CV_Winter_21

Businesses are having an increas- ingly difficult time controlling end users in remote work environments, a new study from Untangle suggests. In its annual state of the channel report, Untangle revealed that the top security threat facing the channel this year was “employees who do not follow rules.” This was followed by the usual suspects including ransomware, phish- ing, and issues with BYOD. The fact though that end users are causing problems for organiza- tions hardly comes as a surprise, when considering that most companies rushed into remote deployments following the outbreak of COVID-19 and were largely unprepared to face expand- ed threat surfaces. Almost overnight, businesses migrated to insecure home networks, where it was much harder to track user activity and keep a tight lid on data. According to Untangle, 40 percent of partners reported that 75 percent of their customer base transitioned to working remotely in 2020. “Giving access to remote employ- ees in a secure way required technol- ogy that many clients did not already have in place, or if they had it, it was not designed to scale to meet the demands of a completely different type of employee working environment,” the report stated. It makes sense then that many of Untangle’s top network security tips for 2021 include user-focused solutions. For example, the top strategy that Untangle recommends this year is multi-factor authentication, to protect user accounts. Additional strate- gies include automated user activity monitoring, employee anti-phishing training, and managing user access. According to the report, 69 percent of respondents said their customers fell victim to phishing attacks, and 47 percent said that customers were victims of ransomware in 2020. Inter- estingly, demands were only paid in 12 percent of attacks. IAM Critical in 2021 The Untangle report also drew attention to identity access manage- ment (IAM), a strategy that involves establishing a framework for ensuring that only authorized individuals have access to IT resources. The need for IAM has been steadily increasing in recent years and came to light in 2020 as companies began to implement more cloud services to support remote work. Cloud deploy- ments in turn lead to more human and non-human identities across an organi- zation. If left unchecked, companies can lose track of their identities and open the door to a variety of attacks. According to the 2020 Identity and Access Management Report from Simeio, the majority (56%) of organi- zations are at best only somewhat confident in the effectiveness of their IAM program. And in its benchmark report, Untangle reported that IAM was the top cybersecurity product that partners are considering adding to their portfolio for 2021. Securing VPNs Untangle also shed light on the types of security features that customers are asking for. Three quarter of respondents pointed to VPN connectivity — far more than endpoint security (12 percent) and cloud migration (7 percent). Yet, many organizations are deploying VPNs for the first time, and many are going about the process incorrectly. This is an issue that Untangle shed light on earlier in 2020, explaining how VPNs can lead to misconfigurations and unauthorized network access. Seeing as though VPNs will remain in demand in 2021, partners should consider discussing deployments with customers and offer support, guidance, and training wherever possible. CYBER PATROL By Gerald Baldino Reigning in End User Behavior Cyber Attacks Partners’ Customers Were Victims of in 2020 Phishing 69% Malware/Virus 54% Ransomware 47% Data Breaches 16% None 15 Cryptojacking 14% DDoS 12% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Source: Untangle Biggest Changes Among Business Adopters Frequently Using Communications Medium Between 2019 and 2010 29% 49% 56% 51% 59% 69% 79% 30% 41% 39% 52 CHANNEL V ISION | January - February, 2021