Hello Webroot Community,
I wanted to create a space for us to come together and discuss Webroot and COVID-19.
Consider this our office hours.
In case you might have missed it, we created a page here where we’ll keep a running list of articles, blog posts, and other pieces of content about our COVID-19 response.
If you have specific questions on what we’re doing as a company during the pandemic and our tips for how you can stay cyber resilient in these uncertain times.
Please add your questions below or join us Tuesday, September 8, 2020, at 1:00 PM - 1:30 PM MT
Hey everyone, happy Tuesday. I hope you’re having a good week so far and staying cool. Believe it or not, it’s snowing here in Colorado. This is only a day or two after it was nearly 100F in town. Crazy!
Anyway, we’ve got the usual suspects here helping us out with our Q&A today. We’ll get started in a second.
Thanks again for those of you who submitted your questions this week. Here we go!
Will there be a local DNS Service in SA anytime soon? - Martin V.
Martin, I’m happy to say the DNS service is only localized by language not by Geography, so you should be able to deploy it. Admittedly local data centers might be more of an issue, and could cause latency? We use the Google Cloud Platform as our hosting partner and I see they have no data centers in Africa, never mind SA.
What I’d recommend is trialing the service (we’re still doing 60 days free) and looking at any local issues. We’d appreciate any feedback, which you can make here in the Business Community.
What working practices do you think will remain in place? - Joe R.
I think it’s too early to be definitive about what will stay. However, the working from home genie is truly out of the bottle so I think some option to WFH will be retained, as will the necessary security controls to make it as secure as possible.
At the same time there are issues with WFH too, so depending on role and function a requirement to be in the office at times is likely to be in place too.
Articles are also starting to appear about corporate employee observation and monitoring software and the privacy invasions being undertaken, including metrics being used to assess performance etc. I think this will come to a head (especially outside the USA) where governments and legislation on privacy are stronger. It wouldn’t surprise me to see California and other ‘enlightened’ states in the US introduce legislation against such intrusive observation.
As I said, early days, and there will be a consolidation of business practices that will be very much determined by the sector and industries involved.
Going by your analytics, what percentage of today's phishing and social engineering attacks play on the average user's fears of the COVID-19 pandemic? - Doug T.
Great timing with this question Doug. We’re just about to publish our most recent global research on phishing.
It showed more than 25% of Americans falling prey to pandemic phishing and we found that with mass work from home, an influx of emails, and a general ‘always connected’ attitude, there are more opportunities than ever for cyber-criminals.
The report also suggests companies and consumers alike are falsely confident when it comes to cyber security. Nearly all respondents around the globe (95%) recognize that phishing remains a problem for companies and consumers, yet more than three quarters (76%) admit to opening emails from unknown senders. Over half (59%) blame opening the emails on the fact that phishing emails look more realistic than ever before.
We also identified an opportunity for more security awareness education as:
So COVID-19 has proven rich picking grounds for bad actors.
How do I secure home environments that are also being used for home school? - Russ S
I’m obviously going to say Endpoint Protection and DNS Protection used in conjunction with each other (using both Agents). We’re just adding a default Google ‘SafeSearch’ policy to DNS during October.
In the meantime information here: https://support.google.com/websearch/answer/510 will help tie it down at the browser level.
DNS Domain level filtering is preferable as it covers all requests (regardless of the browser used) and you can set policy by user or device - rather than a blanket policy (that may upset an Adult browser).
SafeSearch is the action taken by schools today to cover inappropriate content, bullying, etc.
There are other security concerns but this starts t tackle the main ones and with user level policies works well.
A big thanks again to
@GeorgeA for answering all of these questions and spending a little time with us today!