Securing Your Network in Remote Deployments Webinar Transcript Watch On-Demand Now

Sam Ruggeri [00:00:01] Okay, and the interest of time we'll get started. Good afternoon and welcome to today's session securing your network and remote deployments. My name is Sam Ruggeri. I will be your host for today's session and these crazy sensitive times that we're all facing one of first. Thank you for all taking the time out of your busy day to join us. We know we're all struggling to keep everything operational in our business. 

Sam Ruggeri [00:00:23] It's a trying time for many across the United States and abroad as a coronavirus outbreak continues many companies are making infrastructure changes on the fly and opening their corporate network to potential attacks. Unfortunately, during these times attackers are most likely to strike. We have helped many clients some of which are on this call with the multiplier moments, whether they're working from home or isolated areas the word preparedness cannot be more prevalent than it is today. We want to educate shared best practices to help you and your business as best as possible. This is a learning knowledge sharing webinar. 

Sam Ruggeri [00:01:00] I'm not selling anything. We're truly here to help with that. We have assembled a panel of experts each in their respective areas will be sharing principles that can be applied to help promote. Good remote working hygiene some quick housekeeping. We're going to limit each speaker to about 7 minutes leaving us enough time for questions and answers at the end of this session. It's about all the questions that we could possibly answer that will help other folks as well. So I thank you for that, with that. Please allow me to introduce our first speaker. 

Sam Ruggeri [00:01:30] Go, Michael Oglesby is our Vice President of Security Services. He is highly certified as you can see by the credentials under his name is well sought after the speak in our sector and in fact, he spoke on the local news yesterday. He has secured key infrastructure for our nation as well Michael. It's all yours. 

Michael Oglesby [00:01:52] Yeah, thanks. And thanks for everyone for joining the call today. My college we're going to really talk upcoming about some specific strategies around securing your remote workforce, your remote applications. But I wanted to take a little bit of time to talk a little bit about the threat landscape that were seen and quite frankly. It is unprecedented. Right? This is an unprecedented event and we are starting to see an unprecedented level of malware and phishing. 

Michael Oglesby [00:02:22] Taking advantage of this Covid-19 themes that are out there now. I mean, this is nothing new you guys, you know, get emails from us all the time talking about. Hey, watch out for this watch out for that. You know, the name of the game and phishing is to be timely, which means tying it to some sort of thing that's ongoing typically right now. I would come on here and I would talk to you guys about hey watch out for those tax themes. Right? 

Michael Oglesby [00:02:47] All the phishing is going to be around pretending to be a DP pretending to be your provider pretending to be the IRS talking about your tax return, was rejected login here to check it out. Those are still out there, but they have dropped away significantly over the past months and the amount of Covid malware related to our themes that are out there is exploding exponentially, you know, you're looking at those graphs about the infection rates around the world and you're seeing that hockey stick go up. 

Michael Oglesby [00:03:16] We are seeing that exact same thing our security operations center on basically every rip that we measure looking at spam tombs checkpoint is reporting 16,000 new malware related domains around Covid in February and put that in perspective. That's ten times the average that we see on like a tax related theme this time of the year the numbers for March are even higher almost 20 percent higher than normal the number of domains. The number of phishing emails were seeing the number of SSL. 

Michael Oglesby [00:03:52] All certificates with Covid in them has all just hockey stick growth upwards every day. So, you know vigilance, vigilance, vigilance, you know, there's not any sort of magic bullet to it. But, you know, every email your employees are getting that you are getting that's Covid related take it with a grain of salt at this point. It's probably spam horror than legitimate this point. Make sure you're going to trusted websites. Make sure you go to you know, the World Health Organization directly not any sort of misspelling or any sort of sub domain. 

Michael Oglesby [00:04:22] Next we are going to the right sides and really over communicate to your employees, you know, make sure they know exactly how you are going to be operating. You know, we're going to be using this technology provider through this process, you know, don't click on any links from from any other type of solutions. We still have the charitable contribution scams. And those are still going on right now. You don't need to donate to any charitable organization through Bitcoins. That should be a huge red flag. 

