byod2

Securing Your Network In A Bring Your Own Device World

Bring Your Own Device - Fognigma

When the entire world shifted to remote working, many companies did not have bulk technology available to let their employees take home to continue doing their job. This forced many to enforce ‘bring your own device’ or in other terms, they had to let their employees use their personal devices to continue working from home. Although this may seem like a benefit, the cyber security challenges and privacy concerns of using personal devices will cost companies more in the long run.

The Risks Of Employees Bringing Their Own Devices

Data Leakage

When employees access company information using their personal devices, especially from anywhere, it increases the possibility of company data being leaked. Mobile devices are the most susceptible to attacks. Additionally, mobile devices and tablets require frequent updates to prevent security loopholes, and if one update is missed and an employee has company data on their device, your company’s data becomes extremely vulnerable.

Higher Chances of Vulnerabilities

When employees access data from their personal devices, its nearly impossible for companies to track what data is saved on their devices. With that, if any employee connects to a public or suspicious WiFi signal, loses their phone, or forgets to install an update, whatever company data is on that device is at risk.

Malware Infections

Employees are not as careful on their personal devices as they need to be. If any employee unintentionally downloads malicious malware on their device, which is connected to the rest of the company’s network, depending on what type of malware it is, it could end up connecting to other devices on your company’s network. This would allow unauthorized users to gain access to usernames, passwords, and sensitive data posing a huge security risk.

Protecting Your Network While Allowing Your Employees To Use Their Own Device

Limit Access

Giving employees access to everything in the company is a huge security vulnerability. Employees only need access to the stuff they need to do their jobs. To ensure your company’s network security, you need to implement role-based access into your cyber security strategy. This limits employees access to only systems and data required for their job roles.

Two Factor Authentication

Nowadays, both passwords and physical devices can be stolen, which is why many companies are implementing two-factor authentication on their employee’s accounts. Two-factor authentication requires users to have two pieces of information to confirm identities before accessing whatever account they are trying to login to. Most two-factor authentication processes have a strong password with a second factor like a code sent via text message or phone. This ensure safety because even if a password were hacked or a device was stolen, the criminal would need the second piece of information to gain access to the account.

Enable Network Access Controls

Network Access Control (NAC) only lets devices connect to a network that are up to date on their software. Devices that are not will be denied access. This will save your company from a significant amount of vulnerabilities.

Lost or Stolen Protocols

Having a policy in place regarding when a device is lost or stolen will safeguard your data that is stored on that device. Its important to be able to remotely wipe the data that is on the device so that unauthorized users cannot use the device to access corporate data.

A Trusted Software Solution

In a bring your own device world, companies need a solution that secures their data no matter where their employees work, and what they are working on. Fognigma’s trusted patented software solution lets organization’s build secure, invisible, adaptable, networks anywhere, on any device, in minutes. Inside a Fognigma Network, users can quickly and easily deploy end-to-end encrypted, traceless communication and collaboration tools such as messaging, video conferencing, file sharing, phone calling, and more. Through Fognigma’s user-friendly interface, office administrators can create and assign users groups, ensuring employees only have access to the resources needed to do their job. Using simple software or hardware, users can instantly secure their connections and safely access company information from anywhere on any device. At the end of the workday, Fognigma Networks and resources can be destroyed in just a few clicks, ready to be redeployed the next day.

Contact us for more information on how Fognigma can protect your company data, on any device!

featured-network-security-image

The Most Important Network Security Best Practices

Fogigma Network Security

Thanks to COVID-19, most businesses are sharing sensitive company data, communicating with one another, and collaborating on projects virtually. Although the internet provides a great space for businesses to stay connected while most users are working from their homes. There is a downfall to this virtual connectivity – network attacks. The PwC Global Economic Crime and Fraud Survey 2020 states that, the average number of frauds per company reported is about 6, which comes out to equal billions of US dollars lost because of these crimes. With so many threats and so much at stake, even the best network security teams cannot keep up. Companies should be following these measures to protect their business against the multitude of cyber-security dangers. 

