Network security

In today’s workplace, where users frequently work remotely and systems and data often aren’t located within the physical office space, the boundaries that once defined what was inside and outside of the network have been blurred. A zero trust approach assumes threats can come from both outside and inside the network, which means it relies on verification and access controls for every user and device on the network.

1. Multi-factor authentication

For years, organizations relied on credentials — a login and password — to authenticate a user and deliver access. However, cyber criminals have learned to steal credentials through targeted attacks such as phishing and keylogging, and, with the use of AI technology, they’re able to crack even the strongest passwords in minutes. Introducing additional layers of authentication (multi-factor authentication or MFA) makes access more difficult for attackers.

2. Identity and authentication management

Bringing a network into a unified platform, like Microsoft 365, facilitates zero trust security through powerful features such as centralized identity management, which enables consistent authentication policies across all services and applications. More granular access policies can be employed using conditional policies based on specifics such as location, users, devices, and risk level.

Today’s cyber threats are continually evolving, learning new ways to enter a network and wreak havoc — malware, ransomware and denial of service are some of the more popular exploits experienced by businesses of all sizes.

Intrusion detection is a game of cat and mouse, a continuous and dynamic struggle between attackers and defenders. As technology evolves, both sides adapt and develop new techniques to out-maneuver one another. As attackers innovate, defenders respond. Defenders detect, attackers evade.

1. Firewalls

Firewalls are designed to protect your network’s infrastructure and improve site-to-site connectivity. Today’s most advanced firewalls provide enhanced capabilities that allow real-time protection against malware, vulnerabilities, and network attacks. Intelligent analysis allows for deep application context, combining human and machine learning to apply rules specifically to allow or deny traffic.

2. Anti-virus software

Anti-virus software falls into three primary categories: signature-based, behavior-based, and machine learning.

• Signature-based: The signature method compares the code of a suspicious file to a database of known malware signatures. If there’s a match, the file is immediately flagged and blocked, contained, or deleted.

• Behavior-based: This software analyzes the behaviors of a file (such as rapid encryption), which enables it to discover new malware it hasn’t seen before. Because cyber criminals are constantly evolving and developing new strains of malware, this provides much stronger protection than signature-based solutions.

• AI-based: Machine learning-based software is the latest and most robust type of anti-virus protection, applying algorithms and datasets to detect malicious patterns in malware on individual devices and across large networks.

3. Ransomware containment

The days of ‘set it and forget it’ antivirus installations are long over with the introduction of sophisticated, malicious attacks such as ransomware, which requires a combination of prevention and mitigation. Preventative solutions detect ransomware signatures and behaviors, stopping them from getting past the perimeter. But as cyber criminals use increasingly sophisticated tactics, a second line of defense is necessary.

Ransomware containment stops illegitimate encryption at the source, isolating and containing it to prevent further spread. Ransomware containment is a critical last line of defense to an organization’s security infrastructure, filling the perilous gap between devices and file shares where organizations often lack the essential defenses.

Endpoints are today’s most common entry points for malware, ransomware, deep fakes, and social engineering. If a cyber criminal gains access to one of your endpoints, they can potentially find ways to burrow further into the network to access sensitive data or launch large attacks.

1. Web filtering

Providing protective security and content filtering minimizes risks and maximizes safety as a critical component of defense. Filtering is commonplace for email, tools often referred to as anti-spam, email security, or email filtering. While providing email protection is important, it is only half the filtering solution.

Managed web filtering is designed to block malicious domains that may include harmful content such as ransomware, malware, viruses, and data phishing. Optionally, specified content types may be blocked based on individual business needs to prevent access to domains that may contain adult, gambling, crypto mining, dating, or other prohibited content.

2. Mobile device management

Mobile device management applications such as Microsoft Intune enable rapid deployment and application management on mobile devices, limiting data migration. It can be leveraged when securing an entire mobile device, also protecting against malware and enabling complete removal of company data in the event of a threat or employee departure.