Michael Oglesby [00:04:52] You know, you shouldn't accept any contribution from some of you don't know at this point think CDC notices are really big right now. So a lot of VPN Solutions phone EDP installers the really trying to take advantage of the mass confusion around. How do I work from home? What do I need to install? So they're just sending out massive amounts of email saying hey, here's our new work from home solution. Click here download that it's a really make sure you're staying in front of that. 

Michael Oglesby [00:05:20] We had some indicators from put some of the malware operators that they were going to quote unquote, you know, take a few months off, take a break not a tech health care workers. You should have taken that with a grain of salt, because we did because we know we've had to activate our IR team, you know yesterday, I had to go on site to clean up ransomware assessment. So the attackers definitely are not stopping despite what they might have said publicly. 

Michael Oglesby [00:05:45] The number of malware is just dramatically increasing. Good next slide. So I just kind of wanted to talk a little bit strategy around you know, what can we be doing at a strategic level around security and there are kind of three main things. I want you guys to be thinking about during this time. Number one is we really want to make sure that our security boundaries are still enforced and monitored and whatever solution that might be. You know, a lot of us are going home lot of us are working from home remotely now, right? This is the concept of BYOD or the zero-trust environment or you know, the network is dead everyone works 

Michael Oglesby [00:06:21] cloud nowadays and that's true more or less, but we still need to make sure that we are continuing to be able to monitor that stuff be able to secure that stuff and whatever methodology we're using to project those services now to our home users. We need to make sure that we're able to at least be able to provide some sort of security guidance to them some sort of security product. My colleagues will talk about some specific ways that can happen, but a quick example is, you know remote. 

Michael Oglesby [00:06:51] Top. Yeah, it's really easy. When you're out of corporate environment go to remote desktop to your workstation. But how can you do that? Securely, you know through the internet. Do you need some sort of gateway? Do you need some sort of VPNs? You need some sort of security monitoring solution and the answer is yes in my opinion definitely need that so think about how you can extend that security boundary now to the home that's going to be doing at a rapid pace. The second piece is how can you extend your security protections and telemetry to the endpoint? Right? What kind of antivirus solution do you need you? 

Michael Oglesby [00:07:21] Protection what kind of agents do you need on those workstations? But if they're not yours anymore, what if people are a few employees are using their home devices? How can you monitor what's happening on their you know home device from the ransomware perspective, right? So a lot of these things need to be considered. Like, how can I project my security operations down to all the way to a home users workstation right a homework station that their child might play Fortnight on it at night, right and they're using it for work during the day. 

Michael Oglesby [00:07:51] Day, one of the biggest attack vectors. We see besides phishing still one of the attacker. The other biggest Tech Vector is weak passwords without there being used and ways that they can use those weak passwords to get into your organization. A lot of times. That's a pretty limited way in your organization. However, if you're starting to open up these holes in the firewalls and starting to extend your perimeters out there, you might be exposing some services to the internet where a weak passwords become

Michael Oglesby [00:08:21] more and more of a threat and the biggest answer I can give you the biggest easiest. This is the thing to do first is multi-factor authentication. You're probably going to hear that from our other speakers upcoming as we try to really drill this one home, multi-factor authentication is probably the easiest biggest security win that you can put out there right now. 

Michael Oglesby [00:08:44] If the service doesn't support MFA and a lot of stuff does nowadays a lot of solutions now come and that they you know, it's pretty much the defect of standard, if it's going to be on the Internet. It's got to be behind MSA. If it doesn't support MFA, you know get it behind something that does I'm willing to bet. There's probably an MFA enabled solution for pretty much everything out there. For example, remote desktop. You can do him a favor method desktop gateway. You can do it MFA enabled VPN solution, but you know, we all know passwords are one of the weak 

Michael Oglesby [00:09:14] links in a security environment. So having some sort of solution where it's some sort of has their phone or text them a code or an email or if you have, you know, biometric devices or smart cards already in place. Those are great solutions as well. So really think about, you know, we probably spent the past two or three weeks. Just getting everyone back working and you're probably still in that firefighting mode of we need account and working from home. We need sales working from home. 

