Tag: layered security

06 Dec 2021
How Layered Security Can Address Growing Cyberthreats

How Layered Security Can Address Growing Cyberthreats

How Layered Security Can Address Growing Cyberthreats

With the increasing complexity of cyberattacks, financial institutions need to implement more effective—and comprehensive—security measures. They need a variety of elements to create a layered approach to secure their data, infrastructure, and other resources from potential cyberthreats.

Many organizations rely on a castle-and-moat network security model where everyone inside the network is trusted by default. (Think of the network as the castle and the network perimeter as the moat.) No one outside the network is able to access data on the inside, but everyone inside the network can. However, security gaps may still exist in this model and others. The best approach to compensate for gaps is to surround the network with layers of security.

The basic “table stakes” for a layered security approach include a perimeter firewall with content filtering, email threat filters, an endpoint malware solution, and a robust patch management process. Banks and credit unions could also invest in additional and more sophisticated layers but each one will have associated acquisition and management costs, along with ongoing maintenance. So, it’s prudent for institutions to invest only in the number of layers/solutions they can competently manage.

Key Concerns

Today the top IT security concern for many organizations is ransomware. Due to the proactive measures many financial institutions have taken, the banking industry has fewer security breaches than health care and some other industries thus far. However, when a breach does happen to a financial institution, the impact is more costly than breaches occurring in other industries.

Four-Layer Security Formula

With these concerns in mind, here’s a four-layer “recipe” organizations can employ to improve their security posture:

  • Training and Testing: Using email phishing tests can serve as a good foundation for minimizing BEC and other social engineering threats.
  • Network Design: Institutions should refresh older networks to segment their components into different zones. It’s no longer sufficient to have servers, workstations, and printers sitting in one IP space together.
  • Domain Name System (DNS) filtering: DNS filtering prevents potentially damaging traffic from ever reaching the network. Because it proactively blocks threats, this makes it one of the most effective and affordable security layers institutions can apply.
  • Endpoint Protection: Institutions should have this type of protection on each of their endpoints, and the best endpoint protection tools have built-in ransomware solutions.

Other Important Considerations

It’s important to back up data regularly and ensure that those backups are well beyond the reach of ransomware and other threats. (Backups done to a local server that’s on-site and are still on the network may be susceptible to ransomware.) One way to address this issue is to have immutable backups, which are backup files that can’t be altered in any way and can deploy to production servers immediately in case of ransomware attacks or other data loss. Another option is to send backups to a cloud solution like Microsoft Azure Storage, which is affordable and easy to integrate because there are no servers to manage.

Another crucial element in security is Transport Layer Security/Secure Sockets Layer (TLS/SSL) encryption protocol, which can be somewhat of a double-edged sword. About 80 percent of website traffic is encrypted to protect it from unauthorized users during transmission. Traditional firewalls don’t have the ability to scrutinize traffic against a content filtering engine, which means savvy hackers can hide ransomware and other dangerous content inside. But firewalls with advanced features are capable of TLS/SSL inspection; they can decrypt content, analyze it for threats, and then re-encrypt the traffic before entering or leaving the network.

There’s an array of security solutions that institutions can implement to establish layered protection against cyber threats. For more insights about this topic, listen to our webinar on “Cyber Threats, Why You Need a Layered Approach.”

23 Nov 2021
Importance of Security Layers

Importance of Security Layers

Importance of Security Layers

In the past, it wasn’t uncommon for organizations to maintain basic information security: a firewall, anti-malware software, and maybe a few other resources. But modern operating environments require financial institutions to go beyond limited measures and implement multiple security layers to protect their sensitive information, infrastructure, and other assets.

Today banks and credit unions have a variety of elements that comprise their computer networks, and these components require numerous security solutions for them to operate securely. There’s no such thing as having too many solutions—although some entities invest in more resources than they can competently manage. The most appropriate approach is for institutions to employ all the security layers they can afford to pay for and oversee effectively.

The security landscape has changed significantly over the years. With the evolution of technology, cybercriminals are launching more frequent and sophisticated attacks against organizations. (The bad guys have it easy; they only have to get it right once. Security professionals, on the other hand, have to get it right all the time.) Currently, the top security threats for financial institutions are a remote workforce, ransomware, and the Internet of Things devices like webcams, Amazon Alexa, and Google Chromecast.

Security Considerations

Financial institutions often select security products based on what their security posture requires to pass exams. But the emergence of new threats is motivating more institutions to select solutions not just based on examiner expectations, but to also consider what is essential for operational safety. Generally, the security products that institutions invest in are determined by their cost and ability to mitigate risk.

For the most part, the financial services industry is interested in solutions that require minimal management involvement and customization to be effective. The industry also tends to adopt solutions once they’ve reached a certain level of commoditization and are priced lower. For example, well-commoditized solutions like anti-virus agents and anti-ransomware tools allow institutions to protect against expensive threats for the minimum cost. An effective anti-malware agent—especially one with some specific anti-ransomware technology—is another essential layer for endpoint protection.

Ultimately, increased competition leads to technology innovation and consolidation. A good example of this is what’s happened with firewalls. Implementing a firewall used to equate to a simple router that separated public and private networks. Things evolved when people began adding dedicated appliances like intrusion detection and prevention systems, antivirus gateways, web content filters, and other technologies. Through commoditization, these different elements became consolidated into the firewall to create a unified threat management system. More recent innovations that allow institutions to inspect encrypted traffic and sandbox potentially hazardous traffic have ushered in the next-generation firewall.

Going Beyond Basic Requirements

A fundamental requirement for layered security is multi-factor authentication (MFA), which involves several elements for validating the identity of users. While some organizations have concerns about MFA negatively impacting user experience, the technology provides an advanced level of protection that strengthens security.

Transport Layer Security is now implemented to secure over 80% of web traffic. The TLS protocol is used to encrypt data between a web browser and a website. While this is great for user privacy, it prevents institutions from inspecting all user traffic for threats. Transport Layer Security (TLS) Inspection has become a more common—and critical—security tactic for financial institutions. TLS inspection allows institutions to decrypt and inspect TLS traffic, so they can filter out malicious information and protect their network.

The increased adoption of endpoint security and other innovative technologies is making it easier for financial institutions to implement a layered approach to security. Safe Systems offers a wide range of security solutions to help community banks and credit unions incorporate multiple levels of protection to enhance their security posture.