNetwork Security Academy program, and FortiVet program.

Sourced from Fortinet

Ensuring Mission Continuity Through Federal Government Cybersecurity

Industry Perspectives 

Federal agencies are faced with a number of unique challenges when it comes to securing their sprawling IT networks—particularly because they protect some of the most sensitive data and face severe consequences around national security. Given the nature of this information, nation-state actors and cybercriminals are constantly seeking new avenues to infiltrate systems and gain access to this data. 

To learn more about the cybersecurity challenges facing Federal agencies, we asked Fortinet Federal’s Bob Fortna and Jim Richberg as well as Aamir Lakhani from Fortinet’s FortiGuard Labs threat intelligence team to share their perspective on how these organizations can effectively protect their critical data and infrastructure against advanced cyber threats.

What are the most significant cybersecurity trends top of mind for Federal agencies now, from both a technology and threat perspective?

Bob: I have worked in the Federal sector for years and some concerns persist but of course new concerns appear as cyber threats evolve. With a sophisticated threat landscape, an expanding attack surface, continuous government mandates, and a growing cyber skills gap, cybersecurity is top of mind. Some specific topics that come up frequently are: persistent attacks from nation-state actors, protecting mission and agency data, ensuring security in a work from home environment, maintaining and upskilling a cybersecurity skilled labor force, secure cloud migration, and of course election security. 

Jim: One of the biggest issues that is top of mind for agencies right now is not unique to only Federal agencies—that of building capacity for a ‘new normal’ including sustained, reliable, and secure remote telework by a significant portion of their workforce. Where this challenge becomes unique to Federal agencies is that they have to implement it against requirements such as TIC 3.0 standards for cloud access and CISA’s interim guidance on remote telework. Some agencies, especially those with a significant geographically distributed presence, are also beginning to explore software defined networking – SD-WAN and SD-Branch. These capabilities have enjoyed dramatic growth in the private sector because of their cost and performance advantages, along with greater operational flexibility.

Aamir: One of the top priorities for Federal agencies has been their cloud strategy. Cloud has always had a byproduct of enabling flexibility of work from a remote workforce. However, enabling remote access has become a much bigger priority during the COVID-19 pandemic. Agencies are trying to understand what the most efficient way to deploy remote access is while maintaining security and minimizing the burden on IT support. Solutions like SD-WAN that meet the unique requirements of agencies are gaining popularity.

Can you talk about risk and what it means for Federal agencies? How does it differ from industry concerns around risk?

Bob: Because the Federal government provides safety and security to the country, the stakes are much higher for Federal agencies. Most companies weigh the risk/benefit cost and make decisions based on that. The government cannot diminish risk when referring to national defense, healthcare, financial systems etc. That said, resources are not endless and they face fixed budgets, skilled labor availability, and competing priorities. Federal agencies must make very different and complex decisions vs the private sector.

Jim: Figuring out how much risk is acceptable and how to handle it is key. There are four broad tools for risk management — “the four T’s”:

  • Treating risk (mitigation)
  • Tolerating risk (acceptance)
  • Terminating risk (avoidance) 
  • Transferring risk (via third party insurance)

Government typically only uses two of these tools—treating risk or occasionally terminating a risky activity. And while many organizations evaluate tactical/transactional risk associated with a specific activity, relatively few organizations in the public or private sectors look holistically at risk across their organization.

Aamir: Risk has always centered around opportunity for attackers to do harm, and their intention and motivation to do so. Attackers have ample motivation to attack federal agencies. Some of these motivations can include things such as stealing medical research, stealing employee information for blackmail or phishing, or disrupting operations in order to cause panic in the perceived stability of the government. In other words, the stakes are high for Federal agencies and they must ensure they have secure networks, applications, and cyber policies. In addition, agencies have tough and detailed certification processes for implementing technologies to ensure it meets their internal security, business, and support policies and practices.

There are lots of mandates and guidance put out in the Federal sector for agencies to follow, how do you counsel your contacts in terms of managing these changes successfully?

