Earlier this year, thousands of Delta passengers worldwide were grounded due to a power outage that halted critical IT operations. This was a huge problem not only for the many delayed travelers, but also for the airline company itself. Within three days, the airline company cancelled around 2300 flights and paid over millions of dollars in downtime costs. But if you weren’t personally affected, why should you care? Well, without a business continuity in place, companies like yours can face the same repercussions. In order to prevent that, take heed of some poignant lessons companies can learn from Delta’s IT failings.

Strive for 100% redundancy

According to Delta’s chief information officer, a power failure caused the company’s data center to crash, grounding thousands of would-be passengers. Although power was restored six hours after the incident, critical systems and network equipment failed to switch to a secondary site, corrupting valuable data in the process. And while some systems failed over, other vital applications didn’t; this created bottlenecks, decreased revenue, and diminished customers’ confidence.

Delta’s case is a massive wakeup call not just for the airline industry but for every business — large and small. Companies must implement disaster recovery plans for their data centers, on-site technology, and Cloud applications to continue servicing customers while fixing the main issue with their primary systems. Companies also need to get rid of the false notion that redundancy plans to assure service continuity is restricted to larger corporations. DR and business continuity solutions are extremely affordable today, and a partnership with a provider can help you in more ways than one (more on this later).

Always test your backups

So although Delta had a plan to bring its business back to normalcy, the DR plan left a lot to be desired in practice. This begs the question as to whether the airline company is actually testing, reviewing, and reinforcing its vulnerabilities to different disasters.

The point is that even though your company may have a failover protocol in place, that protocol adds no value to your business unless it has been rigorously tried and tested. In order to avoid the same fate as Delta, make sure to find out whether your disaster recovery plan is capable of running mission-critical applications like email and customer service applications before — not after — downtime occurs.

Account for different types of vulnerability

In an interview with the Associated Press, Delta CEO Ed Bastian said, “We did not believe, by any means, that we had this type of vulnerability.” Indeed, it’s often hard to foresee what threats and vulnerabilities a natural disaster, power outage, or hacker can produce. But it’s not impossible.

By conducting a comprehensive audit of your data center security and disaster protocols, your business will be more aware and adept at minimizing the risk of potential disasters. This also means evaluating and preparing for disasters that are likely to happen to your business depending on its geographic location. Southern US, for instance, is prone to hurricanes and flooding.

Call for help

These lessons and strategies are all crucially important, but pulling off a DR and business continuity solution on your own may be difficult. For this reason, it’s critical to have a planned partnership with a managed services provider that can assess, plan, test and install the continuity solutions your business needs in order to minimize the impact and avoid encountering a Delta IT outage of your own.

To find out more about business continuity and guaranteeing complete IT redundancy, contact us today.

Published with permission from TechAdvisory.org SOURCE

The next time you visit Dropbox.com, you may be asked to create a new password. Why? Back in 2012 the cloud storage firm was hacked, and while it thought only email addresses had been stolen, new evidence has come to light that user passwords were compromised, too. So if you’ve been using Dropbox since that time but haven’t updated your password, the company advises you to do so ASAP.

Despite the unfortunate incident, Dropbox has implemented a thorough threat-monitoring analysis and investigation, and has found no indication that user accounts were improperly accessed. However, this doesn’t mean you’re 100 percent in the clear.

What you need to do

As a precaution, Dropbox has emailed all users believed to have been affected by the security breach, and completed a password-reset for them. This ensures that even if these passwords had been cracked, they couldn’t be used to access Dropbox accounts. However, if you signed up for the platform prior to mid-2012 and haven’t updated your password since, you’ll be prompted to do so the next time you sign in. All you have to do is choose a new password that meets Dropbox’s minimum security requirements, a task assisted by their “strength meter.” The company also recommends using its two-step authentication feature when you reset your password.

Apart from that, if you used your Dropbox password on other sites before mid-2012 — whether for Facebook, YouTube or any other online platform — you should change your password on those services as well. Since most of us reuse passwords, the first thing any hacker does after acquiring stolen passwords is try them on the most popular account-based sites.

