Centre de recherche > New Podcast: CDW and Cisco Provide Cybersecurity Insights
Article
2 min

New Podcast: CDW and Cisco Provide Cybersecurity Insights

This six-episode podcast series features cybersecurity experts from CDW and Cisco discussing trends and hot topics in the security space.

New Podcast: CDW and Cisco Provide Cybersecurity Insights

CDW ispleased to partner with Cisco on our new podcast, GetIT: Cybersecurity insights for the foreseeable future. This six-episode series featurescybersecurity experts from CDW and Cisco discussing trends and hot topics inthe security space.

In the series premiere, Endpoint Security Best Practices for Remote Workers, Theo van Wyk and Chris Graziano from CDW and Mike Storm from Cisco share home network security best practices and discuss cybersecurity risks to be aware of when working from home. Here are some of the topics they tackle in Episode 1.

Can working from home be just assecure as working from an office?

It reallydepends on the technology and the protocols that you've put in place. Withtoday's technology, and a lot of work from home procedures, there's definitelythe capability of being just as secure at home as you would be in an officeenvironment.

With thatsaid, it's important to understand the security posture of the company that'shosting the remote access. What security profiles are being used, howcommunications are occurring, is it being backhauled, is it split tunnel. A lotof those variations can not only put the user at risk, but could potentiallyrisk company assets as well.

Pros and cons of a VPN when it comesto network security

The greatthing about a VPN is it provides a secure channel between endpoints, betweensites. The problem that you have with VPNs is, depending on how those endpointsactually interact with the VPN, you can actually cause more damage.

You reallyhave to determine what your security posture should be and make sure you'reextending that level of protection all the way down to the end user.

VPN offerssecure access from the edge of your laptop to the edge of the network. Anythingthat's happening inside of the laptop potentially is not protected by the VPN.

Cybersecurity threats related tovideoconferencing

Many threatactors are now using vulnerabilities in videoconferencing tools to infiltratemeetings and listen in to conversations. The best practice is to ensure thatall videoconferencing software that you are using at home, both for businessand personal, has been updated to the latest supported version.

As long asvendors work on patching these tools as fast as they can and we keep updatingthem, these platforms will be a lot more secure than even a month or two monthsago.

In themeantime, treat your virtual meeting space the same as a physical meeting room.If someone walks into a meeting room, you'd stop and ask who they were. Ifsomeone gets up and leaves, you would take note of that. And use passwords tocontrol access, like you would close the door of your meeting room, so peopledon't just walk in or can overhear your conversations.

The importance of creating strong,unique passwords

The bigmistake people make is they use the same email address and password fordifferent sites. Hackers just have to make sure you're a user of that site,then they can try not only the password they stole, but in looking at yourdata, they can understand your password tendencies.

Keepingpasswords unique can be cumbersome, but for every site, everything should havea different password and it should be complex. It should be impossible toremember. A password management tool can help you with this.

Also, if anyof your accounts offer multifactor authentication (MFA), you should set it up.MFA prevents thieves that have your email address and your password or use acredential stuffing attack to get into your account because that account is setup to ask you for an additional form of verification. This makes it moredifficult to get your information than another potential target.

Attackershave a finite amount of resources and time, so they're trying to find the pathof least resistance. If they've got 10 000 user accounts, and a bunch of themhave MFA, unless they want to specifically target you which is extremely rare they're going to move on to somebody else and find an easier target tocompromise.

Email security and how to spot aphishing attack

  • Takea look at email headers and see who the message is coming from. If you're notfamiliar with the address, there's a good chance it could be malicious.
  • Makesure you don't click any links within an email. Especially if you're not sureif the sender might be malicious.
  • Bewareof embedded graphics this can be another method of attack.
  • Manyphishing emails want you to do some kind of urgent action, which could put youat risk; either clicking a link, opening an attachment or sending moneysomewhere. Take a step back, think twice and really take a good look at theemail to make sure it's coming from the person you believe it's coming from.
  • Don'tforget the human element. If you have any doubt, pick up the phone and call.Call the bank, call your boss, call the person who sent the email. Sometimes asimple phone call can prevent a major security breach!

Security best practices for smart homedevices

When it comesto cameras and microphones, think about where you are pointing it. If someonewas able to compromise this device, how would you feel about it? If it's acamera monitoring a storage shed, that might be a different risk profile than awireless nanny cam that's pointing at your child or a laptop webcam when you'reworking with your children in the room.

Ensure you'reusing reputable vendors. There are a lot of third-party vendors being soldonline, and the security policies for some of these tools are not as strong as thoseof the more well-developed technologies.

Read the manuals for all of these devices. Change default passwords. And if you're using an email account to access your device remotely, use a unique password.

For more insights on endpoint security, listen to Episode 1 now. And keep an eye out for more cybersecurity podcasts in this series!