INTRODUCTION TO INTERNET SECURITY
Becoming Familiar with Terminology – Internet Security, Cloud Security, Devices, Virtual Private Networks (VPN).
For those people who do not work in IT, some of the terms that can be mentioned in these areas can be confusing and potentially misleading. This week’s paper looks to help define some of these terms and how they are related to Cyber Threats.
Having at least, a basic level of understanding can help to precipitate a better conversation with your IT provider. It also helps enable your staff colleagues to better understand the terms and raise their awareness of how cyber threats occur and what they can do to prevent them.
The papers to follow this one within cyber-month will delve into more detail about what you can do to counter threats and create best practices across your organisation.
The Types of Cyber Security
The types of cyber security you can employ can be broadly encompassed within these five areas;
- Network & Endpoint Security
- Cloud Security
- Application Security
- Identity Security
- Physical Security
Network & Endpoint Security
This describes the technical element which protects the data within your network, whether stored or in transit across the network. It includes security processes and policies that control network access.
The Common threats to your security include;
- Malware (software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system) and viruses – Be vigilant for suspicious activity. Implementing anti-virus software and intrusion detection programs will help guard against attacks.
- Insiders (employees & contractors etc.) – Ensure that anyone who is given access only has the appropriate permissions. Ensure these are reviewed regularly.
- Malicious hackers – intrusion detection systems (IDS) and intrusion protection systems (IPS): These devices also monitor traffic, while analysing behaviours and activities to identify potential attacks.
- Denial of service (DoS) and distributed denial of service (DDoS) attacks – are malicious attempts to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
- Hardware, firmware, or software vulnerabilities – Ensure that you have the most up to versions that should carry the software’s latest cyber protection updates.
- Ransomware – Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
In broad terms, preventing these types of cyber security threats ensures that your underlying network infrastructure, from devices and applications to end-users, is working securely. This includes deploying;
- Firewalls – they carefully analyse incoming traffic based on pre-established rules and filter traffic from unsecured or suspicious sources to prevent attacks. Firewalls guard traffic where information is exchanged with external devices.
- Private VPNs – This software establishes a secure, encrypted connection to the network from another network or device. It effectively disguises the location of your computer or device meaning that you are much more difficult to locate and attack. The VPN protects the transmission of data whilst preventing unauthorized access to the network.
Endpoint Security – Part of the wider Network security considerations will be whatever device(s) you may utilise from any location, this must include;
- Desktops & laptops
- Mobile devices (inc. tablets & smartphones)
- Network devices
- Connected devices including connected printers, smart assistants, and sensors
In the increasingly evolving hybrid workplace environment, we work in, it is important to ensure that you are able to rely on knowledgeable expert support. Challenge them to prove their approach is audited separately.
Increasingly used by advice practices and technology providers, Cloud Security references the technology, policies, and processes you use to alleviate the security risks of cloud computing, whether you are using public, private, or hybrid clouds.
Your in-house IT or security team has less visibility into the data stored in the cloud because the services are accessed outside the network and are managed by a third-party provider.
- The multi-cloud: About three-quarters of organisations have multi-cloud environments, and this trend will continue to grow as more integrations share more information. Having a multi-cloud approach effectively spreads the risk of storing your data in one cloud environment
- Outside providers: when you use the public cloud it adds another layer to your regulatory compliance management process. Your organisation is responsible for the security “in” the cloud, for things such as data from whatever point of access.
Increasingly the software architecture within all companies is accessing multiple applications as part of their operational needs. This is similar to Cloud Security, even if you are only deploying off-the-shelf software and applications, you need to continuously ensure that they remain secure.
Vulnerabilities are one of the biggest risks because cyberattacks use them to gain access to your environment. There are numerous examples of breaches, for example, in the US the estimated total damage from the WannaCry ransomware campaign — which exploited a weakness in the Microsoft Windows operating system — climbed into the billions of dollars.
A high level of vigilance should be maintained ensuring you are utilising encrypted services.
Internet security is often viewed as securing the data in transit over the internet, it encompasses much more. Internet-borne threats are behind the majority of data breaches.
Although other types of cybersecurity, including network and cloud, help defend against internet threats, the prevalence and scale of these threats are increasing.
- DNS-layer protection: A device that’s been compromised in malware, phishing (when criminals use scam emails, text messages, or phone calls to trick their victims), or botnet (a form of cyberattack that happens when a group of internet-connected devices is infected by malware that is under control by a malicious hacker) attack typically tries to establish a connection to a command-and-control centre. Blocking these requests before the device connects to the internet can stop the threats from entering the environment. This should be part of your IT & Systems audit.
- Email security: Phishing is one of the most common types of cyber threats and blocking emails that contain malicious links and attachments can prevent employees from falling for phishing schemes. Other email security capabilities to consider include encrypting sensitive messages. We will go into further detail about secure communications in another paper during the cyber month.
- URL filtering: This technology restricts the types of websites your employees can access, enabling you to block risky websites based on their content and other predefined criteria.
The physical threat
Remember that Cyber Security includes the physical aspect of your business. Information can be compromised by a lack of physical security, which in turn leads to a cyber-attack. Locks on cabinets (including server cabinets) and secure entry of buildings that could give away information leading to attacks need to be policed carefully.
Ensure your staff follow all email and password protocols and look to enforce these acidulously.
Our Cyber Security Month is Supported By Our Sponsors
Beyond Encryption is the industry standard for secure digital communications, working with major household brands such as Aegon, HSBC, Royal London, Origo, Paragon Customer Communication and Westcoast Cloud.
We’ve built the world’s most secure encrypted communications network, protecting and connecting advisers, providers and platforms throughout financial services and other aligning industries with our secure email solution, Mailock.
Mailock is our versatile software platform, enabling organisations to send customer communication securely via email. Mailock protects sensitive data through end-to-end encryption and multi-factor authentication capabilities, helping our customers to remain compliant, reduce costs, and improve operational efficiencies – not to mention achieving a positive environmental impact through the reduction of print, pack, and post.
With nearly 100,000 customers across 1.8k companies, we give organisations the freedom to exchange information confidently, cost-effectively, and with full compliance, supporting businesses on their digital transformation journey.
Westcoast Cloud are a pureplay cloud distribution partner, enabling over 750 partners to make the most of public cloud services, and the associated security that is needed to support their use.
From email security, anti-phishing software for Microsoft365, to advanced tools and security for Microsoft Azure, we educate and train partners to be able to provide the best-in-class Microsoft security solutions to over 34,000 end user customers.
Alongside these tools we partner with best in breed solutions such as Beyond Encryption. This ensures markets that need that extra layer of security such as financial services and legal organisations, can stop potential attacks and disrupters accessing your customer information without your knowledge. With Beyond Encryptions advanced toolset, customers can control, manage, and maintain the security layers around their emails to ensure that the right information is reaching the right people all the time.