Dropbox’s ongoing security practices

Dropbox’s security team is working to improve its monitoring process for compromises, abuses, and suspicious activities. It has also implemented a broad set of controls, including independent security audits and certifications, threat intelligence, and bug bounties for white hat hackers. Bug bounties is a program whereby Dropbox provides monetary rewards, from $216 up to $10,000, to people who report vulnerabilities before malicious hackers can exploit them. Not only that, but the company has also built open-source tools such as zxcvbn, a password strength estimator, and bcrypt, a password hashing function to ensure that a similar breach doesn’t happen again.

To learn more about keeping your online accounts secure, or about how you can protect your business from today’s increasing cyber threats, give us a call and we’ll be happy to help.

Published with permission from TechAdvisory.org SOURCE

It’s pretty simple to understand where a file goes when you save it on your PC. It lives on your hard drive, possibly housed in a set of folders you’ve created and organized yourself. That file is only stored on your computer, unless you decide to email it to yourself or save it on an external hard drive or USB.

Now what about the cloud?

At its most basic level, “the cloud” is just fancy-talk for a network of connected servers (a server is simply a computer that provides data or services to other computers). When you save files to the cloud, they can be accessed from a computer connected to that cloud’s network. Now take that idea and multiply it to understand how the cloud works for you. The cloud is not just a few servers, but a network of many servers typically stored in a spaceship-sized warehouse—or several hundred spaceship-sized warehouses. These warehouses are guarded and managed by companies such as Google (Google Docs), Apple (iCloud), or Dropbox.

So it’s not just some nebulous concept. It’s physical, tangible, real.

When you save files to the cloud, you can access them on any computer, provided it’s connected to the Internet and you’re signed into your cloud services platform. Take Google Drive. If you use Gmail, you can access Drive anywhere you can access your email. Sign in for one service and find your entire library of documents and photos on another.

Why are people concerned with cloud security?

It’s physically out of your hands. You aren’t saving to a hard drive at your house. You are sending your data to another company, which could be saving your data thousands of miles away, so keeping that information safe is now dependent on them. “Whether data is being sent automatically (think apps that sync to the cloud) or driven by users uploading photos to social media, the end result is that it’s all there somewhere being logged and stored,” says Jérôme Segura, Senior Security Researcher at Malwarebytes.

And that somewhere is a place that’s not in your direct control.

Risks of cloud storage

Cloud security is tight, but it’s not infallible. Cybercriminals can get into those files, whether by guessing security questions or bypassing passwords. That’s what happened in The Great iCloud Hack of 2014, where nude pictures of celebrities were accessed and published online.

But the bigger risk with cloud storage is privacy. Even if data isn’t stolen or published, it can still be viewed. Governments can legally request information stored in the cloud, and it’s up to the cloud services provider to deny access. Tens of thousands of requests for user data are sent to Google, Microsoft, and other businesses each year by government agencies. A large percentage of the time, these companies hand over at least some kind of data, even if it’s not the content in full.

“Some people argue that they have nothing to hide, that they’re not doing anything wrong, and couldn’t care less if their private information is accessed, especially if it helps in the effort to track down terrorists,” says Segura. “While there is no doubt that ready access to data is an invaluable asset for intelligence agencies, it is really important to remember that each individual has a fundamental right to privacy.”

Benefits of cloud storage

On the flip side, the data you save to the cloud is far more secure than it is on your own hard drive. Cloud servers are housed in warehouses offsite and away from most employees, and they are heavily guarded. In addition, the data in those servers is encrypted, which makes hacking it a laborious, if not formidable, task for criminals. Whereas a malware infection on your home computer could expose all of your personal data to cybercrooks, and even leave your files vulnerable to ransomware threats. In fact, we recommend backing up your files to a cloud service as a hedge against ransomware.

Another benefit to storing data on the cloud is cost effectiveness and ease-of-access. You can store tons of data, often for free, using the cloud. Measure that against the number of external hard drives and USBs you’d have to purchase, and the difficulty accessing data once you’ve stored to multiple other devices, and you can see why cloud storage has become a popular option for businesses and consumers alike.

