Android, Antivirus, Cyber Security, Linux, Mac, Windows

Securing multiple operating systems on a single network? It is manageable 0 1334

Avatar

Many may think that companies exclusively use Windows devices. However, while it’s the most widespread operating system, it may not be the most suitable platform for all company needs. The current market share of operating systems in Kenya shows Android at 53% of the market, Windows at close to 28% of the market, OS X at under 5%, IOS close to 3% and Linux below 2%. Thus, it’s quite common to have an IT team monitoring the security of five different operating systems—Windows, Linux, Mac, Android, and iOS. However, the accompanying complexity may lead to certain cybersecurity risks that must be addressed.

ESET’s longitudinal data suggest that most large companies have at least one Mac computer. There are two reasons for the presence of Mac computers in the corporate ecosystem. Macs have long been highly sought by people employed in creative jobs—for example, in internal graphic teams, architectural firms, or advertising agencies—because the architecture of the Mac operating system is particularly suited to graphic design. In all these cases, Mac is used because of a clear business need. In other cases, it is mainly a matter of personal preference of employees or the management who choose Mac; for example, because its user interface suits them better or exclusively because of its high-end design.

Mac as a carrier of malware

Many users believe that the Mac operating system is inherently safer than Windows. However, this is a distorted view caused by the fact that attackers focus on operating systems that are deployed on a broader scale, which in turn enables them to make more money either by stealing it, or by monetizing stolen data. However, there are many examples of Mac malware and users should not fall into a false sense of security.

One way that attackers leverage Macs is by looking beyond their value as a potential end-targets, but instead, as carriers. Yes, Macs can be used to introduce malware that is not targeted at the Mac platform itself and deliver it to an otherwise secure network. If the Mac computer in question is not protected, it can transfer Windows-targeted malware onto Windows devices within the company’s network—the malware connects to the network, bypasses the network firewall or sandbox, and the corporate network gets infected. The same applies to Linux and Android devices that can be potential carriers of malware as well as targets.

Mobile devices: iOS is more secure

The situation is different with respect to mobile devices. The iOS platform for Apple mobile devices has been designed to be safe via its internal structure. In iOS, each application runs in its own sandbox with very limited rights for interacting with other applications. The application does not have the access rights unless the user explicitly grants that permission. It’s different from Windows where each application runs primarily under the system account, thus receiving access rights for the entire system. The reason why there are no security applications for iOS is that this type of application would have access rights only for itself. It could scan itself and maybe photos and contacts. Apple also performs whitelisting in its application store in an attempt to prevent harmful items entering. For these reasons, iOS could be described as a safer operating system. However, this does not apply if a jailbreak has been performed on an iOS device. Jailbreaking is a process that disables certain security features.

Security risks also arise when a corporate mobile, is stolen or lost. In this scenario, iOS is not immune from risk since an employee’s device may contain business emails, valuable contacts, and photos from internal meetings because people often take pictures of the meeting notes. In other words, there is a lot of potentially sensitive data on employee devices that is not always efficiently protected. For example, when employees do not set a PIN, or use a weak PIN on the device in question.

Companies can enforce security policies cross platform

How does a company know whether a corporate device is jailbroken or whether an employee has set up an effective PIN to protect access to their Apple phone? Companies can do this using Mobile Device Management (MDM) solutions; for example, ESET Mobile Device Management for Apple iOS. The iOS system uses the Apple Mobile Device Management framework, and in some countries the Device Enrollment Program (DEP) is available as well. In this scenario, the company buys an iOS device pre-enrolled within its organization. When the device is turned on, it connects directly to the company’s MDM solution and installs a security profile based on the company’s specifications.

The company can define what security settings or state it requires for a device; for example, to confirm that a device is not jailbroken or that a secure access PIN code is deployed containing at least 6 characters (or alternatively a fingerprint lock) and the employee changes it at reasonable intervals. If a device does not meet these requirements, the company can remotely disable access to corporate email or restrict other device functionality. Further, it is also possible to localize the device, flag it as lost and thenremotely wipeit. This is useful, for example, when a corporate iOS device is lost or stolen or if the company discovers that the employee has been leaking sensitive company data.

Android really needs a security application

The Android operating system is more open than iOS, which is the primary reason why a security app should be used on all Android devices. Just as with iOS, an employee’s Android device can contain sensitive data, emails, and photos. There are several MDM solutions available for Android that enforce specific security policies on corporate Android devices.

For example, there is Android for Work, i.e. the native Google ecosystem. Alternatively, there are solutions that run with administrator privileges within the device. An example of such an application is ESET Endpoint Security for Android that contains not only MDM functionality but also multi-layered security features such as protection against malware and anti-phishing. The Google Play store, which is the main source of Android apps, has less stringent rules than Apple’s app store; therefore, sometimes, attackers are able to upload malicious apps. Thus, an Android device without a security app installed can get infected even when the employee’s behavior is neither risky nor unsafe.

