Skip to main content
Tag

Coronavirus

|COVID-19 Cyberattacks|||Europol Statement on COVID-19 Cybersecurity||

COVID-19 Causes Increase in Cyberattacks

By NewsNo Comments

COVID-19 Causes Increase in Cyberattacks

As the world continues to face COVID-19 and cyberattacks increase, patch management and endpoint security are becoming more challenging for businesses and IT professionals.

Coronavirus is Leading to Growth in Cyber Attacks

As the world continues to battle COVID-19, patching and securing endpoints has become a much bigger challenge for businesses.

A recent survey from Threatpost revealed that 40% of companies reported seeing increased cyberattacks as they enable remote working.

In a joint statement from the European Commission, ENISA, CERT-EU, the organizations shared concerns about COVID-19 related vulnerabilities.

The coronavirus outbreak has spurred widespread anxiety and forced many people to work from home. Malign actors are actively exploiting these new challenging circumstances to target remote workers, businesses and individuals alike.

Relevant European Union entities are in close contact with one another to track these malicious activities, raise awareness in their respective communities and help protect confined citizens. The European Commission, ENISA, CERT-EU and Europol, among others, will continue to monitor the situation and coordinate as appropriate to ensure a safer cyberspace for the EU and the world.

Despite this call-to-action, many businesses and IT professionals are still unequipped to handle the exploits. Companies are making infrastructure changes on the fly and opening up corporate networks to potential attacks.

Proactively Protecting Your Organization

A secure, roaming product like Syxsense allows you to manage and secure vulnerabilities exposed by open ports, disabled firewalls, ineffective user account policies, and security compliance violations from remote workers.

In this unpredictable time, detecting software vulnerabilities isn’t enough. Traditional security scanners only do half the job by identifying and tracking possible vulnerabilities and exposure without eliminating the risk.

Combining security scanning and patch management in a single console, our vulnerability scanning feature not only shows you what’s wrong, but also deploys the solution. Gain visibility into OS and third-party vulnerabilities while increasing cyber resilience through automated patching and security scans. Insights into the OS misconfigurations and compliance violations reduce your attack surface and increase peace of mind.

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
work-from-home vulnerability scanners

How Vulnerability Scanners Help Work From Home

By Blog2 Comments

How Vulnerability Scanners Help Work From Home

Although conventional vulnerability scanners require a server setup on-premise to support devices, Syxsense allows devices from anywhere to check in and run security scans.

What is a Vulnerability Scanner?

Vulnerability scanners scan a computer and raise an alert if they discover any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.

Vulnerability scanners are not complete security solutions, but they are one small part of a good security strategy. Most do not actively prevent attacks; it is only a tool that checks your computers to find vulnerabilities that hackers could exploit. It is up to the system administrator to patch these vulnerabilities in order to create a security solution.

How Vulnerability Scanning Helps Remote And Home Users

That is where Syxsense Secure comes in. Syxsense Secure is the first product to combine IT management, patching, and security vulnerability scans in a single cloud solution.  Now IT has the ability to manage and secure vulnerabilities and security weaknesses exposed by open ports, disabled firewalls, ineffective user account policies, and security compliance violations from remote workers and those on the corporate network.

The vulnerability scanner assesses items such as user security and port status. At a time when organizations are sending their fleet home, the biggest concern is end-user security awareness and whether or not they’re following protocol. Proactively validating these attack vectors allows for a safer work-from-home experience.

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

Watch the Webcast: Securing Work-From-Home Devices

By NewsNo Comments

Watch the Webcast: 5 Strategies for Securing Work-From-Home Devices

As many organizations navigate the realities of remote work, our webcast shows how to get a clear understanding of how vulnerable your work-from-home devices are to attack.

Reduce Your Attack Surface from Home

Whether you are heading into week two or three of COVID-19 isolation, your IT landscape has undoubtedly changed.

Our webcast explores the best way to get a clear understanding of how vulnerable your work-from-home devices are to attack. Explore the top five strategies to harden devices, reduce your attack surface, and find peace of mind.

We’re bringing industry-leading IT management and security strategies right to your desk. Our webinar covers:

  • Setting up security scans—because patch scans only do half the job
  • Using security scanning results to block brute force attacks
  • Confirming antivirus is installed, running, and definitions are updated
  • Quarantining and troubleshooting a device you suspect has been breached
  • Checking and deploying patches for zero-day vulnerabilities

View the Webcast

5 Strategies for Securing Work-From-Home Devices

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||||||See and Stop Every Cyber Threat with Syxsense

The Cyber Impact of Coronavirus

By BlogNo Comments

The Cyber Impact of Coronavirus

With the rise of COVID-19, prepare for the cyber risks that your network could become exposed to when employees start working from home.

Work-from-Home Security with Coronavirus

For offices around the world, the possibility of having to send employees home indefinitely as the virus spreads is becoming very real. If your organization hasn’t needed work-from-home policies in place before now, it’s time to start building them. Here are some considerations to ensure your technology and security are ready for the cyber risks that your network becomes exposed to when employees work from home.