Michael Oglesby [00:09:41] We need all these people working from home and You know just to get our business running. We probably extended our security all the way out to their home computers and probably a lot of cases now is the time to start thinking about. Okay now that we've done that, how can I start monitoring those connections? How can I extend my firewall and IDs monitoring out there? How can I get some agents on those devices and start ensuring they're going to stay secure, because this might be a few weeks or even a month or two while these systems are going. So we need to make sure we can maintain that security perimeter over time. 

Michael Oglesby [00:10:15] Right back to you Sam. 

Sam Ruggeri [00:10:17] Thank you. Our next presenter is James Keiser. James Keiser technical account manager. He's been with us for about 10 years. He's really out in the field speaking with clients and has a better gauge of what's going on from their perspective. He's a network administrator Network Solutions engineer and also an AWS Cloud practitioner James. It's all yours. Thank you. 

James Keiser [00:10:48] King to access their Network first, we'll start off with VPN and simply what is a VPN. 

James Keiser [00:10:55] Well, this is a tool that's leveraged by corporations to extend your network down a tunnel that ultimately secures the traffic in between it there are lots of drawbacks to this and there's lots of benefits to this, but we'd like to mention early on if that there is no one-size-fits-all glove for security regarding your Environments so in each of your cases your needs are going to be very unique. So that's kind of what a VPN is he? Did you go over to the next slide? Thank you. Here is a depiction of kind of how it works. So, you have your endpoint device and this might be a user's laptop personal or company-owned connecting into your VPN client going across the internet over to your perhaps server or firewall to access your local lamb now. This is definitely a more. 

James Keiser [00:11:47] Secured method then the option below but we do need to validate that those end-user devices are secured. And there's a method used to keep your company data as secure as possible heat that you could jump over the next life form. 

James Keiser [00:12:06] So here's a few key points that I believe are going to be putting you guys his hands later on. These are just some easy to no common solutions and common items that are with each of the perspective technologies. We're going to cover so we'll get to those a little later. He's if you could jump past that one soon. 

James Keiser [00:12:29] Let's go over to remote desktop and a few of the other programs like LogMeIn and TeamViewer and screen connect. These are some of the easiest to deploy and most common tools that people are leveraging right now. 

James Keiser [00:12:42] Ultimately, like Michael had touched on you MFA can be enabled in most of these and that does help connect you and secure you to your local lamp, but you know each one of those kind of specific to what you guys need as a company and You guys need help identifying some of those things. I definitely recommend reaching out to our team to help you guys out. He did you jump past that let's go over kind of a topology of how some of that might work. So, in this particular example, I'm sorry. We're going over Citrix. So in Citrix, most of you guys know what that is, ultimately it allows us to stand up either VDI for virtual desktops or you all would dial in through. 

James Keiser [00:13:29] Citrix bridge over to a server and you would ultimate leverage the server desktop. These are generally a very good solution and it works well for the users, but sometimes you might have some issues and pulling applications on it costly licensing kind of stands in the way those and deployments take a little bit of time to get them finely tuned to meet the business needs. Heath go ahead next. 

James Keiser [00:13:54] and sorry if I'm rushing guys and trying to get through my 7 minutes, so we have AWS work spaces, which I'm a huge fan of generally speaking if we have a time to be able to deploy one of these properly it can take over your entire work environment you're able to leverage this from the office making it your daily use item and from home and anywhere in between we go on vacation you're able to leverage this and in today's age, you know, we're having this pandemics that we're all facing a solution like this is definitely the best type of option to go with there are several providers aside from AWS perhaps Microsoft, but ultimately an excellent solution to go with tons and tons of tons of features and customization options. 

James Keiser [00:14:43] Heath didn't jump half that Okay. Well, I'm going to hand it off to Sam and he's going to pass back to heat. Thank you ago. Sam

Sam Ruggeri [00:14:50] Thank you James. Our next presenter is Heath. DC needs a vice president of operations. He also has a way of making me feel younger with the amount of years. He'd been in the industry as well. 

Sam Ruggeri [00:15:04] Well recognized many accolades within the industry is specializations are technical equipment implementation design business office technology and certainly is very knowledgeable my client environments when it takes Having their infrastructure if all yours. 

