Getting The Basics Right
Although there are many advantages of employees working from home (not the least of which, is employee health) there are significant challenges regarding data security, privacy, and compliance. There are precautions and best practices that are being employed by many companies and should be part of the security and compliance infrastructure as companies adapt to the new norm of both people and sensitive data residing in remote locations.
Some of the best practices include:
- VPN connections for secure communication with the corporate network
- Only allowing company-owned devices on the corporate network
- Top-quality antimalware and firewall software for remote devices
- Encryption for sensitive data in transit and at rest
- Two-factor authentication
A TIME OF ADDITIONAL RISKS
Unfortunately, hackers and criminal organizations are taking full advantage of the unusual circumstance we are all going through as we deal with the pandemic.
There's been a significant uptick in Covid-19 focused phishing emails. This technique plays on the anxiety that many employees have as they adapt to a new home, work, and school situations. Phishing training and top-level antimalware are suggested in these scenarios.
FAKE CORONA VIRUS TRACKING APPS
Apps utilizing real data feeds from Johns Hopkins and other sources actually contain tracking malware that can access data, photos, and videos and can even control the phone's camera and microphone.
It may be harder to identify stolen credentials as employees log in from unusual and unique IP addresses. It will be much easier to overlook an impostor's login attempts. Additionally, hackers are utilizing wardriving to identify vulnerable networks in neighborhoods.
MAINTAINING COMPLIANCE WHEN EMPLOYEES ARE REMOTE
As employees connect to servers each morning via VPN, to download the valuable corporate data that they need for the day, compliance and security are easily jeopardized. As soon as the employee disconnects from the VPN, corporate oversight goes blind, and compliance can't be maintained.
Because Veriato's Cerebral agent is located on each endpoint and monitoring and recording is continuous, regardless of the connection status, there is always a definitive record that proves compliance.
Additionally, Cerebral's communications are not VPN dependent. Cerebral can be set to communicate through a dedicated URL link so that the monitoring details are passed back to the corporate server whenever there's an internet connection. Even with no connection, all recorded data is stored on the endpoint until the next time a connection is available.
Cerebral allows the corporation to gain back visibility for everything that every employee is doing. Additionally, the SQL database provides the ability to create customized reports, greatly simplifying the compliance reporting process.
INSIDER THREAT INTELLIGENCE PLATFORM
As employees and vital data became scattered to houses across the city/state/country, companies risk footprint expanded exponentially. Now more than ever behavior analytics and threat hunting is needed for the "new norm."
Cerebral will hunt for signs of fraud, data theft, and other suspicious/restricted activities in realtime. Cerebral gives an organization the ability to react quickly to protect critical data (e.g., client lists, patient info, financials, customer data, IP, etc.). Additionally, Cerebral's screenshots and data logs become crucial evidence for use by HR or in legal proceedings when necessary.
Cerebral is an advanced and integrated platform integrating User Behavior Analytics (UBA), User Activity Monitoring (UAM), and dynamic Risk Scoring. Cerebral quickly identify threats and determine the exact nature of the incident through coordinated logs and screenshot technology, allowing you to respond to a breach in minutes and at the same time create an evidence trail crucial for legal action.
MONITOR ANYTHING OR EVERYTHING
||USB Device Usage
||IM & Chats
|Email & Webmail
Proactive Threat Hunting
The ability to hunt threats by recognizing the early warning signs, like changes in an employee’s attitude, language, and behavioral patterns, allows you to move your security posture from reactive to proactive.
Daily Risk Scores
Cerebral’s AI-based behavior analysis, continually tracks each user's activity and language characteristics (psycholinguistics) to create daily risk scores for every person in the organization. Cerebral’s user behavioral analytic software provides early warning of suspicious behavior through the monitoring of user behavior and alerting when actions contradict policies or vary from well-defined behavioral patterns of the individual or their group. Cerebral monitors user behavior for indicators of risk, recording and alerting when an insider’s risk is elevated, enabling rapid interdiction.
Anomalies & Keywords
Cerebral can send alerts based on changes in a users’ behavior and/or on custom-defined keywords, allowing you to know when a user’s actions deviate from their behavioral or psycholinguistic baselines or deviate from their group's baseline behaviors in a way that suggests a possible Insider Threat.
TO LEARN MORE ABOUT VERIATO'S CEREBRAL