Santosh Matam
Security Manager, F5 Networks
Measures adopted: Traditional perimeter security depended on firewalls, VPNs, and web gateways that separate trusted from untrusted users are blurred. Protection is now needed where applications and data, and users and devices, are located. As work from home continues, implementing a Zero Trust approach should be the priority for CISOs, their security teams, and users. We are fortunate that there are devices accessible today to shift to remote work seamlessly. With a robust application security portfolio and ability to secure the new control points in a Zero Trust environment, F5 provides the building blocks necessary to address a “Never trust, always verify” approach to securing today’s applications, and also adds a third principle to Zero Trust, “Continuously monitor”.
Mitigating threat situation: Ransomware continues to be the prevailing form of malware used by attackers for illicit gain and to cause disruption. According to the F5 Labs recent Phishing and Fraud Report 2020, phishing continues to be a popular enabler of ransomware and nearly 72% of phishing links send victims to HTTPS encrypted websites. A common security hole—and one that is easy to close—is weak authentication on Internet-linked logins. Locking down Internet-linked logins with better authentication is the first step organizations should take to protect against ransomware, ideally using multi-factor authentication. If you can’t manage that, then at least make sure default passwords and known leaked credentials are changed.
Another common entry point for ransomware is a drive-by download, where attackers will trap websites with browser exploits that inject their ransomware. This means a user surfing a site and viewing a weaponized banner ad can unwittingly land ransomware on their network. These attacks typically leverage one of the much vulnerability in web browsers, web scripting languages, and web animation tools.
Safeguarding customers & employees: Phishing is a growing problem as an unprecedented number of unaware and unprotected users and devices are connected. The 2020 Phishing and Fraud Report found a 15% annual increase in phishing attacks in 2020 as well as an increase in phishing domains using HTTPS and sophisticated URLs.
An organization may have employees working from around the globe. Because of this, old access security measures are no longer enough and must be replaced with safeguards that allow employees and other verified users safe and secure access from anywhere, on any device, at any time. F5 enables organizations to secure and deliver superior digital experiences. For organizations adopting Zero Trust architecture, F5 BIG-IP APM delivers the industry’s most scalable access management solution, APM consolidates remote access, web access management, and Identity Aware Proxy (which helps drive Zero Trust Application Access), enabling organizations to enable the formation of a secure application access that their organization and users require.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.