How do you control split tunnelling when vendors advise that best practice is that some Apps work best outside of VPN tunnels?

DWQA QuestionsHow do you control split tunnelling when vendors advise that best practice is that some Apps work best outside of VPN tunnels?
CyberCX Staff asked 6 months ago
 

Answered by Mark Hofman, Chief Technology Officer, CyberCX

 

Unfortunately, attackers never miss an opportunity to launch phishing attacks.

In recent times we have witnessed a marked increase in coronavirus-related phishing attacks.

Most of the attacks are seeking to take advantage of people’s fears. People are understandably anxious and are looking for reliable information from trusted sources. Attackers are sending phishing emails purporting to be from trusted health organisations, such as the Wold Health Organisation or the Australian Medical Association.

It’s all too easy for staff to inadvertently click on a link or open an attachment in a phishing email.

It is essential that staff are attuned to the risks of phishing emails and know how to identify suspicious looking links and attachments.

Phishing awareness training for staff is one of the best investments any organisation can make towards security enhancement.

Educate your staff to be on the lookout for signs of phishing emails. Check whether the email address it was sent from is the legitimate URL of the organisation. Check whether links in the email direct to the legitimate URL of the organisation. Does the content contain spelling mistakes or other errors that indicate it wasn’t sent by a professional organisation. Simple steps like these can reduce the chances your staff will be subjected to phishing attacks at this time of heightened activity.

 

View the full suite of our COVID-19 response services

COVID-19 Response Services

 

 

1 Answers
cindy chin Staff answered 6 months ago
 

Answered by Mark Hofman, Chief Technology Officer, CyberCX

 

Unfortunately, this will be a risk-based decision. Sorry, not helping much there.

A few applications may work better or faster if they go direct but you will lose a level of control. You can mitigate some of this risk by utilising CASB or a corporate cloud-based proxy. With these products, you will largely retain control of your data regardless of whether you have split tunnelling or not. The other challenge with forcing all traffic to go to the corporate network first is the increased load. Most solutions are built for 25% of the working population to utilise the remote access product, not 100%. Ultimately it comes back down to risk. I would review the applications that ‘work better’ according to the vendor and then decide based on risk whether they must go via the corporate environment or can go direct.

 

View our 5 easy steps to improve your cyber resilience.

Cyber Resilience Strategies