In the days when a company’s activity all happened on-prem behind a network perimeter, estimating its attack surface was quite simple. In today’s bring your own device (BYOD) world, this task is infinitely more difficult. People—not networks—are the new perimeter.
Likewise, it’s more difficult to protect your organization from security breaches, since the attack surface is ever-expanding to accommodate new users, devices, and locations. Fortunately, a few simple safeguards can drastically reduce your organization’s attack surface. At the core is knowing what you’re protecting yourself against.
Common attack vectors and solutions
A recent report from Coalfire found that 49% of large business vulnerabilities are considered high risk. For small and medium businesses, that number drops, but only to 34% and 38%, respectively. Among these risks are the following common attack vectors and vulnerabilities.
One of the most common methods of deception, phishing takes the form of fake emails and websites designed to look like they’re coming from trusted sources. When a recipient clicks on an email link and enters their login information in the fake site, they are effectively compromised. Protecting against phishing attacks can be as simple as using multi-factor authentication, which means the compromised username and password aren’t enough to access sensitive accounts.
Given the sheer number of passwords we have to keep track of, it’s no wonder many people resort to reusing the same password across multiple platforms or choose easy-to-remember (and thus easy-to-compromise) passwords. Replacing passwords with other security factors, such as biometrics or Okta Push Verify, will protect from this attack vector.
Malware and spyware
Malware is a nasty type of software designed to cause errors, slow your computer down, or spread viruses. Spyware is a type of malware, but with the added insidious purpose of collecting personal information. Keeping abreast of modern security practices is the best way to defend against malware attacks. Consider a centralized security provider to eliminate holes in your security strategy.
Distributed denial of service (DDoS) attack
A DDoS attack floods a targeted server or network with traffic in an attempt to disrupt and overwhelm a service rendering inoperable. Protect yourself by reducing the surface area that can be attacked. This is done by restricting direct access to infrastructure like database servers. Control who has access to what using an identity and access management system.
APIs can supercharge business growth, but they also put your company at risk should they not be properly secured. An outside security provider can help you stay up-to-date on best practices and security strategies.
Close the loop on those avenues of attack
Although the risks are many, there are several reliable ways to significantly reduce your attack surface.
Adopt a zero trust mindset
The first step in reducing your attack surface is to implement a zero trust framework that restricts access to company resources until a user—regardless of their role—has proven their identity, and their device has passed a security profile check.
For many well-established organizations, IT infrastructure can be a jungle. As the organization grows, so do the number of users, applications, quick-fixes, and system hacks. A centralized identity and access management system is the proverbial machete that clears a path, providing visibility into exactly who has access to what, how much access they have, and where there may be vulnerabilities.
Control entry points
Given the constant in- and outflux of users (employees, contractors, vendors, partners, etc.), businesses need intelligent and automated user access. Lifecycle management can automatically provision users with rule-based entitlements and deprovision at scale.
Single sign-on layered with multi-factor authentication further strengthens entry points, while API access management empowers IT to grant (and revoke) access to APIs based on user profile, groups, network, client, and consent.
Being able to monitor potential threats and vulnerabilities in real-time will drastically reduce your attack surface and empower you to act swiftly should a breach happen, preventing it from getting out of hand.
You can’t eliminate every risk, but you can reduce your exposure
So long as there are hackers, there will be security threats; however, your organization doesn’t have to fall prey to them.
By understanding the complexities of your attack surface and taking steps to reduce it, you can protect your users, protect your bottom line, and, ultimately, ensure your company doesn’t become the next big headline.