To increase internet security, increase your security IQ

Fifty-three percent of US CEOs are extremely concerned that cyber threats could hurt growth prospects. Business leaders can no longer let security risks only concern the IT team. It’s time to increase your security IQ. 

ARTICLE | 5m read
November 4, 2020

Imagine you’re about to meet with your senior managers about company security. After learning three quarters of remote workers want to keep working from home after the COVID-19 pandemic is under control, you and your security lead agreed to update your security strategy. Your security lead sent you his presentation before the meeting, but you didn’t look too closely—after all, he’s the expert. But five minutes before your videoconference meeting, your security lead’s household broadband goes down. Now it’s up to you to teach your entire management team about how to recognize and stop new security threats that could cripple your business. Is your security IQ up to the task?  

As a business leader, no one expects you to become a cybersecurity expert overnight. But to make the right security decisions for your remote workforce, you cannot treat cyber risk as only a concern for your IT department. In this article, we will help you sharpen your security IQ in three essential areas: zero trust security, secure access service edge (SASE) network architecture, and FIDO2 passwordless authentication.  

What is zero trust, and how does it increase internet security?

Because internal attacks from malicious or negligent insiders are the most common security threat, zero trust security is becoming more popular. Zero trust refers to an information security model that assumes no employee or device should have default access to an enterprise’s data, network, applications, or other resources. Put simply, it’s security that doesn’t trust anyone unless they prove themselves. This proof often means passing access security protocols that use criteria like the user’s identity, time of access, and device posture and require multi-factor authentication.
 

Passwords have been core to access security for decades. They began as a way to share access to mainframe computers in the 1960s, and we’ve relied on passwords to protect sensitive data in essentially every online activity since. However, as a security mechanism, passwords have been showing their age. Malicious hackers and other bad actors have long known it’s much easier to steal passwords than break into networks or applications, which is why Verizon reported in 2019 that 80% of hacking-related breaches involve stolen or weak credentials.

It’s no secret we must address access security risks associated with passwords. This has led to a greater adoption of two-factor authentication and zero trust security. But as long as we rely on passwords to protect employee login credentials, we continue to expose our organizations to risks like ransomware, phishing, and social attacks. In this article, I’ll argue why it’s time for us to retire passwords forever, and how Fast Identity Online (FIDO) technology offers us a better way.

74%

Of IT leaders are looking to adopt a holistic zero trust strategy

What is SASE network architecture, and how does it help application security?

According to Gartner, by 2024, 40 percent of enterprises will adopt secure access service edge technology, or SASE (pronounced like “sassy”). SASE is network architecture that combines security and software-defined wide area network capabilities in a cloud service, which is usually provided by a single vendor. This enables you to quickly deliver security services like web filtering, data loss prevention, and next-generation firewalls to protect remote workers across your network. Because SASE is offered as a cloud service, it’s easy for organizations to scale resources up and down while only paying for what they use.   

If your organization needs to rapidly increase your network security, SASE is a great place to start. It is especially important now that more bad actors are targeting web and cloud applications via the local internet connections that remote workers rely on. By adopting a consolidated SD-WAN solution with cloud-based security, you can deploy a stateful firewall that limits or rejects traffic from suspicious zones. This gives your IT department visibility and centralized control over your network without disrupting the remote work experience. For more information on application security, read this glossary page.

What is FIDO2 authentication, and how does it strengthen access security?

While passwords have been a lynchpin of access security for decades, it’s too easy for passwords to be forgotten, lost, or stolen. What if there was a way for an employee to prove their identity which could never be used by anyone else? This was the inspiration behind Fast Identity Online authentication, which “enables password-only logins to be replaced with secure and fast login experiences.” FIDO2 web-based APIs enable users to prove their identity using biometrics (such as fingerprints or voice analysis), mobile devices, or specialized security tokens.  

FIDO2 authentication strengthens access security by linking a user’s login credentials with something that they always have with them and can never be misplaced or stolen. It also improves the user experience of logging into secure sites and workspaces because employees no longer have to remember and enter complex passwords that must be changed regularly. To find out more about how FIDO2 authentication works, read this blog post

Increasing your internet security is not just a job for IT

While you rely on your IT department to manage and implement internet security, it’s up to you to understand the latest threats and define risk tolerance for your organization. This requires you to increase your security IQ by becoming familiar with the security technologies discussed in this article and create a security culture that can protect your employees, your organization, and your sensitive data.  

NEWSLETTER

Get the latest research, insights, and stories from Fieldwork by Citrix.