9 月 2023 - 頁2，共12

Why Every MSP Needs a Password Manager: Benefits and Features

You’re returning from a delicious and restful lunch break, ready to tackle the afternoon’s challenges.

You take a deep breath, power up your computer, and open your ticketing queue.

The first 20 tickets? All password resets.

Can’t your valuable time and expertise be used for something other than such a basic, tedious task?

The answer is yes. And it’s made possible by MSP password management tools. With all users’ passwords and MFA tokens stored and shared in a centralized platform, you stop wasting time on useless tasks and spend your energy going above and beyond for your clients — ultimately boosting your retention and revenue numbers.

But what’s so special about password managers, and what should you look for in a vendor? Below, we’ll explain why managed service providers (MSPs) need password management, the benefits of a robust password manager like JumpCloud, and best practices for implementation and adoption.

Why MSPs Need Password Management

Every employee has heard the same refrain, “Use a long, hard-to-crack password, and never share your credentials with anyone.”

And yet:

15% of people use their own first name in their password.
65% of people reuse their passwords across personal and work accounts.
62% of people say they store logins in a notebook or journal.

Even scarier? 80% of all data breaches are linked to passwords. All it takes is one good guess or one great hacker to wreak havoc on one of your clients. Scarier still, the fines and reputational damage associated with compliance violations can be enough to shut your clients down for good.

Managed service providers can’t let that happen. MSP-centric password managers can keep cybercriminals at bay by enforcing password creation rules, sending update reminders, and safely sharing access to resources, team credit cards, and more. They can also require the use of two-factor or multi-factor authentication (MFA) for an extra layer of security and be integrated with other identity and access management (IAM) solutions to monitor user activity and ensure companies are operating under a Zero Trust security framework.

At the same time, password managers take pressure off of your clients’ users. By remembering one master password, they can unlock access to all of their online accounts, drastically decreasing the volume of password reset requests.

7 Benefits of JumpCloud Password Manager for MSPs

JumpCloud Password Manager has officially been released to our customers and MSP partners! MSPs have long requested an enterprise password management tool that allows their users to share passwords and MFA tokens, and now, we have a solution of our own built right into the core of our platform.

Say goodbye to the days of juggling 14-day trials and countless promotional emails just to get a few days of password management. As a JumpCloud MSP partner, your account executives can have you up and running with Password Manager before your next password reset ticket — implementation comes free.

If you’re not a current JumpCloud MSP partner and you’re still weighing your various password management options, it can be difficult to determine which solution is best. To help you make the best decision for your company and your clients, let’s review some of the concrete advantages of implementing JumpCloud Password Manager.

1. Multi-Tenant Capabilities

As an MSP scales, it becomes nearly impossible to keep track of individual clients’ password managers and other IAM solutions. That’s one reason why MSPs or VARs steer clear of offering password management — it’s too many moving parts without a high enough ROI.

But JumpCloud Password Manager was built specifically for multi-tenant user management, unifying MSP operations to deliver services to all clients at once. All controls are in one place, and all controls are configured the same way, making it easier to standardize your SOPs and password policies across all of your clients. JumpCloud’s multi-tenant user management features also have built-in tracking and reporting, empowering MSPs to share KPIs and proactively detect any sketchy user activity.

From JumpCloud’s Multi-Tenant Portal (MTP), MSPs can easily enforce other identity and access management features, like single sign-on (SSO), multi-factor authentication, and RADIUS management. And because JumpCloud is a cloud-based platform, MSPs can provide IAM services from anywhere.

2. Centralized Password Storage

Keeping user credentials stored in the same platform makes it easier for MSPs to track and manage. MSPs gain visibility into all password-related activity, and they can institute rules to restrict all access to sensitive applications when employees leave their job. In a centralized password management system, users benefit from password sharing capabilities, reducing friction and enabling productivity. With cloud-based password managers like JumpCloud, end users can access and sync password vaults from multiple devices, enabling remote work and hybrid models.

3. Improved Security Measures

JumpCloud’s password management and multi-tenant access control capabilities are designed to protect MSP clients’ sensitive data in an encrypted vault. Not only do secure password vaults prevent internal and external threats, they also allow MSPs to enforce stricter requirements in accordance with GDPR, HIPAA, or other general IT controls that clients must abide by. Because JumpCloud’s Password Manager is a part of JumpCloud’s broader identity and access management solution, it also comes with extra protections like multi-factor authentication and role-based access control features.

JumpCloud Password Manager can also help users generate sufficiently unique, complex passwords on a specific cadence and monitor the average user’s security score and average password strength. On the backend, it has tiered permissions and audit logs to hold all MSP admins responsible. Leveraging JumpCloud’s latest and greatest security features gives you and your clients greater peace of mind.

4. Streamlined Client Onboarding and Offboarding

JumpCloud’s Multi-Tenant Portal makes client onboarding and offboarding a seamless process. Within JumpCloud’s role-based access control architecture, MSPs can add and edit orgs, add and delete admins, manage individual devices and users, and process master password resets straight from the cloud in a matter of clicks. JumpCloud’s permission structure decreases the odds of making errors during client transitions. You can assign team members specific roles ranging from Admin w/Billing (effectively a super user) to Help Desk to Read Only.

5. Simplify Vendor Management Process

An MSP’s vendor management responsibilities can be as complex as another full-time client. And the more vendors you have to rely on to provide a comprehensive tech stack, the less time you have to win that new account. That’s why we built our Password Manager directly into the JumpCloud platform.

Whether you’re a new partner or JumpCloud’s already part of your tech stack, you’ll enjoy both SSO and password management directly within one portal – without increasing your stack’s complexity.

6. Meet Popular Client Requests on Your Terms

Password management can be a bit of a touchy subject for MSPs. Since it’s often an a la carte or add-on feature, many clients try to do their own research on the cheapest solution and bring it to their MSP to implement.

