האם זה הסוף של VPN כפתרון לחיבור משתמשים מרחוק?

האם יש דרך טובה יותר לחיבור משתמשים מרוחקים מאשר VPN?

כולנו מכירים חיבורי VPN ו-VPN-SSL, לטוב ולרע, זו הדרך לחיבור משתמשים מרוחקים לאפליקציות ומשאבים פנימיים בארגון – רשת וירטואלית פרטית VPN.

מאחר והמטרה היא חיבור משתמשים לאפליקציות או משאבים פנימיים, מדוע אם כך אנו מחברים את המשתמשים לרשת הפנימית? רק כדי לאפשר גישה לאפליקציה…

מרבית האפליקציות הארגוניות כיום כמו יישומי משרד (Office 365), ניהול לקוחות (Dynamics, Salesforce) ועוד, מאוחסנים  בענן, כך שטכנולוגיה שמנתבת משתמשים מחוץ לארגון, אל תוך הרשת הארגונית הפנימית פשוט אינה רלוונטית יותר. יש צורך בתפיסה חדשה שתחבר את המשתמש עם המשאב הפנימי ולא עם הרשת הפנימית.

 

מאחורי הקלעים של חיבור משתמש ב-VPN:

  • משתמש הנמצא מחוץ לארגון צריך לגשת למשאב פנימי והוא משתמש בתכנת VPN CLIENT – כדי להתחבר לתשתית ה- VPN בארגון.
  • לאחר החיבור, תעבורת המשתמש עוברת דרך סוגים שונים של ציודי אבטחה, כמו פיירוולים, IPS, LB ועוד.
  • המשתמש מקבל כעת גישה לתוך הרשת הארגונית הפנימית, דבר אשר חושף את הארגון בפני סיכוני אבטחת מידע רבים ובכך אף יכול לפגוע בכפיפות לתקינות ורגולציה.
  • באם המשתמש מחובר למשרד מרוחק, התעבורה צריכה לעבור על גבי האינטרנט אל ה-DC הארגוני ומשם בחזרה שוב על גבי האינטרנט.
  • המשתמש יכול כעת לגשת למשאב הארגוני, 365, AWS Amazon או כל שירות אחר.
  • התהליך כולו על כל שלביו, מתרחש בעצם פעמיים, פעם בכיוון הלוך ופעם בכיוון חזור.

 

מאפייני חיבור VPN:

  • מסובך לתפעול
  • מגביר סיכונים ע"י מיקום המשתמש בתוך הרשת הפנימית
  • חוויית משתמש נמוכה
  • נקודות החיבור חשופות למתקפות DDoS לסוגיהן
  • הפתרון מצריך קופסאות , מתן הרשאות לכל משתמש והגדרות פיירוול מרובות
  • לא ניתן לבצע הפרדת גישה בין יישומים שונים
  • לא ניתן לקבל חיווי שימוש וניראות ברמת האפליקציה

 


יש דרך טובה יותר – ZERO TRUST SECURITY

אפליקציות עוברות משרתי הארגון לענן והמשתמשים בארגון יוצאים כל העת מתחומי הרשת הפנימית. העולם החדש הזה לא יכול להיות מוגן ע"י טכנולוגיות מסורתיות שתוכננו להגן על מציאות שונה מזו של היום. על מנת להגן על המידע של הארגון, יש להכיל מדיניות TRUST ZERO המוביל ארגונים לאמץ גישת SDP – Software Defined Perimeter.

SDP היא שיטת הגנה שאומצה ע"י DISA בשנת 2007 ומאומצת בימים אלו ע"י ארגונים רבים, כמו גוגל למשל. גישה זו אינה מבוססת עוד על ה-DMZ המסורתי. במקום זאת, היא מאפשרת גישה שאינה מתפשרת על מהימנות המשאבים בגישה לאפליקציות פנימיות, על בסיס שני קירטריונים – משתמש וציוד, וזהות המשתמש.

