At the same time more employees are working from home and other remote locations, cyber threats against their devices are on the rise. In just the first few months of the pandemic, the FBI said its Internet Crime Complaint Center fielded 3,000 to 4,000 complaints per day, up from 1,000 pre-pandemic complaints.
The attacks are becoming more insidious, such as malware that modifies itself to infiltrate a system and hit a specific target, along with attacks directed at firmware. Ransomware attacks also are up, as is crypto-jacking, where a hacker hijacks an endpoint’s processing power to mine cryptocurrency. Needless to say, phishing attacks that rely on human error still are alive and well.
Employees and students working from home are particularly vulnerable because they often are on unprotected networks and face numerous distractions, says Dan Allen, vice president of the Enterprise Security Group at HP. He points to three key strategies to maintain a proper defense.
Pay attention to the basics, including having a firewall on each endpoint, to block inbound access to ports running protocols such as the Windows Remote Desk Protocol (RDP). Likewise, timely software updates are critical for Windows, web browsers, and key applications such as Adobe Reader. Multifactor authentication also is now considered table stakes, Allen says.
“Just doing those three basic things goes a long way,” he says.
The second strategy is to fully embrace a cloud management strategy. Cloud-based services provide visibility to user devices no matter where those devices may be, giving IT the ability to actively manage, update, and protect them. Devices also can be provisioned and configured over the internet.
Most organizations now use cloud-based offerings such as Office 365 or Google Drive, which offer safe, off-site storage. “Make sure users are using them,” Allen says. Should a device be damaged or a user fall victim to ransomware, the organization can easily remedy it from an image stored in the cloud. “The cloud is an incredibly important pillar in keeping users productive,” he says.
The final strategy is what Allen calls “next-generation protection,” including isolation technology. For example, HP Sure Click, part of HP Proactive Security, makes use of hardware-enforced micro-virtual machines (VMs), which are lightweight containers used to isolate threats. Whenever a user opens a browser tab or a file, including email attachments, it’s opened inside its own micro-VM container, completely isolated from the core operating system. Any malicious code that may be present is confined to that individual micro-VM and cannot harm anything else on the PC or on the network. Once the micro-VM is closed, the malicious code is gone.
Another level of next-generation protection is HP Proactive Security’s ability to prevent user credentials from being stolen. “Whenever a user is in a protected browser, we can analyze the website they’re on, detect a password field has been invoked, and determine whether it’s a legitimate site or a high-risk site trying to steal credentials,” Allen says. If it’s the latter, the user either can be blocked from entering a password, or warned, with an alert sent to IT.
If the worst happens and you need to reimage a user’s PC, HP Sure Recover enables the user to reboot the machine and install a fresh image from the cloud or from a local flash drive on the device.
“We developed that technology years ago, but with so many people working from home, it’s highly relevant today,” Allen says.
To learn more about the peace of mind a multilayered approach to security brings, visit the HP Security Services page.