Unfortunately, this scenario rarely works out for either party. MSPs are forced to complicate their tech stack, often with a product they don’t trust or recommend. And the cheapest possible solutions rarely prioritize intuitive user experiences, leading to frustrations for the technicians and admins that must manage the product.

MSPs can readily recommend JumpCloud Password Manager to any of their clients currently using JumpCloud, with assignment and deployment being only a few clicks away. In addition to a seamless rollout experience, you can avoid the long process of convincing your client that they can trust this new vendor you are introducing into their environments.

7. Grow Revenue and Productivity — Without Increasing Costs

With JumpCloud Password Manager, you are no longer forced to choose between affordability and security. If you’re enrolled in JumpCloud for MSPs, Password Manager is included in your plan, making implementing it for your clients a no-brainer. If you’re considering switching to JumpCloud, combining SSO and password manager into one platform may lower your total cost of ownership.

Adding password management to your tech stack can also increase your team’s productivity and efficiency, decreasing your need for additional staff. Password resets make up anywhere from 20% to 50% of an organization’s support ticket load, meaning your technicians waste valuable time handling one of the most easily solved problems in the technology industry. This can translate into a situation where even offering password management as a service to your clients for free can have a real impact on your bottom line.

Best Practices for MSPs Using a Password Manager

Password managers have the potential to improve security, effectiveness, and efficiency. But reaping the full benefits of a password manager depends on:

Regularly checking password-related activity. MSPs have a duty to prevent insider threats. And to do that, they must have a process in place to review who is accessing sensitive applications or information and when. If they notice any suspicious activity, they need to report it to their clients’ IT department and work with their security team to swiftly resolve the issue.
Enabling password generation. We all know end users have trouble creating robust passwords. So why not have a tool to do it for them? Solutions like JumpCloud Password Manager come with built-in password generation to form passwords to your character and length specifications.
Rotating passwords. Not only do employees tend to use passwords that are easy to remember, they will also keep the same password until they receive a notice to change it. As a best practice, use your password manager to automatically prompt password changes (to a completely new, non-recycled password) at least once every 1-3 months. These prompts should be inclusive of network applications, cloud applications, in-house systems, and other department-specific software or hardware. Be sure you configure your password manager to change the passwords to any applications former staff had access to following their departure as well.
Activating multi-factor authentication. MFA adds another layer of security against cyber threats beyond password management. Biometric factors like a person’s face or fingerprint or authenticator app tokens are tough for hackers to replicate or hack. Enabling MFA further reduces client risk and may be mandated by their own security and compliance policies.
Employee enablement. Employees won’t use a new tool if they don’t know how to use it or why it exists. It’s the MSP’s job to explain how password managers work and onboard employees to the new platform. Conduct trainings, create leave-behind materials employees can reference later, and be on standby for questions pre- and post-implementation to encourage adoption. Emphasize the why behind using a password manager and stress its importance to the organization’s overall security.

Learn More About JumpCloud for MSPs

Here at JumpCloud, we are working hard to meet the needs of our MSP Partners, their clients, and the users that rely upon our platform every day. With the arrival of JumpCloud Password Manager, we have taken yet another step in the direction of making the open directory platform more powerful than ever.

If you have any questions about Password Manager, reach out to your account executive today or check out our FAQ.
If you’re new here, visit our JumpCloud for MSPs page or get started with our platform for free.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About JumpCloud
At JumpCloud, our mission is to build a world-class cloud directory. Not just the evolution of Active Directory to the cloud, but a reinvention of how modern IT teams get work done. The JumpCloud Directory Platform is a directory for your users, their IT resources, your fleet of devices, and the secure connections between them with full control, security, and visibility.

JumpCloud 2023

Optimizing access to third-party resources in cloud environments

Third-party resources enhance cloud deployments, allowing businesses to expand their operations and add new services. However, using third parties can also lead to security issues. Installing third-party services correctly is critical if you want to extract maximum benefit.

This article will examine the issue of third-party vendor integration. We will look at why third-party resources bring so many benefits. We will discuss some critical challenges and best practices to achieve successful integrations. The result will be a clear understanding of how to optimize access to third-party resources.

Understanding third-party resource integration

Third-party integrations are cloud resources or services supplied by external providers. The end user or site owner does not own them. However, third parties may still have access to a client’s cloud-hosted data.

For example, Google Maps integrations allow website visitors to locate retail locations. In this case, the Maps infrastructure is located off-site and delivered by a third party.

Third-party resources reduce the workload for cloud users by replacing tools that would otherwise be locally hosted or developed in-house.

Third parties add functionality. Companies can spin up apps or APIs supplied by external vendors. This accelerates development times and allows businesses to serve customers more effectively.

There are many types of third-party cloud integrations. Examples include:

Cloud data storage such as Amazon Web Services (AWS)
Content Management Services (CMS) like Drupal or WordPress
APIs for web or mobile apps
Ad providers like Google Ads
Content libraries for images or product listings
Customer support ChatBots like PipeDrive
Geolocation tools like Google Maps
Travel integrations for mobile apps such as Uber
Cloud-hosted accounting software like Xero
Enterprise-wide cloud platforms like Salesforce

The diagram above shows a typical third-party or Software-as-a-Service (SaaS) cloud integration. Most integrations require regular connectivity between third-party vendors and your organization’s network. This makes managing third-party cloud resource access a critical task for cloud architects.

Incorrect access processes can create openings for cyber attackers. Admins must always secure third-party vendor access. But at the same time, network managers must allow access for partners to carry out their assigned duties. Striking this balance is not easy, and careful planning is essential.

The need for third-party resources in today’s cloud infrastructure

Until recently, many organizations maintained on-premises networks. Workstations or local servers stored apps and data. Organizations purchased licenses to use software developed by others. And that’s where their relationships with third parties ended.

Cloud computing has changed this picture. Software and services developed and managed by third-party vendors are widely used for accounting, customer relationship management, data hosting, payment APIs, and staff collaboration. In-house operations have receded into the background.

Companies tend to incur higher costs when they build websites or virtualized networks on their own. Third-party vendors provide the necessary skills and products.

