Innovating industries: How iboss Improves Operations for the Financial Industry

finance banner

Business has grown to a point where users are no longer bound to traditional network boundaries. With shifts to cloud applications like Microsoft 365, it has become increasingly difficult for businesses to deliver fast, secure, and compliant connections to these applications. Vendors know this and have been working towards improving the technology offerings. Secure Access Service Edge (SASE) solutions have become the recent buzzword in technology for the exact reason that it was conceived to solve the above problems. SASE ensures that any connection originating from a user or device to any destination in the cloud is secure and meets the organization’s connectivity requirements.

However, some industries, like financial services, have unique situations where adopting solutions would also come with security risks associated with SaaS cloud delivered platforms. This is where iboss’ approach to SASE can help through its containerized based platform. Containerization allows iboss to deliver secure connectivity for users anywhere while maintaining a completely isolated and controlled network data path. A fully containerized architecture also has the benefit of synergizing well for hybrid deployments. It allows businesses to utilize their proxy and firewall security features within their private network while being able to leverage cloud-based service for their remote users or branches.

Below are a few features of iboss’ containerization architecture that can benefit those in the financial industry:

SaaS Network Security Service with Containerization

Containerization services like iboss allows network connections from devices and users to be processed within isolated containerized gateways which perform proxy and firewall functions. These gateways never process data for any other organizations and data is never mixed between different customers. The gateways can also be destroyed or created in seconds to provide horizontal scaling.

Better Security When Inspecting Traffic

The containerized cloud architecture that iboss provides also allows full isolation of data as it moves between the cloud and business users. This includes a full isolation of private keys required to decrypt the traffic of data during motion. The containerized cloud gateways isolate the private SSL decryption keys to ensure security and reduce risk. On the other hand, non- containerized cloud architecture has the private SSL decryption keys available to the gateways that decrypt the network traffic. This means that those gateways are decrypting and processing traffic for any organization that traverses that gateway. This can pose as a big security risk and can have serious implications for high-security industries like financial services.

Naturally Hybrid for Easy Deployment on Private Cloud

Containerized architecture allows not only for its use on cloud but can also be deployed within a company’s network. This includes running the gateways within an office or datacenter. With iboss, you can run containerized gateways on physical infrastructure within the business. Traffic can be subjected to a proxy or firewall directly within the organizations perimeter without ever sending it through the cloud gateways running within the service.

To learn more about the benefits of iboss solutions for finance or other industries, you can send us an email at marketing@ctlink.com.ph

Citrix DaaS: Your Edge for Remote Work Solutions

Businesses can’t deny the advantages of desktop as a service (DaaS). This was especially so in the past few years where remote work has grown in popularity. DaaS provides businesses with ways to streamline maintenance and increase security while allowing users to be productive on any device. However, this comes with increasing the complexity of workloads and making it harder manage without investing significant manpower into it. With how much is at stake, investing into the right kind of DaaS provider can help your business in the long run.

This is where Citrix DaaS can help your business. As a high-performance virtualization solution, it allows your users a seamless experience while working with the added benefit of a simple way to manage it. It also ensures that that businesses are ready for the future with its wide variety of desktop and app options. Below are a few benefits that the Citrix DaaS solution can bring your business:

Promoting Productivity

Employees that are working from home, in the field, or at the office, all need reliable access to the corporate resources. Citrix desktop and app virtualization solutions ensure employees have instant, consistent access to corporate resources and apps using any device and network. Whether you need a Windows or Linux virtual desktop, Citrix allows businesses a fully customized experience that will give even the most demanding users a high-definition experience. This even includes users who are assigned in various locations far away from the datacenter or users with unreliable internet connections.

Enabling Users Regardless of Location

Businesses need to consider ways to become more agile when it comes to secure remote access. This was shown in recent years when businesses were forced to adapt to remote work when offices could no longer be opened for a while. This was an eye opener for many as they needed to adapt quickly to keep the business afloat. With Citrix DaaS, businesses can easily adapt to the changing needs of an increasingly flexible workforce. It allows business to quickly set up desktops to support their users wherever they are with any device while allowing the flexibility to turn them down once they are no longer in use.