Maintain Software

One of the easiest, but most effective, solutions for network security is to update current antivirus software. Its imperative software updates are installed immediately as they become available. However, although valuable, this one single solution is not enough, especially since today’s threats are more sophisticated than ever. 

Make Visibility A Priority 

Most organizations think of their network security as a force repelling incoming enemies, and fail to realize that the people inside their walls are the biggest threat. According to Security Intelligence, 75% of security breaches come from insider threats. Most of these cases being unintentional but how can companies prevent insider threats? By monitoring their user’s activity within their network and restricting access to certain websites. By tracking what your users are doing, companies become aware of the situations and can see what actions happened that may have compromised their companies’ network.

Restrict User Permissions 

While most insider threats are accidental, the intentional ones are the ones that cause the most damage. Most insider threats are from upset or former employees who leak/steal sensitive company information. Although it is common for most businesses to restrict access for each employee, giving users access to everything is a huge security risk. To keep your company and employees safe, employees should only have access to the resources they need to perform their job. Furthermore, organizations need to realize the malicious risks associated with employees using their own devices for work purposes. By using company-provided devices you are in control of what is on it and the accesses employees have. 

Establish A Security Policy 

Just by setting clear expectations and guidelines for your users can make the biggest difference. To be proactive and see where your policies fall short, perform a security risk analysis, and make adjustments where needed. To ensure employees are contributing to your network security, provide on-going security training. Its also beneficial to have a security expert on-staff, for users to reach out to when further clarification or assistance is needed. 

Backup Your Data

A benefit of digital information, is that copies can easily be made. This allows organizations to copy their data information and store it in a separate, secure location off their network. This gives organizations something to refer to in case of a cyber-attack. It is important to regularly backup your data, so one data breach doesn’t ruin your entire organization. 

Third Parties Are Just As Dangerous

If internal users represent such a huge part of data breaches, then third parties are just as dangerous. When organizations work with third parties, they need to access company information somehow. Giving them network access will create more entry points which creates more entry points available for malicious attacks. It is important to evaluate the third parties you are working with carefully and restrict their access as much as possible. 

Education Is Key 

Organizations can have a solid security strategy in place, but if their employees are not complying, your network will always be vulnerable. Securing your data and the users using the data should be a top priority. Train your employees on how to recognize and report threats, what to do to prevent them, and using/accessing data according to your company’s policy. Educating your users on how to protect your network is a huge step towards company cyber safety. 

Be Prepared 

You never really know when a threat is going to happen, so being prepared for the worst is crucial. Organizations must constantly monitor their networks for threats, analyze and fix the threats that do come through, and stay-up-date on cybersecurity best practices and trends. 

 

Fognigma’s Network Solutions 

Fognigma provides a variety of software and hardware solutions, that allows enterprises to completely secure their network connections. All solutions are wrapped in FIPS 140-2 validated, cascading AES-256 encryption. Fognigma’s network solutions include:

Fognigma VPN: A specialized VPN built providing streamlined, user-friendly access to private collaboration services, traceless Internet access, and discreet communications. 

Wicket: A portable misattribution device that connects to a Fognigma Network and protects single users and small groups, as well as IoT and other network-enabled devices. 

Gateway: A misattribution device for a headquarters environment or other facility, which provides multiple users access to multiple Fognigma Networks, over a hidden, protected network connection. 

digital transformation - fognigma

Digital Transformation Technologies That Will Help Drive Growth

Digital Transformation Technology - Fognigma

While the COVID-19 crisis led organizations to face vital challenges like the inability to visit customers, decreasing sales, and stalled productions, it also drove them to improve the ability of long-distance collaboration, recognize the importance of today’s new-aged technologies, and aid digital formats of business development and operations.

Digital transformations in organizations are imperative to build long-term resilience. Just by digitalizing traditional processes will not help organizations succeed. The focus must shift to using technologies that do things in a new, improved way that embraces digital transformation. So, what digital transformation technologies will help organizations drive growth?

Automation

With social distancing becoming the new normal, businesses must adapt by automating their operations as much as possible.  The benefits offered from automation is enhanced productivity and superior quality of products while keeping costs under control.

