Associate feature: Keeping safe

In the last 18 months, the pandemic has forced companies to enact drastic changes in their working operations as staff were encouraged to work from home. But in our efforts to keep the country safe from Covid-19, new challenges have been brought to bear on company IT security.

Fortinet, one of the world’s largest cyber security firms and a global leader in creating secure networks, saw almost 100 per cent of its customers transfer to working from home overnight in March 2020, a shift that should have normally taken years, in the view of logistical safety.

A year and a half on from the most severe government restrictions, a hybrid model of working from home and the office a few days a week is being adopted by most companies.

Holyrood spoke to Patrick Grillo, senior director, solutions marketing at Fortinet, to discuss the cyber security company’s role in facilitating safe home working in the last 18 months.

The immediate issue was the scale of the switch, says Grillo: “Remote access outside of the office is a normal thing, what changed was going from a ten per cent population dialling in remotely to as much as one hundred per cent.

“We saw a massive need to secure these people remotely.

“In a lot of cases, they were using company-supplied devices, whether that be mobile phones or computers.

"They also had to rely on their home internet connectivity.

“What we did to help with that was to launch a campaign to let them know if they were already a Fortinet user, they could very easily enable the FortiGate system [a firewall] and the software that was being used was available to them for free at home.

“A user could go and download the software and establish a VPN tunnel into the existing FortiGate and have secure connectivity. That was our first and immediate reaction to help our customers deal with this existential issue.”

Patrick Grillo of Fortinet

Following the campaign to inform users of what they could do on a broad and more general scale, Fortinet began to look more specifically between different groups of people working from home and their different needs.

"We started to differentiate what kind of users there are,” says Grillo.

“The vast majority of people are ‘ordinary users’, but we do have some ‘extraordinary users’; network administrators and executives that are working from home, so we developed some other options to give those users, not a better class of service, but more protections.

“We launched a series of solutions and campaigns to educate our user community on what the different options were and who should get what, without any absolute rules, but creating categories of users.

“Particularly for the executives because of the confidential nature of the data they would be working with daily. We felt it was important to push the network, with its security to these people, rather than the user coming to the network.

“At the same time, we were developing a new technology called Zero Trust Network Access, which is a better way of securing access to an application in the network.

“ZTNA has a distinct advantage over a traditional VPN as it has better control over who and what can access what application and that decision to allow that access is based on a real-time decision.”

Grillo explains how Fortinet was able to help educate their customers and individuals within the public sector.

“We have a network security education programme called NSE - Network Security Expert - and we made all the training courses available for free and continued that into this year as well,” he says.

“The number of people who have taken advantage of it continues to rise every month.

“I'm not sure what we will do next year, but it is hard to see us going back to the old model.”

The rise of cyber-attacks during the pandemic has increased significantly since the beginning of the pandemic.

Ransomware and email scams during this time have been a big concern of Grillo, and Fortinet has ramped up awareness, while analysing the attacks with their systems.

“With the massive increase of people working from home, the classic email scams and ransomware have just gone through the roof,” he says.

“The FortiGuard team keeps track of this, they can see what is happening on a global basis, it is analysed by region, country and sector and those developments that we see lead to improving our different software services or capabilities that our security services operate.

“We have also had a very big education effort this year to talk about ransomware, looking at what ransomware is, how does it get in, how it works.

“Ultimately looking at how do you defend yourself against it while avoiding having to buy a specific product because there is no silver bullet against ransomware.

“It takes a concerted effort from all the security technologies in the network to work together.

“You can put a certain technology on the endpoint, it is typically called EDR - extended detection and response.

“Think of the home computer that you may have in the office; it will have several layers of protection with varying levels of sophistication. EDR is the next one up from that, there is real intelligence at the endpoint. That is the technology that can help.

“But the other piece that must take place in education that the users must understand.”

Collaborative working has become a distinct issue while people have been working from home.

Grillo points out a common mistake amplified by some departments within companies that have become slightly isolated from one another.

“People tend to look at projects in silos what they will do is identify it as a networking project, or a DevOps project, or a security project, rather than look at all three,” he says.

“People should be working collaboratively for the pre-planning stages to implementation and roll-out stages.

“We have seen far too many projects get halfway along have to stop, revaluate and go off into different directions because they have not all the disciplines together at the very beginning.”

Grillo feels that Fortinet’s development of secure remote networks that began in 2016 was finally understood by the wider user community during Covid.

“The user community came to realise the value of what we have been talking about over the last five years of integrating security with networking and have a consolidated platform approach, what we call the Fortinet Security Fabric,” he says.

“Users seeing the value in that, rather than mixing and matching products from different vendors, each product did exactly what it was designed to do, but they were never designed to work together.”

In what seems like an ever-changing global landscape, adaptability is crucial more than ever during the uncertainty of the pandemic.

However, Grillo makes it clear that Fortinet is thriving: “We have seen our growth rate exceed the growth of the market and our competitors, that is a bell-weather indication that our message is resonating with our users, and they are seeing the value of what we are talking about.

“It is the same message that we have been talking about for five years. We introduced the idea of the Fortinet Security Fabric in 2016, it evolves along with threats and the needs of the customer.

“But the underlying message is still the same, it is there to provide the right technology, where it is needed in the network and in the right format that you want to take it in.

“The massive takeaway from the last 18 months has been the enablement of remote working going from ten per cent up to as close to 100 per cent as is possible.

“When all the key stakeholders are pointing in one direction, it is amazing how quickly things like this materialise.”

The Scottish Government’s new digital strategy will be crucial to creating a cyber security standard for businesses operating online, adds Grillo.

“The Scottish Government are defining that digital strategy around businesses can create a cyber security baseline,” he says.

“I think that is the key thing, we know what ransomware attacks looks like, we know what the threat looks like.

“I think businesses, especially in the public sector need to have a cyber security baseline. The National Cyber Security Centre define that very well.

“There is an element around cyber risk and how much of that an agency is willing to take.

“But the first step has got to be understanding what their baseline is.

“Employee education is critical and is one of the things that we have ramped up at Fortinet is to ensure that we are not going to be one of the ones that attacked by ransomware.

"I think from the Scottish Government’s point of view, through the Digital Office or another relevant department, they need to set out a strong strategy for public sector companies to obey and adhere to, to ensure that baseline is the same across all the agencies."

Grillo feels that the Scottish Government and companies like Fortinet must work together and that this type of cooperation is of paramount importance.

“FortiGuard takes in threat feeds from NATO and Interpol, the Scottish Government need to be able to take those feeds in and be given guidance on known threats out in the wild, so to speak,” he says.

"That is going to be one of the key things, as we push more and more work into people homes and have devices that sit in people’s homes that have corporate data on them, we need to enable users to understand threats that are out there."

This article was sponsored by Fortinet