Vendors provide cross-app support—for instance, Slack links to Google Drive and Gmail. Gmail connects with other cloud integrations like Salesforce. Cloud setups like this involve many access points where third parties interface with your network resources.

Benefits and challenges of third-party integration

Outsourcing cloud services to third-party vendors has pros and cons. Third parties are not a magic bullet that meets every need of modern businesses. Businesses must consider benefits and challenges when commissioning third-party cloud services.

Benefits

Scaling – third-party cloud vendors make it much easier to grow cloud-based enterprises. Companies can increase workloads, knowing cloud providers can handle increased data throughput. There is no need to make huge investments when products succeed. Cloud assets scale smoothly as sales and operations expand.
Low costs – traditional software licenses demand high up-front fees or subscriptions. Up-front billing still applies to many cloud providers. But cloud services also operate pay-as-you-go models where companies pay for the resources they use. This kind of billing-per-usage can result in cost savings.
Speed – many organizations use SaaS tools to expand operations quickly. Time-to-market decreases. And companies can rapidly expand into new geographic markets. They do not need to set up regional offices. Virtualized systems are available almost instantly.
Simplified security – high-quality third-party vendors put in place robust security controls. They meet regulatory standards and secure client data. This reduces the workload on IT managers. Users simply access SaaS resources, and third parties manage security needs.
Innovation – third parties have technical capabilities that clients lack. For instance, they carry out complex data analysis and machine learning to understand the behavior of eCommerce customers. Companies can embrace new technologies without running internal R&D departments.
Efficiency – third parties let companies focus on their critical missions. Organizations don’t need to waste time creating solutions that can be purchased off the shelf. This allows clients to become leaner and more competitive.
Collaboration – cloud services like Slack or Zoom simplify employee communication, allowing information to flow freely. Remote work teams can collaborate on projects regardless of location. Managers can easily monitor project performance.

Challenges

Data security – third parties handle large amounts of private business data. This could include customer financial information or Protected Health Information (PHI). This creates a data breach risk if third-party vendors operate weak private data management and security practices. Ensuring each third party complies with security regulations is challenging. And every extra third party adds another potential data leak source.
Vendor lock-in – vendor lock-in creates problems when you wish to switch to a more capable provider, when business strategy changes, or when the vendor you committed to for years introduces new terms of services or new business models that do not work with your company’s vision.
Compatibility – third-party suppliers must work seamlessly with existing cloud assets. Cloud architects must plan data flows and test apps to ensure smooth operations. This requires expertise that third parties may not possess.
Regulatory risks – using third parties can sometimes contravene industry regulations. For example, healthcare organizations must carefully check third parties to ensure compliance with HIPAA.
Customer support – some cloud service providers offer excellent client support. Others are less efficient. Clients may lack support to handle operational or security issues. They may not possess the internal expertise needed to find solutions.

Common misconceptions about using third-party resources

Using third parties carries significant benefits. But the list of challenges above shows that there is a downside. Many of the potential problems are related to managing:

Methods of third-party access
How much private data is exposed to third parties during integration

Busting these myths about third parties is vital to make the best use of cloud resources. Let’s look at some common issues that confuse companies when they enlist third-party cloud vendors.

Myth #1: Third-party solutions handle every security issue

Cloud security is a shared responsibility. Under the shared responsibility model, third-party providers protect their applications and infrastructure. Vendors must ensure their products are properly configured and safe to use.

Network owners must secure their own cloud platforms and data. Companies need to apply robust access controls to external partners. And IT teams must audit third parties to detect security vulnerabilities.

Myth #2: Third parties always prioritize data privacy

The same rules apply to data privacy as to security. Third parties often have strict privacy policies. These partners don’t extract customer data. They secure private data according to the industry’s best practices. But this isn’t always the case. Check the fine print and read privacy policies before installing any third-party services.

Myth #3: Access controls apply to internal assets, not third-party resources

Companies need to secure their networks with comprehensive access controls. However, access controls should also limit what users can do when accessing third-party resources.

Assigning excessive privileges to users can lead to security incidents. For example, users might share private data with unauthorized Slack users. Controls should apply wherever users can compromise data security. And that includes third-party apps.

Best practices for optimizing access to third-party resources

Organizations need streamlined cloud strategies to achieve optimal performance and adaptability. With that in mind, here are some concise best practices to allow secure third-party resource access.

1. Carry out third-party risk assessments

Assess third parties before commissioning services. Check their security and privacy policies and research their reliability and customer support. And only choose partners that comply with relevant regulations.

Some third parties pose a limited security risk as they process relatively little sensitive data. For example, website ad providers are unlikely to access customer data. However, SaaS accountancy tools could create a data breach risk.

2. Implement privileged access management (PAM) for third parties

Privileged access management systems create a secure interface between third parties and cloud deployments.

PAM avoids direct connections between third parties and network assets. The system screens network requests. It limits what third parties can do and makes damaging cyber-attacks less likely.

Multi-factor authentication (MFA) portals request more than one unique ID before granting access.
Access controls implement Zero Trust Network Access (ZTNA) principles. Users only have access to resources they need and nothing more.
Just-in-time controls provide third parties with access for specified periods and revoke access after that period elapses
PAM integrates with password management systems to enforce strong password policies.

3. Use NordLayer’s data encryption solutions

Always encrypt sensitive data, both at rest and in transit. NordLayer’s security tools encrypt data flows from and to third parties. Users can shield network traffic with our business VPN and keep traffic away from malicious actors.

4. Monitor third-party vendor security

Companies should remain aware of third-party security issues. Subscribe to alerts and vendor notifications. And integrate third-party monitoring into security information and event management (SIEM) solutions.

5. Audit third-party performance

Assess all third-party providers annually. Check for access control violations and security issues—track cloud resource and license usage to detect inefficiencies.

6. Have an exit plan for every third party

Third parties can go out of business or lose customer trust. And when that happens, customers must be prepared to change partners.