Diverse operating systems require Integrated management

All company devices with the ESET MDM solution or ESET security program installed can be monitored remotely from the ESET Security Management Center web console. The operating system of those company devices is irrelevant—it could be Windows, Mac, Linux, Android, or iOS. This remote management console informs the administrator about the security state on the device in question and can help warn the company about unwanted or suspicious activity.

Complete network, hardware, and software visibility

ESET’s remote management console can also provide the administrator with a lot of information about possible security incidents in the network, the hardware of individual computers, such as their manufacturer, model, serial number, processor, RAM, disk space, and much more, and installed software including version numbers and additional details.

ESET Security Management Center comes included as part of all ESET enterprise-grade solutions.

To find out more about ESET Security Management Center and to book a FREE in-house cybersecurity training session for your organisation, please sign up below.

Previous ArticleNext Article

Secure Videoconferencing: The Basics 0 1115

Avatar
Woman working at home on laptop

With COVID-19 concerns canceling face-to-face meetings, be aware of the security risks of videoconferencing and how to easily overcome them

As a way of controlling the spread of the COVID-19 pandemic, several countries have been forced to impose a lockdown on its citizens bringing normal operations to a near stand-still. Consequently, a considerable percentage of the working population has turned to remote working, a chunk of it for the first time.

This has spiked up the demand for video conferencing services, chat systems, and online collaboration tools to serve the increasing number of students, employees, and teachers, among other experts working from home.

By 11th March 2020, Kentik―a San Francisco network operator— had achieved a 200% increase in video traffic within the provided working hours in Asia and North America. Even before the start of the official lockdown in California.

In the same vein, the UK Prime Minister chaired a cabinet meeting via zoom, which communicated the government’s appeal for social distancing through the use of video conferencing. His actions, however, brought about several questions regarding the security of the communication.

But with a quick rejoinder, the UK’s National Cyber Security Centre pointed out that such communications shouldn’t cause any worries if they are below particular classifications. Accordingly, companies have developed confidence in the technology; therefore, are utilizing it to communicate with their remote workers.

Nevertheless, as an employee (or typical user), you need to understand the technology’s built-in security options, as well as control features before using it. Here we provide you with some primary considerations. Let’s dig in!

Your immediate surroundings

For you to realize a smooth and quality video conferencing experience, it is essential to cordon off your working space to prevent in kind of interruptions that might occur while in session; for instance, from your kids, better half, or even pets.

Besides, ensure that your working area is devoid of any sensitive or confidential information/material that can be captured by the camera.

Limit access

As you may be aware, a lot of video conferencing platforms allow the creation of multiple user groups to enable the providence of internet domain according to specific criteria; for instance, the use of company email address to join a video call.

Or offer access to a limited number of people whose email addresses have been invited or scheduled for a call.

As such, when creating a meeting, you can enable the set a meeting password option that creates a randomly generated code for your invitees to input before joining a conversation. Similarly, you can authenticate those using phones by the use of a numerical password. However, avoid embedding the password in the meeting link.

As an organizer, you can hold your participants in a “waiting room,” as you approve them one by one, which gives you full control over whom to allow or deny access. In case you have a large conference, you can delegate such duties to your trusted attendees.

File transfers and communication over the net

As a rule of thumb, always ensure that your end-to-end communication is encrypted. Do not assume that this option is the default for video calls since a few services may require you to request encryption.

If the third-party endpoint client software is permitted, ensure it abides by the requirements of the end-to-end encryption.

What’s more, consider limiting the types of documents you can send across the net; for instance, avoid transferring executable files.

Manage the attendees, as well as the engagement process

Often, your attendees will be distracted by notifications, pop-ups, and emails, among other things, when attending your conference calls. Therefore, as a host, you can request notification from your service provider if your conferencing client isn’t the primary or active window (depending on your platform). For instance, if you are a tutor, you can use this feature to get the attention of all your students.

You can also monitor those who joined the call by downloading the attendee list at the end of the call. Or request attendees to register before being connected.

Limit screen sharing capabilities

As the host, the sole responsibility of controlling screen sharing remains only yours, unless you delegate it to someone else that you trust. This eliminates any chances of an individual sharing content by mistake.

Importantly, only share the required application rather than the whole desktop when screen sharing. This is informed by the fact; even the name of a file or Icon can divulge sensitive company information.

Final thoughts

To ensure the security of your company communications, take time to consider all the available options security settings on your video conferencing system (or one you intend to use) settings. Importantly, take a look at the privacy policy of the service you intend to use to prevent the selling, sharing, collection, or re-use of your data.

In case you require more advice and endpoint client software for your video conferencing needs, then ESET has been here for you for over 30 years. We want to assure you that we will be here to protect your online activities during these uncertain times, too.

Protect yourself from threats to your security online with an extended trial of our award-winning software.

Try our extended 90-day trial for free.

