Webroot: Multi-Layer Security Required For Remote Work

‘What we try and do is take a multi-layer approach so that you’re not just taking a single swing of the bat and if you miss that single swing, you’re infected,’ a Webroot representative says of the vendor’s approach for helping employers secure work-from-home environments.


With many people continuing to work from home in the middle of the pandemic, the employer-issued laptop on the home network has become a big target for cyberattacks old and new.

That means solution providers need to take multiple approaches to help protect the computers of their customers’ employees from a variety of attacks that pose as phony anti-virus and coronavirus contact tracing applications, according to Greg Luebke, channel account manager at security vendor Webroot.

[Related: The 10 Coolest New Cybersecurity Tools And Products Of 2020 (So Far)]

Sponsored post

“Malicious actors are striking fear in the hearts of our users and rightfully so,” he said in a virtual seminar at XChange+, a hybrid event held by CRN publisher The Channel Company. “Every time you get an email marked with something ‘COVID-19,’ the likelihood that you’re going to click on that and check it out is going to become greater than if it was just any other ordinary email that comes over your desk.”

Attacks targeting employees working from home have the potential to steal credit card credentials, bank information and proprietary employer information, according to Luebke. Video conferences that have become so prominent in the last several months have become vulnerable to intentional disruptions, and if malicious users can’t slow down business or steal anything, they may attempt to install a miner that uses the computer’s processing power to generate cryptocurrency.

One of the challenges with work-from-home environments is that while employees may be given a VPN to protect their connection, they may opt to not use it a lot of the time, making them more vulnerable.

For a solution, Luebke pointed to Webroot’s DNS Protection product, which can be network- or agent-based and provided over HTTPs. The solution can block 88 percent of all threats, he said, plus it can track websites employees are using and create policies to ensure certain addresses can’t be accessed.

“So you can watch these home users while they’re at home doing work. If they’re streaming Netflix all day, you’ll be able to see that. If they’re popping onto Facebook, whatever, you can tamper that down by creating some policies from your remote-based console,” Luebke said.

Another layer of protection can come in the form of Webroot’s Endpoint Protection. However, according to Luebke, the weakest link in security will be humans, which is why the company provided security awareness training that educates users on a wide variety of threats and issues, from ransomware and phishing to HIPAA and GDPR compliance, with more than 40 courses. As part of the training program, Webroot lets customers track the progress of individual users to lower security risks.

“With our reporting, you can take a look at those reports. You can see month after month, how those users are evolving? Are they getting better?” he said. “And if they are getting better, that, of course is going to mean you know the click rates are going to drop.”

The foundation of those three solutions is Webroot‘s BrightCloud threat intelligence services, which Luebke said are used by more than 120 equipment manufacturers. That means is that more than 70 million endpoints are helping inform Webroot’s threat intelligence research.

“It’s this crowdsourcing of information that really does make our threat intelligence the most dynamic threat intelligence platform in the industry today,” he said.

It’s with these solutions and services combined that allows Webroot to take a multi-layer approach to security, which is needed particularly for work-for-home environments, according to Luebke.

“What we try and do is take a multi-layer approach so that you’re not just taking a single swing of the bat and if you miss that single swing, you’re infected,” he said. “We play the law of averages and we say, if we miss something here, where do we pick it up next? If we miss something here, where do we pick it up next? And what that allows us to do is, over time, as you step down the layers, [it creates] one of the best efficacy ratings in the industry.”

Michael Rainone, partner and CIO at The ProActive Technology Group, a Greenvale, N.Y.-based Webroot partner, said Webroot’s Endpoint Security works particularly well because it can be operated from a single interface and it integrates well with the ConnectWise Automate for remote management.

“The team over at Webroot traditional has always been very proactively [helpful for] us, and their support has been terrific,” he said.

But he agreed with the notion that security for work-from-home environments requires a multi-layer approach, which is why Webroot’s Endpoint Security is just one part of the security stack.

“We know it’s not the only thing that has to be there, but it’s definitely one of the things that we put into our stack to make sure that our clients are secure as possible,” Rainone said.

One major issue that Rainone’s customers are dealing with in remote work situations is a desire to monitor employee productivity, which ProActive is addressing with a vendor called ActivTrak that offers workforce productivity and analytics software.

“There’s a lot of companies that want to use something that’s sort of a detection tool to see what exactly they’re working on, how long [they’re] working, what applications they’re working in and how they’re using their time,” he said.

Employee monitoring can be a dicey issue, but Rainone said it‘s ultimately up to the employers.

“The position that we have here is that if the device is provided by the company, then you have a right to see what‘s being done on the device, but if it’s the person’s home computer, then I think that that’s going to be a harder justification, although you can set up parameters within this program to allow for connections to be monitored only during specific business hours,” he said.

[Editor’s Note: To attend the virtual event or view sessions on demand, visit the XChange+ registration page.]