Final verdict

Yes, your data is relatively safe in the cloud—likely much more so than on your own hard drive. In addition, files are easy to access and maintain. However, cloud services ultimately put your data in the hands of other people. If you’re not particularly concerned about privacy, then no big whoop. But if you have sensitive data you’d like keep from prying eyes…probably best to store in a hard drive that remains disconnected from your home computer.

If you’re ready to store data on the cloud, we suggest you use a cloud service with multi-factor authentication and encryption. In addition, follow these best practices to help keep your data on the cloud secure:

  • Use hardcore passwords: Long and randomized passwords should be used for data stored on the cloud. Don’t use the same password twice.
  • Back up files in different cloud accounts: Don’t put all your important data in one place.
  • Practice smart browsing: If you’re accessing the cloud on a public computer, remember to log out and never save password info.

Time to Get Your Business into Cloud Computing Services? GCInfotech is your Cloud Computing Company Servicing NYC, CT and NJ. With our IT Support, it’s a simple, cost-effective and totally scalable IT infrastructure that also provides 24/7 support as part of a monthly program. Using the power of the Web, our cloud computing management services provide the IT hardware, software, and data backup you need to keep your your company running safely and efficiently. Contact GCInfotech cloud professionals today.

Published with consideration from Malwarebytes Lab. SOURCE

Password security – a source of anxiety for many of us. So much of our lives rely on the strength and secrecy of our passwords. How would you like to never worry about your password security ever again?

In today’s workplace, almost everything we do requires some form of password-guarded access.

Because password security is so crucial, it is part of my job to educate others to ensure password security. Many people fall foul of poor password security at one point or another. If you’re lucky, it results in your computer’s language hilariously changed to something you have no hope of understanding. The result being time lost, spent on reversing the language change. If you’re not so lucky, a compromised password can lead to hackers and digital thieves accessing sensitive information, stealing money, corrupting data, or locking you out from your accounts. The consequences can cut deep and take many months or even years to repair.

Password practices are often taken for granted, which is one of the reasons why reminding ourselves of best practices from time to time, such as on the annual Password Day, can help us ensure complete password security.

Follow these steps to never have to worry about password security again.

Stop Being Predictable

We’ve all been trained to build our passwords the same way. Years of automatic prompts have asked us to include capitalized letters, and numerical or punctuation characters, in our passwords.

Unfortunately, password crackers out there have noticed the pattern.

Because the result is that we all:

  • Start out with a favored word to form the foundation of our password
  • Use up our capital letter on the first character
  • Add on a number and exclamation mark on the end of the password to hit the requested quota
  • And voila – we’re left with our ‘uncrackable’ password: “Ninja1!”
  • While we think we are secure, having hit all the types of characters required, we are leaving ourselves open to having our password guessed. Whether through social engineering to crack passwords, or by way of other password hacking methods, we are left vulnerable. Our best bet is to stop being so predictable.

    Stop Using One Word Passwords

    Words are very predictable. The next step we can take in upgrading our password security is to banish the use of single word passwords. Not only are one-word passwords often short, but also they are predictable. Did you know that databases exist that contain every word in every language? The purpose of these databases is to be used by hackers to crack passwords simply by trying every word. This is called a Dictionary attack, which can also take the form of a Rainbow table attack. Of course, it might seem that one-word passwords are far easier to remember than anything else is. But, when thinking of security, ease cannot be the main criteria for decision making. Security must be.

    In fact, as Better Business Bureau explained, some of the most common (and least secure) passwords are not always words.

    The following passwords were the top 10 passwords used in 2014 – You might guess, that these passwords should not your first choice for your online banking account.

    123456 2. password 3. 12345 4. 12345678 5. Qwerty
    123456789 7. 1234 8. Baseball 9. Dragon 10. Football

    Not only are more complex passwords more secure, they can be just as easy to remember too.

    What makes a strong password? On to our next step.

    Long And Strong Passwords

    How can we create passwords that are strong and still memorable? There’s a bit of a trick to it.

    First off, strong and memorable passwords should consist of multiple words. PieceOfCake you might think.

    Nope. First rule of multi-word passwords is to use a strong of words that are either nonsensical, or that are very particular to you.

