BlackHawk Data Engineer Q&A: Keeping Your Remote Workforce Securely Connected
Over the past several weeks, most if not all of the workforce of many organizations was abruptly sent home with minimal preparation.
If you’re one of the lucky one’s, like us to be a New York City-based business, the move from in office to remote seemed to be an overnight decision, leaving many with a lot of questions, especially around how to secure their business and remote workforce when everyone’s at home.
As cybersecurity experts, we have the answers to your questions, as well as solution suggestions to keep your business safe and secure during these uncertain times.
Question: How do I connect remote users back to my corporate data center? Do I really need to?
Answer: In the past few years, the move from on-premises applications to cloud or SaaS-based applications may have relieved your dependency on the corporate data center. For instance, a simple migration to Office 365 can remove the dependency for on-prem mail and file servers which makes remote transition easier. However, though users have access they don’t have the normal corporate protection firewalls, IPS, proxies, traffic filters and all the other fancy tools to block malicious traffic from reaching them or stopping them from reaching malicious sites or command control networks.
My favorite solution for this is Cisco Umbrella. I like it because it works great, it’s quick and simple to deploy, and better yet, it requires no hardware to provide a level of protection that rivals on-premises traffic filters and firewalls!
Cisco Umbrella is a DNS service that replaces current DNS settings in an end-user machine, so instead of your users picking up the DNS settings from their home router it uses the Umbrella DNS servers in their place. The Cisco Umbrella service is also known as OpenDNS which is a free version of the product used by over 85 million people—I recommend it to everyone for their personal devices. The combination of the free platform plus the commercial Umbrella service gives Cisco the ability to spot threats, patterns, malware domains, IPs and networks across the internet.
For example, your user receives an email that looks to be from O365 like this one:
If they click the “Verify Now” button it brings them to a page to login like this one :
Looks legit right? Unless they’re paying attention to the actual URL (which most users don’t) and most times this is a very long URL of characters/numbers (https:://msrl.online/10_aejna_dkdk/fnfnsoa134iasdf012n21onnn well you get the picture) making it harder to spot.
Cisco Umbrella logs these as malicious, so when the user clicks “Verify Now,” they see this:
Instead of your user handing over their credentials to the bad guys and allowing them to take whatever the user has access to or to inject malware into the organization, the attack is stopped before it has a chance to wreak havoc.
Don’t just take my word for it. You can road test it for free for 14 days. Not only is the trial free, but BlackHawk Data will set it up for you for free as well.
About Jason
An industry veteran with more than 20 years of experience in both network design and delivering expert-level solutions to clients, Jason supports a variety of industry-leading vendors, including Cisco, Palo Alto Networks, F5 and Microsoft, enabling him to effectively lead BlackHawk Data’s Solutions Architects, Service Delivery, and Managed Services teams.