Bob: We encourage agencies to simplify their operations by consolidating, integrating and automating their security architectures. By doing so, they will reduce dependencies on human touch at every step in the security stack, and reduce cost with less training, licenses, footprint, but with faster diagnosis or response time. There are lots of mandates but first and foremost we make sure agencies are following NIST (National Institute of Standards and Technology) and STIG (Security Technical Implementation Guides).

Jim: Agencies have to make choices in how they address IT modernization and cybersecurity, especially since the lengthy procurement cycle most agencies face makes it difficult for them to be on the cutting edge of technology. However, that lag in technology adoption can offer an upside, in that agencies can avoid many of the false starts and inefficiencies that come with being an early adopter, and they can move instead to solutions that have been validated and perfected through use in industry. SD-WAN is a good example of this—early versions of this capability deployed five years ago focused solely on traffic management and ignored security. Current capabilities have evolved to offer solutions that offer superior networking and strong security as an integrated capability. Because many Federal agencies face even greater challenges in recruiting and retaining a cyber-workforce than the private sector, I counsel Federal decision makers to look for solutions that offer integration and automation as ‘force multipliers’ for their staff and as ways of freeing personnel to focus on tasks requiring human judgment and skill.

Is it possible to sum up the threat landscape for Federal agencies in a few sentences? 

Jim: While the private sector and state or local government may be targeted occasionally by nation-state adversaries, Federal agencies are consistently targeted by these actors, including sophisticated Advanced Persistent Threats (APT). Moreover, while the private sector is often the victim of financially-motivated crime, Federal agencies are typically targeted for theft of data—intellectual property and national security information—which is often harder to detect. Government is also responsible for unique services such as running elections which combine complex technical challenges with issues of perception and public confidence.

Aamir: Cloud attacks and application attacks are much more prevalent for Federal agencies. In other industries we are starting to see an increase in IoT attacks, but overall Federal agencies have implemented strong network access controls, but most attackers understand that Federal agencies have many web apps and other cloud-based access. Attackers seem to be focused on phishing and it is possible more sophisticated attackers have done reconnaissance and have targeted their phishing attacks to valuable targets. In addition, since attackers could use reverse shells and other attack methods, Federal agencies are starting to invest in cyber detection products such as deception based products, user and entity behavior analytics, and other network anomaly based systems.

What is the one thing that makes Fortinet Federal different?

Bob: Fortinet has been a trusted business partner of the U.S. Federal government for years for many reasons. Fortinet has been a leader in performance, integration and automation which is key. In addition, Fortinet by design provides for security simplification by consolidating functions, reducing footprint, and lowering costs. We provide integrated solutions across the entire security stack from zero trust endpoints, to data center segmentation, to seamless hybrid cloud solutions. We are not just one product or one offering and that is value for agencies. Another aspect that is important is our commitment to third-party validation and testing. Testing of security products and solutions plays such a critical role in thwarting cybercriminals. We have the most when compared to our competitors and that matters to customers.

Jim: The cyberattack surface is growing in breadth, and Fortinet is the only vendor with strong capabilities across the breadth of this expanding and complex environment—from network edge to core to cloud.  The fact that all of Fortinet’s products and capabilities are integrated makes the effectiveness of the whole greater than the sum of the parts—and this has been demonstrated by independent third-party testing. Cybersecurity is a complex and interdisciplinary field, and Fortinet excels in disciplines as distinct as cutting edge engineering to global threat analysis and path-breaking AI development. All of these capabilities are available to Federal partners in a range of form factors—from physical devices to virtual services—and in consumption models ranging from zero-touch ‘plug and play’ to manual use by an agency’s security and network operations teams.

Aamir: A true differentiator of Fortinet Federal is that it is backed by FortiGuard Labs’ actionable threat intelligence. We are not just products. Our mission is to provide our customers the industry’s best threat intelligence to protect them from malicious cyberattacks. Using millions of global network sensors, FortiGuard Labs monitors the worldwide attack surface and employs artificial intelligence (AI) to mine that data for new threats.

