Minimize Cyber Security Risks For Remote Workers

Minimize Cyber Security
Risks For Remote Workers

Jason Yuan
VP - Product & Marketing
Sangfor Technologies
www.sangfor.com Sangfor Technologies Inc.

Contents
PART PART PART PART

1 2 3 4
Impact of Difference Security Best Technologies to

COVID-19 Between WFH* Practices for WFH Secure WFH
and Office
*WFH: Work from Home
Sangfor Technologies Page 1

The Impact of
PART 1 COVID-19

Covid-19 changes how we work
• The CISOs were forced to implement IT infra to support work from home
• WFH will become normal post pandemic (70%)
• CFOs are considering re-investments of their office space (66%)

Cyber Criminals Become More Active
During The Pandemic
Recent Study:
• 273% rise in large-scale data breaches
in the first quarter
• 217% rise in DDoS attacks during

pandemic
• 109% increase in ransomware attacks

in the US through the H1 2020
• 400% increase of cybersecurity

complaints to the IC3 during
pandemic
Source：LEXOLOGY， FBI

Three Trends For The Threats During COVID-19
More Targeted to major corporations, governments and

critical infrastructure
Taking advantage of security vulnerabilities by WFH to

steal data, generate profits and cause disruption
In January to April, 907,000 spam messages, 737 incidents

related to malware and 48,000 malicious URLs – all
related to COVID-19
Source: INTERPOL

The Difference
PART 2 Between Work From
Home and Office

The Topology Between WFH and Office
SaaS: O365, SF.com
Security devices:
NGFW/IPS/SWG/
VPN Controller Corporate data

and Apps
Wireless Router
EDR
Home Devices
Office Networks

5 Cybersecurity Risks for Working from Home
1. Internet access become far more dangerous

SaaS: O365, SF.com
• Lack of protection to filter the malicious websites
• Lack of security protection against malware downloading
• Virus spread between home devices become easier

and Apps
Wireless Router
Home Devices

2. Home Router is Full of Vulnerabilities

SaaS: O365, SF.com
• Weak password for the WIFI

• Hardware and software vulnerabilities due to lack of update
for home router
• Far easier for Cyber Criminals to hack into your home network

and Apps
Wireless Router
Home Devices

3. Risk of phishing surges

SaaS: O365, SF.com
• Hackers use COVID-19 themes for phishing and online fraud
since the outbreak
• Hackers pretend to be administrator to upgrade account,

pretend to be your team leader to ask for sensitive data
• Targeting home: 12% -> 60%
• Employees with weak cyber security awareness are having a

hard time to distinguish the real and fake emails when they
and Apps
encounter these kinds of phishing attack Wireless Router
Home Devices

4. Personal devices access to office network

SaaS: O365, SF.com
• Personal computers always already been compromised by

the virus/webshell from game or software.
• Unknown accounts access to office network
• Shadow assets to the corporate IT

and Apps
Wireless Router
Home Devices

5. Data leakage risk by using IM and cloud storage

SaaS: O365, SF.com
• Save corporate materials on the cloud is not secure, hackers
may search personal documents from cloud storage
provider.
• Using Instant Message to transfer documents also leaves

vulnerabilities for sensitive data.

and Apps
Wireless Router
Home Devices

Security Tips
PART 3 for WFH

Minimize Risks for Remote Workers From 3 Aspects
Security Awareness Access Control and Continuously Threat

Training Cyberattacks Prevention Detection and Response

Awareness Improvement Training
Be aware of Be cautious before

malicious website downloading software that
include virus or webshell
Look out for phishing emails Use dedicated computer for

(Especially regarding to working
covid-19 during this
pandemic)
Keep your home office Stop uploading the documents

devices and network devices on the cloud and using IM to
up-to-date transfer documents

Access Control & Cyberattacks Prevention
Install
Disable the
Endpoint
RDP protocol
Prevention to
access office
home office
network
PC
Limit account Use network

Use a VPN when
and hardware Security devices
accessing any
access to the to prevent
of your
office network attacks from
organizations
remote worker
file servers

Improve Detection and Response
Comprehensive protection Detection of known and

everywhere unknown threats
Able to respond to security Latest and relevant global

events in a timely matter threat intelligence
(Source: Gartner)

Continuously Threat Detection and Response
Continuously detect the attacks bypassing

the security devices
Continuously detect the unknown

accounts and shadow IT
Continuously detect the suspicious access

behaviors and data transfer behaviors
Quick response against verified

threats
Automatic response with known
threats

Technologies
PART 4 to Secure WFH

Technology For Access Control and Prevention
1) Centralized Remote User

Authentication &
Management
(ex: Sangfor NGAF and IAM)
Remote Users DMZ

2) Keeping Control of
Employee Access Privileges in VPN GW
Your Enterprise Network
Data
(ex: NGAF; Security Process) Center
VPN
3) Secured Remote
Employee by Having
Integrated Endpoint & NGFW
Defense
(ex: Sangfor NGAF and Endpoint
Secure)


