Call us on 0330 332 7933

Discovering managed, cloud-based next-generation cybersecurity

Cloud computing is commonplace within the public sector, but have you considered the benefits of using cloud-based security to protect the perimeter of hybrid cloud computing and on-premise networks?

You probably know about our managed firewall services but might not know about Touch Secure – our managed, cloud-based, next-generation firewall service (NGFW) which secures your network perimeter, independent of location.

How we started

Sometimes the best way to find out whether a product will succeed is to sell the concept before building it: that’s exactly what happened with Touch Secure.

Last summer, our public-sector account team were with a customer discussing their IT issues, which included traditional firewalls. Their biggest challenge was growth in client Internet usage, which was overwhelming network capacity. As the firewalls became exhausted, performance dropped and users became frustrated.

They had a small team, multiple sites and a base of almost 1,000 clients. As they were kept busy managing applications and data critical to the day-to-day running of the organisation, outsourcing management of their cybersecurity was something they were keen to do.

Our solution: Touch Secure

If you’re familiar with the basic principle of cloud computing – a centralised computing resource, partitioned into separate virtual servers – then think of Touch Secure as being similar, except it uses a centralised firewall resource, partitioned into separate virtual firewalls.

A key difference is that Touch Secure provides next-generation cybersecurity measures. What are these? Whereas traditional firewalls allow/block packets based on port, protocol, source/destination addresses, NGFWs examine packet payload, protecting against user behaviour, whether accidental or malicious.

A key difference is that Touch Secure provides next-generation cybersecurity measures.

The main measures are email filtering, web filtering and application control:

  • Email filtering is an anti-spam and anti-virus feature which examines email, searching for and removing any viruses, Trojans and worms. It also filters unsolicited marketing, phishing and spam messages.
  • Web filtering restricts or controls what a user may access on the Internet. This improves security, prevents inappropriate activities and increases productivity.
  • Application control detects and takes action against network traffic based on the application that generated it, such as a Facebook posting or a Dropbox file sync.

Sandboxing

This may be new to you, but with the increasing threat from zero-day exploits, particularly ransomware, it’s important to understand what it does. Code spans a continuum from known good to known bad – the mid-point is unknown code. Firewalls cannot stop the most sophisticated attacks because they rely on identifying known attack indicators.

On encountering unknown code, a firewall sends it to the sandbox for analysis, entailing teasing it into exposing itself. On identifying new malware, the sandbox quarantines and sends it to the sandbox manufacturer, which sends a signature update to its global base.

Monitoring & Self-Service

Outsourcing cybersecurity management doesn’t mean that customers lose visibility. Our OnePortal provides real-time visibility of events and user security incidents. We’re adding self-serve capabilities enabling administrators to make changes like traffic-shaping users and managing session concurrency. Administrators therefore retain visibility and control of routine tasks, leaving us to take care of managing the underlying cybersecurity service.

Up next

Whose role is it to tackle cyber security?

I am sure you’ve noticed that the threats to online security are constantly evolving, and have become increasingly sophisticated. At Intercity, we make it our job to ensure we’re experts on the latest security threat vectors, from mobile malware, phishing and DDoS attacks, to common rogue insider activities.

But it seems, no matter how seriously we take cyber security, many businesses are still falling short — latest figures show that over four in ten UK businesses and two in ten charities suffered a cyber breach or attack in the past 12 months.

And the most common attack? Fraudulent emails followed by cyber criminals impersonating an organisation.

Ensuring your business is cyber secure should be without question. And there are various ways of doing so, whether it is on-premise security or a cloud-based Security as a Service (SECaaS). The bigger question, perhaps, is not how to secure your business, but who takes ownership of this cyber security process?

Cyber security is more than just IT

Often, the burden of responsibility of cyber security falls to you — the IT department. And on the surface, that makes sense. Historically, it was considered ‘IT security’; companies defined specific perimeters to protect internal IT systems from external threats.

Whilst these perimeters are now expanding or even disappearing altogether, online security solutions are still technology-based tools. These tools generally assess and encrypt your sensitive information, protect your business devices and block malicious activity as early as possible. As the tech expert, you’re best positioned to choose the most robust tools, solutions and reliable partners to secure your business architecture. The rest of the business trusts you to do so.

But, as we’ve already discussed, a significant number of threats begin with a single, often non-IT staff member doing something they shouldn’t — opening a malicious attachment or clicking on a phishing email. Whilst technologies can detect if a hacker is attempting an attack and restrict compromised devices, your technology solutions can only go so far.

It is impossible, therefore, for your IT department alone to keep the entire organisation secure. It should be a collaborative effort that should go up to the very top of the business, and extend across all operational departments.

Is your board involved?

The surge in high-profile, malicious attacks in recent years, with WannaCry and NotPetya the most recent, has raised the stakes of online security. As such, cyber security has (or should have) become an integral part of organisational risk assessment and management.

Your board members have the easiest access to the most sensitive business information. For this reason, they are just as, if not more than, likely to be targeted by cyber criminals.

Despite this, there still seems to be a lack of clarity among some boards about how to oversee and provide guidance and leadership on these threats. Our latest research on cyber security shows that whilst just under two thirds of senior leaders have some understanding, only 30% have an in-depth understanding of the risks associated with evolving cyber threats.

It is, however, your role to take this knowledge to your board. They needn’t be online security experts, but they should be abreast of the common threats and potential weaknesses of your business. What’s more, your board members have the easiest access to the most sensitive business information. For this reason, they are just as, if not more than, likely to be targeted by cyber criminals.

To broaden their involvement, why not disseminate a regular update or summary of the main components of your security strategy? This could include a review of the current threats and recently prevented attacks, as well as a review of the training and education taking place across the organisation.

Cyber security is everyone’s job

Whilst online security is certainly a board-level concern, it is everyone’s role in the business to tackle it. You, as the security and technology expert, still have an integral role to play here.

Thorough education programs should be crafted into your security role to train the wider business on potential online threats. This could involve regular presentations to your staff on what to look for in a malicious email, or outlining activities to avoid on business devices. Train your staff to be vigilant, this includes showing what these threats ‘look like’ and most importantly, how to avoid them.

Subscribe to our thinking

Human error is the cyber security ‘wildcard’; it’s not something that IT departments can easily mitigate so, unfortunately, it is often overlooked. Many organisations focus on preventing cyber criminals from exploiting technology and ignore the mistakes their staff can make, with or without IT. The most secure businesses have robust technical safeguards in place, whilst constantly patching holes and plugging gaps in their front-line of defence — their workforce’s knowledge.