Additionally, adding automation to regular network tasks will enable services to minimize the involvement of its workforce in managing the network bringing down human error and enhancing efficiency and quality of services. 

digital transformation - Artificial IntelligenceArtificial Intelligence

Artificial Intelligence is skilled at identifying patterns from big data, and this aspect alone explains how it is significant in managing the current coronavirus crisis. The features AI applications have such as predictive analytics, natural language processing, speech recognition, image recognition, video analytics, and chatbots are helping healthcare workers diagnose and trace the spread of the COVID pandemic.

Besides supporting the healthcare industry, AI is helping sustain critical infrastructure industries like utilities, gas & oil, and transportation. Organization’s currently using AI can apply predictive analytics to map the real-time and historic data transmitted by IoT sensors on their equipment. This allows them to prevent failures before they occur, while also understanding the root causes of problems. AI makes processes quicker, more efficient, more secure, and safer. 

 

IoT Devices

When COVID first hit, the number of businesses that deployed IoT technologies skyrocketed. The worldwide number of IoT-connected devices is projected to increase to 41.6 billion by 2025. Organizations that leverage IoT in their business strategies will come out on top, especially in cases of remote monitoring and product and process diagnostics when in-person visits are not an option. IoT devices provide increased productivity, minimizes costs with smart asset management, provide intelligent supply chain solutions, and analytics allowing organizations to unlock new revenue opportunities and enhance their customer experience. By incorporating IoT into everyday business lives organizations can track and trace assets, equipment, tools, and people.

Advanced Analytics 

Uncertain times and competitive markets make it crucial for organizations to access the right data points and make informed decisions. By using data-analytics solutions, a business can be active and responsive to progressing situations. Advanced analytics will also allow organizations to identify risks and take action before major impacts.

Software That Allows Employees To Do Their Job Anywhere

With many organizations continuing their work from home structure, software like Fognigma, drives organization unity and security while building resilience even while remote. With Fognigma, users can create and deploy custom VPNs in minutes, complete with secured communication and collaboration solutions like video conferencing, secure file shares, VDIs, encrypted telephony, and user-specific message and file encryption for effective productivity.

Everything inside a Fognigma VPN is completely protected from observation, interception, and tracking, securing not only users but company data as well.

Isometric businessmen with gadgets, work on virtual screens, on-line management of electronic devices, virtual glasses, virtual reality.

Fognigma Bolsters Strategic Intelligence

Strategic Intelligence and the 2019 National Intelligence Strategy

Recently, the Office of the Director of National Intelligence released their 2019 National Intelligence Strategy. The Director of National Intelligence, Daniel R. Coats, stated in his introduction, the purpose of this strategy boils down to a singular goal: “to ultimately keep our Nation safe.” The Intelligence Community (IC) is therefore charged with venturing out into the known and unknown, the safe and dangerous, to collect and analyze the “capabilities, activities, and intentions of states and non-state entities” with the ultimate goal of protecting U.S. national security. This information is used to identify trends and developments to better plan for issues that may arise in the future (Anticipatory Intelligence).

Without the information gathered IC, the safety of our country would quickly erode, falter, and crumble. It behooves the IC, then, to use whatever tools and solutions they can find to give them a competitive advantage in the global arena of information. Fognigma is such an advantage.

Where Does the IC Look?

Since all communication and online activity produces information, the IC has a vast landscape of information to scrutinize. One of the easiest ways to gather data about a group of people is to monitor and study social media. Ah, social media – those freeform beds of communication where people express their thoughts, wants, and observations, quite often with photos and video. Social media has created a culture wherein people feel the need to share everything. For the IC, this is a veritable feast of information.

intelligence community monitoring data

But it’s not that easy. For one thing, many regions and countries have their own social media platforms — often so government agencies can monitor their populace. An outside observer probably won’t be able (or want) to create an account or access another country’s social media — the data collection would be too overt and state-based social media platforms often block outside IP addresses. It would look bad (read: suspect), for example, for an account on a Russian social media site to have a U.S.-based IP address. Fognigma gives the IC many advantages to circumnavigate these issues. How? Well…