Authentication &
Management
(ex: Sangfor IAM)
Remote Users DMZ

Data
VPN
3) Secured Remote
Employee by Having
Defense
Secure)


Authentication &
Management
(ex: Sangfor IAM)
Remote Users DMZ

Data
VPN
3) Secured Remote
Employee by Having
Defense
Secure)

Cyber Command: Detection and Response
A Platform for Threat Detection and Response
Effective collection for full flow + Sophisticated Faster and More

security logs DETECTION Simplify Threat Hunting Efficient RESPONSE
Detection Threat Hunting Response

Cyber Command
Block open ports
Data Lake Engine zero AI Attack chain analysis
UEBA NTA Contextual verification Scan for other malware
Systems Endpoint Stop

TI Attack sorting Attack Path Quarantine
Secure processes
NGAF Others Security incident alert Shut down C&C Connections
Devices
Network
Comprehensive Visibility

Continues Detection and Response
TIARA with Cyber Command
Compromised WFH Unpatched servers

users from VPN
DMZ
VPN GW Ghost VMs

X Data Center
X
VPN
X X X
Cyber
Self-Propagating Command
warms
Unknown/Unmanaged Endpoints
• Mobile
• Printer
• IoTs
Slow & Stealth Attacks

Visit Our Dedicated WFH Webpage For
More Information
https://www.sangfor.com/source/answer-to-covid19/index.html

Next Weekly Security Webinar
Are You Doing It Right? Handling a Malware Outbreak

22th September 2020 | 16:00 (GMT +8)
"I believe no one will ever attack me or my organization". "I

bought a firewall and antivirus software, I am protected
against virus & malware attacks". Many people may have
these illusions where they assume, they are the lucky one or
expect consumer security products will solve Click to single
every add text
security issue for them.
Unfortunately, it does not work that way. Some users may

panic and do not know what to do after being infected by
malware such as ransomware and give in to pay a ransom
to get back their files, or they may handle it by themselves in
the wrong way, leading to further infections. Join our
webinar to learn about how to properly handle a security
incident with organized and systematic ways and prevent
similar incidents from happening in the future.

THANK YOU!
Visit our website at www.sangfor.com for more
information, or send us an email
to marketing@sangfor.com
www.sangfor.com Sangfor Technologies Inc.

Minimize Cyber Security Risks For Remote Workers

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Minimize Cyber Security Risks For Remote Workers

Uploaded by

Copyright:

Available Formats

Minimize Cyber Security

Risks For Remote Workers

www.sangfor.com Sangfor Technologies Inc.

PART PART PART PART

Impact of Difference Security Best Technologies to

*WFH: Work from Home

Sangfor Technologies Page 1

Sangfor Technologies Page 2

Sangfor Technologies Page 3

• 217% rise in DDoS attacks during

• 109% increase in ransomware attacks

• 400% increase of cybersecurity

Sangfor Technologies Page 4

More Targeted to major corporations, governments and

Taking advantage of security vulnerabilities by WFH to

In January to April, 907,000 spam messages, 737 incidents

Sangfor Technologies Page 5

Sangfor Technologies Page 6

SaaS: O365, SF.com

VPN Controller Corporate data

Sangfor Technologies Page 7

1. Internet access become far more dangerous

• Lack of protection to filter the malicious websites

• Lack of security protection against malware downloading

• Virus spread between home devices become easier

VPN Controller Corporate data

Sangfor Technologies Page 8

2. Home Router is Full of Vulnerabilities

• Weak password for the WIFI

VPN Controller Corporate data

Sangfor Technologies Page 9

3. Risk of phishing surges

• Hackers pretend to be administrator to upgrade account,

• Targeting home: 12% -> 60%

• Employees with weak cyber security awareness are having a

Sangfor Technologies Page 10

4. Personal devices access to office network

• Personal computers always already been compromised by

• Unknown accounts access to office network

• Shadow assets to the corporate IT

VPN Controller Corporate data

Sangfor Technologies Page 11

5. Data leakage risk by using IM and cloud storage

• Using Instant Message to transfer documents also leaves

VPN Controller Corporate data

Sangfor Technologies Page 12

Sangfor Technologies Page 13

Security Awareness Access Control and Continuously Threat

Sangfor Technologies Page 14

Be aware of Be cautious before

Look out for phishing emails Use dedicated computer for

Keep your home office Stop uploading the documents

Sangfor Technologies Page 15

Limit account Use network

Sangfor Technologies Page 16

Comprehensive protection Detection of known and

Able to respond to security Latest and relevant global

Sangfor Technologies Page 17

Continuously detect the attacks bypassing

Continuously detect the unknown

Continuously detect the suspicious access

Quick response against verified