The pandemic caused a rapid digital transformation, forcing businesses to search for advanced cybersecurity solutions that would help deal with the growing attack surface.
Switching to remote work had to happen overnight, and no one was prepared. Personal device and network usage created many opportunities for cyber felons to put their talents to use. Yet, for companies, this only meant damage – whether it’s financial or reputational.
While traditional security measures, such as antivirus, VPNs, or password managers, are the most advertised, they’re not always enough. Organizations should make use of tools made specifically for the hybrid work environment, such as zero-trust protection.
So, we invited Marcus Whittington, the Chief Operating Officer at SentryBay – a company that specializes in supporting and securing enterprises with remote or hybrid work environments.
How did the idea of SentryBay originate? What has your journey been like since?
SentryBay was founded by our CEO Dave Waterson and me (The COO) in 2002 in New Zealand. At the time, we were both working as business consultants, occasionally partnering on projects. In 2001, the Love Bug virus was unleashed and it wreaked havoc on unsuspecting computer users when it infected their email address books. While the virus was not dangerous and did not seek any kind of payment, it caused embarrassment and inconvenience to victims, whose contacts were also then infected. Dave Waterson put his software programming experience to good effect by developing an application that encrypted email addresses in the address book calling a halt to Love bug which was unable to replicate or spread to any further email contacts. He uploaded the app online and invited contacts to download it to protect themselves. Within one month, it had been downloaded by computer users in 34 countries worldwide. Working together at the time, we saw an opportunity to commercialize solutions to combat cybersecurity threats.
Shortly afterwards, SentryBay was selected to become part of a high-profile accelerator scheme in New Zealand, giving our young company the financial backing necessary to employ a small team of software developers and create solutions to combat the growing threat of malware. In 2008, to better reach its growing audience, we moved our headquarters to London, UK.
SentryBay has since expanded both in terms of its customer base, which is worldwide, and its team, which is located not just in the UK, but in the USA and New Zealand.
Can you tell us a little bit about what you do? What are the main issues you help solve?
We develop and market a range of solutions that help enterprises, their customers, and partners arm themselves against cybersecurity threats. The main aim of our solutions is to create a fortified environment that allows users to securely connect to their network, whether on-premise or in the cloud, particularly if they are working remotely. This has multiple benefits for organizations – protecting them from attacks, securing their sensitive data, and ensuring they comply with industry regulations, international laws, and local guidance. In addition, our solutions enforce protection mechanisms, meaning that users must implement them to gain access to data and applications, but our one-click simple download and automated, centralized configuration provides instant protection.
At SentryBay, you emphasize the importance of the Zero-trust principle when it comes to security. Can you tell us more about this approach?
Endpoint devices accessing the corporate network represent the greatest threat to organizations. They can be managed or unmanaged, known or unknown, but if they are unsecured, they can potentially give hackers a way in. A zero-trust approach is one in which all users and all devices must be verified before they are given access to corporate data, applications, platforms, and networks. The motto ‘never trust, always verify’ is important to remember and a good rule for companies to live by.
Implementing zero trust is not straightforward. It needs to be regarded as a holistic exercise that envelops every part of the business. It’s not a single solution or a platform, it’s an approach to the cybersecurity threat that must be built into a company’s broad IT security strategy and preferably layered so that it can deliver the greatest protection.
How do you think the recent global events affected the way people approach cybersecurity?
If the global events you’re referring to are the pandemic, then there has been a seismic impact on how cybersecurity is now viewed. Not only have attacks risen exponentially, but most office-based employees became remote and now the world is adjusting to a more hybrid approach. The exposure of companies to risk has never been so high, so attention is being paid to how best they can protect their applications, data, and people from attacks. To begin with, many organizations scrambled to keep staff productive, even if that meant using their own devices. From a security perspective, this was dangerous. More recently, and as people started to go back into physical offices, many have adopted a BYOD policy alongside the tried and tested method of Internet security, antivirus software, and securing the wireless network with a VPN. Attacks have continued to happen, and a realization has set in that this triumvirate will no longer fend off the latest malware.
With work from home becoming the new normal, what measures do you think are crucial in keeping not only the workload but also customer data secure?
The strategy for cybersecurity needs to reflect the changing corporate environment. Many organizations are adopting a hybrid IT approach which means that their applications, platforms, and workloads are distributed across private and public clouds, co-location, or private data centers and this requires better control of security. Companies must recognize the vulnerability of the endpoints that their employees are using and start from that perspective. Organizations can benefit from solutions that create a secure container providing them with multi-platform protection from a single pane of glass. Data entered at the endpoint is automatically ‘wrapped’ to prevent it from being stolen or infiltrated before it reaches the cloud server or the network without the need to identify the threat or its origins. This provides an unprecedented level of protection to users and organizations that is easily integrated, including across hybrid cloud or IT environments.
Talking about personal cybersecurity, what measures do you think everyone should implement?
There are some golden rules that should be drummed into everyone. Never respond to emails or texts asking for suspicious information like updated payment details. First, make sure it all makes sense and check authentic websites for any fraud alerts.
Ensure you operate antivirus with all security functions turned on and ensure it is set to auto-update daily – and if there is a warning from the browser take it seriously. Always ensure you only enter websites with certificates (typically showing a padlock next to the URL) and access them using a recognized browser with all security settings on. Always use closed and secure wifi when doing anything that involves entering personal or financial information (using a VPN provides even better security). And finally, use data protection software that protects every keystroke.
What security threats does a faulty endpoint security system pose? What’s the worst that can happen when a device is compromised?
Where would you like us to start? Any malware can take advantage of an endpoint that is unsecured but perhaps the most insidious are kernel-level keyloggers. They enter through an unprotected endpoint or even one protected by a standard antivirus solution, and they sit, undetected, at a low-level, harvesting keys tapped on the keyboard the second they enter the operating system and are infamously difficult to eradicate.
All of these take advantage of unprotected endpoint devices and once they get access, they have the potential to steal sensitive corporate data and create havoc.
Why do you think organizations often fail to see the full scope of their attack surface?
There are a variety of reasons. Sometimes they don’t have a full picture of every asset in their environment, so an unprotected laptop or even a smart printer, for example, is missing from their inventory. It could be that the complexity of their infrastructure makes it hard to understand where vulnerabilities lie. It can also be that they believe they do see the full scope but have not adopted zero trust, and therefore access is granted when it shouldn’t have been. There are multitudes of reasons.
What does the future hold for SentryBay?
SentryBay are constantly improving our products as cyber threats evolve, and also expanding the number of threats protected. In addition, the company strives to make it easier for customers to use our products without interfering with their day-to-day computer work. We spend a large proportion of our revenues on research and development to ensure the company stays at the leading edge of the security industry. This is illustrated by our blue-chip customer base which includes some of the largest, most security-conscious organizations and governments in the world.