Fognigma Gives the IC an Advantage

There are quite a number of ways Fognigma supports the IC’s mission as spelled out in the 2019 National Intelligence Strategy. But first, a quick Fognigma primer. Fognigma is patented enterprise software that gives agencies the ability to create invisible and encrypted cloud-based networks built from strategically leased virtual machines. These networks are dynamically scalable and globally accessible from any desktop or mobile device, over any available public Internet connection. Once users connect to their Fognigma network, they have access to all sorts of communication and collaboration components, such as file share, telephony, video conferencing, chat messaging, and Virtual Desktops (VDI). [We’ll delve into these components more in just a bit.]

network with capabilities

Inside the Fognigma network, users exist in a safe space wrapped in cascading AES-256 encryption. They have access (based on their admin-defined permissions, of course) to the communication tools mentioned above. Fognigma networks and components are activated and destroyed with just a few mouse clicks. They are as persistent or temporary as needed or desired. And when a user leaves their Fognigma network and reaches out to the regular Internet, their IP address will match the specially created exit point from which they egress. That is, a user could join their network in Germany, leave through an exit point in the Middle East and appear (to anyone looking) to be a computer in the Middle East. Then, in an instant, switch exit points and suddenly appear to be a computer in Japan or anywhere else the Agency has set up an exit point.

Fognigma Gives the IC Another Advantage

VDI. The ability to launch a self-contained virtual computer from any standard computer is powerful in itself, but Fognigma VDIs have even more superpowers. Just like Fognigma exit points, VDIs are built on any cloud service provider (CSP) Fognigma is integrated with (as of this writing, 8 of the major CSPs world-wide). Also, just like a user can dynamically switch exit points, so can the end points of a VDI be switched without interrupting operations.

Fognigma Networks span the globe

VDIs are important to the IC’s Strategic Intelligence mission because they are self-contained entities which exist in the cloud yet manifest themselves on any regular computer. They make OSINT activities easier — agents can research any global Internet location (those aforementioned state-specific social media sites, blogs, forums, etc.) without the risk of compromising anything else about their mission or agency.

Fognigma VDIs take the self-contained nature of VDIs to the next level. Imagine if you collected some photographs and had them on a thumb drive. You want to transfer one of them to your VDI and use it in  your operations. With a Fognigma VDI, you can just drag it from the thumb drive to the VDI, without the host computer knowing the file moved across its circuits. So, if you had to make this transfer at, say, an Internet Café, you could do so without the Café’s computer ever having a record of the file transfer. No record equals no association which, of course, is key to covert IC operations.

To go back to the 2019 National Intelligence Strategy, more information allows the IC to better analyze the capabilities and activities of states and non-state entities to learn or extrapolate their intentions. But collecting information is just part of the Strategy; agents also need to safely disseminate said information. Fognigma is ready for that, too.

Fognigma Give the IC Even More Advantages

Briefly mentioned earlier, Fognigma hides various communication and collaboration components inside its encrypted web of invisibility. Agents have access to telephony, chat, and video conferencing tools. They can safely communicate with anyone they need to inside their organization and, using some additional Fognigma solutions, external to their organization — all without exposing their local network. Fognigma keeps intra- and inter-agency communications secure by utilizing containerized communication environments.

Also, to be effective, agents must work together while appearing to be physically separated. This is the other side of the communications coin — Fognigma’s tools allow agents to work together without actually knowing where each other is located. In fact, the whole construction of Fognigma ensures that a failure at one point of contact cannot compromise the entire system. As history shows, association amongst agents can lead to disaster. When an agency uses Fognigma to its full potential, this sort of disaster can be prevented.

Conclusions

In order to advance the directives of the 2019 National Intelligence Strategy, the IC needs to be free to gather information without exposing its true location and intent. It also must be able to communicate in a protected environment to analyze and evaluate said information. Fognigma provides a full toolbox of solutions to assist the IC in its mission to protect U.S. national security.