Another aspect that I am passionate about as well is our commitment to cybersecurity training. The Fortinet Network Security Expert (NSE) Program is an 8-level training and assessment program designed for customers, partners, and employees. Fortinet has opened up our entire self-paced catalogue of advanced NSE training courses. The courses will be free for the remainder of 2020 to help address the rapidly evolving needs of organizations securing highly distributed and remote workforces.

Learn more about how Fortinet Federal helps Federal agencies efficiently protect U.S. government data and critical infrastructure against advanced nation-state threats.

Sourced from Fortinet

Strategies for Protecting and Enabling the Remote Workforce

This is a summary of an article written for CNBC by Phil Quade, CISO at Fortinet. The entire article can be accessed here

The coronavirus pandemic has presented us with a unique, double-pronged view of change. It is both reshaping and redefining how business gets done, enabled by the trajectory of digital transformation that began long before COVID-19 forced organizations to rethink their strategies for the purpose of business continuity. This has been most notably demonstrated by the sudden and rapid shift to telecommuting, a concept that has become quintessential to 2020.  

Although it may not be perceived as the “electronic Pearl Harbor” (a 90s-era term signifying a high-impact cybersecurity event) that helps marshal businesses to revolutionize how we architect the security of networks, the expansion of the remote workforce could be the catalyst for change that leads us to a more advanced position. In these difficult times, our intensified focus on cybersecurity stands out as an upside to the pandemic. 

Elevating Cybersecurity Agility and Resiliency Amid Difficult Times

Before the pandemic, some organizations had already begun to adjust their security strategies to enable a shift to remote work. While they may have not foreseen this current crisis, their understanding of the need for an effective business continuity plan, and the inevitable changes being brought about by digital innovation led them to rethink what networks and a digital workforce look like in the 21st century.

This included bolstering the network edge, something which has faced increased risk ever since the prioritization of mobility, IoT, and 5G. For these prescient organizations, the foundation was already in place to meet the challenges of the distributed workforce being faced today. But for those that did not, it took a large-scale event to realize that the nature of work has already been fundamentally redefined, and that the great shift is happening now, not later. 

While this transition certainly presents some new risks, they should not serve as a roadblock. Instead, they should also inspire a new vision for cybersecurity that accelerates the pivot to this new paradigm. This shift is essential. By failing to seize the moment now, organizations could negatively affect their future cybersecurity posture, along with their ability to compete in the digital marketplace, without even realizing it. 

Below are a few of the measures that companies should take to help them adapt and grow amid this shift. 

Ensure Alignment of Business Processes: To enable a secure remote workforce, organizations must align business processes such as finance and HR with best practices around communication privacy and authentication. These processes should also align with cultural processes that promote effective communication in an agile, trust-based environment.

Fund Necessary Cybersecurity Costs by Leveraging Savings: Permanently shifting a portion of the workforce from centralized offices to home offices will help reduce capital costs like climate control, office infrastructure, and rent or building loans. These cost savings can then be used to fund the necessary technology and cybersecurity costs associated with the “new normal” of managing an expansive remote workforce. 

Ensure Your Cybersecurity Architecture Can Support this New Business Architecture: When building or updating network architectures, things like data privacy, integrity, and confidentiality need to be kept top of mind. And these values need to be applied across the network, not just for remote workers. That’s because business applications and workflows need to span from the endpoint to the core network to the company’s “distributed edge” in the cloud. And securing this distributed environment requires cybersecurity solutions that are both integrated and automated

Enjoy the Benefits of Telecommuting: There are countless benefits to enabling a remote workforce and adopting a secure network strategy to support it. The carbon footprint of organizations will be reduced when fewer workers are commuting, and the talent pool will only grow when the search is widened to include those who might not live near the physical headquarters. Finally, by supporting secure flexible work options, organizations can strengthen employee loyalty through the alignment of business goals and user experience with personal quality-of-life goals. 

The Future of Remote Workforce is Now

The COVID-19 pandemic has presented new challenges for organizations, but amidst the disruption many have found new ways to conduct business while protecting their remote workforce. The best practices listed above encompass this shift, prioritizing an investment in employees, business processes, and the architectures that will be relied upon for sustained growth and success. But as your company works to adjust to this new normal, keep in mind the chief message of these events: the future is now, not tomorrow.  