For example, you might currently use a certain VPN to protect cloud resources. But if that relationship fails, it makes sense to have a plan to transition to NordLayer or other alternatives.

Plan to migrate data and user activity smoothly. Design contracts to activate the exit plan if partners fail to meet security requirements.

Using VPNs to allow third-party cloud access

As we mentioned earlier, VPNs are a way to engineer secure third-party connections. However, traditional VPNs are a poor fit for third-party cloud access systems.

VPN users may experience slow connection speeds. And slow speeds compromise the performance of third-party services. This can negate the benefits of third-party integrations.

There are security issues on the client side. VPNs grant broad access to network resources. Firewalls are more precise, operating fine-grained access controls. Despite these issues, companies can use virtual private networks to secure cloud vendor connections.

Cloud VPNs represent a potential solution. They encrypt traffic passing between private and public clouds. Also, they create virtualized encrypted networks that protect data moving between SaaS servers and companies.

For example, Salesforce Private Connect defends traffic moving between Salesforce integrations and AWS servers. NordLayer’s cybersecurity solutions offer comprehensive protection for remote teams and cloud deployments.

Cloud VPNs combined with PAM and firewalls provide a robust level of security for third-party integrations. Companies can ensure access while limiting third-party privileges. And they can encrypt data flows in the cloud, hiding the content from malicious actors.

Future trends in third-party resource access

Cloud computing is growing rapidly. In 2023, the market for public cloud services was projected to grow by 21.7%. Companies continue to shift from fixed on-premises setups to agile cloud deployments. And they are embracing third-party cloud integrations on a massive scale.

As a result, third-party resource access will expand and evolve. For instance, Identity-as-a-Service (IDaaS) is becoming mainstream. IDaaS is a cloud-native service that blends the benefits of PAM and VPN tools.

IDaaS provides cloud-native authentication tools that include MFA and single sign-on (SSO) components. Clients can set access policies to implement Zero Trust policies. Tools like Security Assertion Markup Language (SAML) protect user credentials. Self-service portals allow users to change credentials without referring to company IT teams. And data gathering systems make SaaS audits more precise.

In the future, we can expect similar holistic cloud solutions. Tools like IDaaS will allow companies to control access across hybrid clouds. And they will make managing large communities of SaaS vendors easier.

Emerging technologies and their impact

New technologies are reshaping the way third parties connect to client networks. And these technologies go beyond traditional access management.

Machine Learning and AI will make threat detection and third-party monitoring more precise. Behavioral analysis will track suspicious access patterns and deliver instant alerts. Companies will also be able to carry out AI-assisted risk assessments. And they will assess third-party performance in real-time.

Blockchain technology may also contribute to third-party security. Blockchain ledgers can record access requests in tamper-proof formats. This will enhance the integrity of audit trails. And it will make the relationship between clients and third parties more transparent.

Looking forward: how the landscape might change in the next 5 years

Cloud architects should always be a step ahead of potential threats. So, what should we expect in the next few years?

The trend toward hybrid clouds will continue. Companies want easy-to-scale public clouds. They want the speed and flexibility provided by third-party integrations. But they also want secure zones for data storage.

Cloud users will need flexible solutions. They must protect critical data on private clouds while allowing third-party access to the public cloud.

Cloud security threats aren’t going away. Privileged access management will remain a critical security task for cloud engineers. The next 5 years will be an opportunity for companies that adopt secure cloud architecture. However, companies that stick with legacy technologies will struggle.

Conclusion: manage cloud third-party integrations with NordLayer

NordLayer can help you secure third-party resources in the cloud and on-premises. Our security tools enable clients to protect critical data from eavesdropping or leaks whilst browsing on insecure networks. Our virtual private gateways make it much easier to integrate external resources smoothly. Here’s what we offer our clients:

Cloud VPN that protects data and apps. Encrypted tunnels shield north-south traffic. Additional checks and traffic filtering take place in the cloud.
Simplified identity management. NordLayer integrates with industry-leading SSO and SCIM providers to ensure users can authenticate easily and retain access levels and privileges defined in your AD.
Allowlisting tools add extra protection. Set lists of trusted users for the critical resources. Create secure zones for sensitive data. And apply looser controls for less risky traffic flows.
Cloud firewall (FWaaS). Cloud firewall takes traditional firewall protection into the cloud. Companies can use strict firewall rules to set exceptions for third parties, enabling secure access to private data on a very granular level.
Zero Trust solution. NordLayer implements Zero Trust principles for all cloud assets. Users must verify their identity before accessing internal network resources. And they only have access to assets they need, nothing more.

Find the right third-party access solution for your cloud deployment. Contact NordLayer today and discuss your options with our security experts.

About Version 2 Digital

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Optimizing access to third-party resources in cloud environments

In the world of cybersecurity, things move at lightning speed. And so do we at NordLayer. We’re committed to delivering cutting-edge, secure remote network access solutions for our clients. What’s our secret to success? A robust strategy, clear product vision, and insights that help us develop high-quality products.

At NordLayer, we never lose sight of our goals. We continually track our product’s growth, ensuring we always head in the right direction. We aim to provide a remote network access solution that fulfills our promise to all our customers and fosters sustainable progress.

When we look back at the milestones we’ve achieved and those on the horizon, we’re confident about our product lifecycle. Even now, we can see that our developments gained rapid momentum, consistently improving and delivering the best experience for all ways of working.

This is our epic journey of shaping the cybersecurity landscape and enhancing business security.

Our roadmap for a remote network access solution

Our journey started with an ambitious goal: to enable hybrid and remote work in a user-friendly way. We believe a connected world where all work models are possible needs protected connections, and that’s precisely what we’re crafting.

Every story has its humble beginnings, and so does NordLayer’s product. Let’s now take a look at our product’s gradual yet significant growth and where our remote network access solution stands now.

Foundation & breakthrough

Our original name was NordVPN Teams. We began as a B2B version of NordVPN (yes, the very VPN that consumers love worldwide). Naturally, it was referred to as a business VPN tool to secure organization connections.