In recent weeks, precautions have been published by national health authorities in response to the Coronavirus (COVID-19) outbreak, as the World Health Organization declared the virus an international pandemic emergency on March 11, 2020.

The virus—a flu-like illness with a higher R0 score–has recently made its way to the U.S and Europe. This has caused a surge in organizations that are examining the risks involved with allowing employees to work from home.

Big corporations like Facebook and Microsoft are seeing the outbreak’s effects first. These were some of the first to send employees out to work from home—closing down entire office locations in some areas to prevent the spread of the virus. But for smaller organizations and those that haven’t incorporated remote working before now, haphazardly trying to have all employees work from home is a serious security risk.

As CDC professionals work to get a handle on this human virus, Syxsense combats the types of computer viruses that will undoubtedly affect remote workers and organizations during the coming influx of work-from-home.

What are the cybersecurity risks of working from home?

  • Home devices are likely to have unpatched and out-of-date software
  • Exposing sensitive corporate data
  • Wider attack vector for attackers

Preparing for Remote Users

A great first step is to think about and protect the endpoint from which the employee will be working.

Is it a laptop that belongs to your organization? It should already be subject to your organization’s cyber protections, including security software, rules regarding local admin access, web filtering, and application control. If you don’t have those protections in place, this is where you need to start.

For endpoint security, we recommend focusing on implementing key security solutions: patch management to quickly remediate potential security gaps, endpoint detection and response (EDR) to monitor for cyberattack activities on the endpoint device. In addition, we also recommend Two-factor Authentication (2FA) on important accounts, especially your remote access tool.

MFA is becoming more critical as organizations grow more digitally connected. Enabling MFA on user accounts, most-used online solutions, and other business tool accounts can ensure that a “hacked” password or a lucky guess isn’t the only layer of defense that stands between your accounts and a “bad guy” on the other end.

Patching is Critical

As more business infrastructure gets connected, Juniper Research data suggests that cybercrime will cost businesses over $2 trillion total. Nearly 60% of companies have experienced web-based attacks, phishing, social engineering attacks, malicious code, and botnets. 43% of attacks target small businesses with an average of 39 seconds between attacks.

Combining security scanning and patch management in a single console, Syxsense is the only product that not only shows you what’s wrong, but also deploys the solution. Gain visibility into OS and third-party vulnerabilities while increasing cyber resilience through automated patching and security scans.

If you’re not able to provide your employees with laptops or workstations they can take home, then you’ll need to make sure you have some way to protect their personal devices with standards similar to those of your corporate environment. This is vital, because there is a very real chance that some of your employees’ home devices may already be compromised.

The majority of home users, despite expressing security concerns, fail to follow cybersecurity best practices in their digital lives outside of work. In addition, many home laptop and desktop computers remain unprotected from malware and computer viruses, with one estimate showing that about 1/3 of computers worldwide become infected with malware (750 million in 2018).

Consider making your company’s security software available for your employees to install on their home systems, with emphasis on your Malware Prevention or AV. While this incurs some additional cost and administrative overhead, it may protect you from an easily-exploited attack vector. For added visibility into endpoint activity and security, consider adding an Endpoint Detection and Response (EDR) solution to alert on abnormal device behavior and signs of malicious attack activity.

Be aware that having your teams work from home using personal computers can introduce security risk factors that are out of your control—by allowing personal device use for company work, you are accepting that risk.

Provide Remote Access

  • Will you be using a remote desktop solution?
  • Are you going to allow direct connectivity to your corporate servers from remote employees?
  • Do most of your employees only require connectivity to a few cloud-based applications?

Your answers to these questions will dictate what sort of protections you need to put in place and what regulations to implement on the connectivity between your remote users and your internal infrastructure.

Ideally, you’ll want to put as many of the same protections in place for remote workers as you have for in-office workers. Make sure you’re scanning and logging all possible sessions, including VPN (Virtual Private Network) and RDP (Remote Desktop Protocol) logins, web traffic, SMB (Server Message Block) protocol access. If your firewall/VPN solution allows it, you should scan and log all sessions between your remote user and your internal systems, as well as restrict traffic to only what is necessary for each remote worker’s job role.

Whether your users will be working from company devices or whatever they’ve got at home, you want to ensure that you’re protected against data loss and theft as they access and share files across networks. This could mean implementing secure Remote Desktop solutions for users to work from and allowing users to use a corporate VPN to secure their connection when working from public or home wireless networks. If users’ traffic is as protected as possible, the risk of remote connectivity decreases significantly.

If possible, use web content filtering to continue to protect your remote employees from malicious websites and to preserve productivity.

Take advantage of two factor authentication everywhere possible. Specifically, protect your remote VPN, cloud applications, and admin sessions. While a token-based MFA solution like Google authenticator or FortiToken is best, any secondary authentication like SMS or email-based will be better than single factor logins.

