The pandemic caused a rapid digital transformation, forcing businesses to search for advanced cybersecurity solutions that would help deal with the growing attack surface.
Switching to remote work had to happen overnight, and no one was prepared. Personal device and network usage created many opportunities for cyber felons to put their talents to use. Yet, for companies, this only meant damage – whether it’s financial or reputational.
While traditional security measures, such as antivirus, VPNs, or password managers, are the most advertised, they’re not always enough. Organizations should make use of tools made specifically for the hybrid work environment, such as zero-trust protection.
So, we invited Marcus Whittington, the Chief Operating Officer at SentryBay – a company that specializes in supporting and securing enterprises with remote or hybrid work environments.
SentryBay was founded by our CEO Dave Waterson and me (The COO) in 2002 in New Zealand. At the time, we were both working as business consultants, occasionally partnering on projects. In 2001, the Love Bug virus was unleashed and it wreaked havoc on unsuspecting computer users when it infected their email address books. While the virus was not dangerous and did not seek any kind of payment, it caused embarrassment and inconvenience to victims, whose contacts were also then infected.
Dave Waterson put his software programming experience to good effect by developing an application that encrypted email addresses in the address book calling a halt to Love bug which was unable to replicate or spread to any further email contacts. He uploaded the app online and invited contacts to download it to protect themselves. Within one month, it had been downloaded by computer users in 34 countries worldwide. Working together at the time, we saw an opportunity to commercialize solutions to combat cybersecurity threats.
Shortly afterwards, SentryBay was selected to become part of a high-profile accelerator scheme in New Zealand, giving our young company the financial backing necessary to employ a small team of software developers and create solutions to combat the growing threat of malware. In 2008, to better reach its growing audience, we moved our headquarters to London, UK.
SentryBay has since expanded both in terms of its customer base, which is worldwide, and its team, which is located not just in the UK, but in the USA and New Zealand.
We develop and market a range of solutions that help enterprises, their customers, and partners arm themselves against cybersecurity threats. The main aim of our solutions is to create a fortified environment that allows users to securely connect to their network, whether on-premise or in the cloud, particularly if they are working remotely.
This has multiple benefits for organizations – protecting them from attacks, securing their sensitive data, and ensuring they comply with industry regulations, international laws, and local guidance. In addition, our solutions enforce protection mechanisms, meaning that users must implement them to gain access to data and applications, but our one-click simple download and automated, centralized configuration provides instant protection.
Endpoint devices accessing the corporate network represent the greatest threat to organizations. They can be managed or unmanaged, known or unknown, but if they are unsecured, they can potentially give hackers a way in. A zero-trust approach is one in which all users and all devices must be verified before they are given access to corporate data, applications, platforms, and networks. The motto ‘never trust, always verify’ is important to remember and a good rule for companies to live by.
Implementing zero trust is not straightforward. It needs to be regarded as a holistic exercise that envelops every part of the business. It’s not a single solution or a platform, it’s an approach to the cybersecurity threat that must be built into a company’s broad IT security strategy and preferably layered so that it can deliver the greatest protection.
If the global events you’re referring to are the pandemic, then there has been a seismic impact on how cybersecurity is now viewed. Not only have attacks risen exponentially, but most office-based employees became remote and now the world is adjusting to a more hybrid approach. The exposure of companies to risk has never been so high, so attention is being paid to how best they can protect their applications, data, and people from attacks.
To begin with, many organizations scrambled to keep staff productive, even if that meant using their own devices. From a security perspective, this was dangerous. More recently, and as people started to go back into physical offices, many have adopted a BYOD policy alongside the tried and tested method of Internet security, antivirus software, and securing the wireless network with a VPN. Attacks have continued to happen, and a realization has set in that this triumvirate will no longer fend off the latest malware.
The strategy for cybersecurity needs to reflect the changing corporate environment. Many organizations are adopting a hybrid IT approach which means that their applications, platforms, and workloads are distributed across private and public clouds, co-location, or private data centers and this requires better control of security. Companies must recognize the vulnerability of the endpoints that their employees are using and start from that perspective. Organizations can benefit from solutions that create a secure container providing them with multi-platform protection from a single pane of glass. Data entered at the endpoint is automatically ‘wrapped’ to prevent it from being stolen or infiltrated before it reaches the cloud server or the network without the need to identify the threat or its origins. This provides an unprecedented level of protection to users and organizations that is easily integrated, including across hybrid cloud or IT environments.
There are some golden rules that should be drummed into everyone. Never respond to emails or texts asking for suspicious information like updated payment details. First, make sure it all makes sense and check authentic websites for any fraud alerts.
Ensure you operate antivirus with all security functions turned on and ensure it is set to auto-update daily – and if there is a warning from the browser take it seriously. Always ensure you only enter websites with certificates (typically showing a padlock next to the URL) and access them using a recognized browser with all security settings on. Always use closed and secure wifi when doing anything that involves entering personal or financial information (using a VPN provides even better security). And finally, use data protection software that protects every keystroke.
Where would you like us to start? Any malware can take advantage of an endpoint that is unsecured but perhaps the most insidious are kernel-level keyloggers. They enter through an unprotected endpoint or even one protected by a standard antivirus solution, and they sit, undetected, at a low-level, harvesting keys tapped on the keyboard the second they enter the operating system and are infamously difficult to eradicate.
Other forms of cyberattack target the vulnerable data entered into an application after login or sensitive data displayed on the screen through the application. Such attacks include screen capture or screen grabbing, DLL injection, and Man-in-the-Browser attacks. Screen grabbing captures the screen when certain events occur, putting at risk all information held within applications and entered at the keyboard. A DLL Injection attack is a method of inserting malicious code into an application to access sensitive data, and a MiTB attack will typically use JavaScript code running in the browser to gain access.
All of these take advantage of unprotected endpoint devices and once they get access, they have the potential to steal sensitive corporate data and create havoc.
There are a variety of reasons. Sometimes they don’t have a full picture of every asset in their environment, so an unprotected laptop or even a smart printer, for example, is missing from their inventory. It could be that the complexity of their infrastructure makes it hard to understand where vulnerabilities lie. It can also be that they believe they do see the full scope but have not adopted zero trust, and therefore access is granted when it shouldn’t have been. There are multitudes of reasons.
SentryBay are constantly improving our products as cyber threats evolve, and also expanding the number of threats protected. In addition, the company strives to make it easier for customers to use our products without interfering with their day-to-day computer work. We spend a large proportion of our revenues on research and development to ensure the company stays at the leading edge of the security industry. This is illustrated by our blue-chip customer base which includes some of the largest, most security-conscious organizations and governments in the world.
Subscribe to our newsletter
For the latest insights into the quickly evolving cybersecurity landscape, please complete the form below and we will share our newsletter, SentryPost.
Request demo
For a demo of our solutions and the opportunity to chat to our expert team, please complete the form below.