Launched back in 2019, NordLayer started its offering with almost thirty Shared and nearly twenty Private Gateway locations around the globe. Running on three VPN protocols, the tool did a decent job protecting companies on the brink of the pandemic.

It was a time when NordLayer emerged as a virtual private network tool for organizations that needed to protect their teams working remotely and in different settings. Soon, the product capabilities were challenged by the new normal, a.k.a. COVID-19.

Overnight, we faced the task of onboarding hundreds of employees, ensuring secure connections and business continuity. It was a baptism by fire. We embraced and overcame this challenge as a tryout and aspiration to offer protection for businesses around the world.

Elimination of a physical office required new solutions here and now. So, connecting different locations with Site-to-Site functionality and Auto-connect feature were NordLayer’s hatching out of the VPN-only product shell. We quickly realized we had outgrown our shoes and needed to enhance our capabilities to offer an even better solution.

In 2020, ThreatBlock took the spotlight as NordLayer’s flagship release. It was initiated by the business need to secure networks from potential risks. What’s unique about ThreatBlock is that it automatically blocks harmful websites, so no malware or other cyber threats can infect your device.

Followed by identity management enhancements of single sign-on (SSO) integration with major service providers in the market Azure AD, Okta. Also, Google Workspace, the solution soon became available on all major OSs.

The introduction of custom DNS functionality marked the time for something big to evolve.

NordLayer created a sophisticated offering to start establishing its market position. Based on existing features and our future vision, we quickly noticed how prominent NordLayer is in Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) frameworks. Naturally, that led us to focus our development efforts in that direction.

Strategic navigation

The year 2021 started with improving what NordLayer offered its customers in the ZTNA department.

Listening to feedback and adjusting to client business needs, we increased the number of Virtual Private Gateway locations.

We also introduced one more SSO integration with OneLogin, a popular user identity access management service provider, and added biometric authentication for a full range of trusted user authentication options.

But these were just stepping stones compared to the launch of the year, a Smart Remote Access functionality. It was like a network bridge interconnecting devices and creating a virtual LAN, bringing relief to IT administrators and employees and allowing them to work more efficiently wherever they are.

As we navigated through a saturated cybersecurity industry market in 2022, our focus remains on a user-friendly implementation of complex concepts like network security. We also defined our vision and mission, dedicating ourselves to stress-free cybersecurity for our customers, no matter their work setup.

Leaning towards Security Service Edge (SSE), a part of the SASE framework, NordLayer made network security as a service its main strategy. This approach, combined with the ZTNA model, emphasized the performance and convenience of using the tool.

Hence, the NordLynx (WireGuard) protocol was created to drastically increase connection speed compared to other protocols, maintain service quality, and security.

VPNs can slow things down, causing delays. But NordLayer aimed to eliminate this interference so customers forget about the solution running in the background on their computers. And from what we’ve heard, we succeeded in achieving seamless and uninterrupted connections.

So, have you already noticed that we at NordLayer are always up for a challenge? A growing number of Virtual Private Gateways in locations like South Africa and Brazil was a project that led to better service coverage.

Moreover, we added user provisioning functionality with Azure AD and Okta for swift organization onboarding and management to improve the service experience for our customers.

Momentum mastery

The year 2022 also proved to get momentum and turn into a snowballing escalation that only confirmed — buckle up, there’s no way back.

With a focus on Network Access Control and a commitment to meeting compliance requirements, NordLayer introduced Activity monitoring and Device Posture Monitoring for advanced network visibility.

For a more robust and effective Internet Access Security, existing features were accompanied by DNS filtering by category and Deep Packet Inspection (DPI), so the product offers a robust and supportive network management system for our customers.

Automation of processes is the future, and we at NordLayer know it well. That’s why we implemented automated idle session timeouts from the NordLayer application. What’s more, optional enforcement of multi-factor authentication (MFA) and SSO for logging into the Control Panel was added to help ensure advanced security measures for our clients.

In 2023, NordLayer launched a one-of-the-kind Browser Extension to provide more connectivity opportunities to our customers.

A lightweight NordLayer version lets you multitask and secure connections on a browser level. It expanded how users can connect to NordLayer because, unlike the application, it doesn’t need to be OS-compatible and runs only on a browser.

Always On VPN was another big launch for NordLayer. It was dedicated to keeping users connected so organizations could trust that VPN connections stayed active.

To make rolling out NordLayer easier, we introduced the Team Administrator role. This allows admins to share some of their responsibilities in managing team access rights.

For a wider range of third-party service providers, JumpCloud became one of the five options to choose from SSO providers.

Unveiling the next era of NordLayer developments: Cloud Firewall & Device Posture Security

For better network access control, NordLayer is preparing to launch an upgraded Device Posture Security functionality. The already available capability to monitor who and when connects to a company gateway got enhanced with non-compliant device account blocking.

Improved functionality will allow IT admins to create rules, such as defining versions of OS and NordLayer, adding a requirement to have a specific file in a device, seeing if the device is rooted, and, in case of deviations from set rules, blocking the device from entering the network.

Finally, 2023 will be marked with a major product release–Cloud Firewall (FWaaS). The new soon-to-be-released feature will bring NordLayer closer to becoming a unified SSE platform provider. Undoubtedly, it’s a huge upgrade for more granular access control, which allows to deny or allow access based on User/Team, destination, protocol, and port delivered straight from the cloud.

NordLayer’s Cloud Firewall feature will be a great addition to hybrid infrastructures and a relief for legacy organizations that can finally replace expensive and resource-consuming hardware with security deployment in a few clicks.

Simple, intuitive, easy to roll out and use, and efficient, these are the words we often hear from our customers talking about their experience using NordLayer, and it couldn’t make us happier because that’s our goal to strive for.

This encourages the team to work on new and improved product capabilities constantly. We celebrate big launches and get to work even harder to deliver the most stress-free and robust network security solutions.

NordLayer use cases

Product development is an exciting and rewarding process. But without a clear vision and application, all great work can’t be used to its full potential. Thus, NordLayer formulated the main use cases our clients refer to us for help and support.