    CoffeeLobsterMarathon – a good place to start for a nonsensical string of words. And the image it conjures is so bizarre it’s easy to remember.

    DavesFavoriteColorIsGrey – Knowing your mate Dave’s favorite color is a very unique circumstance to you. And very hard to guess.

    Second stage is to interlace these passwords with – you guessed it – special characters.

    Leaving us with C0ff33L0b$t3rM8r8th0n and D8v3sF8v0r1t3C0l0r1sGr3y.

    Both of these blow “Ninja1!” out of the water in terms of password security.

    Use Unique Passwords For Every Account

    I know. This advice normally elicits the response that it is impossible to remember passwords for every account. But, for reasons we will get into later, it really isn’t. And the benefits are huge.

    Does anyone you know use one password for every account? Many people do. The problem is that it is a real threat to password security. Because it only takes one leak from one of the many places you’ve used that password for more accounts to be accessed.

    If your username, email address, and password are exposed by a security breach of one of the services, accounts, or companies you have dealt with – hackers will be able to take these details and try to access any other accounts with the same details. If passwords are different for every account you use, this technique will not work. Meaning you can enjoy much better password security. So, how on earth can we remember each and every password?

    A Smarter Way To Memorize Your Passwords (A Password Manager)

    It would be very impractical to try to memorize passwords for every single account we own. For accounts we access every day, it would probably be doable. But, many times we have accounts to things we only need to access occasionally. At which point memory will likely let us down. We need some help. Password managers are secure applications that help us store and organize passwords. It is simply the best way to manage all the accounts and passwords we have. All we need to do then is remember the password we need to access the password manager. If you’ve followed the advice above, your password manager password will be strong and memorable.

    Change Your Passwords Regularly

    The dreaded password change. Often people see this as either optional, or a needless inconvenience. But there are very strong arguments for why changing passwords regularly is essential for password security. For example, brute-force attacks are used to decipher passwords. They work simply by trying every possible combination of characters. The limitation of this type of approach is that it requires a lot of time to achieve its desired result. Although – even then, this can be surprisingly short. Using our example above, according to How Secure is my Password, “Ninja1!” can be cracked in 7 minutes. Changing passwords frequently can minimize the risk that a brute-force attack has enough time to breach your password security. Not to mention that it can also minimize the danger posed by password leaks.

    Don’t Casually Share Your Passwords

    You would never share your password with anyone, right? Especially not a stranger. When we’re not focused on security, it can be easier to fall into a trap than we realize. If you think one of your accounts might be compromised, be sure to change the password as soon as possible.

    Ensure You Have Anti-Malware Installed

    What’s the connection between password security and malware? Well, some types of malware are able to track keyboard inputs for account and password information, and transmit that information to a malicious third party. The strongest password will do us no good if Malware is able to track the input from our keyboard. Which means, as part of our password security regime must be to ensure our devices are malware free. Malware often uses security flaws in unpatched software to infect a system. Therefore an up-to-date operating system is also needed to fully protect your device from being compromised by malware.

    Enable Two-Factor Authentication

    Two-factor authentication provides an extra layer of protection for your password security regime. On top of a password, authorized access requires another factor to login to your account.

    For example, a second factor might be a time-limited security code generated by an authenticator app on your mobile device – such as two-factor authentication with TeamViewer. Access is only granted when the username/email address, password, and security code is entered correctly.

    This is perhaps the most sure-fire way to ensure total password security, as even if your password is compromised, access will not be granted to your account without the correct second factor authentication.

    Password Security Key Takeaways

    Being absolutely sure of password security is a major relief. All sorts of potential problems can be avoided. Once you’ve set up the system you want to use, practice makes it a part of everyday business.

    In summary, password security means:

    Dropping the predictability. “Ninja1!” doesn’t cut it
    Leave one-word passwords behind
    Long and strong passwords are better and can be easy to remember too
    A different password for every account stops hackers in their tracks
    Password managers are a must-have tool for password security
    Changing passwords regularly is not optional
    Be careful not to reveal passwords to untrustworthy sources
    Make sure there is no malware on your devices
    Use two-factor authentication wherever you can

    I hope you found this advice useful.

