By Eddy Bobritsky, CEO & Co-Founder, Minerva Labs
As COVID-19 spreads, more organizations are enforcing remote work from home, making employees home computers more vulnerable than ever to cyberattacks.
The attackers don’t need to attack the perimeter anymore, they can go for much easier targets such as home PCs and Users.
The solutions organizations use today are limited at the same time, there is a desire to increase the home-user’s productivity as much as possible during these times.
The desire, force organizations to take extra risks without solid defense (endpoint security) as the CISO used to within the organization or the corporate PCs and laptops.
The two main reasons for limited endpoint security are:
- operational challenge:
- the variety of OS and Applications flavor on Home-PCs are huge, and it’s simply impossible to deploy and manage endpoint security at scale.
- privacy regulations do NOT allow corporates deploy corporate endpoint security controls on non-corporate endpoints, simply because, if after working hours the Home-PCs been used to surf funny sites, it’s non of the corporate business. deploying endpoint security on such home-PCs will enable the corporate to access such data, which is private therefore it’s illegal.
In the work-from-home reality, CISO is limited with the security controls it can deploy, and usually will use VPNs, Virtual Working Environment, 2FA, etc. these are great, but do not provide the security controls that are needed on the endpoint.
Minerva is the only vendor that eliminates this risk by providing a unique, install-free Remote User Protection for any endpoint throughout the entire VPN session with full user privacy
Modern enterprises increasingly rely on a distributed workforce, with contractors, employees, and other users connecting remotely over VPN. In many cases, these individuals access sensitive resources from unmanaged devices (BYOD). This might be because they are user-owned devices or because another organization owns them.
In such scenarios, the enterprise still needs to take reasonable precautions regarding the security posture of the connecting system.
Minerva Labs offers a unique, effective and endpoint protection solution for unmanaged devices in such scenarios.
Minerva’s Install-free Remote User Protection (RUP) software protects unmanaged endpoint devices (BYOD) that are connecting to enterprises throughout the entire remote (VPN) session from malware and non- malware-based attacks. Minerva accomplishes this by integrating with the organization’s VPN via the security policy, known as the Host Checker software, and provide a solution that delivers Minerva‘s protection benefits in a click of a button. This approach reinforces other security mechanisms that might exist on the remote system without interfering with the user’s day-to-day activities and without compromising its privacy. Minerva’s Remote User Protection is configured as part of the VPN’s security policy that is activated when the user attempts to initiate the VPN connection without requiring the user to reboot and without interfering with other security tools or software on the system. Once activated, Minerva provides all of Minerva’s prevention abilities to the end-user with no installation required. Minerva’s Remote User Protection doesn’t require any type of installation or any special permissions thus, the install-free agent will run with the user session permissions that are executing the remote (VPN) session and will prevent any attacks during that session.
When allowing users to connect to their network over a VPN, enterprises often struggle to balance the need to protect their resources from infected remote systems by imposing strict security requirements on those endpoints. In many cases, the connection is initiated from an unmanaged device—an endpoint that the enterprise doesn’t own (BYOD), for instance when employees use their personal home PC or when contractors establish a VPN connection from a computer not owned by the enterprise. Sometimes the VPN creates a false assumption that the connected system is secure, while only the connection (tunnel) is secured, the endpoint is NOT.
Though the organization could impose some security requirements on the connecting system, it often lacks the ability to enforce them or to mandate that the full corporate endpoint security stack be present on the remote host. Minerva’s Remote User Protection offers the following benefits for such circumstances:
- It provides safeguards against vast numbers of malware that otherwise would put the enterprise
- It integrates with the organization’s VPN software to launch malware scans and to refuse or
terminate the connection when necessary.
- It is seamless, able to operate without slowing down the remote user’s system.
- It doesn’t conflict with security or other non-malicious software on the remote system.
About the Author
Eddy is a cyber and information security domain expert. Before founding Minerva Labs, Eddy was a senior cybersecurity consultant for the defense and financial sectors. During his military career in the Israel Defense Forces (IDF) as an officer in different cyber units, Eddy was in charge of the largest Endpoint Protection project in Israel, from design, through implementation, to maintenance of hundreds of thousands of endpoints. Eddy’s rule of thumb is to ‘keep things simple’ in order to help businesses operate seamlessly, which is why he started Minerva. Eddy holds a Master’s degree in Business Management and Information Technology.