ZSCALER PRIVATE ACCESS

שירות ZPA מאפשר גישה מאובטחת לאפליקציות פנימיות בהתאם למדיניות מוגדרת מראש וללא העלויות, המורכבות וסיכוני האבטחה הטמונים בפתרון VPN מסורתי. ZPA מאפשר את כל היתרונות של VPN אך ללא כאבי הראש והחסרונות של VPN.

ZPA מאפשר למשתמשים לגשת באופן שקוף למשאבים פנימיים, ללא צורך בתהליך התחברות ל-VPN כדי לאפשר גישה לאפליקציה. השירות דומה במאפייניו לקישור SD-WAN והוא מאפשר במקום הגדרת תוכנה (SD) לגישה לרשת – הגדרת תוכנה להליך הגישה בלבד.

 

איך זה עובד?

אנו משתמשים בתשתיות הענן שלנו בכדי ליצור קישור בין המשתמש המורשה והאפליקציה או המשאב הפנימי. תוכנת הקצה שלנו מחברת את מחשב המשתמש למודל האבטחה בענן, מבלי לחבר אותו לרשת הארגונית הפנימית. בשלב זה מתבצע אימות המאפשר למשתמש גישה אל היישום הספציפי בלבד ולפי המוגדר על-פי צוות ה-IT של הארגון. במידה והגישה מותרת, מתבצע קישור מלא בין המשתמש לאפליקציה הארגונית.

 

יתרונות השירות:

פתרון זה הינו 100% ענן ואינו מצריך שימוש בציוד פיזי או קופסאות ייעודיות כדי לאבטח את הגישה למשאב הארגוני.

  • המשתמש תמיד מחובר, באופן חלק ושקוף וללא צורך בביצוע פעולת חיבור
  • חיבור משתמשים לאפליקציה הייעודית הפנים ארגונית בלבד
  • משתמשים יכולים לגשת רק ליישומים שניתנה להם גישה בלבד ולא לכל משאבי הרשת
  • מאפשר ניראות וניטור של פעילות המשתמשים בסביבת העבודה בארגון

 

לסיכום:

מזה שנים, חיבור משתמשים ל VPN הינו מסורבל, לא נוח ולא מאובטח דיו.

חברת זיסקלר Zscaler החלוצה בשירותי אבטחה בענן מזה יותר מ-10 שנים, עושה שימוש בגישת Zero Trust מאפשרת שימוש בשירות VPN קל לשימוש, שקוף למשתמש ובעיקר מאבטח את יישומי הארגון.

למידע נוסף אודות שירות ZPA.

Security – Returning an Investment

Awareness for Cyber Security is now higher than ever. The public is constantly exposed to reports in the media flashing cyber-attacks and the damages they cause. Security is everywhere and it is taking more and more resources to defend, and a lot more of IT budget.

Reports indicate that security takes significantly larger portions of IT spends every year in the last 5 years, and expected to continue growth in the next few years to reach nearly half of IT budget. ZDNet ‘Corporate IT Budget Survey’ reveals that over 50% of organizations has improving security as their number one priority for 2018.

Corporations now invest more in multiple security layers – Prediction, Prevention, Detection and Response, along with Security personnel costs, expenses are sky high. There is now a growing need for ways to justify expenses to the board, or to CFOs.

CSOs struggle finding the right language to reflects security economics and to justify – “what are we getting for this money?”. This topic is a very common discussion among CSOs on forums and communities.

Returning the investment here is basically preventing unexpected expenses as a result of an attack. This could be due to Damage to data, Extra expenses, Loss of income, Lawsuits, Extortion, Reputation, etc. CSOs challenge is how to reflect this to the board and “materialize” these entries in the budget datasheet as ROI.

 

IT’S ALL ABOUT RISK MANAGEMENT AND LOSS PREVENTION

Let us base the ROI calculations on direct financial loss prevention: if by spending $10 an organization can prevent a highly probable annual loss of $1000, management will surely allocate the $1000 budget. The challenge here for CSO is to be able to prove the true need for that $10, not less, and that the risks mitigated with the $100 would really cause a highly probable $1000 direct loss to the organization.

