Ben Ferguson, EVP
While remote working is becoming the new norm, the drastic change in the SOPs of businesses has broadened the scope of cyber threats. The wake of the COVID-19 pandemic saw an uptick in cyber attacks ranging from authentic-looking phishing emails to the massive proliferation of ransomware onslaughts disrupting thousands organizations. Once users move beyond the (relative) safety of their firewall protected office networks to the vulnerability of home and public networks, their devices (endpoints) become more prone to cyberattacks. Every device they come within proximity to becomes a new vector of attack- from compromised family computers, to IOT devices such as smart TV’s and smart fridges. These are just some of the added complications that IT administrators face on the endpoint security front. It becomes even more complex, considering the implications of widespread remote connectivity on network performance.
To this end, California-based Shamrock Consulting Group’s endpoint protection services, powered by Crowdstrike, analyse endpoint behavior to predict both known and never-before-seen attacks. By leveraging the power of the cloud, the company analyzes trillions of events per week across millions of global endpoints, helping organizations stay secure and ahead of the security curve. The increasingly adopted remote working culture has given us an opportunity to rethink our approach to cybersecurity and bring new ideas and digital transformation strategies to organizations, says Ben Ferguson, EVP, Shamrock Consulting Group.
Shamrock Consulting equips organizations with the defense-in-depth strategy especially set for the 21st century. They leverage the MITRE ATT&CK framework to design defense-in-depth strategies for endpoints in the distributed/remote workforce world. Shamrock Consulting leverages enhanced role-based access controls combined with machine learning and software-defined Zero Trust security enforcement to strengthen the security perimeters in work from home environments. Shamrock also implements cloud-based firewall solutions, secure reverse proxy, and cloud-based web content filtering solutions to harden overall postures.
When it comes to network access control for a distributed workforce, Shamrock Consulting has replaced traditional MACs-based authentication with bolstered STP capabilities that follow the Zero Trust framework by default. Instead of authenticating a device by its MAC or IP address address or Wi-Fi as the primary security parameter, Shamrock Consulting provides authentication mainly based on the user. As an effective measure against the vulnerable topology of the distributed workforce, the user security parameter is further bolstered by multi-factor authentication (MFA) such as smart cookies to see if the user has previously augmented the exact device MAC address from the IP address. In addition, this MFA method is also used to check bots.
The increasingly adopted remote working culture has given us an opportunity to rethink our approach to cybersecurity and bring new ideas and digital transformation strategies to organizations
One of the biggest differentiators of Shamrock Consulting is their ability to customize the powerful suite of security services provided by CrowdStrike. Ferguson says, “A lot of companies are not able to self-diagnose their blind security spots from an endpoint perspective. We are able to come up with the best way to support them with the CrowdStrike platform.” From an endpoint detection and response standpoint, CrowdStrike’s Falcon Discover and Falcon Spotlight bring comprehensive capabilities to ‘always-on’ scan-less vulnerability management. While Spotlight automatically collects real-time data with no performance impact on endpoints modules, Discover gives real-time visibility into every device on a network.
Having such expertise and technical capabilities has enabled Shamrock Consulting to gain major traction from Fortune 1000 companies across different verticals such as software, Media & Entertainment, finance, logistics, manufacturing, and many others. Recently, the company helped one of its Fortune 50 banking clients take a paradigm shift to the work from home model. Before this, the client followed a Zero Trust framework defense-in-depth strategy and had huge reliance on onsite capabilities. With less than 2 percent workforce working from home before the pandemic, they had to rethink their security model as COVID-19 necessitated working from home. When it came to VPN, the client majorly faced two issues, including over-privileged remote access and a huge dependency on onsite networking. Scrapping the whole topology, the team of Shamrock Consulting moved their organization to a software-defined perimeter and put out gateways at the client’s data centers and clouds. The software-defined perimeter simplified the process and gave granted access to applications. “As a result, we made the entire process straightforward, helping the client to create and extend a Zero Trust framework. Now, the client was able to do the two network access controls seamlessly behind the scenes for a more simplified end-user experience,” mentions Ferguson.
Talking from his extensive experience on the cybersecurity front, Ferguson believes that the “bulletproof forever” mindset is a mistake in today’s cybersecurity landscape. He advises that it is imperative for organizations to continuously reinvent and enhancing their cybersecurity capabilities by introducing newer and powerful tools. He compares the game of security to that of a cat and mouse. “It is a cat and mouse game where you have to be the mouse that is making up for lost ground, as hackers continue to gain enhanced capabilities and a wider reach. This game is all about achieving a level of security that no hacker has been able to break yet, and being lucky enough to not the first attack when they do” concludes Ferguson.