Have a Support Plan for Remote Users

Your IT staff will likely need some remote support tools and be familiar with them when the time comes—especially if your work force isn’t used to working remotely. The number of calls to your support desk will increase dramatically, so make sure you’re ready to handle the influx of users struggling with new technologies for the first time.

An organization with a well-designed security policy and disaster recovery plan may find they already have a lot of these solutions in place. Working from home need not be any less secure than your office environment – just be sure to do some planning, set up some policies, and put effective measures in place.

In summary, here are some key Do’s and Don’ts for incorporating remote working into your organization:

Don’t:

  • Let your users use their home devices, if possible
  • Allow high-level asset access from remote users
  • Leave port 3389 (RDP) open and unsecured to the internet
  • Allow remote access to any administrative functions without requiring MFA. If possible, secure ALL remote connectivity with MFA.

Do:

  • Provide remote assistance options. End-users will most likely require aid while working remotely and Syxsense effortlessly provides remote control and monitoring tools, regardless of where the device(s) reside.
  • Log all remote access. If possible, log all sessions from VPN users to internal resources. Syxsense can be configured to allow remote users to securely remote connect back to corporate resources with end-user access, while ensuring the required authentication steps as well as logging all access.
  • Use MFA on every platform that supports it. The Syxsense console itself supports 2FA through Google Authenticator and email, as well as single sign-on through Okta and Azure.
  • Provide locked-down, encrypted systems (laptops, desktops or tablets) for your employees’ use. Syxsense always leverages a highly-secure connection back to the cloud to protect each and every device from external threats. Syxsense can also proactively monitor potential vulnerabilities while on external networks, but also quarantine devices should they offend corporate policy.
  • Keep all remotely accessible systems fully patched. Syxsense can easily schedule-up patch deployments for OS and third-party updates whenever desired, whether on-demand or on a routine basis whenever the device is best available. This ensures the latest vulnerabilities are remediated in a timely manner, even with zero-day situations or upgrades to Windows.

Turn to Syxsense for More Secure Endpoints

Endpoint security is a complex and multifaceted issue requiring vigilance and cooperation across all departments within any given organization. Turning to the broad complement of endpoint security solutions offered by Syxsense will be an excellent place for you to start.

  • For a “one-stop-shop” with vulnerability scanning, patch management and endpoint detection and response in one package, look no further than Syxsense Secure. Available as a standalone software product or alongside 24/7 managed services from our dedicated, experienced team.
  • The similarly comprehensive Syxsense Manage solution offers additional endpoint, OS and patch management oversight to complete the picture of meticulous and wide-ranging threat management.

Begin your organization’s journey toward airtight endpoint security with a free trial of Syxsense’s products and services.

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

5 Steps to Prepare Your IT Department for Coronavirus

By BlogNo Comments

5 Steps Every IT Department Should Take to Prepare for Coronavirus (COVID-19)

Coronavirus is impacting businesses worldwide. Here are the steps every CIO and IT department should take to prepare their businesses.

Coronavirus is Here to Stay

According to major news outlets, Americans need to prepare for the imminent spread of Coronavirus. The U.S. Centers for Disease Control and Prevention (CDC) stated: “It’s not so much a question of if this will happen anymore, but more really a question of when it will happen — and how many people in this country will have severe illness,” according to Dr. Nancy Messonier, director of the CDC’s National Center for Immunization and Respiratory Diseases.

As seen in China, Coronavirus (COVID-19) is impacting businesses worldwide. We can expect a similar impact across the United States and Europe in the coming months.

How will Coronavirus change the way our business works?

We expect much greater use of remote meeting technologies like Zoom. This allows workers to avoid travel and decrease contact within the office, reducing close person-to-person contact in meeting rooms.

Additionally, we expect an increase in teleworking. Person-to-person infections can be greatly reduced by employees working from home. As seen in Asia, and now Europe, self-quarantine rules will likely be implemented. Teleworking will allow employees who are not sick to still be productive from home.

How Your IT Department Should Prepare

  1. Install office hand sanitizer stations. This simple step is one of the most effective methods to prevent transmission.
  2. Implement remote support tools. This allows your support team to remote control devices within your network to reduce or eliminate desk-side visits.
  3. Order hardware supplies. Desktops, laptops, servers, and spare parts should be ordered now. Most hardware is manufactured in Asia and supply chains are already being impacted. Organizations should be purchasing three months of equipment needs.
  4. Prepare for teleworking. What hardware, software and other tools are required for teleworking?
  5. Select the right tool. Does your IT management tool support teleworking? Can you manage devices outside the corporate network? Can devices at home access the corporate data you will need? Will you ensure large numbers of highly distributed devices are patched and secured without them coming into the office?

Start your organization’s journey toward simple and powerful endpoint security with a free trial of our products and services.

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo