Security

Next-generation firewalls (NGFWs) play a crucial role in protecting organizations against emerging threats. These advanced network security guardians can scour inbound and outbound traffic on the network edge and in the data center for signs of intrusions and malicious activity, blocking potentially dangerous data before it reaches its destination. Many organizations have deployed NGFW technology as an integral component in their cybersecurity programs.

At the same time, organizations are fine-tuning their cloud strategies. Whether they’re adopting an all-in, cloud-first strategy or selectively using cloud services as part of a hybrid offering, the reality is that sensitive business data now resides both in our own data centers and in those run by cloud partners. Cybersecurity and networking teams must be able to defend that information from attack everywhere that it resides, or attackers will seek out the weak points in an organization’s cybersecurity architecture.

Cybersecurity leaders should integrate their NGFW and cloud computing strategies to better protect organizational assets. The best way to do this is to consolidate on a single NGFW platform and use it across both cloud and on-premises network systems. NGFW vendors offer virtual appliances and software subscription models that allow for easy cloud deployment, anticipating this approach. Let’s take a look at four drivers for this consolidation.

IT is often underfunded in midsize businesses, and for the most part, IT teams focus their efforts on keeping things running, following the old adage, “If it ain’t broke, don’t fix it.” That works well in most areas of infrastructure, but it can lead to disaster when applied to cybersecurity.

Fortunately, I’d encountered this situation before and was able to offer some advice based on my work with other customers. The company’s IT team could quickly ramp up its security capabilities by taking advantage of managed security services. These service offerings would enable the organization to gain the expertise of cybersecurity professionals without increasing the size of its own IT team. Instead, the company would depend on a managed service provider to augment its technology staff. The MSP would be able to spend more time on security than the company’s in-house professionals, and it could provide specialized expertise.

We looked at four areas where managed services could have an immediate impact on the company.

Education and government organizations are accustomed to strict regulations on data privacy and security. Organizations must stay compliant with regard to how and where they store data; who can access it, how and for what purposes; and how they preserve privacy in data analysis. But this year, leaders in all sectors are taking another look at their data — and, in some cases, deploying master data management solutions — to maintain compliance in remote operations.

One reason for the renewed attention to compliance is that many organizations are collecting new types of data. In schools and colleges, for example, videoconferencing platforms may capture video and audio, along with academic and personal information. Many organizations have managed remote work by expanding their use of cloud computing, which triggers encryption and security protocols for data at rest, in transit and in analysis.

Onsite, organizations are gathering data through technology solutions designed to facilitate safe interactions and maintain social distancing, such as thermal imaging for temperature screenings or video recordings and analytics for occupancy control and contact tracing. All this data must be properly managed and stored.

Today’s privacy environment is far different from the landscape that businesses faced only a few years ago. This movement began in the European Union, which in 2018 replaced its existing privacy rules with the General Data Protection Regulation. This sweeping privacy law provided broad worldwide protection for the personal information of EU residents. GDPR’s reach spread well beyond the European continent, as almost every large American company has some business presence in Europe. Organizations scrambled to understand the impact of these new regulations and update their European-facing websites to comply with the new standards.

In July 2020, privacy regulations hit closer to home when enforcement of the California Consumer Privacy Act began. CCPA provides GDPR-style protections to residents of California. Due to the difficulty of segregating information about California residents, most companies are choosing to apply CCPA standards to all of their customer information. In fact, many privacy experts suspect that other states will soon follow California’s example and pass their own consumer privacy legislation.

Here are a few things that you can do to make sure that your organization is ready for these new regulations and whatever is next on the privacy horizon.

At this stage of the pandemic, remote work is nothing new for most of us. But thriving in this environment is still very much a work in progress. As we all acclimate to our home lives and work lives combining, organizations must continue to hone their IT strategies to address new security needs. How can they do this? It’s a question my CDW colleagues and I explored in a virtual roundtable we held called “Securing the New Remote Workforce.”

Let’s dive into a few key security takeaways this panel touched on.

Zerologon is the name given to a security vulnerability found in Microsoft Windows domain controllers by Secura. It is an unauthenticated privilege escalation vulnerability in the Netlogon Remote Protocol (MS-NRPC). An attacker can leverage this flaw to gain administrative access to a Windows domain.

This vulnerability was assigned CVE number CVE-2020-1472 and rated critical. A Zerologon vulnerability that was patched by Microsoft in August has been making the news lately as proof of concept exploits have started to appear in the wild. In this post, I will discuss in more detail what this vulnerability is and how you can defend against it.