Internet access security

Modern enterprises, navigating the intricate challenges of internet access security, find themselves at a crossroads—balancing communication demands against rising cyber threats. The transformation in work models—remote, office, and complex hybrid—has introduced unique security challenges.

Threat prevention

NordLayer uses advanced encryption standards to protect data in transit. Whether employees work on-site or remotely, their internet traffic is encrypted, safeguarding company data from threats, potential eavesdroppers, and cyberattacks.

Business VPN

With NordLayer, employees can securely connect to public Wi-Fi networks, such as those in cafes or airports, without the risk of data interception. The VPN shields their connection from potential threats commonly associated with public networks.

Cloud VPN

As businesses increasingly utilize cloud services, NordLayer ensures that access to these resources remains restricted and secure. Whether it’s cloud storage, SaaS applications, or other cloud-based resources, NordLayer’s protective layer ensures seamless and straightforward integration that reduces the risk of data breaches.

Network & resources access management

Companies face the challenge of managing diversified and global teams while embracing a hybrid work model without compromising security. NordLayer, rooted in the Zero Trust model, presents an innovative solution to network and resources access management.

Remote access VPN

A remote access VPN ensures secure connections to company resources, whether in-office or remotely. It encrypts user traffic, safeguarding data from unauthorized interception. With NordLayer, businesses can create dedicated gateways for encrypted access to their network, balancing data availability and security for all workers.

Identity and access management

NordLayer’s Zero Trust approach ensures that only verified users with the right permissions can access specific network resources. This model operates on a trust-no-one-verify-all principle, incorporating strict security measures like 2FA, MFA, SSO, and biometrics to ensure airtight user validation before granting access.

Secure Remote Access

Designed for modern, distributed workforces, NordLayer’s Secure Remote Access application allows teams to connect to company resources from any location. This feature enhances flexibility and maintains a high level of security, ensuring that remote connections are as secure as on-premise ones.

Network segmentation

NordLayer provides organizations with the ability to segment their network through private gateways. This segmentation permits organizations to allocate specific resource access to certain user groups, ensuring that sensitive sections of the network remain insulated and accessible only to those who require it.

Achieving compliance

As regulations intensify and cyber threats amplify, achieving compliance has never been more critical. With staggering statistics revealing the vulnerability of many enterprises, investing in robust cybersecurity mechanisms like NordLayer is essential.

Remote access VPN

NordLayer ensures that connections and all data transfers are encrypted, safeguarding sensitive information from unauthorized access. This is especially crucial for organizations subject to regulations like HIPAA and GDPR, which emphasize the importance of data confidentiality.

NAC and monitoring

NordLayer enforces rigorous access controls, such as single sign-on (SSO), biometrics, and two-factor authentication (2FA). Additionally, it offers 24/7 network activity monitoring, allowing organizations to track secured connections, detect anomalies, and promptly address potential security incidents.

Network segmentation

By implementing network segmentation, NordLayer allows businesses to allocate resource access using private gateways. This heightens overall network security and restricts movement within the network, limiting potential damage from cyber breaches. Such segmentation is essential for compliance with standards that mandate limited and controlled access to specific data sets.

How NordLayer can address your business needs

We cannot emphasize enough how NordLayer outgrew being a simple business VPN and started offering beyond-reaching functionalities. Features we develop unlock a number of different possibilities to secure businesses in many ways:

Protect traveling employees & secure access through public Wi-Fi.
Prevent access to malicious websites while browsing the internet.
Access geo-specific content needed for quality assurance or remote customer support.
Ensure IP address masking.
Monitor VPN usage in the organization and generate reports.
Ensure that employees are connected to a VPN at all times.
Allowlist specific cloud tools with fixed IP addresses.
Segment network access to hybrid-cloud resources by teams.
Restrict access to content categories or specific apps, ports, and protocols.
Monitor and restrict non-compliant devices in the organization’s network by predefined security rules.
Establish a connection between remote devices and a remote connection to on-site networks.
Provide access to company resources on a browser level only.

Looking forward to innovation and growth

Looking towards the future, our primary objective remains the same: ensuring our customers enjoy uninterrupted growth fortified by robust network security. We recognize the evolving dynamics of modern workplaces and are committed to enabling every way of working.

To achieve this, we’re looking closely into the SSE framework by developing and providing ZTNA, FWaaS, and SWG features. These advanced models allow us to offer a seamless, stress-free security environment, ensuring that our clients can focus on their core operations, confident in the knowledge that their network remains impervious to threats.

Where NordLayer is today, and its direction forward, gives us the confidence to offer our clients a stress-free and user-friendly network access security solution. A product that enables businesses to achieve the best results, improve productivity, and take their technological posture to another level.

For us, it’s all about fulfilling our goals to deliver an effective, secure, and genuine cybersecurity tool for modern companies. If you want to learn more about security solutions, contact our sales team.

In this episode, we dive into:

ChatGPT’s evil twin WormGPT
The Federal Trade Commission (FTC) investigation into OpenAI data leak and ChatGPT’s inaccuracy
A new 4-day rule for disclosing cyberattacks set by the US Securities and Exchange Commission (SEC)

Watch Cyberview here

ChatGPT’s evil twin WormGPT

The new tool, WormGPT, is advertised on underground forums as a blackhat alternative to ChatGPT for launching phishing and business email compromise (BEC) attacks. Although, ChatGPT’s natural language abilities can already help hackers write convincing emails, resulting in the obvious signs of malicious emails disappearing.

Tools like ChatGPT and Google’s Bard have some safeguards in place that try to ensure that AI-generated content does not cause harm. However, WormGPT is specifically designed to be fully unrestricted and facilitate criminal activities, so it raises even more questions about the ethical limits of AI.

FTC investigates OpenAI over data leak and ChatGPT’s inaccuracy

Has ChatGPT broken consumer protection laws by risking personal reputations and data? The FTC has opened an investigation into OpenAI, requiring details on how OpenAI gathers and protects data and vets information.

