Thanks to the interview with Untangle’s Vice President of Product Management Heather Paunet, Aviva Zacks of Safety Detective had the opportunity to find out how her company is providing small to medium businesses security through their NG Firewall.
SD: How did you get involved in cybersecurity and what do you love about it?
Heather Paunet: I worked to develop software solutions for over 20 years, and working in cybersecurity has been the ideal mix of technical curiosity and ingenuity. The idea that we are working, especially at Untangle where our core customer base is small-to-medium-sized businesses and schools, with organizations that are extremely vulnerable has always appealed to me. We learn more and more every year that SMBs and schools have so many limitations when it comes to network security. These limitations, often in the form of reduced budgets or personnel’s general knowledge about cybersecurity, make them prime targets for cybercriminals. It is working with these customers, understanding their needs, and also giving them a chance to proactively combat criminals looking to take advantage of their data that really drives me every time we are developing a new product or feature.
SD: What is Untangle’s flagship product?
HP: Our flagship product is our award-winning Untangle NG Firewall 15.1. Our NG Firewall is designed to provide comprehensive security to small-to-medium businesses. We tailor our firewall to the needs of organizations with limited IT resources and budgets, with an understanding that the best way to secure a network is to simplify its management so that IT professionals are best equipped to take advantage of the powerful monitoring tools we provide.
SD: What verticals/industries would be interested in your company’s products?
HP: Untangle designs all of its solutions with small and medium businesses and enterprises in mind. Our solutions are particularly useful for businesses looking to manage their networks across a range of devices and locations. The healthcare and education industries offer perfect examples: organizations in these fields are often relatively small and budget-conscious but hold the responsibility of managing the data of potentially thousands of users, often even in multiple locations.
SD: What are the worst cyberthreats out there today?
HP: The worst cyberthreats out there currently are the ones that are taking advantage of either corporate or personal vulnerabilities attempting to make money in the case of ransomware, or cripple systems just because they can in many cases. Over the last few months, many IT departments have had to change their systems and policies very quickly. Attackers are taking advantage of this by looking for holes that they can get through whilst IT administrators scramble with making data available easily to remote employees and keep that data secure.
Once a hacker gains access to a corporate network, they can then gain access to great amounts of highly personal individual or corporate information. Both hospitals and universities have seen drastic increases in successful attacks recently. The same will surely be true of a majority of organizations that, if they did not already have a large amount of user data managed across a network, are sure to have those systems in place now in light of the shift to remote work as a result of COVID-19.
Choosing solutions that make it simple to manage IT infrastructure equally across physical, and remote locations will significantly reduce risks. Making sure that only personnel that require access to specific systems have that access will help too. It’s much better to give an employee access to a system only when they need it than it is to give them access to many systems as they are onboarded. Reassessing system access at frequent intervals further reduces the attack surface an attacker could get to through individuals.
SD: Where is cybersecurity headed in the next few years?
HP: In the next few years cybersecurity will continue to address the emerging threats of cybercriminals, but will also expand as the network expands. Many people are working from home or students are participating in remote learning. The actual amount of time spent on the Internet and the continued access to web traffic will cause a shift in how these devices are protected. There will be an ongoing effort from companies to create a holistic approach for customers. Untangle, for example, understands that a next-generation firewall and advanced endpoint security can seamlessly come together and be managed from one cloud-based platform. Untangle has continued to work with other technology companies, such as Bitdefender, Malwarebytes, and Webroot to integrate their endpoint security solutions into our management platform, Command Center with the goal to centralize network management and increase visibility in real-time.
SD: How will Covid-19 change the face of cybersecurity for the future?
HP: COVID-19 has caused businesses that had not already moved IT infrastructure to the cloud to look into doing so. Businesses no longer only need to support on-premises devices. With many workers working remotely, the IT infrastructure supporting them doesn’t have to be on-site in the local office anymore. COVID-19 will further speed up the transition to cloud-based infrastructure and affirm its place within an organization. Moving to the cloud, many businesses also needed to adjust their security solutions—why do we need an on-premises security solution if no one is actually on-premises? Some workers ultimately will return to their office environments, but many, having proved that business can continue with remote workers, may decide to be more open to a remote workforce in the future.
Cybersecurity protection will continue to evolve to support a broader, more flexible working environment as more workers work remotely and many workers spread their time between different on-premises and remote working locations. This also translates into next-generation firewalls being deployed in the cloud, office workers looking for ways to protect their home network that is now being used for work, and an increase in the use of VPN connectivity to protect employees.