The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI recently released a list of the ten security vulnerabilities most commonly exploited by foreign actors over the past few years. The list includes vulnerabilities dating back to 2016 as well as three new vulnerabilities that target remote workers. This is no coincidence.
We are in a time of heightened cybersecurity risk. The Covid-19 pandemic sent workers all over the country, and the world, to work from home. This sudden, en masse shift in how work is done created vulnerabilities on an unprecedented scale. Corporate communications now take place entirely online, more sensitive data is being shared digitally than ever before, and workers are using insecure home networks.
Old models of security simply don’t work when people are working from home. Those outdated models, based on building higher and higher fences around corporate data, were breaking down to begin with. Now, with employees’ geographic dispersion creating an impractically large perimeter to protect, the wall strategy completely crumbles.
Old models of security simply don’t work when people are working from home.
Two of the new vulnerabilities leveraged against remote workers are in virtual private networks (VPNs) and cloud collaboration services. To stay safe in the face of such attacks, businesses must recognize that no sensitive data should ever be sent over traditional email. Traditional email, like Gmail or Microsoft Outlook, is inherently vulnerable. Savvy hackers will attack passwords, servers, home routers, and VPNs, and get in.
End-to-end encryption is the only answer for truly secure email and file sharing. The National Security Agency (NSA), the leading authority on security, recently put out official guidelines for secure collaboration. These guidelines are broken down into nine points, with end-to-end encryption using verified encryption algorithms topping the list.
According to the NSA, the top criteria for “selecting and safely using collaboration services for telework” should be: Does the service implement end-to-end encryption?
PreVeil meets all of the NSA’s nine points of guidance for secure collaboration. Additionally, PreVeil exceeds the Department of Defence’s (DOD) Cybersecurity Maturity Model Certification (CMMC) program mandates for security. If you are in the defense industry and work or aspire to work with the government, PreVeil is your best option.
PreVeil is 70% cheaper than Microsoft’s alternative, GCC High, and can be deployed in a matter of hours, rather than six months. Why pay more for less? PreVeil’s security is superior to GCC High and so easy to implement that it has recently been named PC Magazine’s Editor’s Choice for “weapons-grade encryption” and incredible ease of use.
PreVeil provides the gold standard of end-to-end encryption without requiring employees to change their email addresses or get used to a new user interface. It couldn’t be simpler and it couldn’t be more effective.
Businesses outside of the Defense Industrial Base (DIB) shouldn’t feel like they can do less. Not only does skimping on cybersecurity during the pandemic expose companies to undue risk in the present, it also means more work in the future. The DOD’s CMMC program will set the tone for other industries.
[S]kimping on cybersecurity during the pandemic expose companies to undue risk in the present, it also means more work in the future.
Instead of implementing one security solution for work from home now and having to switch again to something that’s CMMC compliant in the future, kill two birds with one stone with PreVeil.
*** This is a Security Bloggers Network syndicated blog from Blog – PreVeil authored by Orlee Berlove. Read the original post at: https://www.preveil.com/blog/why-the-next-major-hack-is-just-around-the-bend/