Almost overnight, teleworking has become mainstream. And from all indications, it might stay that way for weeks or even months. And for many organizations, this may signal a new normal, where many workers may continue to work remotely. But regardless of the outcome, organizations need to ensure that their business continuity/disaster recovery (BCDR) plans are updated so they are ready to quickly ‘flip the switch’ to teleworking in the future – whether due to the next pandemic, a major weather event, or some other unforeseen event.
To do this, organizations need to architect access to their critical applications so they can remain resilient in the face of unexpected change, while maintaining the right security posture to protect valuable data, guard against threats, and adhere to compliance obligations. To achieve this, the following top three considerations are important for every organization, large or small, across every market segment. And they are steps that organizations can immediately put into action today:
1. Protect Your Critical Collaboration & SaaS Apps
Most customers today are fairly advanced in their adoption and transition to the cloud and SaaS apps. Even when an enterprise hasn’t yet directly embracing SaaS, users are self-selecting cloud-based applications – or what’s commonly called shadow IT – to get their jobs done. With the shift to teleworking, the reliance on SaaS and its universal access will only grow. For example, it’s easy to appreciate the value that file sharing and cloud storage applications like Sharepoint, G-Drive, or Box deliver. Even if the corporate network and local folders are unavailable, cloud applications make it easy to upload and share files. And this can easily be extended beyond employees, to partners or suppliers, or even end customers.
The challenge is to how to manage the security of these cloud solutions. Deep visibility and control mechanisms must be put in place to address potential SaaS challenges, such as the unauthorized downloading of files or creation of shadow IT resources. A Cloud Access Security Broker (CASB) provide critical technology designed to secure these cloud-based applications and assests, something that analysts call out as an ‘essential element of any cloud security strategy.’ CASB allows customers to understand their SaaS traffic, protect valuable data, guard against threats, and ensure that compliance objectives are met. And depending on the deployment, CASB can even provide visibility on unsanctioned application traffic, enabling policies can be put in place to shore up potential risk points.
Fortinet has taken a unique, 100% API-driven approach in its FortiCASB solution. Especially today, in this new age of teleworking, these APIs provide critical insights into application usage without the need for intercepting traffic through a proxy or by installing endpoint agents. These APIs provide a wealth of intelligence designed to uncover SaaS activity, ranging from who the top users are, to what’s being uploaded, to where it’ going and whether there any risks or risky activities going on. These APIs can also be used for remediation steps like changing permissions so, for example, a sensitive file is not visible to the public from Sharepoint, or by using FortiCASB’s built-in threat scanning technologies to identify malware ahead of costly damages or broad propagation from a Box folder. For full shadow IT visibility, FortiCASB can also be deployed in conjunction with FortiGate NGFW and leverage the FortiGate as powerful control point in the network.
But as with email, you need to protect who can gain access to these resources beyond just simple login-password combinations. That leads to the next point that is applicable to both email and an organization’s critical SaaS apps.
2. Enable Multi-Factor Authentication
At the RSA Security Conference this past March, Microsoft engineers shared that “99.9% of the compromised accounts they track every month don’t use multi-factor authentication.” To put this data in context, Microsoft monitors more than 30 billion logins per day and more than a billion users. And on average, Microsoft sees roughly 1.2 million accounts that have been compromised each month. So it’s no surprise that across all of the enterprise accounts they monitor, only 11% had MFA solution enabled.
Many of today’s most damaging security breaches are due to compromised user accounts and passwords. Whether bad actors collect login credentials via sophisticated phishing email scams or brute force attacks, without multifactor authentication in place they can use those credentials to easily gain unfettered access to the network and to move laterally across network and application resources to wreak havoc.
To address this, the adoption of additional authentication methods has accelerated. Two-factor or multifactor authentication (MFA) – achieved through physical hardware or mobile application tokens – increases the certainty of the identity of users as they enter the network, because even if a criminal knows a user’s name and password, they still cannot login under that stolen identity without also having that user’s unique identity token.
Fortinet’s FortiToken solution enables businesses of all sizes to manage their MFA token implementations for users connecting from anywhere, as long as there is an Internet connection. With the addition of FortiAuthenticator, customers can augment existing solutions like Active Directory and enable things like single sign-on (SSO) to improve user experience. FortiToken, with or without the addition of FortiAuthenticator, secures access to a wide range of enterprise applications, whether on-premise, hosted in private or public clouds, or for SaaS applications.
Multifactor authentication technology is widely available, but organizations need to enable it and make it mandatory for their employees. And as with the recommendations for email and SaaS applications, MFA provides a key complementary technology that can significantly bolster the security across these critical environments with minimal investment.
3. Lock Down Your Inbox
Email is the primary communication tool for doing business. It connects us to our peers, our partners and suppliers, even our customers. It needs to be reliable and accessible, but also protected. Many customers have come to rely on native security functions built into their email security solutions, but they don’t always measure up. A recently published report from third-party testing firm SE Labs sheds light on how different solutions perform. It includes results and ratings for popular email cloud providers like Exchange Online, Office 365, and G-Suite. In addition, FortiMail was submitted as part of the SE Labs testing as Fortinet believes strongly that truly effective security should hold up under the vetting of third-party, independent tests and benchmarks. SE Labs responded to our entry with the following:
“We congratulate Fortinet for its outstanding performance in this extremely challenging test. In our latest tests, Fortinet earned a AAA rating with a 90% total accuracy, which put it in high standing compared to other offerings in the market. For customers, this should provide additional assurance that FortiMail offers the appropriate, robust security protections needed for securing email traffic.”
The deluge of email-based threats has already begun to spike during this period, with the FortiGuard Labs team identifying upwards of 600 new phishing campaigns a day. Clearly, the bad actors are trying to take advantage of the confusion of such a rapid transition and novice remote users through their social engineering tricks and other exploits. Whether defending against phishing attacks, business email compromise, or the latest ransomware, Information Technology and Security leaders need to protect their users’ inboxes now more than ever.
Special consideration is also needed as users are more likely to connect to corporate resources not only from company-managed devices, but also from personal or unmanaged devices, including laptops, smartphones, and tablets. As a result, stopping email threats on the mail server or in the cloud, before it gets delivered to the user, is imperative. To do this, taking smart steps to avoid credential theft will be key. The same goes for protecting valuable data before it potentially leaves the organization.
With the industry quickly pivoting to teleworking, now is the time for organizations to move quickly and take these important steps – securing their critical email traffic, putting the right protections in place for their SaaS applications, and enabling the critical lynchpin technology of multifactor authentication to tied it all together. By implementing the right IT and Security strategy, customers will not only have a more secure environment today, but it also sets them up well for the future, enabling productivity and business agility gains even during extreme circumstances, without dangerous concessions to the overall security posture of the business.
Learn more about how to maintain business continuity through broad, integrated, and automated Fortinet Teleworker Solutions.
Learn how Fortinet’s dynamic cloud security solutions provide increased visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.
Engage in our Fortinet user community (Fuse). Share ideas and feedback, learn more about our products and technology, or connect with peers.