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Sourced from Fortinet

Securing the Shift to 5G

We are at the threshold of remarkable growth and opportunity in the mobile space. 5G is becoming commercially available, and due to pent-up demand there is strong momentum in the global 5G market. Given the promise of incredibly fast speeds, huge payloads, and highly reliable services supporting more devices than ever, it’s no surprise that service providers are investing heavily in 5G. And the growth of these interconnected devices is being accelerated with the advent of new services for enhanced mobile broadband, multiaccess edge computing, IoT, and smart solutions.

Indeed, the number of cellular IoT connections is expected to increase at an annual growth rate of 27 percent, reaching 4.1 billion in 2024. These cellular IoT connections and fixed wireless access (FWA) subscriptions support new use cases, meaning they will come on top of growing mobile subscriptions. New IoT services will also address diverse and evolving requirements across a wide range of use cases in different verticals, including utilities, smart cities, transportation, logistics, agriculture, manufacturing, and wearables.

To support this evolution, massive IoT cellular technologies such as NB-IoT (Narrowband IoT) and Cat-M1 (LPWAN (low-power wide area network) cellular technology built specifically for IoT) are taking off and driving growth in the number of cellular IoT connections worldwide. And as the IoT application market begins to widen, even more advanced use cases requiring enhanced network capabilities are beginning to emerge. 

These new use cases—and the need to support a magnitude increase in bandwidth and ultralow latencies— are driving the evolution of traditional hierarchical service provider architectures to a flatter, cloud-based architecture where services can be offered from the edge of the mobile core network.

A Shift in the Core Architecture

Traditionally, the core of the mobile network was run from a handful of datacenters. All mobile traffic was hauled into the core before providing access to service provider-delivered application services—such as end-user account applications and walled garden applications—or sent over the internet to third-party cloud networks or services. These networks were designed to handle hundreds of millions of connections and deliver megabit connection speeds.

However, in order to meet the challenges of billions of connected devices, gigabit connection speeds, and ultralow latencies—while delivering rich context around data transiting the mobile network—service providers must now rapidly increase network capacity and deployment agility. Adding to these challenges is the requirement for additional compute—all while avoiding raising costs and/or lowering the reliability and availability of the infrastructure and services.

Cloud service providers have already demonstrated that it is possible to quickly and reliably deliver services at massive scale and capacity to both enterprise customers and consumers. Mobile service providers are adopting a similar approach, but with a twist. They plan to deliver services from thousands of edge clouds rather than from a few mega-capacity central clouds. And to support agility in service delivery, there is also a heavy focus on the programmability of the network to make dynamic changes—add/delete/update—anytime and anywhere.

The adoption of virtual and cloud-native technologies to support these initiatives means opening the service provider stack to open-source technologies. At the same time, new service use cases require support for extensive web-based application delivery frameworks, with a heavy emphasis on APIs to connect different service layers together. These new architectural changes and open technologies open up a Pandora’s box of security issues that service providers have never had to consider or deal with before, at least not at the scale and complexity that this new transformation demands.

Key 5G Security Use Cases

A properly engineered service provider mobile core needs to consider the need for specific security controls early in its lifecycle. These early considerations are driven by security principles and policies established by the service providers, as well as by industry best practices, regulations and laws imposed by oversight and governing bodies. They are also the result of the need to tightly integrate security and systems together for issues like dynamic adaptability and scale, which are far more difficult to achieve when deploying security as an overlay later in the lifecycle. These drivers, together with the assessed risks to the business and its assets, give rise to security controls needed to identify and manage a wide range of risks and threats.

Today, with the movement to virtual infrastructures and cloud-based architectures that rely on open technologies, there is a significant need for security capabilities that go well beyond the traditional safeguards provided by stateful firewalls. The attack surface of this emerging infrastructure extends far beyond physical assets, backhaul and fronthaul, signaling, roaming, charging, and internet interfaces. Service providers also need to secure the virtual infrastructure and cloud platforms. And with new strategies such as network slicing, service providers have to be able to accommodate the complete end-to-end isolation of slices, in addition to the agile and dynamic allocation of end-to-end resources to multiple tenants running different services with varied requirements.

Another new concept arising from 5G transformation is edge clouds designed to deliver high bandwidth and low latency applications. These edge clouds will also need to support multiple tenants and specialized IoT applications that don’t run in the central cloud. However, from a security perspective, their policies and enforcement will need to be consistent with those in the core. This will require centralized orchestration combined with autonomous edge security to ensure both consistency and time to respond.

The most important consideration of the 5G threat landscape is that it includes far more than the volumetric DDoS attacks and signaling protocol-specific hacks of the past. It also includes advanced persistent threats, lateral propagation, web application layer vulnerabilities, API security, and more. As a result, service providers need to ensure that the diverse set of security requirements imposed by this new architecture—along with the related use cases and services supported by their core networks—can be adequately addressed by their security solutions. And they need to be part of a single security framework rather than a separate, isolated set of solutions that can cause additional overhead as well as issues related to configuration and orchestration. Ensuring that these solutions are fully integrated and automated ensures consistent and effective security to protect infrastructure assets and revenue generating services.

What’s Next With 5G?

5G presents service providers with tremendous opportunities for new business growth in the area of enterprise services. However, these new services will require the adoption of virtual and cloud-based technologies that will open up an entirely new set of challenges and risks to the infrastructure and services.

To succeed in the highly competitive 5G market, Service Providers will have to adopt a rapid architectural shift to open, virtual, and cloud infrastructure. Securing such a hybrid ecosystem calls for broad, integrated, and automated capabilities only found in a security fabric approach.

Learn more about securing 4G, 5G and Beyond with Fortinet.

Sourced from Fortinet

Long-Term Strategies for Securing Remote Work in 2020 and Beyond

With organizations around the globe in various stages of sending employees back to traditional office environments, it seems as though remote work will play a significant role in business through 2020 and beyond. Whether companies are still under restrictions and are unable to send people back to the office, or they have created more flexible remote work policies to better accommodate the needs of their employees, these businesses must ensure that their teleworker strategies can support and secure remote connectivity long-term.

To get a better understanding of what CISOs have learned from a security perspective as a result of the shift to remote work in early 2020, we discussed the topic digitally with Fortinet’s Alain Sanchez, Courtney Radke, and Peter Newton. 

Q: What are the unexpected security strategy learnings you are hearing CISOs discuss in recent months?

Courtney – While it may have seemed daunting or overwhelming at first, at least from a technical standpoint, implementing a robust and secure remote worker program was not necessarily as difficult as many organizations believed it to be on the surface. Did it require the correct policies and openness to embrace change to pull off effectively and under a tight time-crunch? Yes. Were things made easier when businesses already had the correct infrastructure in place to facilitate both? Absolutely. However, with a bit of careful planning and the right technology partnerships, organizations were able to get over the hump and execute on or expand their teleworker strategy. This, in turn, made businesses realize that the reasons to retain (or possibly expand) their teleworker strategy quickly outnumbered the reasons against remote work becoming a staple of an organization’s business process going forward.

Alain – As a result of the COVID-19 crisis, CISOs were put under incredible pressure to maintain business continuity with almost 100% of the workforce working from home, in just a couple of days. Many successful approaches that we have seen are based on a careful analysis of existing capabilities, so that instead of rushing to add new technologies they leveraged the potential of the solutions already in place. The beauty of revisiting what you have in light of those business imperatives, is that you end up asking the right questions about what processes, data, and apps are truly crucial to maintain business. This healthy reaction created some fruitful eureka moments and consequently harmonized security practices across the branches, the core, and cloud-based infrastructures.  

Q: How are CISOs changing their IT or OT security needs moving forward given what they have experienced in 2020 so far?