Securing Sensitive Data

Users are increasingly using multiple devices to perform their work. This means that more access points into your network are being introduced and not properly secured. Traditional security strategies are not equipped to handle these new security risks. This is why in a recent survey from Forrester, 7 out of 10 companies have reported that they have fallen victim to successful endpoint attacks. With Citrix’s robust management and monitoring tools, businesses can be better equipped to protect critical data from evolving threats. Through Citrix, businesses can secure data by providing the right level of access based on each employee’s location, device, and other factors. The Citrix DaaS solution also ensure your data is not stored on endpoint, allowing no exfiltration in case of stolen device.

To learn more about Citrix DaaS or other Citrix solutions, you can contact us at marketing@ctlink.com.ph.

Preparing for Evolving Threats with OT Zero Trust

Every year new technologies are being introduced into the IT business environment to improve it for the better. On the other hand, threats as well have been improving the ways to disrupt businesses and finding ways to exploit security vulnerabilities to steal or ransom your data. Attackers in recent years have focused their efforts on previously less guarded entry points such as remote endpoints. However, Operational Technology (OT) is an entry point which most businesses tend to forget, are unsure of how they can secure it, or even think IT security covers it. OT security is something businesses need to be aware of as the threats coming from it grow every year.

OT targeted threats started coming into big news in 2010 when an Iranian nuclear power plant experienced major loses due to an attack. It was then considered a common way state-sponsored threat actors would deal blows to enemies of their state. It would then be looked in a different light in 2017 when WannaCry caused havoc to many businesses. This showed threat actors that companies were willing to pay large sums of money for data that they could easily encrypt by exploiting security vulnerabilities within their systems.

As of 2020 and 2021, customized and targeted attacks have now become the norm and something to be wary of. All these attacks, be it to the remote endpoints or OT, stem from the exploitation of excessive trust. This is why in recent years, the push for Zero Trust security has been everywhere.

Zero Trust approach for OT can improve defenses, streamline security oversight, minimize time taken during maintenance. This is done through policies which help neutralize the activities that attackers and malware can do if they are able to get into the business network.

Below are the steps that Trend Micro txOne takes to ensure that Zero Trust is implemented into a business’ OT:

Scan inbound devices

Modern OT cyberattacks usually start with an infected endpoint or USB brought into the worksite by an employee. Once connected to the network, the attackers are able to access the OT device which has little to no security. By setting up a checkpoint for rapid, installation-free device scans you can mitigate these threats. This also be the process of newly arrived assets being prepared for onboarding to mitigate threats from compromised devices prior to shipping.

Activate endpoint defenses

Traditional antivirus software can bog down assets, leading to crashes or delays. By using operations-friendly, “OT-native” lockdown software can help secure legacy endpoints through a trust list that only allows applications critical to operations. Modernized endpoints on the other hand, can save on resources by cross referencing a library of trusted Industrial Control System (ICS) applications and licenses. This to allow the OT security to communicate with the next generation firewalls to know what files and applications it can skip and give priority to.

Zero out network trust

Having IT security doesn’t mean that you have OT security. The OT network and devices have their own protocol and processes that are separate from your business IT. However, OT still needs a connection to your business IT for necessary data collection and updates. Attackers aim for this window to get your attack the network. To increase the difficulty for attackers, Zero Trust OT security limits the access of entry points within the OT network with specific traffic rules. The traffic rules are based on the functions and communication needs in order for them to do their work. It also has the added benefit of separating them into segments that make it easier for IT teams to monitor and secure.

To learn more about OT security solutions like txOne, you can send us your inquiries at marketing@ctlink.com.ph!

Innovating Industries: DLP as a Competitive Advantage

As we continue to evolve technologies to benefit businesses, the data accumulated throughout the years only becomes more valuable. Therefore, it is becoming more important to secure it from internal and external threats. It is easier said than done as the amount of data to protect is always increasing as a business grows. Another point of consideration is every industry and individual business will have its own unique use cases when it comes to protecting data.

