It seems like we are inching ever closer to a coronavirus tipping point. When the virus was first announced, it was easy to ignore in the face of a thousand other things that we have to worry about every day. I even made a stupid joke about how you could probably catch it by forgetting to add a sanitizing lime wedge to your Corona beer, which went over so well at my favorite restaurant that the management gave me a free round.
But things aren’t so funny anymore. China is being ravaged by the virus to the point that the smog clouds over Beijing are disappearing for the first time in a decade. Italy just quarantined the entire country. And back in the United States, new cases are being discovered in every state, including in Washington D.C., Virginia and Maryland.
And it’s already having an impact on our lives. The famous South by Southwest festival has been cancelled, alongside countless other government-focused events and gatherings of all kinds. And the new James Bond film, No Time to Die isn’t hitting theaters in April as planned. Due to COVID-19, it’s being pushed back until Thanksgiving, though it might be wishful thinking that everything will be all better by then.
If you need evidence that the threat is now everywhere, just pay a visit to a local store in your neighborhood. They won’t have hand sanitizer for sale, and probably will also be sold out of disinfecting wipes and even rubbing alcohol. I couldn’t even find hand sanitizer online. People are already hoarding paper towels and toilet paper too, which will probably be the next products to disappear from shelves. And that restaurant where I got the free drinks a couple weeks ago? You could have heard a pin drop in the empty bar this weekend as everyone seems to be staying home.
Choosing not to head to the movies or a restaurant is fine for your free time, but many of us still have to go to work, including most federal employees not already enrolled in a telecommuting program. The virus may soon bring that issue to a head, as allowing employees to work from home not only protects them from exposure while commuting or sitting in their workspaces, but keeps sick people out of the office after they have been exposed to Coronavirus.
Thankfully, technology has made it so that many workers can do their jobs from home, especially if the right precautions are taken. Over the past year or so, I’ve reviewed several products that could assist both agencies and their employees by empowering and protecting telework. I’d like to share a few of them. This is by no means a complete list, but here are a few of the most impressive products and platforms that I have come across which might make working from home a little safer.
Employing a Personal Bodyguard
I originally reviewed the Fortinet FortiGate 60E for its suitability in protecting federal agency branch offices, as the tiny little 1U device packs almost as many features as the massive firewall gateways at major federal buildings. It offers anti-virus analysis, application filtering, ASIC VPN, firewall protection, an intrusion prevention system, URL filtering and web threat protection. And it works almost as soon as it’s plugged in and connected to the wired gateway.
It’s also extremely easy to use, with an interface that almost anyone can learn without special training. And yes, it’s robust enough to protect a branch office. In testing, it processed 25,000 new sessions per second with a maximum throughput of 3-gigabits per second. But its price, at around $500, also makes it affordable for single users. You can hook a FortiGate 60E up in your home office and have bigtime protection that is on par, or at least comparable, with almost any agency headquarters.
Keeping Cybersecurity Skills Sharp
Those working from home will need to make use of email as a major communications lifeline back to their agency. Thankfully, connecting remote users to their agency email is a skill long since perfected, and made even simpler with web-based mail servers. But once hooked up, users face the same email-based threats regardless of where they are physically located.
The biggest threat, and the one most likely to get around agency content and firewall filtering, is phishing. In fact, in most cybersecurity surveys, like the 2019 Verizon Data Breach Investigations Report, phishing tops the list of threats. It’s often used as a starting point for secondary attacks. Using social engineering to trick users into giving up confidential information or passwords is a lot easier for hackers than attempting to directly break through increasingly stringent cybersecurity defenses, especially in the federal government.
The key to stopping whatever attacks get past email defenses is having users trained to spot and report attacks, though the government is historically no better at this than most businesses. That’s why I was so impressed with the CybeReady platform when I reviewed it in November. It’s designed to educate users about the dangers of phishing and other email attacks that target them, without getting in the way or taking up too much of their time.
Administrators can schedule phishing emails to go out on a regular basis, and craft them to look almost realistic. When a user clicks on a fake email, the training is immediate. They are told that they just fell for a phishing mail, and shown all the specific clues that they could have used to spot the fake. Later on, they can be retested, and administrators can see how well their workforce is improving over time, with lower performing groups given more aggressive training, while champion phishing-spotters are only sent a refresher test every now and again.
Not Sleeping on Agency Security
On the agency side, having more employees working from home with their personal devices could increase the potential attack footprint. That is where the Awake Security platform could come into play. Installed either in the cloud or on-premises, it’s designed to look for malicious intent in a way that most security platforms ignore.
But first, it discovers every device interacting within your network. It uses agents to do this, but not ones installed on client devices. Instead, it watches chokepoints like authentication servers, which allows it to eventually discover everything connecting to your network. In our testing, it found everything we attached to a test network including a notebook, an Xbox One, a security camera, a medical device and an electronic water bottle.
It then conducts what is basically advanced threat hunting, looking for anomalies instead of known malicious activities or signatures. It’s very careful about accusing a device of malicious intent. For example, having a laptop suddenly log in from a remote location is not enough to trigger an alert, as that might indicate that the employee who owns it is traveling. Instead, Awake looks for indicators such as the laptop connecting to something like a database that it has never touched before, or reaching out and trying to log into other devices inside the network.
Once Awake has found something strange, it checks to see if similar activity is happening on any other devices. That might indicate that more than one device has been compromised, or it might simply be a new procedure that the organization is implementing. To find out, the platform can contact the cloud-based Awake Expert System, named Ava, which acts as a storehouse for human threat hunting knowledge. Agencies that don’t want to use the cloud can host Ava locally, but it will require regular updates to remain current.
Having something like the Awake platform that looks for activity that traditional defenses are not designed to detect can be a good second line of defense, especially in unusual times, like when an entire agency is suddenly forced to telecommute to try and stay one step ahead of COVID-19. Even if drastic steps like that aren’t ever needed, automating threat hunting in such a clever and unique way can improve agency security without a lot of extra effort.
John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology. He is the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys
source: NextGov