 

To learn more about how Fognigma can assist your agency or to schedule a demo and see for yourself, contact Dexter Edward today.

bigstock-Isometric-Cloud-Computing-Conc-243793318-Converted-01

Fognigma in the Intelligence Community

Fognigma Encrypts and Protects your Inter-Agency Collaboration & Intelligence Community

Fognigma is an enterprise software product perfectly suited to enhance and protect the information and communications of those in the Intelligence Community by creating Mission Partner Networks (MPN). Not only does Fognigma shroud comms in encryption and invisibility, but it also allows for secure inter-agency collaboration on whatever the mission entails.

Inter-Agency Collaboration

Inter-Agency Collaboration

Fognigma’s MPNs are built from randomly leased virtual machines which function as one unified network. Users from multiple agencies can quickly be added to this new network, making sure missions aren’t delayed. Inside the MPN, everyone can share and communicate, accomplishing mission objectives even faster. And then, when the mission is over, the MPN can be burned down as if it never existed.

Fognigma Protects Agents at Desks and in the Field

And it goes a bit beyond thinking of an intelligence community full of people in offices on desktop computers. Agents need to be able to go into the field and still access the MPN and be secure. Fognigma MPNs easily extend their encryption powers to mobile devices. And when an untrusted person needs to communicate securely with the team, an administrator can deploy a Portal Proxy (a secure, disposable way for a user to access an MPN without ever needing to know where that MPN is) in under a minute, and then delete it just as quickly when the untrusted person no longer needs access.

Encryption on Mobile Device

Encryption on mobile device

Now think about this statistic: according to a 2017 University of Phoenix survey, 51% of vacationers think their computers are just as secure on vacation as they are at home. Not saying your team members aren’t up-to-date on the limits of some forms of cybersecurity, but it’s still a chilling warning on how many view mobile cybersecurity. It especially applies to untrusted assets.

Use Case: A Mission Partner Network In Action

Let’s examine an example, because stories are fun:

A center like the CTIIC (Cyber Threat Information Integration Center), which we’ll call The Center, needs a multinational taskforce of agencies to investigate cyberthreats in Section 31. Three agencies are involved in this collaboration: one in the US, one in the UK, and one in Japan. Fognigma creates an MPN uniting these agencies, integrating a messaging server, a secure telephony system, and virtual desktops (VDIs) for every agent (including those in the field). With the MPN active, agents can collaborate on tracking down the nature of the cyberthreats.

MPN

On day thirteen, an employee of a small delivery company is convinced by an agent to provide information he has on the threats. We’ll call him Mr. Green. Using a Portal Proxy, Mr. Green is allowed very limited and controlled access to the MPN, so he can share his information. After the intel is recorded, the Portal Proxy is burned down and ceases to exist. At no time could Mr. Green access any information on the MPN not specifically shared with him.

intelligence community collaboration with mission partner networks

MPN Agency Collaboration

Mr. Green’s information is corroborated, warrants are issued, and arrests are made. The cyberthreat is no more. All three agencies celebrate in a secure chat, thank each other for their help, and log off of the MPN. The Administrator writes a few last notes in her report and, like the Portal Proxy used to talk to Mr. Green, burns the MPN to the ground. While it was in use, The Center’s MPN was never able to be seen, never able to be traced, and now that the operation is concluded, there’s not a shred of evidence it ever existed in the first place.

Mission accomplished.

In closing, we present the words of Paulo Shakarian (Entrepreneurial Professor at Arizona State University and CEO/Founder of CYR3CON), “You can have fantastic cybersecurity, but if you’re using IT systems to share information with a partner whose cybersecurity isn’t up to snuff, then your protection measures don’t mean very much.”1 Fognigma not only protects your agency’s comms and collaboration, but also protects and secures the work you do with other organizations through the encrypted and invisible wonder: the Mission-Partner Network.

 

1 Cameron, Dell. “Top Defense Contractor Left Sensitive Pentagon Files on Amazon Server With No Password,” Gizmodo. Gizmodo Media Group, 31 May 2017. Web. 15 March 2018.