Facts about Cloud Security And How You Can Protect Against Data Loss
As cybercriminals continue to take advantage of the public cloud in their attacks, Sophos commissioned an independent survey of 3,521 IT managers across 26 countries* to reveal the reality of cloud security in 2020. The 2020 cloud security reality The survey provides fresh new insight into the cybersecurity experiences of organizations using the public cloud, including: Almost three-quarters of organizations hosting data or workloads in the public cloud experienced a security incident in the last year. Seventy percent of organizations reported they were hit by malware, ransomware, data theft, account compromise attempts, or cryptojacking in the last year. Data loss/leakage is the number one concern for organizations. Data loss and leakage topped our list as the biggest security concern, with 44% of organizations seeing data loss as one of their top three focus areas. Ninety-six percent of organizations are concerned about their current level of cloud security. Data loss, detection and response, and multi-cloud management top the list of the biggest concerns among organizations. Multi-cloud organizations reported more security incidents in the last 12 months. Seventy-three percent of the organizations surveyed were using two or more public cloud providers and reported more security incidents as those using a single platform. European organizations may have the General Data Protection Regulation (GDPR) to thank for the lowest attack rates of all regions. The GDPR guidelines’ focus on data protection, and well-publicized ransomware attacks have likely led to these lucrative targets becoming harder for cybercriminals to compromise in Europe. Only one in four organizations see lack of staff expertise as a top concern despite the number of cyberattacks reported in the survey. When it comes to hardening security postures in the cloud, the skills needed to create good designs, develop clear use cases, and leverage third-party services for platform tools are crucial but underappreciated. Two-thirds of organizations leave back doors open to attackers. Security gaps in misconfigurations were exploited in 66% of attacks, while 33% of attacks used stolen credentials to get into cloud provider accounts. For the details behind these headlines, and to see how your country stacks up, read The State of Cloud Security 2020 report. Secure the cloud with Sophos However you’re using the public cloud, Sophos can help you keep it secure. Secure all your cloud resources. Get a complete inventory of multi-cloud environments (virtual machines, storage, containers, IAM Users etc.). Reveal insecure deployments, suspicious access, and sudden spikes in cloud spend. Learn more Secure your cloud workloads. Protect virtual machines, the virtual desktops running on those machines from the latest threats, including ransomware, fileless attacks, and server-specific malware. Learn more Protect the network edge. Secure inbound and outbound traffic to your virtual network, virtual desktop environments, and provides secure remote access to private applications running in the cloud. Learn more Protecting your data starts here We work with only the best, enterprise level cloud vendors to ensure your data is always secure and always available. Contact us to find out more. Source: Sophos.com, Rajan Sanhotra
5 Ways To Recognize A Ransomware Attack
Whenever we work with ransomware victims, we spend some time looking back through our telemetry records that span the previous week or two. These records sometimes include behavioral anomalies that (on their own) may not be inherently malicious, but in the context of an attack that has already taken place, could be taken as an early indicator of a threat actor conducting operations on the victim’s network. If we see any of these five indicators, in particular, we jump on them straight away. Any of these found during an investigation is almost certainly an indication that attackers have poked around: to get an idea of what the network looks like, and to learn how they can get the accounts and access they need to launch a ransomware attack. Attackers use legitimate admin tools to set the stage for ransomware attacks. Without knowing what tools administrators normally use on their machines, one could easily overlook this data. In hindsight, these five indicators represent investigative red flags. A network scanner, especially on a server. Attackers typically start by gaining access to one machine where they search for information: is this a Mac or Windows, what’s the domain and company name, what kind of admin rights does the computer have, and more. Next, attackers will want to know what else is on the network and what can they access. The easiest way to determine this is to scan the network. If a network scanner, such as AngryIP or Advanced Port Scanner, is detected, question admin staff. If no one cops to using the scanner, it is time to investigate. A network scanner found among a repository of tools used by Netwalker ransomware Tools for disabling antivirus software. Once attackers have admin rights, they will often try to disable security software using applications created to assist with the forced removal of software, such as Process Hacker, IOBit Uninstaller, GMER, and