Security Beyond the Walled Garden
March 03, 2021 by Jeremy Ward
Only a year ago, many organizations were taking a “walled garden” approach to end-user security, building security controls on the idea that most of the workforce would be working in the office. COVID-19 changed everything. Moving from the office to the home created greater demand for secure remote connections, but the impact went beyond the need for technical controls.
I’m willing to bet most employees don’t realize how often they used to call over the cubicle wall for help with a software issue, or the number of times they asked a coworker to come by to take a look when a question arose. When you are in the office, it’s easy to recognize your actions have the ability to impact everyone around you. Isolated at home, people may forget they are just as connected through VPN or using a shared cloud service as they are when sitting next to coworkers. On the same network, careless actions introduce risk, no matter where your desk is.
Like many companies, we had already established a program to continually evaluate and mature our security discipline. With more than 5,500 employees suddenly working from home, we accelerated many of our plans, such as additional multifactor authentication for various applications used on our internal network.
In spite of our hard work, existing defenses, and accelerated plans, we experienced an intrusion into our internal corporate network in September 2020. The good news is the bad actors were in our network for a very short time – 50 hours versus the weeks or months of other companies’ recently reported incidents. In addition, the incident was confined to our internal environment. The bad news is it happened, and it required patience from our clients and our team members as we navigated our way through it. No one can guarantee they won’t be the victim of a cyberattack in the future; however, we’ve made a number of additions and enhancements to our security program to increase our ability to more quickly identify and respond, including these steps which may serve as a checklist for your organization to consider:
- Implemented supplemental 24/7 endpoint detection and response software, providing managed detection and response services in addition to the antivirus and monitoring services already in place
- Enhanced network traffic monitoring services
- Made additional deployments of multifactor authentication and antivirus scanning in front of more commonly used corporate applications that allow for external file sharing
- Forced password reset to all employees
- Blocked outbound traffic to an updated list of suspicious IP addresses
- Took actions to boost resiliency of our backup systems
- Initiated long-term engagement with third-party security expert
- Ensured more expansive limitations on administrative privileges
While new technology and restrictions can dramatically reduce risk, vigilance by every employee is always the first line of defense. Phishing is possibly the most common attempt at intrusion, but new tactics are continually being schemed. This is the first of several blog posts I plan to share, and in future blog posts I’ll cover some of the most pervasive threats.
Vigilance in 2021
The increasing security threat to public sector organizations has become painfully apparent over the past year. Critical infrastructure and data, and historically lower-than-private-sector security investment, make public sector organizations appealing targets for bad actors. The landscape is constantly changing, with ever-evolving privacy laws and new tactics, like the use of social media to influence victims. Keeping ahead of the bad guys requires faster changes to security tools and user behavior.
Responding to COVID-19 has changed the way all of us work. Organizations now need continually adaptive controls that are always on and ready to manage the demands of an increasingly remote workforce. This need will continue long after the virus has been tamed.
Security has long been a priority at Tyler. In 2021, expect to hear even more about our own security enhancements and reminders to be vigilant with your activities. We will also be redesigning our security web page on tylertech.com to feature security and privacy initiatives.
Security is an important part of everyone’s job. While we work on making 2021 safe and healthy, let’s also work on making it even more secure.
Jeremy Ward
Information Security Officer
Tyler Technologies