The expected financial loss caused by the attack is the Annual Loss Expectancy, or ALE – the number of incidents X potential loss per incident. In this case, let us say – six incidents may be expected in a year, so we are looking at an ALE of $6000 (Number of Incidents per Year) x (Potential Loss per Incident).

Part of risk management and assessment frameworks, this process is not very common when it comes to SMB and SME. Those do not always comply with regulations and may not be structured in a way to properly plan and execute cyber security frameworks in a directive way, for example, by utilizing a Cyber Security Director.

In such cases, the CSO role must classify assets and identify ones which are most valuable to the organization, and which protecting those would potentially produce the higher ROI for their protection investment. This means that compromising those would cost the company a great amount of money. Such assets would be critical by means of privacy (ie. Customer Information), Financial value (ie. Confidential data), Critical Processes (ie. Finance Processing) etc.

 

THE WEAKEST LINK

Business assets are constantly accessed by… business users. Here is why the ROI for securing users would have the highest return: Hackers have long realized that users are the weakest link in the organization and are the easiest way to infiltrate boundaries. Here is an example – phishing a user is relatively easy, and takes minimal investment of time and money from the attacker to execute. This means we can conclude that the lower the investment and the ROI for the attacker – the higher the ROI would be for the organization.

The equation is simple – organizations must fight to lower the hacker’s ROI in order to capitalize on theirs. The more the hacker invests in the attack, the higher the cost would be to defend, and the lower the ROI for the organization would be.

 

CONCLUSION

Projecting the return of investment when it comes to security is a challenge, especially when it is presented to c-level stakeholders which may not come from the technical worlds, and do not quite comprehend security. The way to start is by taking a step into understanding today’s threats and the specific business needs for protecting users and assets.

Do You Trust Old-School Security To Protect Your Users?

Organizations still feel safe and trust old, traditional security, when they are really not even near being able to deal with modern threats. Firewall UTM is your savior? counting on Security information and event management (SIEM) to let you know?

Traditional layers of security we all have on our network, such as Firewall, Antivirus, Intrusion prevention and detection systems – more and more fail to secure and are simply no longer effective dealing with the modern malware threats which are built to easily penetrate through old security.

Organization Users, Apps and Networks, are constantly transformed to the Cloud, and are out of traditional security perimeters. Network borders are becoming irrelevant, old school solutions are simply not capable of providing security in this architecture, and will keep losing battles to today's threats. Someone once said it is like protecting your country only with a wall, not taking into account new threats such as air or sea attacks.

A few examples for scenarios where traditional security will very likely fail to protect:

INFECTIONS BY ENCRYPTED TRAFFIC

In the past few years, the majority of internet traffic became encrypted with SSL. Unencrypted web traffic is now less than half of internet traffic. Google, Facebook, YouTube, 365, Dropbox, Google Drive – all now run over SSL and this changes the way protection is to be made.

In order to scan encrypted traffic, you need to decrypt it. To decrypt it, you need resources… lots of it. Traditional Security is not built for decrypting 60% of passed through traffic, and with limited resources, they reduce loads by whitelisting destinations to save on resources. “Trusted” sites and CDNs will be the first to be bypassed.

INFECTIONS VISITING A "LEGITIMATE" SITE

Such infection is very common in the last few months. This method takes advantage of the fact that the site is supposedly clean and trusted, thus old school security does not scan this traffic, or fails to identify the specific module within the webpage page, which was hacked and contains the payload.

A firewall/UTM would obviously fail with access control, as outbound web traffic HTTP/HTTPS is permitted for users. DNS based solutions which are seen lately, will not be able to address this challenge either, as it relays on the site reputation and not its content.

INFECTIONS WHILE OUTSIDE CORP NETWORKS

This would be the biggest challenge for traditional security, as the user is outside the network, perhaps at home; perhaps letting his children use his work laptop.

Infecting in this case is easiest of all, as there is hardly any security system protecting the station. This is seen with Ransomware infections, which would explode on the local network when the user is back in office or connected via VPN.