PC Hunter. These types of commercial tools are legitimate, but in the wrong hands, security teams and admins need to question why they have suddenly appeared. The presence of MimiKatz Any detection of MimiKatz anywhere should be investigated. If no one on an admin team can vouch for using MimiKatz, this is a red flag because it is one of the most commonly used hacking tools for credential theft. Attackers also use Microsoft Process Explorer, included in Windows Sysinternals, a legitimate tool that can dump LSASS.exe from memory, creating a .dmp file. They can then take this to their own environment and use MimiKatz to safely extract user names and passwords on their own test machine. Mimikatz and related PowerShell scripts used to launch it, found among a repository of tools used by the Netwalker ransomware threat actors Patterns of suspicious behavior Any detection happening at the same time every day, or in a repeating pattern is often an indication that something else is going on, even if malicious files have been detected and removed. Security teams should ask “why is it coming back?” Incident responders know it normally means that something else malicious has been occurring that hasn’t (as of yet) been identified. Test attacks Occasionally, attackers deploy small test attacks on a few computers in order to see if the deployment method and ransomware executes successfully, or if security software stops it. If the security tools stop the attack, they change their tactics and try again. This will show their hand, and attackers will know their time is now limited. It is often a matter of hours before a much larger attack is launched. Source: Sophos News, Peter Mackenzie
3 Key Cyberthreats Schools Need To Keep In Mind
With valuable, and often underprotected data, education institutes are prime targets for cyberattackers. On top of regular security challenges faced, the new complexities stemming from COVID-19 are offering cybercriminals tailormade scenario for attacking school networks, and giving education institutes even more security challenges that need to be addressed to keep students and student data safe and secure. Let’s take a closer look at some of the challenges these institutions must address: 1. Phishing scams We’re seeing an uptick in coronavirus phishing scams, and so the chances of phishing emails making their way into the inboxes of teachers, administrators, and students is high. Staff must be provided with comprehensive guidance that allows them to identify such emails. It’s critical to deploy advanced email security that blocks phishing emails, prevents data loss, encrypts email, and offers comprehensive protection against phishing. 2. Shortage of skilled IT security staff This is a challenge not unique to schools, but lack of skilled IT staff particularly leaves a school network susceptible to threats. Schools are shut down to control the spread of the pandemic. At most, there’s a skeletal staff at work, or else everyone is working from home. When this happens, who takes charge of your school’s IT security needs? Schools can find themselves with no one pushing network security, device management, and endpoint security policies. Critical reports identifying risky users, or which offer more information about regulatory compliance might not be leveraged effectively. This can give cybercriminals an opportunity to exploit weaknesses in your cybersecurity infrastructure to infect the network. The answer to this challenge is managed threat response services (MTR). This service offers an expert team to deliver threat hunting, detection, and response services 24/7, so that you don’t have to. You don’t have to worry about spotting suspicious behaviors or whether your cybersecurity configuration is on point because the team manages all security needs for your education institute. 3. Advanced malware attacks As students and teachers spend more time online during coronavirus lockdowns, they are susceptible to inadvertently becoming victims of an account takeover, unintentionally or carelessly sharing their information with cybercriminals. This allows criminals to log in to your school’s network, launch a ransomware attack, and take control of sensitive student data. The solution is to deploy advanced endpoint protection technologies to stop the attack chain and predictively prevent such attacks, features should also include automatic roll back to pre-altered state if files are encrypted. This will help protect data if students or teachers are using school-supplied laptops or tabs. If they are using their own devices to access school resources, it is imperative they install a cybersecurity solution specifically catering to the needs of home users. To maximize their safety, schools must also deploy a next-gen firewall that detects and blocks ransomware at the gateway, and also prevents its lateral movement. Boring can help We protect companies and organizations with proven solutions and services for the full cybersecurity lifecycle. Our offerings include independent consulting for your information security requirements and enterprise solutions for IT risk management and continuous compliance. Some of our services include assessments, policies, prevention, protection and recovery for IT network systems. We are equipped to help businesses make decisions about their IT infrastructure and reduce their exposure as it relates to data protection and cybersecurity. Reach out to us today for a network assessment so our team can assess your vulnerability and discover which services and products will work best for you. Source: Sophos NEWSAuthor: Indrajeet Pradhan