This is where Data Loss Prevention (DLP) solutions like Forcepoint can help extend security for businesses, no matter the use case. Below are a few use cases from different companies in different industries that were able to improve their DLP with the help of Forcepoint:

Use Risk Profiles to Improve Security Policies

Businesses that run on a global scale or have multiple branches have the unique use case of geographic risk in securing data. Depending on the location, some regions can be at higher risk of intellectual property to be targeted through corporate espionage. This is where Gebauer and Griller, a leading manufacturer of cables and wires, started facing this challenge when they began to go global.

After exploring the multitude of different DLP solutions, they ended up settling with Forcepoint. This was due to its out-of-the-box policy setting that allowed for discovery and protection for unique data types fit their security requirements perfectly. They now can adapt its policies to counter specific threats a region presents. Allowing their IT team, a stricter control over content attached to emails or accessed via the web or cloud.

Secure Data on the Go

Data is no longer static, meaning that people are not just accessing it from the office but are increasingly accessed outside the office. Sensitive data like architectural designs or medical records can be viewed at home or even while on the way to a client. This was the situation for Grupo Gentera, a financial institution serving the underbanked of Mexico.

As the largest microfinance bank in Latin America, it has almost 15,000 working on foot to sign up customers and process loans. They have stated that four out of five of their employees would use a mobile device to do so. This is what led them into deploying DLP for their endpoints to assure that policies extended coverage to lost devices, insider threats, and other potentially unusual instances. They were able to see an immediate impact as they were able to stop dozens of incidents after deployment.

Safeguard your Business from Dynamic Risks

Within one company, it is possible to encounter different use cases that may need different solutions to provide better data security. This is where Risk Adaptive Protection is needed to help companies adjust policies by using context to determine if an incident needs investigation. An example of this would be a case from Communisis, an integrated customer communications agency. Their departments handle different customer data like creative design and customer data for targeted adverts.

Applying the same unified policies to each department in this example would not work as the risk profiles of each are drastically different. How they were able to solve this was by using DLP in conjunction with other solutions to fit each department’s security needs. This helped Communisis keep it data secure without compromising any of the department’s operation or user experience.

To learn more on the different ways DLP can seamlessly integrate and secure your data, please email us at marketing@ctlink.com.ph!

Innovating Industries: Teams for Manufacturing

Technology is always evolving to make life simpler for businesses and their employees. No matter which industry, there are always new ways to improve the operations and make jobs easier for every job level. In today’s article, we are taking a closer look at some of these advancements for manufacturing. Specifically on Microsoft Teams and the variety of apps within it that can empower all employees within the company to help finish tasks more efficiently.

Updates: Create, Review, Submit Employee Updates

Many in the manufacturing still use tools that are considered outdated or do manual updates to sync with each other and get work done. This is a process that Microsoft looked into to save employees time and energy through a streamlined app available out-of-box. With Updates in Microsoft Teams, you are able to easily do recurring tasks such as check-ins, and reports such as inspections and maintenance updates, or even real-time urgent updates like incident reports. Updates can be your one stop app to manage them all.

Approvals: Integrate Approvals into Microsoft 365

Microsoft Teams allows you to integrate and extend approvals through the Approval app. Through it, your team will be able to create approval requests directly into Word documents, either the whole documents or just a section of it. Additionally, you can manage and create your requests through Microsoft Lists to easily interact with your approvals.

Walkie Talkie: Enable Simpler Communication Through Teams

A simple way to immediately contact one another is sometimes vital in manufacturing. The Microsoft team understands that sometimes its not necessary to reinvent the wheel. The Walkie Talkie app in Teams allows for a secure way for frontline workers to communicate each other with the familiar push-to-talk experience. Unlike a regular walkie talkie however, team members are able to communicate even if they are anywhere in the world, as well as do away with the static for a cleaner audio between one another. This can be used through devices such as corporate given devices or BYOD, you may also opt for partner devices that optimizes its use with it as well.

These are just a few of the ways Microsoft 365 and Teams can help digitally transform the Manufacturing industry. Through many different integrations and applications, Microsoft can help streamline the flows and process of many manufacturing organizations through different customizations.

If you are interested in learning more about more about the different ways to improve your business with Microsoft, you can send us an email at marketing@ctlink.com.ph!

