Is it safe?

Is it safe?

This was a line from Laurence Oliver in the film Marathon Man, the film is certainly worth a look. Laurence needed to know if his true identify was known, as his character was a Nazi on the run, was he safe? Dustin Hoffman did not know what he was talking about and just babbled yes and no in response. The result was that Dustin got some unwanted dental work to verify what he knew. Of course, if you have a planned to trip to the dentist you might want to hold off watching it for a bit, as it could be off putting.

Surfing online, how safe is that?

Online safety is something that is sometimes difficult to verify, are you always trying work out if you are sufficiently safe?

The internet is such a powerful resource, with vast amounts of data available to everyone. There are some really useful resources, that allow your staff to get trained on new products and services and generally be better informed.

That level of access includes some downsides too. People can be very clever where they setup one web site to look very similar to another and so fool you into providing some personal details that you should not share as an example. Also, there are sites that could be considered not business related. Therefore, the company that you work for might lose productivity as time is lost to unrelated material. This is especially true if they don’t have a way to check up on your usage.

Cyber-attacks can include the option to ‘click a link’ and see whatever is topical in social media, but is actually something else entirely. How do you know if the link is a valid one? Possibly, you might get more than you realize with some malware added to your PC or some data is exfiltrated to a competitor.

In terms of problems, how can you balance the risk with the opportunities? ?

What are the options?

You could say, just be more careful with your approach. That is easy to say but sometimes the timing of the attack can coincide with a very busy time, so you get into something before you really know what you have done. The attachment is opened, the link is clicked, you are at risk.

Chromebooks are cheaper than full fat laptops, but are they enough?

What about just choosing something like a Chrome OS device? It certainly is an option, but device selection can be a very personal thing, so for some people that might not be their preferred choice. Also, I have heard of cases where people with a Chrome OS device have then sent on an email to someone with a PC, as malware didn’t seem to work on the Chromebook, infecting a different machine! Naturally, they didn’t realise it was malware….

What kind of solution would address this?

It will need to be cloud based offering, as this is something that needs to be up to date all the time, also it will need to have a global presence as people can move about quite a bit these days. It will need to have a couple of different ways in which it could intercept client requests, as different customers have different ways of managing client access.

Ideally, you need a solution that can classify all the web sites that a user can access, so all the sites online. Golly, that sounds a big job! That way, whoever has the control, can just disable access to unsuitable web sites as a group with one click. In this case let’s say those sites are related to Gambling for example, so it would block access to www.777.com and www.gambling.com and all the other sites in that category. However, maybe www.bet365.com is needed for your work? No problem, just add an exception for that site, Ray Winston is a happy camper.

No idea why ‘dictionary’ is a category, but you can block it!

What about how your users access resources online? Would it not be handy if they all came from the same source IP address when they hit that application? When the user accesses a certain SaaS applications you can filter who goes where. A cool option, if a little geeky.

This all sounds great, but what about malware, what can it do to help there? The service should have a way to detect and intercept malware before it lands on the endpoint, this way you don’t rely on the anti-virus to remediate the malware. Using a protected environment to sandbox the malware would also offer a level of additional protection.

What about social media? It would be really cool to have some granular controls that allow some bits of a social media platform but not others. The user can see Facebook, but can’t post.

Fundamentally, everything comes down to data, usually held in files, what kind of controls could be useful to help there? Maybe the corporate standard is to use OneDrive from Microsoft. Of course other data sync services are available. What if your new employee does not know this and starts using Google Drive. The control could possibly redirect the user to OneDrive, just to encourage the behavior that you want.

What is the solution then, as that sounds like a lot of different things?

All of this is rolled into one offering, Citrix calls it Secure Internet Access, your one stop shop for all things web related.

Call to action?

It’s a pretty mature solution, it can even work with ChromeOS devices to offer more protection. However, don’t take my word for it, come along to our webinar and see for yourself..