Why Your Tampa Area Business Needs An IT Support Partner
Many small businesses need reliable IT support in order to succeed in the digital age, but hiring a full-time IT staff may not be in the budget. If this is the case, outsourcing your IT support can be an affordable solution. Below, we’ll take a look at some of the most valuable and cost-saving services an IT Support or Managed Services Provider can provide your Tampa area business. Help Desk Support When your employees are needing assistance with computers in your office or in an employee’s home office, an IT support company can remote connect to troubleshoot and resolve the issues. This means that an IT support partner is often able to solve IT problems remotely, saving your company time and money while ensuring that quick and effective IT solutions are always just a phone call away. On-Site IT Support In cases where remote support is unable to address all of the issues you might experience, on-site IT support is always an option. For example, with on-site IT support, your IT support partner can perform tasks such as deploying new computers, setting up printers, addressing hardware issues, troubleshooting network connectivity problems, and more. Data Backup and Recovery Should you have an incident that affects your data, such as a ransomware attack, it is imperative you have a backup that can be restored to get you back to normal. By partnering with an IT support partner that offers data backup and recovery, you can ensure that your data is always backed up and able to be restored in the event that the original data is lost or otherwise inaccessible. Email Services If your business’s email services go down, your ability to communicate with customers, accept orders, communicate with remote employees, and more may be compromised, bringing your entire business to a halt. With an IT support partner, though, you can rest assured knowing they are just a phone call away and can immediately start troubleshooting any issues you might have with your email services. Network Setup and Administration When looking for an IT support partner, be sure you choose one that offers managed services. Managed Services Providers can monitor, troubleshoot, and address your network issues before you even know there’s a problem, giving you peace of mind that your network is always under the careful watch of expert eyes. Print Support If your business is heavily reliant on copiers and printers for its day to day operations, you know how crippling it can be if you can’t print. Your IT support partner should be available to quickly address any machine issues and, if needed, provide you with a loaner until your machines can be repaired. Conclusion For businesses that cannot justify hiring an in-house IT team, working with an IT support partner offers a number of considerable benefits. At Boring Business Systems, we are proud to be the go-to company for managed services and IT support in the Tampa area. If you own a business in Tampa Bay and would like to learn more about the many benefits that working with an IT support partner can provide, feel free to contact us today!
How to handle compromised credentials
You’ve just discovered there are compromised employee credentials or other sensitive data of your company exposed and available on the Dark Web. The reality is, once exposed on the Dark Web, your information cannot ever be completely removed or hidden. You cannot file a complaint or contact a support line to demand your data be removed. Your company should immediately start taking appropriate steps and measures to correct or minimize the risks and potential damages associated with this exposed data. Identify, understand and learn from past mistakes or failures, and adopt a more proactive and preventative approach to your business’ cybersecurity strategies moving forward. Sound the Alarms Important Business Alert Alert all employees, top to bottom, of the compromised data and explain or educate them about the Dark Web. Review individual compromises with critical users. Explain specific threats and risks – both to the business and potentially, the user Establish/update strict password policies and review and share with users. Retire old and exposed passwords Define what a strong password is and implement a password construction policy Make different passwords for each business account mandatory and keep personal ones separate Determine a schedule for routine password changes Change passwords Change passwords for exposed logins – all accounts using the compromised passwords Replace with unique passwords for each account Change/refresh any passwords older than six months Cybersecurity Best Practices to Proactively Protect Your Business Implement Multi-Factor Authentication Even the strongest and most complex passwords won’t protect you if they have been compromised and exposed on the Dark Web. Requiring users to verify who they say they are via two or more unique security