    The NBA Finals may now be over but for one team, the losses keep coming. Yahoo! Sports reported that the Milwaukee Bucks fell victim to a spoofed email scam last month. Names, addresses, Social Security numbers, compensation information and dates of birth of the players were unknowingly sent to a hacker and created a massive security issue for the team. And just because your employees don’t make millions of dollars doesn’t mean hackers won’t target your company. Here are four ways to protect yourself from spoofed emails.

    Education is key
    There are countless cliches out there promoting the importance of education, but when it comes to cyber security, you might as well embrace them all. In the case of spoofed emails, you need to make sure your employees know what these are and how they can harm your company. They can come in several forms and look to attack your organization in a number of different ways. A good defense starts with trained employees using best security practices when it comes to emails. Knowledge isn’t just the key to success, it’s the building block of a comprehensive email security plan.

    Check the sender
    The easiest way to determine a real email from a spoofed one is to view who is sending it. While your basic junk mail folder will screen the really lazy attempts at spoofing, you and your employees can’t rely on it to weed out everything. A lot of cybercriminals have gotten skilled at mimicking the look and feel of companies through professional looking graphics and signatures. For starters, you are going to want to ignore email display names as these can be deceptive. The domain name provides the best clues as to who the sender really is. For instance, if an email requesting your company’s financial documents claims to be from the IRS but the domain reads IRSgov.com, it’s a spoof email since that domain is not what the IRS uses. If you ever spot an email containing a domain you consider to be suspicious, delete it immediately. If it is from a legitimate sender, they will send you a follow up email in a couple of days.

    Embrace DMARC
    Domain-based Message Authentication, Reporting and Conformance (DMARC) can help reduce the risk of spoofed emails being sent internally. For businesses that do not set this up, it is possible for someone to spoof an email account that looks like it is from your business or a current employee and send it from a different server. As we saw in the case with the Bucks, these can appear legitimate to employees who will then in turn do what is requested such as turn off security settings or handover sensitive data. With DMARC in place you can prevent spoofed emails from utilizing your domains by requiring any email sent by your domain to come from your server. This greatly reduces the risk of an internal spoofed email showing up in the inbox of your employees.

    Utilize email protections
    A lot of companies believe they can get by with the simple protections that come standard with an email client. However, doing the bare minimum is rarely enough to stop spoofed emails, not to mention all of the other threats lurking in your inbox, and high-powered email and spam protection will give your organization the added layer of security it needs. Much like elite-level basketball players need the best coaching and equipment to succeed, the only way to truly reduce the risk of falling victim of a spoofed email is to educate your staff properly and then equip them with email filtering. This ensures they aren’t wasting their time constantly trying to identify legitimate emails from fake ones but are prepared when the situation presents itself.

    When it comes to email security, working with us is a slam dunk. We may not have the skills of Steph Curry on the basketball court but when in the realm of IT, competitors say they want to be like us. Give us a call today to find out more.

    Published with permission from TechAdvisory.org SOURCE

    Cyber security is an important topic to address, not only for your personal files and accounts, but also for your clients.

    As mentioned in previous posts, both the ABA and many State Bars state that lawyers must take reasonable precautions to prevent client information falling into an unintended recipients hands as a part of their general guidance’s.

    One of the first steps to ensure that your client’s information is safe is to make sure your personal accounts are safe.

    I recently came across an article from The New York Times about just this topic: How to Devise Passwords that Drive Hackers Away. Besides the obvious red flags about hackers (such as avoiding suspicious links).

    Here are some take-aways from the article to help better ensure both your personal files as well as your clients are protected.*

    Never use the same password twice

    Although it is much easier for you to remember 1 password for all 20 online accounts, it’s also that much easier for a hacker to get into all of those 20 online accounts from your Facebook Page to your online bank account.

    Come up with a passphrase

    Lengthwise, a password should be at least 14 characters (or more!). The longer your password, the longer it will take a hacker to crack it. Sometimes it is easier to remember a phrase (like your favorite movie quote) than a longer password.