Heath Gieson [00:15:23] Thank you Sam. So, I kind of want to take a moment to kind of sum up the top five things that you should be looking at to as Michael said make sure you are securing your environment. We've all taken time to make sure everyone has the ability to work from home now or hopefully if you haven't we can help out with that too. But really what we need to start focusing on is making sure we're doing that in a secure manner and at the core of all of this is your user identities. 

Heath Gieson [00:15:50] Which goes back to the one of the key things Michael also said passwords are one of the most compromised things out there people just aren't good at keeping good passwords or something. They have to remember they're hard. So, the first thing we really recommend is you get MFA out there and then you set up single sign-on for all of your applications. 

Heath Gieson [00:16:08] Maybe you guys maybe a customer uses Salesforce or another online web application and people log in to the computer with one up a username and password and they log into an application with another. So, let's remove that complexity for the users and let's give ourselves one identity to have that we have to protect and they set up single sign-on and we couple that with the MFA with the multi-factor, multi-factor really comes down to three things. You keep hearing the same multi-factor. What are those factors? Well, the main factors of authentication are something you are something, you know and something you have and the multi-factor world commonly. 

Heath Gieson [00:16:43] It's used that you put in your username and your password something, you know, and then you reach for your phone, or maybe a dedicated hardware token that you pops up and says hey, would you like to verify this log on or here's a number please enter that in there or maybe you're familiar with other technologies where they send you a pin code over text message. Those all meet two of those three factors and that's considered multi-factor authentication. Next big step. I would talk recommend doing is blocking common passwords. There's a well-known published list out there 500 most common passwords in Google it you'll be amazed 

Heath Gieson [00:17:19] what you find people like to use things like password the capital b 1 P 1 2 3 and an exclamation point so that's one of the most commonly used passwords in the world. Even though we all talk about don't use that as a password. Everybody does all over the place and where the first things that the bad guys try to try to use against you. Next up in this brigade is coupled with that multi-factor authentication. You want to set up self-service password reset technology for your users. Will talk. 

Heath Gieson [00:17:49] why a little bit more deeply in the next couple topics here, but it allows your users to go in and reset their password. That way if we do detect something is wrong with their account. They can quickly without having to open a ticket without having a talk to enough someone else go in reset their password. It works with multi-factor. It adds a couple additional factors to it. So that the system can authenticate make sure it's the right person resetting that password next. You're going to want to implement risk based conditional access policies. 

Heath Gieson [00:18:19] He's as that users risk goes up. Maybe we're noticing someone's trying to log in as this user and their risk is going up or maybe we're noticing that the user logged in in one geography this morning and a different geography this afternoon. Did they really travel? Probably not nowadays definitely didn't we frequently will see this where a user tries to log in from somewhere here in the US and then 20 minutes later. Looks like the user is trying to log in from Thailand. I doubt that user just went to Thailand, 

Heath Gieson [00:18:49] in twenty minutes. So those types of factors the system's the using should be looking at and building out that case for risk-based conditional access policies that's topic under the user identities here is privileged access management, for example in our environment. I am a global administrator of our network. I work with the IT team really closely, but I don't need to have administrative privileges on my account at all times when I need them. I need them, but moment normally I don't need them every day. 

Heath Gieson [00:19:19] I'm not in supporting people every day doing things. So when I need admin access. I go in, I login, I request admin access. It's granted to me. I can request it for a certain period of time and once that time period is up. I no longer have admin access. Therefore. I'm not walking around with the keys to the kingdom on my proverbial keychain, either. They're safe. They're protected they're locked away. And when I need those keys, I can go get them. 

Heath Gieson [00:19:46] There's many different levels to that privileged access management that something really keep your systems clean and secure. It's imperative that you deploy a good email threat protection. There's lots of good systems out there right now, but it needs to be doing at least these three things for you. 

Heath Gieson [00:20:04] It really needs to be looking at all the emails that come in and seeing if it's a phishing email the system should be doing things like identifying it looking at it and going hey this this email just came from it says the name on it is the CEO of my company, but the email dress is XYZ at Acme Corp.com. That's not his email address. The system will intelligently look at that and give the user a warning and say hey be careful. This might not be the something what it pretends purports to be, lots of other mechanisms that are built into that anti-phishing technology that's available now. Safe links when an email comes in with a link to a website on it. 

