FUTURE TECHNOLOGY
Cybercriminals can see three things that help
them achieve this.
First, collaboration tools can be exploited
to provide a route to the critical data and
assets that every organisation has. This is
a very real threat. CyberArk’s Labs team
found an exploit in the Microsoft Teams
collaboration tool that meant credentials
could be stolen simply by sending an
infected image to another user. We worked
with them to close this security hole.
Secondly, more people are accessing
sensitive commercial information from their
home office, often from unsecured personal
devices. This can provide an open door for
attackers. VPNs are often used to access
corporate systems and these have become
popular targets for attackers who are looking
to take advantage of insecure connections.
Moreover, many workers will be allowing
their corporate laptops and other devices
to be connected to the Internet by a family
member while working from home. So the
good security habits that might allow an
employee to recognise and avoid a malicious
website or phishing mail can be bypassed by
this kind of behaviour.
Finally, in the shape of Coronavirus,
attackers have a subject that is top of the
mind that they can use to their advantage.
This means when, for instance, attackers try
to get people to click on malicious websites
or phishing emails to compromise credentials
and gain access to corporate systems, they
have a better chance of success.
What should organisations look for
in a privileged access solution for
third parties and remote workers?
Businesses can improve their risk posture
by managing employees and applications’
access permissions once in the infrastructure
and making sure third parties have trusted
entry points into the organisation.
Then it’s a matter of keeping an eye on
data flows, training the people who have
access to these systems and having a clear
overview of security practices across the
supply chain. Ultimately, collaboration
carries an element of risk, but it can be
addressed by taking a consistent approach
to security, replicating good practices
amongst partner companies and reducing
risk by ensuring greater visibility into activity
during secured sessions and having the
ability to take an action to mitigate risk.
Privileged access management provides
greater visibility of – and control over –
remote access to enterprise networks, as
more and more employees work remotely.
Businesses should look for platforms that
employ biometrics, Zero Trust and just-intime
provisioning to reliably authenticate
remote vendor access to the most sensitive
parts of the corporate network.
In the current environment, where
endpoint devices have disparate levels of
security and the office environment can be a
café, car or home office, cybersecurity needs
to match the flexibility of modern working to
best ensure Business Continuity.
How can organisations secure the
‘new normal’?
Staying ahead of known and emerging
threats in this new landscape has
added even more levels of complexity
to an already complicated job. CIOs and
INTELLIGENT TECH CHANNELS
INTELLIGENT
TECH CHANNELS Issue 30
33