Widespread stay-at-home orders and social distancing practices are important public health measures for tackling Covid-19. From a cybersecurity perspective, the bad news is that “stay at home” means “work from home,” and few organizations were fully prepared for the challenge that presents. The task is particularly imposing for defense contractors now asked to meet the DoD’s new CMMC cybersecurity standards. PreVeil addresses both challenges simultaneously
IT professionals have been handed the job of enabling employees to work remotely as quickly as possible—and meeting security standards while doing so. Yet despite their best efforts, executive strategy sessions, crisis management planning, sensitive government work and more are all happening today on home computers, laptops and mobile devices with questionable levels of security. Hackers see opportunity. The Department of Defense sees risk.
PreVeil recently released a brief white paper, Cybersecurity for Work from Home, to help enterprises of any size assess their options for scaling up their work-from-home capabilities quickly and securely. The conventional, longtime options for enabling work from home have been VPNs and remote desktops. Both, however, have significant vulnerabilities to cyberattack: research by Radware indicates that VPNs are the attack vector of choice for advanced persistent threat (APT) actors, and the technology that enables remote desktops accounts for nearly 70% of all ransomware attacks.
The best alternative for work from home is end-to-end encryption—which can be used in conjunction with VPNs and remote desktops if your organization has already moved in those directions.
PreVeil’s light-footprint security architecture is grounded in world-class end-to-end encryption. It’s based on MIT computer scientists’ research on cybersecurity and applied cryptography, and presumes that cyberattacks will occur and focuses on rendering them useless. With PreVeil, email, files and data are never decrypted on any server anywhere. If attackers breach a server, all they will get is gibberish.
PreVeil Drive allows your remote employees to share and store files with end-to-end encryption, overcoming security deficiencies in enterprise networks and the jumble of workers’ home equipment, mobile devices, and wifi connections.
PreVeil Email allows your remote employees to send and receive end-to-end encrypted emails using their existing email address. It easily integrates with mail clients such as Outlook, Gmail, and Apple Mail, and works on browsers and mobile devices.
PreVeil deploys easily in minutes with no impact on your existing email and file servers, making configuration and deployment simple and inexpensive. It integrates seamlessly with the email and file sharing tools you and your employees already use, and clearly distinguishes between enterprise and personal messages, files and data.
And, very importantly for companies serving the Defense Department, it simultaneously assures readiness for the DoD’s rollout of tougher CMMC cybersecurity standards.
Any solution for securing work from home should be robust enough to satisfy relevant regulations governing the work your organization does. PreVeil’s end-to-end encryption provides the foundation for compliance with federal regulations for handling sensitive information such as that associated with financial and legal services, health care, and specifically the aerospace and defense industries.
PreVeil’s Drive and Email solutions support compliance with virtually all of the controls required by the Department of Defense’s new CMMC (Cybersecurity Maturity Model Certification) framework for processing and storing CUI. PreVeil’s new CMMC white paper offers detailed information on what your company needs to do to comply with CMMC and, in that, secure your eligibility to work with the DoD. The paper includes an appendix that maps all of the CMMC controls, by domain, with how PreVeil supports compliance for CMMC Level 3.
PreVeil also supports compliance with the State Department’s most up-to-date regulations requiring end-to-end encryption for communications governed by ITAR (International Traffic in Arms Regulations); FINRA rules and guidance for securities firms and brokers; and HIPAA, for health care companies.
Working from home is the right thing to do now for those for whom it’s possible. But cybersecurity needn’t be compromised in the process. PreVeil is the smart solution for securing work from home and, because it’s easy to use, it will be used by the remote workers your organization is depending upon now.
This all comes together especially importantly for the defense industry. As the old adage goes, kill two birds with one stone. PreVeil secures your company’s work from home and compliance with CMMC. If that matters to you, reach out to us today.