DOWNLOADING A NEW/UNKNOWN/ZERO-DAY MALWARE

This method takes advantage of the fact that traditional security is using a database of file hashes when looking for malware; it does not scan the content. Such threats penetrate easily though FW and AV when the malware is unknown or just not “old” enough to be included in the latest update to all security appliances around the world.

If an organization is under a targeted attack (custom made), old security does not stand a chance to protect or event to detect.

GOT INFECTED?

In case of infection, how long does it take for IT to acknowledge they are compromised? Surveys claim nearly a year in average. Prevention is important, but it should be backed up with Detection and Response.

Visibility is key for identifying threats and threat patterns. Traditional solutions such as SIEM, are used for gathering logs but they are not really alerting IT about infections and their remediation, as they do create a lot of time consuming work for their complex management and non-focused, never-ending alerting. who’s monitoring the monitor?

CONCLUSION

In conclusion, Firewalls, AV, IDS, IPS and other old security layers are not enough to stop malware threats. Even monitoring these layers is no longer effective. A different way of thinking must be adopted.

Are you still relying exclusively on old school technologies to protect your organization?

To learn more about how we help fill these gaps and secure more efficiently, and to run a free security preview, click here.

How to Avoid China VPN Crackdown and What Corporations With Branches in China Must Do

According to China Ministry of Industry and Information Technology announcement, companies and individuals using VPN in order to communicate outside of China, will be blocked starting April 1st 2018.*

 

Organizations using the internet to connect with their Chinese offices should be deeply concerned by that announcement. Starting this April, branches in China will no longer be able to communicate outside of China within their private secured corporate network (VPN).

What are the options to overcome this VPN crackdown? there are 3 options to overcome this issue :

1. Order an MPLS link from your branch office to your corporate. This solution takes much time and resources to fulfill and may not be optimal for most organizations who are not well prepared for it in advance.

2. Register your VPN with the authorized telecom provider. Problems shall occur since the process of legitimately registering with Chinese telecom companies has yet to take shape, in addition to the fact that corporate traffic shall be monitored by the Chinese authorities

3. Use Internet Binat and Aryaka private network to bypass the traffic directly and securely to your headquarter or main office in just a few days.

Choosing the best solution possible:

Option 1 (MPLS) involves 3 to 6 months for the installation of a line.
Option 2 is unclear due to bureaucracy and lack of industry standards and also not ideal in terms of corporate Information Security (tough encrypted)
Option 3 is the best way to go and the ONLY REAL SOLUTION for your global communication in and outside of China. With our communication junctions located in China and connected with dedicated fiber links, we are able to connect any China branch to your head office (or vice versa) in a secure and stable way. The only requirement on your side is an internet connection on both ends.

Keep your corporate secrets safe and work with your China branch – Contact us and receive all the information and tools to help you overcome China’s VPN crackdown.

*Read more at https://torrentfreak.com/china-to-start-blocking-unauthorized-vpn-providers-this-april-180203/

To learn more about how we help fill these gaps and secure more efficiently, and to run a free security preview, click here.

Does it Make Sense to Trust your Email Hosting Provider’s Security?

With more and more organizations adopting cloud services such as Gmail Mail and Microsoft Office 365, migrating their mailbox hosting to the cloud, a common dilemma CISOs face is whether to “put all the eggs in one basket”, and trust the hosting provider to protect the mailboxes as well. Most organizational cloud email providers are suited with basic security features, but what about when we REALLY need to make sure our emails are completely safe?

Despite being market-leading players, common cloud service providers seem to fail to secure mailboxes efficiently. Since hosting providers are a main target for hackers, they Lack the ability to provide complementary features which will guarantee Full Encryption and total protection against outside threats along with accessibility from within the organization.