Coronavirus con artists continue to thrive 0 1046

Avatar
Man working on laptop

The scam machine shows no signs of slowing down, as fraudsters continue to dispense bogus health advice, peddle fake testing kits and issue malware-laced purchase orders

As the Coronavirus pandemic continues to escalate, more companies are now shifting to remote work as a way of containing the spread of the disease. Similarly, lockdowns and travel bans, among other stringent measures, have become the order of the day across several nations. And to worsen the situation, there is a massive shortage of the required medical kits.

Such a crisis provides fraudsters undue advantage over a vulnerable lot that is financially destabilized, as well as emotionally drained as a result of the pandemic. 

In this case, you would likely receive fake updates regarding the pandemic, as well as non-existent offers for personal protective equipment, among others. Likewise, if you’re a business, you would certainly receive faux purchase orders and payment information.

Fortunately, as a follow up to our previous article about the ways scammers are exploiting coronavirus fears, we provide you with a few examples of the new campaigns aimed at stealing your money or personal information. To enable you to keep your guard up. Shall we?

Fake news/information

As the virus continues to escalate, more people are currently searching for practical information on how they can protect themselves. As a result, scammers have conveniently positioned themselves as the true COVID-19 information “crusaders” by impersonating well-known health organizations, such as the World health organization.

Don’t act surprised if you receive an email (containing an attachment) supposedly coming from a reputable health organization offering you “vital information” on how you can protect yourself from the disease.

For instance, our research team identified one such file containing a Trojan designed to steal personal credentials.

Apart from the WHO, fraudsters are also impersonating the US Centers for Disease Control and Prevention (CDC). Accordingly, the FBI has given a warning about scummy emails mainly riddled with malware-infested attachments and links purporting to originate from the CDC.

 To reduce the number of people falling for such schemes, the WHO shares examples of its official email addresses and methods of communication on its website.

Urgent purchase orders and late payments

Owing to the increased pressure from governments to reduce the spread of the virus, Companies, as well as factories, have been forced to streamline their operations according to the current situation. As an example, companies to integrate work from home modules, while factories to either increase or reduce their production capacities depending on their products.

Such erratic changes have brought about a climate of uncertainty that offers fraudsters a thriving environment.

In this case, as a factory owner or executive, be on the lookout for “urgent purchase orders” from “company representatives.” Since this fake orders come from scammers who want to make a kill out of your desperation of making some revenue before things go south.

Sadly, if you download such “urgent orders” (usually in attachments), your PC will be installed with malicious code designed to steal your details.

Below is an excellent example of such an “urgent order”:

Similarly, you would receive a “proof of payment” for you to take care of the order. However, like the last example above, instead of receiving a bank statement, the attached document contains a Trojan injector.

High demand products

A massive increase in demand compounded with an inadequate supply for essential protective items, such face masks has created another avenue for scams.

A typical example of such a scam involves a fraudulent site that is offering “OxyBreath Pro” face masks at a reduced price. These can lure you since there is a shortage of masks, and what is available is highly-priced.

However, if you click on the provided links, you’ll be at risk of exposing your sensitive personal information to the scammers.

Bogus testing gear

The unavailability or short supply of medical kits for testing folks for the virus has also attracted fraudsters in droves.

For instance, the existent low supply of masks, respirators, and hand sanitizers, among other necessities, has prompted scammers to impersonate medical officials.  So that, they can provide non-existent or fake COVID-19 test kits, as well as illegitimate “corona cures.”

As an illustration, more than 2000, links associated with fake coronavirus products have already been identified. Similarly, law enforcement bureaus alongside other relevant bodies have been able to seize US$ 13 million worth of potentially hazardous pharmaceuticals.

To contain these despicable actions, the U.S. Food and Drug Administration (FDA) has issued warnings that it hasn’t allowed the sale or purchase of coronavirus self-testing kits; therefore, it is currently bursting such sellers.

Final thoughts

In a wrap, what we have shared is a representative of the many current fraudulent campaigns doing rounds in our media spaces due to the prevailing situation.

Thus, it is critical to maintaining high alertness to avoid falling victim to both the COVID-19 pandemic, as well as the ensuing scam epidemic escalating through the internet. To keep yourself safe from the scams, you can practice the following basics:

  1. Avoid downloading files or clicking on links from unknown sources
  2. Never fall for unrealistic offers or order goods from unverified suppliers. You may also make a point of checking out the purported vendor’s reviews
  3. Invest in an excellent endpoint solution which can shield you from phishing attacks, as well as other forms of scams
  4. If an email suggests coming from a reputable organization, double-check with the firm’s website to confirm its authenticity

If you require consultation, as well as endpoint solutions for your cybersecurity needs, then ESET has been here for you for over 30 years. We want to assure you that we will be here to protect your online activities during these uncertain times, too.

Protect yourself from threats to your security online with an extended trial of our award-winning software.

Try our extended 90-day trial for free.