Últimas notícias

Fique informado

Why Businesses Need an SDP during the Coronavirus Crisis

23 de abril de 2020

Spotlight

Comitê Gestor da ICP-Brasil aprova emissão primária por videoconferência

A aprovação cria o amparo jurídico necessário para a edição da Instrução Normativa que regulamentará e viabilizará o processo operacional da emissão primária de Certificados Digitais através de videoconferência.

22 de janeiro de 2021

Veja o que diz Miguel Martins da AET Europe sobre gerenciamento de eIDS

Como traçar a estratégia de IAM para sua organização? Confira o que diz a AET Europe, líder global em gerenciamento de identidades.

19 de janeiro de 2021

Reconhecimento facial sem prova de vida está com os dias contados, afirma CEO de uma das principais plataformas brasileiras de biometria facial

Conversamos com José Luis Volpini, CEO da CredDefense, uma das pioneiras e mais conceituadas plataformas de biometria facial do mercado brasileiro.

6 de janeiro de 2021

Carimbo do Tempo dá início ao fim da era dos protocolos proprietários na ICP-Brasil. Ouça

Segundo Dr. Roberto Gallo, o fim da era dos protocolos proprietários na ICP-Brasil tem data marcada e deve beneficiar fabricantes, prestadores de serviços e clientes finais.

28 de dezembro de 2020

14 Tech Pros Predict The ‘Next Big Thing’ In Cybersecurity And Encryption

Cybersecurity is a constant arms race. Because of its continuous evolution, what firms have solved for today might be obsolete by tomorrow.

22 de abril de 2020

The Dilemma: Should you phish test during the COVID-19 pandemic?

Because we’ve entered a ‘new normal’ you should let your user know that cybercriminals are having a heyday with COVID-19, read more here.

3 de abril de 2020

With over two million Coronavirus cases and counting, the pandemic doesn’t seem to be slowing down anytime soon, and SDP becomes a necessity 

Written by Damien Mason

Damien Mason – Writer at ProPrivacy

Businesses have no choice but to continue using the work-from-home model and while some employees might be happy about it, companies have plenty to worry about as hackers are working overtime.

Business-related cyberattacks are getting worse

According to data, shortly after enabling remote working, around 40% of businesses saw an increase in cyberattacks on their network. Many of those attacks involve DDoSing, which forces business networks offline, causing significant financial damage due to too much downtime.

Alongside that, cybercriminals have also ramped up phishing attacks. Since January, around 4,000 Coronavirus-related domains were registered around the world. Out of them, 5% are suspicious and 5% are malicious, which is 50% higher risk than your standard website.

Coronavirus-themed phishing and vishing preys upon everyone’s hunger for Covid-19-related news, tricking employees into interacting with dodgy websites, downloading malware-infected files, or even sharing sensitive corporate data. The amount of people falling victim to these scams is also increasing because employees don’t take the same safeguarding measures provided to them in an office.

Instead of work computers hooked up to a corporate network, many are working from their own devices connected to their home internet. Blurring the lines between professional and comfortable, it’s much easier for employees to let their guard down and get distracted, seeing them unwittingly answer a phone call from an unknown number believing it to be a colleague that’s not listed in their contacts, or click on an unverified email that claims to offer details on the “newly developed Covid-19 vaccine.”

If anything like that happens, the results are obvious – employee devices will get infected with malware (especially ransomware), which will in turn infect your whole network, and scammers will easily get their hands on all your valuable data.

Add that to the financial strain your business is already dealing with (remote setups, extra bandwidth, paying rent for a workspace you’re no longer using), and your company will go under before the quarantine even ends.

This is where an SDP comes into play.

What is an SDP?

SDP stands for Software Defined Perimeter. Without getting too technical, it’s a security solution that bases your network’s perimeter on software instead of hardware. It establishes a virtual boundary at the network layer instead of the application layer and authenticates user devices and identities before granting them access to your servers.

To offer complete protection from network attacks, SDP architecture uses five layers of security:

•SPA – Single Packet Authentication

•mTLS – mutual Transport Layer Security

•DV – Device Validation

•Dynamic firewalls

•AppB – Application Binding

How SDP Connections Work?

While the terms might vary from service to service, an SDP uses three things to function:

•The SDP client – Usually in the form of an app.

•The SDP controller – This is the trust broker between the employee/device and the company network.

•The SDP gateway – Also called an access node, it grants the user access to the requested network.

Since that all sounds a bit complex and vague, here’s a basic sketch of how an SDP would work:

1. Employees use a dedicated app, run it, and go through the authentication process. Once they pass, the client will whitelist them, and will set up a new connection to the controller.

2. The SDP controller establishes trust between the client and the backend resources (basically, it negotiates an encrypted connection).

3. The gateway grants the user access to the resources they need. Instead of getting logged into a large network, however, the SDP will set up a dedicated network connection for them which nobody else can access.

Simply put, when you use an SDP, it’s like you’re using a web server with an Internet connection but absolutely no open connections with any device, rendering your company servers pretty much invisible.

How can an SDP protect company data during the Covid-19 pandemic?

That explanation probably gave you a basic idea of what an SDP can do for your company, but some of you might still be on the fence about using one. So, here are the perks of securing your network with an SDP during this pandemic and beyond:

Secure Your Network against Malware

The goal of any phishing attack is usually to infect a device. If a hacker takes over an employees’ device with malware, they’ll quickly spread it to your network when they connect to it.

Even if that happens, an SDP can protect your servers. Basically, if a user with an infected device were to ask for access to the network, the SDP will analyze their device for any traces of malware (alongside other security inspections). If it detects any malicious activity, it will block (and sometimes even blacklist) the device.

Also, SDPs seamlessly integrate with any IdP (Identity Provider) solution, meaning you can implement multi-factor authentication (MFA). That’s an excellent defense against hackers who secretly steal employee login credentials. They won’t be able to connect to your network with them because they won’t have the necessary MFA codes.

But while an SDP can protect your network from that, it doesn’t mean you shouldn’t take extra measures to secure your employees’ devices against Coronavirus-themed phishing.

It’s best to offer them some training on how to spot and protect themselves from phishing. Here are some useful tips from the EFF.

Source: ProPrivacy

Top 5 cybersecurity recommendations amid the COVID-19 pandemic

How to Win with Artificial Intelligence (AI)

Critical Windows 10 vulnerability used to Rickroll the NSA and Github

Present your solution and services on Crypto ID! 

Our purpose is to attend our readers interesting, therefore, we select our articles and announcing companies. Content and advertisement should be relevant to IT market, encryption and digital identification. If your company is part of this universe, download your media kit, write to us and be part of Crypto ID!

ACCESS OUR MEDIA KIT Cybersecurity 

contato@cryptoid.com.br   
+55 11 3881 0019