Courtney – Many organizations were simply not aware of some of the weak spots and bottlenecks in their infrastructures. To plug the holes and stem the tide, businesses made changes and additions to their environments in a manner and speed that made it impossible to understand the downstream effects. The costs now are only beginning to come to light in the form of interoperability challenges, data privacy concerns, performance degradation and increased complexity. By only using the “see a need fill a need” approach, many businesses inadvertently created another need. IT staff that were already taxed in managing the previous status quo, now had even more to contend with in tools and services that were not built with integration and automation in mind. While these problems can many times be rectified with additional cycles and customizations, CISOs and C-level IT executives alike are now keener to evaluating technologies that not only fit an immediate need but also help fix outstanding problems.

Alain – 2020 has already entered in history as the year of IT/OT convergence. The merger of the two disciplines accelerated as an automated response was seen as the way to transcend the diversity of OT devices in SOC environments that were managed remotely. You just can’t do that if you rely on manual response and work by exceptions. The practice of deporting the analysis of the threat to converged NOC-SOC dashboards and triggering the response as automatically as possible has significantly progressed in the last 3 months. We are also seeing the adoption of constantly updated playbooks as more systematic. However, these threats continue to increase in volume and sophistication, hence the necessity of a central repository and the enforcement of these response scenarios.  

Peter – We’ve seen an increase in the use of our Teleworker Solutions for key individuals that have more security and performance requirements than your typical employee. Customers are deploying our small firewalls directly into the homes of their “Super Users” to create a secure enclave, protecting an organization’s critical data from the home network. This use of a firewall directly in the home office can provide users with the same kind of wired and wireless connectivity they would have in the office, with the full protection of a corporate enterprise firewall, all managed remotely so the IT team has complete visibility over numerous network edges. This enables Super Users to conduct business as usual from their home office while ensuring the highest levels of protection, explicitly because home networks are such a weak underbelly in this whole system. If you aren’t protecting your organization from that threat vector you are leaving yourself exposed, which is what CISOs are learning and it is why they are adopting these Teleworker Solutions.

Q: What areas of the digital infrastructure are top of mind right now for CISOs?

Peter – There is a major emphasis on the concept of Zero-Trust Network Access because companies are recognizing that, number one, they have all these VPN Tunnels that need to understand and confirm who the users are and two, they have users on all different types of devices that now have access to the corporate network. This is where the ability to understand and see everything on that network has become key and that is why our Teleworker Solutions has gotten a lot of attention and activity in the months since COVID-19 first hit. And now that we are a couple of months in, customers are finally able to take a step back now and evaluate whether they put every security measure in place that they needed to so that their teleworker solutions are effective long-term. As a result, many of them are shoring up their Zero-Trust capabilities so they know exactly who and what is on their network well into the future as employees continue to work remotely.

Courtney – The two areas that I have continuously heard mentioned, especially over the last several weeks, is the need for more tightly integrated network and security functions and how to properly secure dynamic multi-cloud environments. To expand further, network infrastructure needs to support and enable other aspects of the business, it must allow for dynamic change and new technology integrations and must have integrated (and automated) security functions to reduce complexity and increase efficiency. This needs to extend from branch, to edge, to the data center, and to cloud with a cohesive policy and centralized visibility and management throughout. As businesses are quickly viewing the cloud as data center extensions, it becomes more critical for network and security policies to seamlessly expand into these environments and maintain the same ease of deployment (and security maturity) as their more traditional physical counterparts. 

Alain – The edge is becoming more and more important as increased processing power and speed are expected to be available when 5G generalizes. The distributed architecture of 5G also makes Zero-Trust one of the pillars of advanced cybersecurity. The right of connection cannot be granted by default to a user, a process, or a device. Authorization to access has to be the result of an analysis of what the entity is supposed to do from a profile and machine-learned behavior perspective as well as what that entity actually does. When a gap is detected or an abnormal exchange is about to happen, the device has to be isolated and its level of threat evaluated in a fraction of a second. This timely decision requires a fully integrated exchange between the networking side and the security side of the risk equation.

Discover how Fortinet Teleworker Solutions enable secure remote access at scale to support employees with a wide array of access requirements.