Cyber Security Landscape in 2022

The past few years have been a rollercoaster of change for the security landscape. The global pandemic caught many companies off guard due to how fast they needed to adapt to a remote work environment. This allowed threat actors to use a variety of attacks, old and new, to exploit vulnerabilities in security during their transition. However, now that we are slowly emerging from the global pandemic and slowly are slowly returning to the office, can we still say the threat landscape is the same or is there a new trend slowly emerging?

Now that we have passed the halfway point of 2022, it would be a good time to reflect and understand the current threat landscape to better prepare for the end of 2022 and the years after. Let’s take a look at the data provided by Trend Micro’s latest cybersecurity report for the midyear of 2022.

MaaS and RaaS on the Rise

Earlier this year, we saw the rise of malware-as-a-service (MaaS) and ransomware-as-a-service (RaaS). MaaS was propagated through the use of the EMOTET infrastructure that made it easier to distribute. This shows that even if EMOTET was dismantled in 2021, threat actors still use it to deploy other ransomware families to EMOTET-compromised systems.

EMOTET Attack Structure

According to Trend Micro data from its Smart Protection Network (SPN) platform, EMOTET detections have soared in the first six months of 2022. The number of detections in 1H 2021 was recorded at 13,811 while in 1H 2022 it has jumped to 148,701.

RaaS on the other hand, has grown due to it’s ease of use. RaaS is available to any would be criminal organization who can either purchase the infrastructure outright or can rent it out. It also does not need any technical knowledge to run a sophisticated attack which makes it even simpler to use. Trend Micro has detected that there are around 57 active RaaS and extortion groups and almost 1,205 victim organizations based on data they have collected throughout the 1H of 2022. They use mostly ransomware such as Lockbit, Conti, and BlackCat which has been detected from Trend’s SPN network.

Cloud Misconfiguration and Cryptocurrency-mining

Cloud-based containers have become integral into the digital transformation strategies of many organizations. However, due to its tendency to be misconfigured, it has become a big target for threat actors. According to a survey from Red Hat in May 2022, out of 300 participants who took the survey, 53% of them have answered that they have detected a misconfiguration in their containers and/or Kubernetes deployment. An independent investigation from Trend into Kubernetes clusters has shown that there are over 243,000 exposed clusters via Shodan that can be seen publicly. Some of these nodes, around 600, came back with a “200 – OK” notification, meaning attackers are free to exploit them and install and run malicious programs on the kubelet API.

Another emerging threat to come recently has been threat actors who steal cyptocurrency mining capabilities from their victims’ resources. There have been five prominent threat actor groups that Trend Micro has been able to identify.

  1. Outlaw – Primarily targets internet-of-things (IoT) devices and Linux cloud servers by exploiting known vulnerabilities or performing brute-force Secure Shell Protocol (SSH) attacks.
  2. TeamTNT – One of the most technically proficient threat actors focused on cryptocurrency mining.
  3. Kinsing – Known for quickly abusing new exploits (including the Log4Shell vulnerability) in a short period.
  4. 8220 – Known for exploiting Oracle WebLogic vulnerabilities.
  5. Kek Security – a relatively new group that uses sophisticated techniques and integrates new exploits in its attacks.

Threats are always evolving and adapting to situations within the cyberspace. This is why businesses should always work closely with security vendors to be able to stay up to date with the latest security trends. Consulting with partners like us from CT Link or even security solution vendors like Trend Micro is one way to keep ahead of the new threats that may come in the latter part of 2022 and beyond.

To learn more about the latest in the security trends or even to find someone to help improve your current security measures, please email us at marketing@ctlink.com.ph.

CI vs. HCI: What’s Best for Your Business

With advancements in technology, we are seeing more complexity being introduced into most business infrastructures. To lessen this, businesses need to aim to lessen the tasks in setting up and maintaining a proper IT environment for businesses. This is why the concept of Converged (CI) and Hyperconverged infrastructure (HCI) was made to help simplify the complexity of procurement and management tasks required by the diversity of today’s hybrid environment.

To give a brief overview of the two, CI takes a hardware-based approach while HCI takes a software-based approach. CI starts with a single building block that include the computing, networking, storage and server virtualization. This building block is already tested by vendors to ensure it is fully optimized from the hardware and software side to avoid interoperability issues. This approach also has the benefit of allowing each component to act on its intended purpose. A server can be separated and used as a server while also set up to be compatible with your business’ hardware and software.

In comparison, HCI is often used on private clouds, where all computing, networking and storage components are virtualized. A hypervisor is used to create flexible virtualization for solutions like remote desktops while being able to manage the computing, networking and storage functions more efficiently. This allows companies to pool their resources and create virtual machines efficiently and save costs through inexpensive storage options.

Choosing Between CI & HCI

Both CI and HCI have their benefits to a business, one is not superior over the other. Deciding which, however, is best suited for your business will depend on numerous factors. CI for example, allows for better scalability as its created like building blocks which lets companies plug and play hardware. Applications are also easier to optimize and run in a CI setup as compared to the traditional approach. This is especially true when considering specialized applications such as Oracle, SAP, or any other resource heavy application. Also, with the reduced software and hardware, it can bring down initial capital expenditures. This makes it suitable for companies that put emphasis on scaling their systems quickly or even those with resource intensive applications who are also looking to keep their initial capital expenditures low.

HCI on the other hand, allows for faster provisioning and customization of private clouds since all components in the system are virtualized. HCI also allows for IT to work on more different tasks as remote locations or branch offices can be managed through centralized control and policies. As for cost, it can even be cheaper than HCI due to the inexpensive hardware can be used in an HCI setup. Companies who are focused on using cloud apps, big data analytics, and app development would benefit from an HCI system. Many organizations as well who are looking to extend and grow their IT infrastructure through scalability and management that HCI brings should consider it as well.

If you would like to learn more about what infrastructure best suits your business, please contact us at marketing@ctlink.com.ph and we would be happy to go into more detail with your team!

Security Advisory: Critical Vulnerability for Microsoft Exchange Found

It has recently been reported and come to the attention of Microsoft of two critical zero-day vulnerabilities that affect Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. The first one, identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability, while the second one, identified as CVE-2022-41082, allows remote code execution (RCE) when Exchange PowerShell is accessible to the attacker.

CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. However, authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either vulnerability, and they can be used separately.

Unfortunately, there is evidence that there are currently active attacks using these vulnerabilities as of today. As of today, Microsoft is still working on a patch/update to fix this vulnerability. They have provided a few ways to mitigate the issue in the meantime. We strongly suggest that you take the following steps to mitigate the threat

Known Mitigation

Firstly, if you are an Exchange Online customer, you do no need to take any action as Microsoft security already has you covered. For those using Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019, you may try the 3 options below:

Option 1: For customers who have the Exchange Emergency Mitigation Service (EEMS) enabled, Microsoft released the URL Rewrite mitigation for Exchange Server 2016 and Exchange Server 2019. The mitigation will be enabled automatically.

Option 2: Microsoft created the following script for the URL Rewrite mitigation steps. https://aka.ms/EOMTv2

Option 3: Customers follow the steps found here for the third option for mitigation

Hybrid Work: Better for Companies and Employees

Despite offices already at full operational capacity globally and in the Philippines, full-time office setups may not be as common as before. If we learned one thing from the Global pandemic, it would be that remote work can work for some industries. It is not only something that benefits the employee but can also be a major benefit for office productivity. Despite knowing this, many companies that can support hybrid workforces, especially in the Philippines, still push for a full office work schedule. This is due the fact that many in top management are still used to the traditional ways and under the assumption that work can’t be really done productively outside the office.

However, if implemented correctly, hybrid or remote setups can be more effective then a pure office environment. Below are a few points and studies that have been found in the past few years during the pandemic which show some interesting data:

  • 69% of hybrid workers feel engaged, compared to 56% of remote workers and 51% of in-office employees.
  • 73% of hybrid workers are positive about their personal performance, as compared to 69% of remote workers and 65% of in-office employees.
  • 69% of hybrid workers feel engaged, compared to 56% of remote workers and 51% of in-office employees.
  • 73% of hybrid workers are positive about their personal performance, as compared to 69% of remote workers and 65% of in-office employees.