Here are some important considerations to keep in mind when keeping our organization’s email safe:

  1. Common providers allow the option for hackers to easily obtain a “testing” mailbox. through it, they will attempt to run malware against the protection engines until eventually it succeeds to breach through into your personal inbox. From there – the way to millions of inboxes is very short.
  2. Large email providers are the primary ideal target for hackers. Hackers have more motivation creating malware which is relevant for and capable of infecting as many mailboxes as possible. Breaching through large providers defense would be the most rewarding, thus the preferred target for hackers. In other words – phishing Hosting Providers is simply fishing where the fish are!
  3. Hosting providers offer various services for their clients. While getting hands on an email account and the contacts it contains may be a nice trophy, Credential Harvesting is most rewarding when it grants access not only to the mailbox, but also to other corporate resources and assets associated with the same Hosting or Cloud Provider.
  4. With so many subscribers, false positives may turn to be catastrophic. Large providers tend to tweak security filters very carefully trying to avoid false-positives. This could potentially come at the cost of security – preferring false negatives (and passing potentially malicious content),  over false positives, thus exposing the organization to more security risks.
  5. Enterprise Email Hosting requires great capability in terms of managing parallel sessions of users withing the platform. When a huge number of subscribers ask to sandbox attachments at the same time, Performance may become a serious issue . In such cases, security scanning may take a lot of time, sometimes even up to an hour.
  6. Large providers tend to offer slow and complex interface logging and alerts which normally requires additional subscriptions for extra information and further auditing. This is a big problem when IT resources are limited, or when IT is flooded with various products and interfaces accessed on a regular basis.
  7. Another great value missing among large providers, is the ennoblement to provide insight into both the attack and the attacker to make it easier to prioritize alerts and respond to threats.
  8. Large Hosting Providers do not consistently investigate security incidents. Thus, they don’t offer the same security standard as Intelligence security providers do. It is essential for enterprises to posses a security service which is provided by an Intelligence company, fueled by knowledge of security experts, daily investigating the business world’s breaches and hacks.

Conclusion

No protection is a 100% bulletproof in the cyber world, however – the more layers we add to security, the lower the chances of malicious content passing through. 3rd party security services offer great value for enterprises, both when it comes to operational cost savings and in adding another layer of security. Normally, using feeds from various vendors, these providers are capable of spotting known threats at much higher rates, and identifying unknown threats by sandboxing in an isolated environment.

To learn more about how we help fill these gaps and secure more efficiently, and to run a free security preview, click here.

?Why CSO must consider moving security to the cloud

In today’s reality, Chief Security Officer, or CSO, is quite a frustrating job. You are always in a position to defend organization resources from ever growing threats, preventing the next attack or data leak and Identifying theft or a Virus which may encrypt corporate data.

Dealing with such challenges is even more complex when users and apps move more and more outside traditional security and perimeters, with the ever growing number of security devices, countless types of software integrated in data centers, limited IT staff… and with the capital investments that all of the above incorporate you get the toughness of CSOs daily challenge.

This reality is forcing CSOs to reconsider alternative solutions in order to accommodate to these challenges. Corporate IT must now face a crossroad in which the traditional way of thinking is less and less relevant, and a new approach to Security in Cloud-oriented environments is required in order to face the new challenges within the corporate resources and capabilities.

Implementing Corporate Cloud Security Solutions

Corporate IT is responsible for the safety of corporation data. It cannot ignore even the slightest potential breach and must be able to achieve the following goals with a comprehensive solution for cloud security, which shall include the following features:

  1. Perform at scale with limited or no IT human resources.
  2. Protect corporate resources residing both in the organization perimeter and the cloud.
  3. Enforce security 24/7 and alert regarding security issues around the clock.
  4. Protect the corporation periodically with up-to-date security updates.
  5. Easy to maintain and most importantly obviate the need for security boxes updates and replacements.
  6. Effortlessly Scalable.
  7. Congest security solutions into a single pane of glass.
  8. Protect corporate users no matter their location or the type of device they use.
  9. Achieve high performance for internal applications both on-perm or in cloud.

When planning business security strategies, all considerations are to be observed. It is crucial taking into account the ability to efficiently maintain and operate the strategy, in a way which would achieve the set goals on a day to day basis, with the IT resources available.

Internet Binat provides communication and information security services to the business sector. Our services include internet access, information security, communication infrastructure administration, WAN networks and server hosting in Israel and abroad.