Heath Gieson [00:20:44] It's going to take that link analyze it in some cases it even spins up a virtual machine in the background pulls it up puts in an isolated environment sees what processes those links kick off and then determines whether it should be allowed through or not. It will also protect you when you click on it. It's going to give you a safe environment. So, it goes out and redirects you through a serious security server to look at that link. So, when I first opened it to see if there's anything malformed there and save attachments. It's gonna be the same thing for the files that are attached to those emails. We all hear the stories about how someone opened a word doc 

Heath Gieson [00:21:19] or receipt that someone sent them and it turns out it really wasn't a Word document and it really was a receipt image. It was an actual piece of malware. This goes to great lengths to analyze all of those attachments and make sure that they're valid for you as they come through. 

Heath Gieson [00:21:35] You need to be using device management and on those devices you need to have not just antivirus, but advanced threat protection. You can manage your system device management system should allow you to manage a work device owned by the company and a personal device and on those personal devices. It's going to allow you as a company to pull back any data that you have and do different levels of protection on that data, then what they might have on their personal protected information on that 

Heath Gieson [00:22:03] device it does it also doesn't affect them at all. So, if you need to pull your corporate data and delete your corporate data off of their personal device, that's all that happens. Their pictures are safe. All their music is safe. All of their files. Don't get touched only your data is manipulated by the company with a good device management platform. 

Heath Gieson [00:22:24] You're going to be able to push down configuration policies to your devices and compliance policies and configuration policies might be something like we require the hard drive in this device to be encrypted the compliance policy is going to go out and double check and make sure the hard drive is encrypted. So, configuration tells it to encrypt the hard drive compliance checks and make sure that your devices are meeting the right level of compliance level for what you need to have and it allows you to make intelligent decisions in the system later on about that. 

Heath Gieson [00:22:53] Manage your applications, even if you can't manage the devices and it sometimes it's hard with people using all their own devices and everything. He did for some reason. We can't manage that device. We can still manage the data that's on that device, because it's our, it's the company's data. It's not the user’s data. So, we should you should be able to set up a system where you can do things like prevent people from taking email from a corporate message and paste it into a personal email taking data from an Excel file. 

Heath Gieson [00:23:21] That's down a company resource and put it into an Excel file. That's not saved on a company resource. This can be done on devices that you have managed or unmanaged allows you to protect that sensitive data within those applications. It also gives you the ability to detect rogue applications out there. All your users are in the cloud even if your company is not using any Cloud technology right now your users are, they may not even know they are but this is going to go why are people using Dropbox? 

Heath Gieson [00:23:48] We only use OneDrive or why are people using The Google word processor instead of the Microsoft word processor. Why is this application being installed there? Why is my data being put into applications that I have an authorized or support or we don't have mechanisms in place to support or backup or control the data and so it'll start letting you get rather more information as you're going through that process with managing the applications. 

Heath Gieson [00:24:13] Set conditional access policies all of this stuff really leads up into conditional access policies. So, you should be using a system that has Intelligence built into it. So, when a user logs in or goes to access some data, they can look at the system looks at their location the device application or what type of data they're trying to access and what is that user’s risk or let's say for example, you know, we have someone who is an accountant. 

Heath Gieson [00:24:43] Who the CEO calls and says I really need you to log in and do this and that accountant was out about doing their thing don't access to computer immediately. They pull into McDonald's. They grab their kid’s laptop. They sit down they get some on some Wi-Fi and now they go to log into the financial system to get a report for the CEO. 

Heath Gieson [00:25:01] Well, we know who that user is, because they're known user to us, but they're logging in from a location that we don't normally see them login from their logging in on their device that we don't normally see them login and It may or may not be managed by us into an application. That's got a fairly risky high profile to it, because it's a financial application. And because you that person's logging in from a new location at a different device that alone is going to raise their user risk or so. 

