The browser has become a key component of the attack surface for modern businesses. Cybersecurity architectures have inadvertently created a safe haven for attackers to target users through the browser without meaningful scrutiny. Despite attempts to implement defense-in-depth strategies at scale, people are still exposed to cyber threats every single day.
This challenge is being tackled by One Workplace, a leader in creating workspaces that inspire and transform. They offer architectural solutions, technology, designing, and workplace consulting services to some of the biggest companies in the world.
Even with the latest network and email security solutions in their stack, Le Lu, the Chief Information Officer and the security team at One Workplace, questioned whether user-facing threats were still going undetected.
With the Keep Aware Workforce security platform, the One Workplace team enhanced the prevention of sophisticated phishing and social engineering attacks against their workforce and significantly reduced the time to investigate these threats.
Addressing the browser blind spot
The One Workplace workforce is spread across several states, with both remote and in-office employees interacting with a web browser on a daily basis. Unfortunately, the browser is involved in at least a third of all data breaches, and investigations leave security teams navigating network and event logs from a wide array of data sources. To address the growing concern of the browser attack surface, One Workplace adopted an intentional strategy to secure this key workspace. The One Workplace security team prioritized these objectives:
- Gaining visibility into the unknown threats users are facing every day.
- Establishing where work credentials and accounts are being used and which SaaS applications are handling sensitive data.
- Providing employees with real-time insights and indicators of suspicious activities throughout the workday.
“We were finding that our users were still put in dangerous situations. A lot of times they end up somewhere, but we don’t know how. Other solutions log the activity, but we never really understand the thought process or the why behind the effort.”Sammy Basu, Chief Information Security Officer
Security teams today utilize a wide range of monitoring tools for insider threats and workforce risk, but it can be challenging to contextualize the data. The browser has become the key interface to do just that. Keep Aware, and its understanding of the browser as a data source, answers critical questions about workforce security and an organization’s digital footprint.
Silent deployment in minutes
One Workplace deployed Keep Aware to the entire organization in minutes. “The results were immediate”, Le states. The team highly values the simplicity of the implementation, as it did not require the deployment of additional agents or a dedicated browser, instead only a minimal modification to the existing browser settings. Keep Aware deployed directly to the browsers their employees already use and immediately started providing valuable, tangible insights into their environment.
The Keep Aware solution delivers real-time threat detection and prevention directly in the browser. It provides visibility into shadow IT, software usage and new accounts, including unmanaged accounts. This allowed One Workplace to have a comprehensive view of the digital footprint of their organization and ideas on where to eliminate risk.
“Let’s not forget one critical piece of the security stack. Security solutions that promote user protection need to incorporate the human element. It’s active interaction with the user. It’s really the key.”Le Lu, Chief Information Officer
Not only has Keep Aware provided a key mechanism for threat response, it has also empowered One Workplace to better understand their workforce and implement a more continuous security awareness strategy. By better understanding the origin of certain user-facing threats, the security team can customize Keep Aware patterns and messaging to assist users in real-time. “We assume [our users] do something bad, but knowing the context of a threat helps us determine where to position IT”, Le says.
The value of leveraging workforce security
Within days of gaining visibility into the organization, Keep Aware was able to provide One Workplace’s team with multiple insights into previously unknown threats and social engineering trends across their company. The reduced time to investigate these threats has directly impacted Le’s team, allowing them to focus on preventative efforts rather than reactive responses after the fact. Keep Aware was integrated into the security team’s daily workflow to streamline the resolution of ongoing threats.
One Workplace advances its overall cyber security posture by leveraging Keep Aware to prevent further threats on their employees. Keep Aware protects businesses from cybersecurity incidents by identifying workforce risk and embedding security into every employee’s workday. The Keep Aware Workforce platform promotes continuous awareness, addresses SaaS risk, and intelligently responds to cyber threats across the business. Our demo shows how employees can stay aware of threats throughout the workday and how Keep Aware can start protecting your organization in minutes. Get in touch with our team here if we can help.