No matter where you are, you're most likely working from home at the moment.

Almost overnight we have seen that all our customers moved the vast majority of their workforce tunneling (or split tunneling) in via VPN. Their security teams are now looking to enhance how they validate the main controls across their network:

• Are URL filtering policies still working to prevent employees from visiting sites serving up ?malvertising *??
• Will temporary policy exemptions add extra risk to attacks?
• Is the Next Generation Firewall (NGFW) configured correctly to prevent personal data exfiltration?

In this blog we are looking to share an important extra measure our customers are taking to protect their network and improve their security, complementing the penetration testing and vulnerability scanning being carried out.

One of the main focuses for our customers is to assess each day the effectiveness of their network security controls. This is done by continuous production security testing, using breach and attack simulation (BAS). It works by the product safely emulating attacks such as those targeting DNS server applications, ransomware attacks & even full kill-chain emulations . It is then pointed at your own network to see gaps, misconfigurations, and more.

BAS tools are very much used these days in particular to validate VPN policy and routing, and keep customers informed and aware that their remote workers are being protected. There are three basic things to consider:

1. Ensure URL filtering is still in place to minimise the risk to employees visiting sites that are seeing a rise in serving up malware (?malvertising?).
2. Are remote working employees mining Monero** on the system you loaned them, or worse yet have one of your network systems been hacked to mine Monero? It is also useful to know if your VPN policy is configured so that web browser activities are being inspected for things such as Tor browser usage.
3. Data exfiltration is more important now than ever. Test to be sure that employees are not sending sensitive data to where they shouldn't be.

Financial institutions must never forget that they are vulnerable to cyberattacks and a key focus for many hackers. Security is not static and any mistake can have serious consequences. The only way to take control of this ever-changing threat landscape is to assess your defenses before hackers do.

An extended version of this post can be found here.

This topic is discussed in our latest 'Future of Finance' podcast episode - Technology Transformation. This episode explores how technology is transforming the workplace and the workforce.

View all episodes and find out more at ukfinance.org.uk/podcasts