factors will virtually eliminate more than half the threats and risks associated with exposed user credentials. Consider Single Sign On (SSO) and Password Management Solution The combined benefits of a Secure SSO and Password Management platform will enable your entire workforce to adapt and thrive in a security-first environment while reducing password frustration and fatigue for users and empowering increased productivity. Ongoing Security Awareness Training for Users Users continue to be the weakest link in security for businesses worldwide. This is often due to genuine ignorance regarding security best practices and a lack of knowledge or awareness of common threats and risks. Establish ongoing security awareness training for all users and turn your weakest link into your strongest security defense. Perform Regular Risk Assessments A comprehensive audit of your business infrastructure and systems will inevitably reveal vulnerabilities and security gaps within your network, applications or on your devices. Performing regular assessments will allow you to stay in the know and enable you to achieve and maintain a more preventative approach to security, often eliminating issues or problems before they arise. Proactively Monitor for Breaches and Cyber Threats Cyber threats continue to increase and evolve, and hardware and software vulnerabilities are discovered regularly, exposing your business to a steady barrage of security risks. To adopt a proactive and preventative approach to cybersecurity, your business must have visibility and insight into both internal and external activities, trends and threats to the network and data. Back Up Everything It is imperative that you ensure your business and customer data is protected and secured against any incident or disaster such as system failure, human error, hackers, ransomware and everything in between. In addition, make sure you explore the importance of accessibility and consider investing in business continuity as part of your backup strategies. Invest in Cyber Insurance Sometimes things do not work out no matter how much effort you put into them. As a business, you must do everything right. However, a hacker only needs a single gap or weak point in your security systems to slip past your defenses like a trojan horse. Every business in operation today needs cyber liability insurance to protect their business when all else fails. Don’t wait until you are the next news headline or statistic. Contact us today to start implementing the comprehensive security solutions your business deserves.
The Best Practices for Automating Your Office
Dismantling information silos and giving employees easy access to the knowledge they need to drive processes and complete projects is a key objective of any office automation initiative. With the right tools, your organization can unlock the value of information assets, boost employee collaboration and eliminate complicated, broken workarounds for processes. The discovery process that kicks off office automation efforts identifies bottlenecks and highlights how reengineering paper-based processes is necessary for your business to grow. This can also help get you faster buy-in from your peers. Consider this before you start Workflow automation will help you meet information management challenges in both practical and innovative ways. If you take these 10 steps into consideration when making your digital transformation, you will already be miles ahead of your competition. 1. Define the business rules that underlie each workflow process These guidelines describe company policies and procedures and can always be expressed in “either or” questions such as “yes or no” or “true or false.” For example, a business rule might say that if a customer is already in the system (true), they get a 10% discount. If the customer is not in the system (false) they get a 20% discount. 2. Consider the document lifecycle What initiates the process — an email, a phone call, an electronic form, a paper form, a letter that comes in the mail or a walk-in? What is the first action you take with the information? Who is involved in the process? Does the document require review or approval? Is integration with another system or ERP necessary? Is there a mandatory retention schedule for the document? If so, how long do you have to keep it in your archive? 3. Use a process-mapping tool like the free DocuWare Process Planner If you want to plan and optimize your processes, it is crucial to visualize them. Quickly design your processes and workflow and share them with your colleagues. The Process Planner can be used independently without a DocuWare system. 4. Harness the power of artificial intelligence (AI) Optical Character Recognition (OCR) templates are a useful tool, but they have limits. Advanced software, such as DocuWare Intelligent Indexing, takes it further and uses AI to automatically process documents when data fields like invoice numbers and company names are in different places on the document depending on the supplier. The software can scan electronic and paper documents for key terms and convert that information into searchable indexed data. 5. Use version control Version control ensures that documents maintain their original integrity so that you don’t have to worry about managing multiple paper copies or having multiple electronic copies edited by different people offline. You can also make sure that everyone who makes changes to a document is working with the most current version. Older versions can be viewed in the version history which also shows the version numbers, the status, the storage date, any comments, and the user who saved the document. 