Sourced from Fortinet

Securing Communities Through Disaster Relief Volunteering

FortinetLife Perspectives

During the hurricane season of 2017, some Fortinet colleagues and I donated a pallet of FortiGate Next-Generation Firewalls to ITDRC (Information Technology Disaster Resource Center), a nonprofit which provides IT and connectivity solutions for free to communities affected by disasters. With a broad base of volunteers from various tech companies, available warehouse space, and free vouchers donated by Southwest Airlines, ITDRC began using Fortinet’s FortiGate Next-Generation Firewalls to secure communications in disaster-affected areas. This marked the beginning of volunteering my time and resources toward disaster relief response efforts and Fortinet’s partnership with ITDRC.

Volunteering and Donations in Response to Disasters

Over the next several years, Fortinet’s firewalls served a crucial role in helping give a sense of normalcy to communities affected by hurricanes, fire, floods, and tornados. In response to Hurricane Maria in 2017 which significantly affected Puerto Rico, ITDRC volunteers from Fortinet and Fortinet customers traveled to Puerto Rico with FortiGates to help. They installed them in clinics, community centers, and the convention center. Donated satellites by Dish were QoS’d by FortiGates combined with FortiGuard Security Services to give children and the local community secure Internet access.

Fortinet employees and partners who volunteered in installing FortiGates in some austere conditions soon started to self-identify as FortiDRT – short for “Fortinet Disaster Response Team.” Through our continued volunteer work with ITDRC and donations, Fortinet also powered Internet kiosks at Red Cross shelters and wildfire survivor sites in Northern California. For example, Fortinet ensured that parents could securely process insurance paperwork, check in with loved ones, and even provide some entertainment and education for their children. This work was especially rewarding as two Fortinet customers were among those who experienced the loss of their family homes due to California wildfires.

Over time, Fortinet expanded its partnership with ITDRC and collaboration with other organizations involved with the NGO. Tierpoint, a managed provider of Fortinet solutions, donated colocation and private cloud for Fortinet backend infrastructure, as well as the ability to cache networking hardware ahead of upcoming disasters. Amazon Web Services provided cloud credits and an Amazon Snowball to ITDRCTesla’s disaster response group began rolling out solar arrays to help power Fortinet sites that were off the grid. Fortinet joined the ITDRC Tech Task Force, which also includes Google.orgBeldenRuckus NetworksDish Cares, and many other tech companies devoted to using technology to respond to disasters. 

Securely Connecting the Community During a Pandemic

More recently, Fortinet employees and partners responded to the COVID-19 pandemic to ensure that school children around the U.S. could safely learn at home and maintain safe distances from others. Fortinet employees began a laptop drive and configured donated FortiGates for tribal nations and rural communities that needed connectivity. Fortinet volunteers began repurposing computer hardware into Chromebooks using Neverware, a Google-based operating system.

Through Fortinet’s Corporate Foundation and Corporate Social Responsibility initiatives, additional Fortinet technology has been donated to ITDRC’s projectConnect. Since projectConnect has started, ITDRC has created more than 300 hotspots for school children, mostly in rural and tribal communities inside the United States a Fortinet’s donations is helping make all these connections secure. ITDRC’s projectConnect partners with libraries, schools, and community centers to provide free outdoor WiFi access. This connectivity helps those affected by the pandemic by providing access to distance learning curricula and employment resources in open areas that facilitate social distancing. For governments, medical facilities and telehealth, ITDRC’s projectConnect provides network, voice, video, and wireless infrastructure, compute devices including notebooks and tablets. Fortinet employees, partners, and customers who would like to contribute to projectConnect can join ITDRC by signing up online

The Rewards of Volunteering

For those of us in ITDRC, it has been a joy to use Fortinet’s solutions to tackle a wide array of field challenges, such as configuring Secure SD-WAN for firefighters or converting library patios to safe WiFi hotspots for children. This commitment to constant innovation and lifelong learning is what initially drew me and many others to work at Fortinet and it’s very rewarding to be able to continuously empower, protect, and positively impact our communities through my work at Fortinet and with the ITDRC.

Find out how you can contribute to projectConnect by signing up online today at ITDRC

Read more on Fortinet’s Corporate Foundation and Corporate Social Responsibility initiatives and how Fortinet has donated technology to ITDRC’s projectConnect

Sourced from Fortinet