?What does the new Chines VPN ban mean to corporate IT

What is VPN and why it is used?

Many organizations that have remote sites or/and mobile users in China, uses IPSEC-VPN or SSL-VPN over the internet. This way of connectivity is very common way to connect mobile users or/and remote sites in a secure way to the corporate resources, located at the main office/data center or as a cloud services.

What’s the reason behind Chinese authorities to ban VPN use?

The reason for this step, is to prevent Chinese citizens to access unauthorized access to websites outside of China, using VPN technology.

This new ban is about to be implemented starting February 2018 but some of our customers who works from China, indicates that they already started facing issues with their VPN from the remote sites and mobile users.

What are the other methods that can be used to fix this issue?

Traditionally this problem was solved by using an MPLS connectivity to connect a specific remote site to the corporate network.

However there are some issues with this kind of solution:

  1. Time to implement .This kind of solution takes around 6 to 1 2 month to implement (depend on the remote site location).
  2. No flexibility. It take long time to upgrade the speed or change the connectivity end location.
  3. 0 agility and elasticity.
  4. Doesn't support cloud connectivity.
  5. No redundancy

Is there a way to solve the VPN issues and gain all the benefits of using the flexibility the internet is giving us in China?

The specific situation where old technology (like the one I described) doesn't give answer to the new challenges require organizations to adopt new technologies that can Handel all the requirements with ease .

Since 2009, Aryaka networks built a ground breaking technology based on a private network, that allows companies to have a stable and redundant secured connectivity with traffic optimization and acceleration worldwide as a service module that also provide a bullet proof service that solves the problem with the Chinese VPN ban instantly and without compromising the corporate security policy.

Want to hear more about our services? Please contact us and we will be happy to provide with  more details.

Executing Security at Scale

Raise your hand if you’re not using part or all of these technologies:

    • NGFW
    • URL Filter
    • Antivirus
    • Sandbox
    • VPN

…Pretty much all of us, right? Now raise your hand if you are decrypting SSL/TLS outbound.

SSL/TLS has skyrocketed in the past few years and will continue to grow. If you aren’t decrypting SSL/TLS you have to ask yourself, what good is my NGFW, Antivirus, etc if I am completely blind to this traffic? The answer is simple, it isn’t good, in fact it’s terrible. You are bound by the constraints of legacy security, source/destination and ports. It’s like locking a screen door. It will keep the flies out but it won’t stop any real threats.

Certainly all of your legacy security vendors will tell you that they can decrypt SSL/TLS but it comes at a significant cost to you.

So what does that mean to you? Time to refresh all of your gear but this time you need to buy bigger boxes.  Just go to the business, request a huge Capex, ask for professional services, training, and new head count. Piece of cake right?

That is the old way of thinking and for many of us, that was our reality for the past decade. The business is changing how we do security and we must align to these objectives:

Fast Response Time

  • Higher productivity
  • Prioritize business apps
  • Empower users to use cloud apps

Reduced Risk

  • Secure all users, on all devices, everywhere
  • Consistent policy and protection
  • Always up-to-date

IT Simplification

  • Consolidate point products and simply IT
  • Cloud-enabled network
  • Rapid deployment

Traditional security doesn’t meet today's business needs and demands.  ask yourself, what level of effort and cost are you willing to accept to do this yourself with legacy security appliances? Is this something that you can do in the next 6, 12, 18, or 24 months?

The best solution is getting an holistic and transparent service from cloud security providers. Maybe it’s time to look at cloud security company that has already done the heavy lifting and proven themselves with over 16 million users.

If you want to learn more on a better way to handle security, please contact us

Starting 2018: no more VPN in China

The Chinese government has issued a statement announcing that, as part of tightening censorship policy in the country, the access to most of the global internet will be blocked very soon. The government has ordered local, state-owned, telecommunications companies – China Mobile, China Unicom and China Telecom – to block the VPN access to the net, effective from February, 2018.