Heath Gieson [00:25:28] We can have the system make decisions when it sees all of that and go, I'm going to allow them in, but only with read-only access the Contra can't write anything or I'm not going to allow them in at all or you know what normally when you're working from your office or your home computer, we know where that's That we're going to we're not going to make you do MFA there. But now you're out in the world. We've got to make you do MFA here or we could block them all together and there's other mechanisms that we could deploy the goal here isn't to stop people from working. The goal here is to allow people to work in the most secure way possible. 

Heath Gieson [00:26:00] The next thing that you could do with this is if you have an information protection system implemented that works with your conditional access policies, when that user logs in and goes to pull up that spreadsheet full of accounting information, or maybe it's full of client personally identifiable information. It'll say hey, we're going to allow you to view this, but we're not going to allow you to email it forward it, copy it, do any of those things and that's what an information protection would do around there. And if you've gone to the trouble of setting all these things up and having them all working. You should really look at blocking legacy authentication to all those apps and like I said in the very first point here with user identities, that's where that single sign-on piece is going to help you pull all of these pieces together and have okay. 

Heath Gieson [00:26:41] There's one way in these ways that we protect it we're protecting our inbound email. Everybody's looking good. These are the top 5 things. These aren't the only things, but this is as we were putting this together. I wanted to make sure we communicate it to you the top five things for you really to be focusing on and looking at these are things that you can Implement somewhere between now and the next 30 days and now the next 90 and now in the next hundred eighty. We can help put a plan together for you to drive down that that section the last point. 

Heath Gieson [00:27:11] I want to make here there's a lot to this like James said. There's no one magic bullet solution that fits for everyone. We have the, we like to help build that out for you for what based on what your company needs are we got specialist here to provide that kind of guidance for you. You should have you should be focusing on your business right now and making sure that business is running properly. Let us help you focus on making sure it's secure. 

Heath Gieson [00:27:39] With that we're going to move on to the next phase here and we want to open it up to anybody who may have any questions. You can submit them to the chat window in the go to webinar interface and see here. I do have one question that has come in and it is, what is the difference between antivirus, advanced threat protection? It's a great question. 

Heath Gieson [00:28:09] Antivirus really is a tool that sits on a system that scans files and tries to determine if those files or that message has an infection in it advanced threat protection goes to the next level and it gathers all of the telemetry from all the different subsystems running on your computer and compares that all together and looks at a lot more than just this match of virus definition. 

Heath Gieson [00:28:35] Is this look matching a hash that looks like I have virus modified this application. It's really looking at the whole picture how everything communicates talks and works together. 

Heath Gieson [00:28:45] It provides all of that data in a log that can then be used if needed if there is a breach to be able to jump in and take care of see Sam. Do you have you have any questions on your side in the in there? 

Michael Oglesby [00:29:00] Let me just add that real quick. 

Michael Oglesby [00:29:04] And the question says, you know, we're all working from home, you know is my home computers antivirus good enough, or do I need to install my corporate antivirus solution on your employees home devices and I think that's a really good question. A lot of the malware or scene is quite Advanced already, even though it's so new. I would recommend you probably look at installing your corporate antivirus solution on your home devices. We've been hearing from all of our partners. A lot of them are offering free deployments for 60 and 90 days. So you might be able to leverage the pulling your corporate antivirus solution to your home. 

Michael Oglesby [00:29:45] Users at least temporarily and get them covered. So I would contact the provider contact your rep at TRUE and we can review what you have and if that's a possibility for you. Yeah, or just take a, if it's from one of the reputable, well name-brand anti-viruses. It will probably be okay, but there are a lot of the free home, you know focused and of our solutions that honestly probably just don't cut it so definitely look at deploying your advanced employee protections for your corporate environment down to your home user’s desktop. 

Sam Ruggeri [00:30:19] Thank you for that Michael. Here's one for the for the panel. You know, how could we identify our current risk? How do we know what's at risk? Where do we get our baseline within our organization make any one of you can answer that? 

Heath Gieson [00:30:35] Sure, I'll jump it on there. You know, that's another great question and often times. Our recommendation is let's start off with an assessment to really see where you're at what's going on with your systems what's happening? And then we can help you build out that plan. That's definitely a never a bad way to go at the same time. We might be able to start as simply as sitting down with you and consulting with you for a little while and go do you have MFA? No. Okay. Let's talk about what applications you have. 