The FTC wants to know how information was used to train its model and how it prevents false claims from being shown to users. Additionally, they are interested in how APIs connect to OpenAI’s systems and how user data is protected, all while the FTC issued multiple warnings that existing consumer protection laws apply to AI.

The 4-day deadline for public companies to report breaches

US companies hit by cyberattacks will face a 4-day deadline for publicly disclosing hacks, under new rules approved by the US Securities and Exchange Commission (SEC). There are mixed feelings about this new requirement. On the one hand, it is praised for encouraging transparency about cybersecurity breaches, as they are considered as important to investors as any other significant operational disruption.

On the other hand, the new rule is being labeled as a controversially short deadline that may not allow companies enough time to put an action plan in place or fix vulnerabilities. Although regulations state that if the SEC is informed in writing of a national security or public safety risk, a delay in breach disclosure of up to 60 days is allowed.

Stay tuned for the next episode of Cyberview.

About Version 2 Digital

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

Nord Security 2023 NordLayer

ChatGPT and secure coding: The good, the bad, and the dangerous

In the digital landscape, ChatGPT’s influence is hard to ignore. With a monthly user base exceeding 100 million, people rely on OpenAI’s chatbot for tasks ranging from casual chats to educational resources, content generation, and even coding support.

At Nord Security, we’re particularly intrigued by its coding capabilities. Can ChatGPT really produce secure code that withstands today’s advanced cyber threats? To find out, our security expert, Astrid Bytes (name changed for security reasons), put it to the test. Dive into this blog to discover her experiment and key findings.

Research

92% of US developers state that they use AI tools like ChatGPT to boost productivity across a variety of programming tasks. One of them might be a login in form, which, at first glance, can look like a simple task. But “simple” can be deceptive. The safe handling of user credentials is critical. One mistake here could result in GDPR violations and hefty fines.

With this in mind, Astrid initiated a code-writing simulation using ChatGPT-3.5. She tasked the AI to generate database check-in code in PHP. What she didn’t do, however, was specifically ask the AI chatbot to create secure code or include certain security features.

You have a login form with a username and password. Please write a code snippet in PHP to check in the database whether the credentials match.

PHP code snipet with enlarged code vulnerabilities

The code generated showcased clear vulnerabilities:

It’s prone to SQL injection attacks;
It allows username enumeration;
It hardcodes credentials directly in the code.

Firstly, the susceptibility to SQL injection attacks is caused by the $username variable being directly plugged into the SQL query string, lacking a properly prepared statement with parameter binding. It might be assumed that the sanitize_input function could thwart SQL injections. However, the PHP functions – trim, stripslashes, and htmlspecialchars – aren’t tailored to prevent such injections and can even be detrimental when used for this purpose.

A security expert asked ChatGPT to improve the code so that it is not vulnerable to SQL injection attacks.

// Prepare the SQL statement using a parameterized query

$stmt = $conn->prepare(“SELECT * FROM users WHERE username = ? LIMIT 1”);

$stmt->bind_param(“s”, $username);

// Execute the prepared statement

$stmt->execute();

// Get the result from the executed statement

$result = $stmt->get_result();

The second flaw was user enumeration. The AI code suggested displaying “Invalid password!” for failed logins, a security misstep. Such messages give attackers hints, easing their job of guessing valid usernames. A better practice is to keep things vague with messages like “Invalid username or password”, keeping attackers in the dark about which part failed. Astrid subsequently called for the removal of user enumeration in the code.

// Password doesn’t match

echo “Invalid username or password!”;

}

} else {

// Delay the response for a short random period (to prevent timing attacks)

usleep(rand(100000, 500000)); // Random delay between 0.1s and 0.5s

// Generic error message to prevent username enumeration

echo “Invalid username or password!”;

}

The last red flag – hardcoded credentials. Attackers who access the source code could exploit these to compromise the system or steal sensitive information. To fix this issue, the AI chatbot suggests using environment variables or configuration files to store database credentials.

The experiment didn’t end there. Astrid Bytes delved deeper, giving the same task to ChatGPT in other widely used programming languages:

“I was experimenting with 5 different programming languages, including PHP, Java, Rust, JSON, and C, but didn’t notice any significant differences when it came to more secure code,” she reported.

Java code snipet with enlarged code vulnerabilities

The Java test mirrored PHP results, revealing code vulnerabilities. Moreover, each time a flaw was patched, a new one emerged.

The Java check-in code and its subsequent iterations suffered from various issues:

Vulnerability to SQL injections;
Hardcoded credentials in connection strings;
Storing passwords as plain text or hashing with the SHA-256 algorithm;
Weak exception handling;
Exposure to cross-site scripting (XSS) attacks;
Unsolicited code that included information not tailored to specific requests or needs.

Astrid also evaluated ChatGPT-4’s secure coding capabilities. She found it slightly more robust than its 3.5 predecessor. However, an expert’s oversight was still needed to correct flaws in the code.

Interestingly, ChatGPT displayed enhanced proficiency when “writing a code in development frameworks compared to vanilla versions of programming languages.” This observation aligns with the fact that certain development frameworks provide integrated solutions to tackle specific security vulnerabilities. Nonetheless, it’s crucial to understand that these frameworks, while helpful, are not foolproof – developers can still produce insecure code within them.

Key takeaways

This test revealed that, while ChatGPT does a great job in engaging in human-like conversation, it doesn’t perform so well in producing secure code. Astrid Bytes classified her findings into the good, the bad, and the dangerous.

The good

ChatGPT serves as an excellent coding assistant, boosting productivity and helping with quick algorithm implementations. A study from the National Bureau of Economic Research attests that generative AIs like ChatGPT can enhance workforce productivity by roughly 14%.
It can generate code in a multitude of programming languages.
ChatGPT-4 generally outperforms ChatGPT-3.5, though expert review remains essential for spotting vulnerabilities.
Considering secure coding, the chatbot performs better within modern development frameworks than in standard programming languages.
ChatGPT can recognize code issues, detailing their exploitability and suggesting remediation steps. However, this feature is effective only if the user actively seeks such insights.

