By: Peerapong Jongvibool, Regional Senior Director of Fortinet South East Asia and Hong Kong
SINGAPORE, April 28, 2020 /PRNewswire/ -- Organizations around the world are engaged in one of the most rapid network transformation exercises in history. In Singapore and across the region, thousands of workers are now working from home, small branch offices, or in modified shifts to ensure their health and safety while ensuring business continuity.
A teleworker program requires careful handling to safeguard infrastructure and accommodate new network demands, whilst coping with the sudden surge of endpoints across multiple environments. Once an organization's basic teleworker solution is in place, consider enhancing it with additional tools to provide extra security and simplification.
Security is critical now more than ever because cybercriminals are likely to target organizations that have made a sudden transition to a mobile worker framework. Fortinet's threat intelligence unit has tracked an increase in malicious activity related to the novel coronavirus. Unfortunately, FortiGuard Labs researchers found that cybercriminals are using the COVID-19 pandemic as an opportunity to try and steal money and personal information by generating social engineering scams via email, text, and phone calls.
Over the past few weeks, there has been an increase in attempts to lure unsuspecting victims into going to malicious sites, clicking on malicious links, or providing personal information over the phone under the auspices of COVID-19. Many of these scams attempt to impersonate legitimate organizations, such as the Ministry of Health (MOH) or the World Health Organization, by offering fake information updates and even promises of access to vaccines – all for a price, of course.
One way to strengthen security is educate employees to heighten security awareness as the workforce moves to a more autonomous and exposed remote environment. While businesses can compensate for many of the new risks that new technologies pose to the organization (such as updating or upgrading secure email gateway and web filtering solutions), it is also essential that leaders understand that these workers have become, in many ways, both the most vulnerable targets as well as the front line for defending the network.
Fortinet's threat intelligence shows that anyone can be a target to obtain access to business networks and sensitive information. For employees now connecting to the office through home networks, even children are potential targets. Beware. Cybercriminals are experts in the art of masquerading, manipulating, influencing, and devising lures to trick targets into divulging sensitive data, and/or giving them access to home and business networks and/or facilities.
There is already a global shortage of 4 million cybersecurity professionals according to a study conducted by (ISC2). This problem is exacerbated with the recent mass migration to 'work-from-home' environments that put even more pressure on infrastructure teams to balance performance and security. Another way to strengthen security is to use artificial intelligence (AI) and automation as part of the threat protection strategy.
Over 440,000 organizations that deploy Fortinet solutions already enjoy advanced threat protection using AI. Fortinet devices are linked by the Fortinet Security Fabric platform that takes advantage of a common Fortinet operating system and an open application programming interface (API) environment to create a broad, integrated, and automated security architecture.
When managing a remote and distributed workforce, centralized security visibility and management are essential. It is important that support for telecommuting does not jeopardize an organization's cybersecurity. This is where automated security comes in to alleviate the manpower crunch. With the Fortinet Security Fabric, all of an organization's devices, including those deployed remotely to support telework, can be monitored and managed from a single pane of glass.
Fortinet solutions offer an integrated solution to support telework. For organizations using Fortinet, their existing technology deployment already contains this functionality. FortiGate next-generation firewalls (NGFWs) have integrated support for IPsec VPNs, enabling remote workers to connect securely to the company network.
Additional measures that companies should take as more work is done remotely:
- Confirm the VPN capabilities/utilization and determine if they are adequate
- Require the use of multi-factor authentication
- Log and monitor everything and pay attention to anomalous behaviour
- Monitor the final disposition of data accessed by privileged access users
- Monitor the key applications and dependencies for anomalous behavior
Deploying large-scale VPN solutions for remote users is a thoughtful process. Beyond enabling simple access, things such as segmenting users based on role, security profile, and the content and resources they require are first-order tasks. Teams also need to identify users that require special access to resources.
Risk management and resiliency require careful planning, combined with an experienced team trained to deal with critical situations in flux. It is essential that teams keep their heads, understand their objectives, and execute strategies with a common goal in mind – maintaining operational consistency, including ensuring that the organization does not compromise on security for the sake of expediency.
People have all been practicing social distancing over the last few weeks to protect against viruses and illness. Likewise, companies should consider cyber distancing from the attackers. Maintain cyber distance by staying wary of suspicious requests, unknown attempts at contact, and unsolicited information and be the protector of information, networks, and health.
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers our customers with complete visibility and control across the expanding attack surface and the power to take on ever-increasing performance requirements today and into the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 440,000 customers trust Fortinet to protect their businesses. Both a technology company and a learning company, the Fortinet Network Security Expert (NSE) Institute has one of the largest and broadest cybersecurity training programs in the industry. Learn more at http://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.
Copyright © 2020 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiInsight, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.
Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such.