Heath Gieson [00:31:04] Be asleep today the this might happen in waves so you might want to yes, let's do an assessment. In the meantime. I also need to get this tag. No, I have to get this tackled right now and we can help you put together plans like that. 

Sam Ruggeri [00:31:18] Great. 

Sam Ruggeri [00:31:20] I have a question if there's any other questions coming out of the field. 

Heath Gieson [00:31:25] No, go ahead Sammy. 

Sam Ruggeri Yeah, just so you know, you talk about the conditional access policies and all the moving parts in managing mobile devices. Is there a platform that you can control is their platform that I can see all of this? How do I control all of these different dynamics that I'm asked to take to look after is that one platform that covers all of that? 

Heath Gieson [00:31:45] Yes, there there's a few out there. One of my specialties inside TRUE is working with the Microsoft platform. Microsoft has put together a platform called Microsoft 365 you may have be familiar with Office 365. They're taking that to the new level with Microsoft 365, which allows you to do the MFA. 

Heath Gieson [00:32:05] The single sign-ons the self-service password reset application management the device management and the digital access policy with that information protection at all happens inside that system you get great telemetry and great information to be able to make intelligent decisions off of all that and not only doesn't have all those mechanisms in there to help you implement those things. It has automated monitoring and detection and response when there are problems to help you remediate things quickly. 

Sam Ruggeri [00:32:35] Great. I understand is a few more questions out there Heath. 

Heath Gieson [00:32:43] Yes, let's see here. 

Heath Gieson [00:32:53] I finally have one here. 

Heath Gieson [00:32:58] Is it safe for our employees to use their own devices? 

Michael Oglesby [00:33:10] Yeah, I don't think you can add some to let me just say I think I talked a little bit about that with the sort of the home the home antivirus solution. I think you really need to consider. Who else uses that home. Is it a shared computer among the whole family or is it a device? They took home from the office? Obviously, if it's a device, they took them from your office then, you know little more trust level there. 

Michael Oglesby [00:33:35] But if it's like one device that you're having to share between you know, multiple people or the kids are going to have to do their schoolwork on it overnight. Those are some definite threat considerations to take good. Go James. 

James Keiser [00:33:50] Yeah. Absolutely. I you know, so, of course, you know any time you're doing a BYOD, you know kind of scenario you have to make sure that your network is gonna not really fall to those who aren't using common sense, you know, generally speaking. Yes. 

James Keiser [00:34:05] Stick the stick to business computer stick to corporate provided computers use antivirus that comes from the company. All those things are great methods, but it is also unique to the situation you're leveraging for instance. If you were using some VDI deployments your risk goes down substantially. 

James Keiser [00:34:22] If you're only leveraging the end point to connect to a cloud, you know, I hate of us workspace or your Citrix environment, but however, if you were to leverage say a VPN on a computer that shared across everybody else well now we have a several of things that we need to consider. I mean essentially, you're extending your network over into their home now and if the son or the daughter uses the school work and they're playing games and they've infected the computer essentially, you know, you're definitely opening your yourself up. They're always the hardened VPN technology in order to protect ourselves a little bit more, but it should be investigated and known before you open that door. 

Heath Gieson [00:35:00] Thank you James. 

Heath Gieson [00:35:05] I should hear from Matt how hard is it to get up on AWS workspaces? If you have a really old school type of desktop environment. They're all Windows 10, but they do not have a solid app inventory. 

Michael Oglesby [00:35:21] Okay, I'll take that one as well. It's going to take a considerable amount of time in order for us to make sure that or rather to to formulate a plan that allows us to leverage database workspace. If you simply need a desktop with browsers and things like that that's relatively easy to supply and bring online. However, if you have a very complicated stack of applications, yeah, it's going to take a little bit of time and planning and also there's some hang up sometimes regarding licensing from the vendors. 

Michael Oglesby [00:35:51] Instead of in several legal applications, you know the vendors don't want you to take their information to the cloud or their application to the cloud. So those are all things that we kind of need to uncover under the process before we get you there. 

