Have you heard about the Windows VPN Client’s filtering mode?
Publié le 30/6/2022
By Arnaud Dufournet
Hybrid work is becoming the new normal in corporations across the globe. Four out of five businesses have adopted a so-called hybrid organization. In other words, they allow their employees to split their time between working in the office and working from home. Two days of work from home per week is the average observed in a study (Le futur du travail vu par les DRH, i.e. The future of work as seen by HRDs, 2nd edition, March 2022, only available in French), conducted jointly by the Boston Consulting Group and the French National Association of Human Resource Directors (ANDRH). However, this new way of organizing work is far from being free of risk for corporate cybersecurity. Instead, it increasingly makes Chief Information Security Officers (CISOs) break into a cold sweat.
Risky digital behaviors are on the rise
Hybrid work brings a lot of flexibility, but it also encourages risky digital behaviors. Employees frequently mix personal and professional uses on their devices (phone and computer), as reported in a study conducted by Gartner (Gartner 2021 Digital Worker Experience Survey), in which 55% of telecommuters worldwide admitted to such practices.
Hackers target these new vulnerabilities, especially on mobile devices. According to Nokia (Nokia Threat Intelligence Report), 0.12% of all mobile devices worldwide are infected with malware every month. Given that there are 5 billion mobile phones across the world, this means that 6 million phones are infected every month!
Businesses of all sizes are affected by such attacks on mobile devices. The traps set by cybercriminals are very diverse: the most common is phishing e-mail, but smishing (an SMS scam) is also growing fast. Moreover, the wide array of weapons that hackers use includes compromising terminals on home or public Wi-Fi networks—which are generally less secure—and loading mobile malware using fake applications on hacked online stores. Last but not least, the vulnerabilities found in web browsers are likewise exploited.
Securing remote workers remains a major challenge
In 2021, 65% of organizations have seen a measurable increase in attempted cyberattacks, which is particularly problematic since 78% say remote workers are harder to secure, according to a global survey of 1,200 security leaders conducted by Splunk (The State of Security 2022). In the same study,
While it is generally accepted that human error is at the source of 95% of successful attacks, bad practices are hard to shed. For example, only 31% of employees believe that letting their friends and family use their work devices poses a security risk. Information professionals are hardly more reasonable, as 40% of them admit to using Shadow IT, i.e. computer applications or communication systems not officially authorized by the IT department.
All these practices are breaches that cybercriminals exploit to break into the IS, steal sensitive information, cripple computer systems with ransomware attacks, or even gather intelligence. When this happens, the financial and reputational impacts can be disastrous.
Even more concerning, the teams in charge of cybersecurity themselves are showing signs of weakness due to the responsibility and their heavy workload. The Splunk study reveals that 73% of the CISOs interviewed said that they had colleagues who resigned following a burnout. For 70% of them, the resulting increase in their workload has led them to consider looking for a new role.
Is the Great Resignation looming over cybersecurity as well? Action is needed quickly to give CISOs the means to regain control and carry out their work—which is so critical to the survival of an organization.
Reducing attack surfaces using our filtering mode
Faced with the challenge of securing remote connections to the corporate network, CISOs need solutions to regain control over their IT assets. This is exactly the purpose of the filtering mode that TheGreenBow’s Windows VPN Client now provides.
This feature—which implements the principle of Zero Trust Network Access (ZTNA) and is entirely transparent to the user—filters the communication flows on the workstation to considerably reduce the attack surface.
Once it has been configured, this feature protects the workstation by reducing authorized inbound and outbound flows to the bare minimum. The filtering mode prevents data from leaving the workstation unintentionally, as may be the case when a keylogger infects a device or when executing malicious code, to mention just two examples.
What’s more, authorized flows are contextualized according to where the workstation is located. In practice, different rule sets apply depending on whether the workstation is in a remote work situation or connected to the corporate network.
Another major advantage that comes with the filtering mode is that it is started as soon as the workstation is powered on—before even the user logs onto Windows. The workstation is thus protected immediately.
The filtering mode is available with the Enterprise Edition of TheGreenBow’s Windows VPN Client. If you want to find out more, feel free to ask our teams for a demo. You can also click the link below to replay a demo from the webinar on the advanced features of our Windows Enterprise VPN Client.