Early on network capacity was considered at risk due to the volume of people working and using services like Netflix or online gaming all at once.
Managing the load on the network is causing CTOs to scratch their heads too. As they rapidly roll out enterprise VPNs and remote desktop solutions to give employees access to sensitive resources and internal applications, they must find ways to balance the volume on the network. Plus, they need to keep it secure.
So, how do you start to find solutions?
Protecting against DDoS attacks
Taking measures to prevent disruption to critical servers is paramount. Distributed Denial of Service attacks are high up on the list of threats. We know that such attacks create large volumes of ‘erroneous’ traffic to saturate the pipe, but they can also be used for more insidious reasons such as attacking the intricacies of the VPN protocol. A flow as little as 1Mbps can knock a VPN service offline. DDoS attacks explained.
Also see: How VPN Services Protect Your Data
Balancing the volume on the network is also more complex now as more people remotely access the desktop, files, emails and services like Office365 and cloud apps like Salesforce. This can be managed with load balancing, software defined wide area networks, and web performance optimisation – like FastView.
Putting on-demand applications into the cloud so they can be accessed remotely is also a smart move. Load balancing can then scale up applications regardless of where they are located.
But this strategy is greatly undermined if the network and the applications are not secure. It’s therefore imperative there is authentication to validate a user before anything is accessed. People on the network have to be trusted. GDPR fines for data breaches can be very costly and must be avoided.
At the start of 2020, VPN security was in the spotlight as multiple vulnerabilities in enterprise VPN products from Pulse Secure, Fortinet, Palo Alto Networks, and Citrix were exploited by malicious actors and nation states alike. Companies responded by patching or withdrawing the remote access and the problem of attacks died back.
However, introducing home working because of the increased demand and on a much larger scale, is likely to bring entice unscrupulous actors into action. It is more important than ever for companies to ensure that patches are applied before switching any new or extended service on. But more than this, they must commit to maintaining updates and patches during this period of flux. That’s because remote desktop protocol (RDP) has been for the most part of 2019, and continues to be by a fair margin, the most important attack vector for ransomware.
CIOs need to acknowledge that in introducing / extending RDP they are broadening the attack surface. And that the temporary solutions they are putting in place (that could become permanent) have to be secure.
It’s therefore very important to adapt risk models. It’s possible that some companies have different business priorities. But they must return to it. It would be foolish to roll out new services with emphasis on access and usability and neglect security.
After numerous breaches we have seen in the past, it’s evident that strong passwords or some form of multi-factor authentication (MFA) is an absolute requirement when providing remote desktop access to home workers. Best practice would be to get all employees to reset their passwords as they connect remotely and prompt them to choose a new password that complies within a strong password complexity guideline.
As we know, people have a habit of reusing weak passwords for one or more online services – services that might have fallen victim to a breach. Hackers are fully aware of this and offer a genuine cyber threat, if this practice is allowed to continue.
Fear of the virus and a continuous need for up-to-date information provide threats of their own. CIOs need to remind their teams of the risks posed by weblinks and the infodemic / fake news that’s constantly present on social media sites.
A prime example today is the abundant phishing campaigns that are luring people in with the promise of important or breaking information on Covid-19. They are designed to entice them to click malicious links or open infected attachments. In the UK alone, coronavirus scams cost victims over £800,000 in February 2020.
It’s a sad reflection of the cybersecurity world - some people have no ethics and will exploit the horrendous humanitarian disaster we face. We are seeing headline news about attacks on institutions who are trying to help everyone during this very difficult time. Scammers don't stop and just see pound signs not people.
All these factors need to be dealt with by CIOs. They may seem daunting but they are but not impossible. It will require a structured approach when it comes to rolling out, scaling up and integrating technologies. No matter how much pressure there is to put everything in place for business needs as quickly as possible, it is imperative to ensure the actions taken now don’t encourage security failures in the future.