Michael Oglesby [00:36:06] Let me just figured join the circle back around to the last question. I think there was a second part to it around what if we're using the you know, our work your sofas VPN or RTP that has a lot of the baked in Solutions like the Gateway antivirus the SSL inspection and the IPS map control. Yes. 

James Keiser [00:36:24] That is very that is definitely talking about my first point on the security considerations of making sure that your visibility your security monitoring solution gets all the way down to the end point if you're a PN solution can enable that to your VPN users your home users then yes. That is perfect. That is a good stopgap. Scenario. Definitely recommend. You got MFA on that end point and really recommend as much as possible if your employees can dedicate that home device to just them and not shared among their family at least at least in the short term. You know, let's not play the video games. 

James Keiser [00:37:03] It's not download, you know any sort of you know malware potentially from some less reputable sites, you know, if we can temporarily turn that home device in your work device. That might be the best solution. 

Heath Gieson [00:37:16] Sure, we have another one here that says if we have a security appliance with a VPN feature, is it safe enough if we've enabled gateway antivirus anti-spyware SSL inspection IPS and app control services if our users are using their home devices and they have MFA if you've implemented all of those technologies properly and you've got MFA and you've looked at your VPN and only allowing the traffic you absolutely need. 

Heath Gieson [00:37:45] To allow over that VPN then yes, I'd say you're doing a pretty good job and probably ahead of the game of trying to protect yourself when your users are using those home devices. Those are all technologies that we would recommend that you use. The next thing I would say to that is we talked a lot about the VPNs and it'll be us workspaces all great stuff. I like to look at systems where we put that what Michael is talking about that advanced threat protection out there on those end user’s devices. 

Heath Gieson [00:38:15] Whether their home owned or corporate owned put a compliance policy into the system saying they have to have this in order to connect to our network and then you can really start monitoring all that from a central location and looking at what's going on and being able to respond appropriately to it. Those are all great ways to be able to handle that. See here. Do we have anything else? 

Heath Gieson [00:38:45] Besides the location identification. Is there a way to be protected against the man in the middle attack from the VPN connection? 

Heath Gieson [00:38:53] Michael, I think I'll let you direct that one towards you first. 

Michael Oglesby [00:38:58] Just for the most part if you're using a good solid VPN, you will be protected from a man-in-the-middle attack. The biggest concern is if the network is especially untrusted meaning maybe you're on a shared Wi-Fi at Starbucks. There might be some concerns there, but pretty much most of you know, the Citrix you all the Amazon the Microsoft built-in VPN providers. Those are pretty solid. 

Michael Oglesby [00:39:28] In terms of man in the middle attacks, as long as there's not malware on the end points, right? The endpoints are the weakest link in a VPN. So if there's already malware on that laptop or on your phone, it's an Android you might have a malicious app on their. Those can bypassing the VPN restrictions. That's not typically called me in the middle at that point since they've already compromised the end-point, but that's usually it's the endpoints are the weakest link on a VPN and there's not a whole lot of concerns around man. 

Michael Oglesby [00:39:58] You know, so you should be fine as long as you're not on, you know, the dark web or particularly sketchy network somewhere.

Heath Gieson [00:40:10] All right. I don't see any more new questions. We have several people saying thank you for putting this together. And thanks for the content. We appreciate you guys all taking time to meet with us today Sam. I'm going to hand it to kind of back over to use our moderator. 

Sam Ruggeri [00:40:28] Thank you very much. Well, everyone that concludes our session the webinar will be posted on the website it be on demand. We had a very strong audience today and encourage all of you to forward links others who were not able to make it to join us today on behalf of myself. The present is and the true digital family who want to thank you all for joining us. Remember we are true digital hit a help and stand ready to do. So, please feel free to reach out to anyone of the team. Even if as a resource, right you saw that bullet that he put up there. Call us. We love to talk. 

Sam Ruggeri [00:40:57] The about the stuff we can share with you best practices We Know, the good, the bad and the ugly. What's working? And what's not working? And all I could say is to each and every one of you, to you and yours, stay healthy, stay diligent, and have a great safe afternoon. Be well everyone. Thank you.