6. Specify substitution rules to assign tasks to groups rather than to one person Then tasks can be automatically assigned to the first employee who currently has free capacity. At the same time, managers can monitor the processing of the workflows. Substitution rules can also reassign tasks when a team member is out of the office. 7. Use barcodes to speed up the indexing of paper documents If you attach a barcode to the first page of every document that should be grouped together, you can scan all your documents in one batch. Each new barcode identifies a new document type. In addition, they separate documents when scanning and when importing large batches of documents. For example, if you receive a lot of invoices that you would like to scan and store in one step, you can use a barcode to identify the invoice number field and send every invoice to a specified folder to be reviewed and approved. 8. Automate import Use automated import to send documents to a monitored folder from which they can be automatically and correctly stored. This is particularly useful when you are using network scanners or ERP software that create many PDF documents. Automated import is beneficial for companies that process large volumes of documents. 9. Follow consistent naming conventions across the organization Stick to a consistent method for naming files and folders. Use broad headings for folders rather than getting too specific. Paying attention to this detail will increase searchability. 10. Use an automated related documents feature Linking documents that are part of the same business process can be done easily by creating a common data field. Associated documents can then be retrieved in one click. Contact us to help make your office more efficient, streamlined and productive! Source: DocuWare Blog, Joan Honig
6 Reasons Why You Should Switch To VoIP
If your business relies on voice or video communications, there are plenty of reasons why a voice over internet protocol (VoIP) system is advantageous. Below, we’ll take a look at six of those reasons to help you decide if VoIP is the right choice for your business. 1) Mobility A VoIP phone system allows you to place and receive calls from anywhere you have an internet connection rather than being tied down to a single physical phone line. This means you and your employees will be able to work remotely. This is also a great benefit should your office lose power or your business is disrupted because of a disaster such as a hurricane. Your staff will be able to take calls from anywhere they have an internet connection. 2) Lower Costs VoIP is more affordable than traditional phone systems. Since you won’t have to buy costly hardware that must be maintained and eventually replaced, a VoIP system can save your business money upfront and cut costs over time. Additionally, ongoing expenses such as usage fees, taxes and long-distance costs are greatly reduced with a VoIP system. If you are looking for a way to decrease your business’s expenses, using a VoIP system is an excellent option to consider. 3) Scalability A VoIP system is easily scalable regardless of the size of your business. Many VoIP systems can accommodate as little as five users or as many as 10,000 without having to make any changes or upgrades to your system. This means your phone system will function flawlessly every step of the way even as your business grows and changes. 4) Versatility VoIP systems offer a wide range of features that you may not get with a traditional phone system such as video calling, SMS messaging, audio conferencing, video conferencing, and more. This makes VoIP an incredibly versatile solution that offers a range of services. 5) Flexibility A VoIP system is easy to deploy and effortless to manage. No matter what type of business you run or what type of phone solution you need, VoIP is flexible enough to accommodate your business without any hassle or extra cost. It’s also easy for someone on your staff to add and delete users, change greetings and manage other ongoing tasks. This can save you hundreds in service calls. 6) Voice Quality Not being able to clearly hear the person you’ve called – or them not able to hear you – is a real problem. Thankfully, it’s a problem you won’t have to deal with when you use a VoIP system. With a VoIP system, audio is always crystal clear, making your calls more productive and more professional. Conclusion There are plenty of reasons why VoIP is the superior, modern choice for businesses of all sizes. If you are ready to start taking advantage of all the benefits that VoIP has to offer, we invite you to contact us today for a free VoIP communications analysis. We will help you figure out what your cost savings will be with a new VoIP phone system. Boring is a VoIP solutions provider servicing Central Florida including Tampa and Lakeland. Contact us today for a quote on a VoIP system for your business.
