By Joe Ashton
For organisations up and down the country, the past month has been a steep learning curve. The IT and security functions have never been more vital to ensuring business-as-usual, as hundreds or thousands of employees transition to remote working. Cyber-criminals have also been quick to adapt to the rapidly changing situation, making it crucial that CIOs and CISOs have the right tools, processes and policies in place to support productivity whilst managing risk effectively.
This is where Trend Micro has been able to offer its unique expertise as a trusted security partner.
Threats under lockdown
There are multiple threats facing remote working teams. Most come via the email channel in the form of phishing emails: in fact, email threats accounted for over 91% of all cyber-threats blocked by Trend Micro in 2019. Lures might include vital ‘information’ on the virus spoofed to appear as if sent from the government, WHO or other authoritative sources. Or perhaps a corporate message between departments regarding operational matters during the crisis. There may also be fake emails from video conferencing or VPN providers encouraging users to install their products for easier home working.
All of these put remote workers and corporate systems at risk from ransomware, credential theft, crypto-mining malware, BEC and more.
The bottom line is, users may be more distracted at home. They may also be working from personal devices and machines which are less well protected than corporate equivalents. And they may be sharing networks with children engaging in risky online behaviour like visiting torrent sites. That’s not to mention the strain corporate VPNs are under, which may force some organisations to eschew secure tunnelling for some traffic.
Here to help
We have been busy over the past few weeks supporting a range of use cases from organisations across multiple sectors.
A leading SMB-focused bank recently accelerated its migration to Office 365 to take advantage of Microsoft Teams for remote working. The popular collaboration and communication platform has become the firm’s virtual office, with hundreds of employees using the products. However, the in-built security offered by Microsoft was judged to be insufficient for the bank’s requirements.
It chose to extend Trend Micro beyond the endpoint by choosing our Cloud App Security (CAS) offering for email threat protection on Office 365, and scanning of documents sent via Teams. In 2019, CAS stopped 12.7 million high-risk threats not spotted by Office 365 of G Suite.
A well-known high street sports retailer traditionally uses our on-premises web gateways. However, the shift to home working for 10,000+ staff members forced a rethink,as the business VPN couldn’t withstand the extra strain of large numbers “dialling in” to corporate systems. The answer was a hybrid set-up combining Trend Micro SaaS and on-premises capabilities for the firm. This means home workers are fully protected from web threats and VPN infrastructure can be reserved for specific use cases.
Several independent law firms came to us asking for support in securing documents sitting on legacy servers. Document management is obviously extremely important in this sector, but because the files were stored on platforms running Windows 2008 and other operating systems that have reached end-of-life, the firms wanted to bolster security. Trend Micro’s flagship server security offering Deep Security was the obvious choice. It features intrusion prevention capabilities known as “virtual patching” to protect end-of-life platforms from known and unknown vulnerabilities.
Stay tuned next week when we’ll be taking a look at how other customers are adapting to the current crisis with flexible security tools.