Blog

NSA guidance to teleworkers: rely on end-to-end encryption

The work-from-home shift driven by the Covid-19 crisis has opened the door to a fresh round of cyber attacks. With so many government, military, and private sector employees working from home and using VPNs or remote desktops, the incidence of attacks has increased significantly. In an effort to improve government and military teleworkers’ cyber hygiene, the NSA recently issued guidelines for using collaboration services. At the top of the NSA’s list is the recommendation that collaboration services employ end-to-end encryption.
 
The value of end-to-end encryption has long been known. However, it’s inclusion in the NSA’s list highlights its shift to the mainstream by an organization known to seek the highest levels of security for themselves and their technologies. The NSA notes that by following the guidelines it defines, users can reduce their risk exposure and become harder targets for bad actors.

NSA and end-to-end encryption

End-to-end encryption is the gold standard for protecting email and file storage/sharing. That’s why the NSA’s recently released guidance on telework focuses on it. According to the NSA, the top criterion for “selecting and safely using collaboration services for telework” should be:

Does the service implement end-to-end encryption?

PreVeil’s end-to-end encrypted email and file sharing platform solidly meets this standard. PreVeil’s security model assumes cyberattacks will occur and focuses on ensuring that any attacks are futile. With PreVeil, data is never decrypted on any server anywhere; if attackers successfully breach a server, all they will see is useless gibberish. PreVeil can be used seamlessly in conjunction with VPNs or remote desktops but is capable of securing data transmissions over any wireless or wired connection due to the power of end-to-end encryption. to secure files, data, and communications.
 

NSA and strong encryption algorithms

The NSA’s second recommendation is to:

Use strong well-known and testable encryption standards

PreVeil’s architecture is built on NIST FIPS 140-2 approved encryption algorithms. The algorithm defines the critical security standards that the private sector must use for encryption in order to work with the U.S. government.

Secure collaborations without VPNs and remote desktops

PreVeil’s use of end-to-end encryption along with strong algorithms ensures a secure alternative to VPNs and remote desktop. These solutions are relatively insecure methods for collaboration because they are vulnerable to password and admin attacks. End-to-end encryption provides an ideal alternative to passwords by ensuring authentication through cryptographic private keys stored only on users’ devices. These keys reside only on the user’s device and cannot be phished, guessed, or spoofed.
 
Moreover, PreVeil’s Approval Group feature prevents admins from becoming central points of attack. By requiring several people to approve an administrator’s sensitive activities, such as exporting corporate data, invasive actions by a single admin are not possible. Similar to nuclear launch keys, this strategy prevents malicious activity by requiring more than one person to authorize critical actions. Trust is distributed among approvers instead of being centralized within one admin.

Conclusion

Flattening the curve of the spread of the coronavirus is crucial to limiting potentially dire effects of the pandemic. Working from home is the right thing to do for those for whom it is possible. But, as the NSA directive makes clear, protecting our collaborations is also vital.
 
With PreVeil, your enterprise can quickly transition to remote work without sacrificing the security you need to minimize business risk and continue the important work you do.
 
Read our updated Work from Home whitepaper to learn more.

Download the whitepaper