The censorship in China

Although Chinese government officials often strongly deny this, China is infamously known as a country that censors the internet and blocks access to thousands of popular international websites, including Google and social networks, like Facebook, Instagram and Twitter. This censorship policy has received the name "The Great Firewall of China".

In this way, the government manages to control the news’ content and public opinion, while preventing criticism of the Communist regime in the country. For example, while student protests against the communist regime in Tiananmen Square in 1989 and protestors demand for democratic reforms in the country, are commonly known all over the world, in China itself, it is almost impossible to find any references to these events on the internet.

However, millions of people in China have so far managed to circumvent censorship restrictions by using VPNs, thus gaining access to all the forbidden websites in China, without this being brought to the attention of the authorities. Although the Chinese government is aware of this matter, it is impossible to know the identity of VPN users and what information they send or receive.

Recently, opponents of the government who are not able to publish information inside China, have started to release it on websites outside of the country, thanks to VPNs that allow them to bring information back to the Chinese citizens. By doing this, they have succeeded in causing harm to the public opinion about the existing regime in China. In light of this situation comes the recent announcement regarding the total ban of the VPNs all over China.

What is a VPN?

Virtual Private Network (VPN)  allows anyone to access the internet securely without their ISP being exposed to the information they send and receive.

VPN browsing has several advantages, among them, the ability to browse privately without revealing details about the nature of the activity on the various websites, concealment of the exact geographic location (for example, browsing from one country with another country’s address), protection against bugs or hacking of information systems, and downloading files without anyone knowing the identity of the person who is downloading them.

VPN browsing has a number of disadvantages as well, such as some decrease in browsing speed (due to the fact that the VPN functions as an additional server through which the data must pass); certain risks to the privacy of user’s personal information when browsing the web via a free VPN service provider.

That is why one should choose a trustworthy and reliable service provider.

VPNs are typically used by companies and individuals who are interested in keeping their information private from external parties (such as internet providers or hackers), and in particular in China, internet is actually the only way Chinese people can obtain objective information of what is happening in the world.

And now, apparently, this freedom of information in China is about to end.

Who will be affected by this move?

First and foremost, Chinese residents and opponents of the government will be the ones to be harmed, as they no longer will be able to use VPNs to connect to the world's leading websites, to release information or to access it. Meaning, the only information that Chinese people can be exposed to will be that which is approved by Chinese censors.

In addition, the move will harm Chinese academics as they will not be able to access foreign journals or contact their colleagues around the world. Furthermore, foreign businesses based in China will not be able to use VPNs to communicate with their branches or headquarters in other countries, and their ability to secure their information will also be impaired.

Is there a solution?

The answer is yes.

Internet Binat offers a number of advanced solutions designed for international companies in different fields of business activity and provides solutions to a variety of challenges, including the one currently forming in China.

For additional information: info@binat.net.il

אבטחת מידע לעסקים

רשת האינטרנט מהווה כיום את הבסיס לפעילותם של ארגונים, חברות ועסקים רבים, ובכך מאפשרת לכל אדם למנף את הטכנולוגיה העדכנית ביותר על מנת לגשת לנתונים ולבצע החלטות מושכלות בזמן אמת מכל מקום ומכל זמן. עם זאת, האינטרנט טומנת בחובה גם איומים בדמות האקרים ונוכלים אשר מסוגלים לרגל אחר הפעילות העסקית, לגשת אל מידע רגיש ולעשות בו שימוש על מנת לפגוע בבעליו.

כך לדוגמה חברה יכולה לאכסן בשרתיה מגוון נתונים אודות לקוחותיה, להשתמש בו על מנת לשפר את עסקיה ואף לתת ללקוחותיה גישה לנתוניהם על מנת לעדכן אותם או להיעזר בהם לשם רכישת מוצר או הזמנת שירות. חברה שכזו חייבת לאבטח את מאגר המידע שברשותה, כדי שהמידע הזה לא יזלוג או ייגנב, וכך לשמור הן על פרטיותם של הלקוחות והן על פעילותה העסקית השוטפת.

