What Cybersecurity Controls Does Your Court Need?
Cybersecurity attacks happen every day across every industry, including public and private organizations. Even when controls are in place, a security...
24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management
CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support
If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.
Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.
At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.
4 min read
Jessica Owens : May 10, 2022 12:00:00 AM
By now you have heard of and (hopefully) utilize a VPN Service for both your business and home internet needs, so we’ll not spend time ruminating on what a VPN is and what it will do for you (though if you’d like a VPN primer check out: Are VPN Tools Just for Business Use?) We’re looking to address something you may not have considered: What a basic VPN connection will NOT do for you, and what to do about it, and this requires presenting a basic analogy:
A basic VPN connection can be likened to well-known features of a vehicle: locks, and tinted windows. These elements decidedly improve occupant privacy and safety.
You know and love these features, except perhaps when it is pouring down rain and you think you’ve left your keys in the vehicle …but can’t tell for certain because of the impressive window tinting. Surely we’ve all been there. Nevertheless, once you find those keys in your pocket and can crumble into the vehicle, dejected, looking like a spent mop, and ready to race down the road, those locks and tinted windows will not save you from bad driving practices.
Arguably the seatbelt could, and there are certain built-in seatbelt-like features provided by modern VPN services that likewise assist (discussed below). In general, however, even with these safety features, if you drive recklessly or allow unscrupulous characters access to your vehicle, you might just end up with an unusable vehicle (analogy: unstable/corrupted system), or risk some manner of injury to the occupants (analogy: data leaks, revenue loss, and potentially being targeted for further theft or harassment).
So, how does having vehicle safety features enabled but still engaging in reckless driving translate to browsing the internet? Well, let’s say your VPN is implemented, but you or someone on your network has been known to:
navigate to insecure websites and -bonus points- enter credit card or other sensitive information
install frivolous web browser extensions using the default settings on your web browser
allow pop-ups
click on pop-ups that promise to scan and remove malware from your system (spoiler alert - they won’t)
click on pop-ups to win a totally rad gaming system
click on pop-ups…just because
open random site links
download attachments and click on links from unsolicited emails and text messages
enable macros, because the prompt said you could/ should
fill out random social media surveys just to find out what breed of cat you are based on your birth date (surely there isn’t any risk in providing your first pet’s name, your favorite food, your siblings’ names, the city you were born in, etc. It's not like this information is ever used for your passwords. Oh wait, that’s right).
How many of us or someone using our network (our “internet”) have done this in the past month? This past week? Today?
Any one of these behaviors increases the likelihood of network and device compromise and so, relating back to our example, we could find ourselves with a now unusable vehicle…and it’s still raining.
I think we can wrap up that analogy for now. You get the point.
We’ve covered some of the habits making a home or business network more susceptible to cybercriminals. The good news is that practicing basic browsing hygiene and responsible internet usage goes a long way. Even better, in those moments where our diligence falters, modern VPN providers now include advanced protection features.
If you want the most protection, look for your VPN provider to offer the following:
Ad-blocking or equivalent proprietary named feature that:
From humble beginnings with PPTP (Point-to-Point Tunneling Protocol) and evolution from a solely business-related focus, quality VPN Providers continue to refine their products and now offer protections to help safeguard even the reckless home-based web surfer.
As the internet continues to increase in complexity, let’s be mindful of best practices in its usage, and let’s utilize those services designed to keep our networks and data safer. Remember, be a good driver.
Ingalls Information Security understands cybersecurity. Since 2010, we’ve been in war rooms and boardrooms, investigating computer networks targeted and attacked by criminals and nation-state-sponsored hackers. This experience gives us a powerful edge in preventing and responding to cyberattacks.
If you’d like to learn more please contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.
About the Author
Jessica Willoughby, A+, Sec+, CPO, ITIL4
Jessica is a freshly-minted Cybersecurity Analyst with a background in project management and client services. Operating with a passion to build trust between the technical and non-technical relationships in cyber and information security, she utilizes her talent of bridging gaps in communication and organization with the intent of creating content of value. |
Cybersecurity attacks happen every day across every industry, including public and private organizations. Even when controls are in place, a security...
Chapter 2 In Chapter One we mentioned that the most common phishing attacks are mass emails sent to as many recipients as possible in hopes that even...
In this Intern Review, we hear from Gregory Bailey about what it's like working at Ingalls and what's next in his cybersecurity career journey.