This data was found in a study by Citrix which sampled 900 business leaders and 1,800 knowledge workers around the world. This has shown that even though the pandemic drastically shook the way we work and tested many through unforeseen mental stress, there is still a better way to balance work. 70% of hybrid workers have reported better wellbeing ever since they switched to this work schedule.

Technology as the Driving Force

To ensure that the implementation of a hybrid workforce is successful, the foundation must be working properly. A common reason why companies in the Philippines may be unsuccessful in seeing an increase in productivity from hybrid or remote work can be from an inadequate system to properly enable their workforce. According to the study by Citrix, the average employee spends around 54 minutes a day dealing with technology challenges. This can be for instance when they need to navigate multiple applications just to execute a single business process and taking time to input multiple passwords and navigating multiple application interfaces.

This is where virtual workspace solutions like Citrix Virtual Apps or Citrix Secure Private Access can help improve your hybrid work experience. Your workforce will be able to avoid all the inefficiencies from technological redundancies through a single, seamless, and secure UI. Below is the structure Citrix leverages to ensure a good hybrid implementation:

Unify work: Whether at home, on plane or in an office, employees have consistent and reliable access to all the resources they need to be productive across any work channel, device or location.

Secure work: Contextual access and app security, ensure applications and information remain secure — no matter where work happens.

Simplify work: Intelligence capabilities like machine learning, virtual assistants and simplified workflows personalize, guide, and automate the work experience so employees can work free from noise and perform at their best.

To learn more about how you can improve your own hybrid workspace or about Citrix Solutions, you may contact us at marketing@ctlink.com.ph to set up a meeting today!

Tech Talk: Exploring the CASB Technology

Cloud Access Security Broker (CASB) technology might be a familiar term if you have been looking for ways to improve your cyber security in the past year. Cloud service has changed the way businesses tackle security due to its mobile nature. Firewalls around the internal network to keep attackers out no longer works thanks to cloud technology. Business data is continuously moving across the public domain from app to app or device to device. IT cannot gain visibility into the business data as well since it is outside the perimeter of the traditional security.

This is where security solutions such as CASB come in to help improve the business’ security. It is in simple terms, a software solution which stands before cloud service provider and user to enforce a business’ security policies. CASB was created with the focus to help organization protect their data from security breaches that fully integrate cloud with their current security infrastructure and policies.

To better understand how CASB works, we need to look at the four pillars upon it is built around:

Visibility

Having vision on users, devices, files, and connections is key to having good security. CASB allows IT teams to monitor what is happening across all third-party apps and enforce specific controls. Having visibility also allows IT find anomalous or suspicious activity such as different log in locations in drastically different locations. Reports and remediations can be done immediately as to limit the stop the unauthorized log in and to verify its authenticity. It also allows IT teams to find the so called “Shadow IT” or unsanctioned cloud apps and check if they meet the business security requirements.

Threat Protection

As stated above, CASB specializes in securing the connections between the cloud and users. It offers businesses a variety of protection features such as anti-phising, malware (including ransomware), and account takeover protection. On top of that, it can keep track of user behavior across their different application usage to find abnormal activity and remediate and report it.

Data Security

Sensitive and confidential business data are now going through and residing in the cloud which existing security can’t account for. CASB can help protect your company from situations like data leaks through labeling, tracking and restricting access to files and other specific information as it travels from device to the cloud. It also can provide different ways of protecting the data through methods such as encryption, tokenization and extremely granular access controls.

Compliance

CASB helps ensure compliance with an organization’s internal security policies, but more importantly, can help with industry compliance requirements. This includes such policies like PII (Personally Identifiable Information), PHI (Personal Health Information), the PCI DSS (Payment Card Industry Data Security Standard), and HIPAA (Health Insurance Portability and Accountability Act). This is done through tools within CASB that have mechanisms for auditing as well as reporting compliance issues in real time.

Moving forward, the growth of cloud services means that many companies will have to soon adapt their security to face threats outside the traditional environment. CASB would be a good start for those companies heavily invested in cloud technology or are projected to in the near future.

To learn more about CASB or if your business is looking for help in implementing it to your business, you can email us your inquiries at marketing@ctlink.com.ph!

Exit mobile version