The bad

ChatGPT has a limited response size and cuts corners when focusing only on functional requirements, skipping security considerations. So, you won’t always get the right code on the first try.

The dangerous

Code output falls below minimum security standards. Astrid Bytes noted that this issue stems from ChatGPT’s training data: “It’s trained on old data (until September 2021) and isn’t updated on new vulnerabilities and attack types. Plus, ChatGPT has been trained on large amounts of data and coding examples found on the web. The truth is that not all of them are written securely. There is a lot of bad code on the web.”
Inadequate code security is language-agnostic. As Astrid asserts, “I was experimenting with 5 different programming languages, but did not notice any significant differences when it came to more secure code.”
Secure code only if asked. According to our security expert, “It’s focussed on generating code based on functional requirements (your request to write code that solves a particular task) while security and other non-functional requirements are not always taken into consideration – unless you specifically ask for it.”
Requests to fix code vulnerability might lead to a code mutation. As she observed, “While fixing one place, it made changes in another part of the code which was previously secure or even rewritten the code by using a different framework compared to what was originally requested.”
Some of ChatGPT’s answers provided were incorrect. Astrid Bytes noticed that ChatGPT sometimes returned code snippets that included extraneous or incorrect information. This inconsistency underscores a recent Purdue University study, which revealed that ChatGPT answered only 48% of software engineering questions accurately.

Conversation on ChatGPT

Can ChatGPT be used for coding?

Astrid highlights that ChatGPT should be viewed only as a supporting tool for code writing. Whether you’re using an older or newer version, or even if you prompt it to adhere to secure coding standards, human touch and expert oversight remain indispensable.

“You have to understand that ChatGPT isn’t a security toll. It’s trained on old data and unaware of the latest vulnerabilities and attack vectors. So, it might suggest vulnerable libraries or insecure configurations,” Astrid notes.

Further, the research underscores its significant error rate when addressing coding queries. Such inaccuracies, combined with cybersecurity concerns, have led global giants like Apple, Samsung, and even the coding Q&A hub Stack Overflow to restrict its use.

So, if you decide to use an AI chatbot for coding:

Get to know your AI assistant. Whether it’s ChatGPT or any other tool, it’s important to know its limitations.
Take security seriously. It might not be such a big deal for single-use scripts that you won’t need tomorrow, but it makes a big difference for production code.
Only ask to generate the code in a programming language you’re familiar with. The more knowledge you have on programming language and secure coding practices, the easier it is to spot vulnerabilities in generated code.
Use SAST tools to help you evaluate the findings. However, they can generate false positives as well as false negatives. Therefore, any AI-generated code should undergo a manual code review as well.
And finally – trust no one. Not even ChatGPT.

About Version 2 Digital

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

Nord Security 2023 NordLayer

BullWall Server Intrusion Protection Brings MFA Behind the Firewall To Protect Servers and Thwart Breach Attempts

Protects RDP Sessions – The Entry Point for 50% of All Ransomware Deployments — With MFA That Detects and Prevents Unauthorized Users and Halts Breach Progression, Strengthens Cybersecurity Insurance Eligibility

VEJLE, Denmark & WILMINGTON, Del., September 7, 2023 – BullWall, the global leader in ransomware protection for critical infrastructure, today introduced BullWall Server Intrusion Protection to protect servers from unauthorized access resulting from the use of compromised credentials during Remote Desktop Protocol (RDP) sessions. By placing BullWall’s multi-factor authentication (MFA) between the server and any unauthorized users, organizations are protected from bad actors who may have gained entry to the network, preventing the deployment of ransomware.

BullWall Server Intrusion Protection prevents RDP session hijacking and impedes breach progression to prevent the deployment of ransomware. When an illegitimate session is detected, BullWall blocks any compromised clients and servers, and immediately issues the necessary alerts. It’s an important new weapon in the ongoing battle against the use of stolen or compromised credentials, one of the most impactful areas of cybersecurity vulnerability for most organizations. With the surge in remote and hybrid work environments, Remote Desktop Protocol (RDP) is the entry point in nearly 50% of all ransomware attacks.

BullWall Server Intrusion Protection works together with BullWall Ransomware Containment (formerly BullWall RansomCare) to prevent and contain ransomware, protecting the organization’s most important, targeted digital assets against cyberattacks – a singularly important safeguard that can substantially impact cybersecurity insurance eligibility and terms for many organizations.

Jan Lovmand, BullWall Co-Founder and CTO, said: “Remote Desktop Protocol is the single most exploited initial attack vector, and the entry point for fully half of all ransomware attacks. We’re really excited to introduce BullWall Server Intrusion Protection to shut down RDP session-level attacks, closing a door that’s otherwise too easily opened. Together with our Ransomware Containment solution, BullWall offers organizations the strongest defense against ransomware available on the market today.”

Morten Gammelgard, BullWall Co-Founder and EVP of EMEA, shared “One of the biggest stumbling blocks to obtaining cyber insurance is the requirement for MFA on servers in addition to endpoints, for every login attempt. BullWall Server Intrusion Protection provides a game-changing MFA solution for server access that doesn’t require a second device. We’re thrilled to offer a solution that increases security, reduces user friction and stops today’s most common attack vector.”

Most security-minded organizations now have MFA in place as single logon – which proves futile against a threat actor logging into a server via RDP and then moving from there to other servers. BullWall Server Intrusion Protection blocks every step of such attacks, and demonstrates the highest levels of compliance and reporting.

To learn more about BullWall Server Intrusion Detection, please visit here.

About Version 2 Digital

About Bullwall
BullWall is a fast-growing international cybersecurity solution provider with a dedicated focus on protecting critical data during active ransomware attacks. We are the only security solution able to contain both known and unknown ransomware variants in seconds, preventing encryption and exfiltration across all data storage types.

2023 Bullwall