הסכנות המאיימות על עסקים

האיומים על עסקים יכולים לגרום להשלכות כלכליות הרסניות, ואין להקל ראש לגביהם. חדירה של גורם עוין אל מחשבים של עסק יכולה לאפשר לו לגנוב את זהותו של העסק, לגשת לחשבונות הבנק שלו, לגנוב את כספו, להחדיר אליו וירוסים או תוכנות זדוניות ועוד. לפיכך, פריצה אל מערכות מידע שאינן מאובטחות כראוי עלולה להביא לפגיעה במידע חיוני, לגרום לנזק כלכלי, להרוס את המוניטין, לפגוע באמון הלקוחות ולגרום לתוצאות מרחיקות טווח העשויות אף להביא לסגירתו של העסק.

הסכנות האורבות ברשת הן רבות, וביניהן:

  • פרצות אבטחה במערכת: כל מערכת הפעלה וכל תוכנה בנויים מפיסות קוד שביניהן עשויים להימצא מעין "באגים" שדרכם ניתן לחדור פנימה, לגנוב מידע או לשבש את פעילות הקוד.
  • התקפה ישירה על מערכות המידע: פריצה מכוונת של עובד ממורמר, לקוח מאוכזב או מתחרה, למטרת ריגול או גניבת מידע רגיש.
  • החדרת וירוסים ותולעים: פיסות קוד שביכולתן לגרום נזק למערכות ממוחשבות, ואשר מרגע הפעלתן במחשב כלשהו (למשל כקובץ המצורף למייל) מתחילות לשבש את פעולתו באופנים שונים, כגון מחיקת קבצים או האטת התקשורת. בנוסף, וירוסים ותולעים נוהגים גם להפיץ את עצמם למחשבים נוספים שאיתם הם באים במגע, וכך מתעצמת פגיעתם.
  • הצפת תעבורה (DDoS): התקפה על שרתים של אתרים שיווקיים או חנויות מקוונות, שמטרתה לשבש את פעילות השרת באמצעות הצפתו בעשרות אלפי בקשות מזויפות.
  • הפעלת סוס טרויאני: החדרת תוכנה שאוספת מידע, בדרך כלל מבלי שהמשתמש בכלל יודע שמשהו קרה. סוסים טרויאניים יכולים לגנוב סיסמאות, קבצים, נתוני לקוחות ועוד.
  • החדרת רוגלות: אלה תוכנות מזיקות אשר מכבידות על הביצועים של המערכת הממוחשבת תוך שהן שולחות מידע אודות המשתמש אל הגורם הזדוני אשר יצר אותן.
  • שליחת דואר זבל (ספאם): אמנם לא מדובר באיום על מערכות המידע, אולם תוכנה המפיצה דואר זבל בשמו של בית העסק, עם או בלי ניסיון לדלות מידע מן הנמענים תוך התחזות למייל לגיטימי ("הונאת פישינג"), עשויה לפגוע ביעילות העבודה, במוניטין ובאמון הלקוחות.

כאמור, אלה הן דוגמאות בלבד. עולם הסייבר מתפתח ללא הרף, ואיומים חדשים נוצרים כל הזמן. על מנת להגן על מערכות המידע של עסק, יש צורך לפנות למומחי אבטחת מידע לעסקים אשר יוכלו להציע פתרון כולל שעומד בפני האיומים העדכניים ביותר.

שירותי אבטחת מידע לעסקים

חברת אינטרנט בינת מספקת פתרונות אבטחת מידע רחבי היקף לארגונים, חברות ועסקים. בין הפתרונות המוצעים ניתן למנות הערכת סיכונים מותאמת לאופיו של העסק ולסביבה התחרותית בה הוא פועל, ניהול סיכונים, ביצוע סקרים ופעולות נוספות על מנת לאתר כשלים ופרצות אבטחה, הטמעת נהלי אבטחת מידע בקרב העובדים, שירותי מחשוב, גיבוי ואבטחת מערכות ממוחשבות וכדומה – תוך שימוש בכלי אבטחה מתקדמים העומדים בחזית הטכנולוגיה על מנת להגן על מערכות המידע של העסק.