    Store your password securely

    Just because you’ve now come up with clever, extremely lengthy passwords for every single online account you have, you’re not in the clear yet. Make sure you keep these passwords secure! That means avoid leaving any of them on a post-it note on your desk. If you keep the passwords on a file on your computer, make sure it’s a secure file that only you have access to. Or if you don’t want any ability to track your passwords on your computer, whatever you write them on, make sure it’s locked away. Also leaving password hints are typically better than writing down the actual password.

    *Note: these take-away’s are tips to increase password protection; however, can still not ensure 100% protection.
    Published with consideration from Thomson Reuters SOURCE

    Taking work home, or practically anywhere else, has never been easier. With personal mobile devices, your employees can access company files wherever they are. Bringing your own device (BYOD) has become a popular strategy for many businesses to conduct work more efficiently and flexibly. But this strategy is not without its problems. BYOD, if not implemented correctly, can make your system susceptible to a number of risks. So what security risks do you have to account for? Here are 4 Security risks to consider with BYOD.

    Data leakage

    The biggest reason why businesses are weary of implementing a BYOD strategy is because it can potentially leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and systems. There is also a chance that an employee will take work with them, where they are not using the same encrypted servers that your company is using, leaving your system vulnerable to inherent security risks.

    Lost devices

    Another risk your company has to deal with, is the possibility of your employees losing their personal devices. When devices with sensitive business information are lost, there is a chance that this could end up falling into the wrong hands. Additionally, if an employee forgets to use a four digit PIN code to lock their smartphone or tablet, anyone can gain unauthorized access to valuable company data stored on that particular device. Therefore, your company should consider countermeasures for lost devices like completely wiping the device of information as soon as an employee reports a missing or stolen phone.

    Hackers can infiltrate your system

    Personal devices tend to lack adequate data encryption to keep people from snooping. This along with the fact that your employees might not have updated their devices can allow hackers to infiltrate your IT infrastructure.

    Connecting to open Wifi spots makes your company more susceptible to hackers. Open wireless points in public places can put device owners at risk because there is a chance that hackers may have created that hotspot to trick people into connecting. Once the device owner has connected, attackers can simply surveil web activity and gain access to your company’s accounts.

    Vulnerable to malware

    Viruses are also a big problem when implementing BYOD strategies into your business. Using personal devices means your employees can access whatever sites or download any mobile apps that your business would normally restrict to protect your system.

    Jailbreaking or rooting a device also puts your systems at risk because it removes limitations imposed by the manufacturer to keep the mobile software updated and protected against external threats. It’s best to understand that as your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies to your business, prepare your IT department for an array of potential malware attacks on different devices.

    So you might be thinking that it would probably be best to just avoid implementing a BYOD strategy in the first place. However, BYOD will help your business grow and adapt to the modern workplace, and should not be dismissed as a legitimate IT solution. It’s just important to educate your company about these risks so that problems won’t occur for your business down the line.

    Published with consideration from TechAdvisory SOURCE

    Employees are on the front lines of information security. The more that can be done to regularly educate yourself of the small things you can do can go a long way towards protecting your organization.

    Since it is the beginning of the year, many people are returning to work and trying to get out of “vacation mode.” (Us too!) We’ve decided to outline some tips to help you throughout the year to stay safe online while protecting your company in the process.

    General Best Practices

  • Avoid providing personal information when answering an email, unsolicited phone call, text message or instant message.
  • Never enter personal information in a pop-up web page or anywhere else that you did not initiate.
  • Keep security software and all other software programs updated.
  • Cyber Security Best Practices

  • Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
  • Don’t leak intellectual property- even accidentally. Sharing a picture with a whiteboard or computer screen in the background online could reveal more than someone outside of your company should see.
  • Report security warnings from your Internet security software to IT immediately, chances are, they aren’t aware of all threats that occur.
  • If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. If offered, make sure you know how to connect to the company’s Virtual Private Network (VPN).
  • Be cautious of links and attachments in emails from senders you don’t recognize. Phishers prey on employees who open these without checking them out, opening the door to malware.
  • If you’re unsure about an email’s legitimacy, contact your IT department or submit the email to Symantec Security Response through this portal.
  • Online Behavior

  • Don’t steal. Taking intellectual property and releasing professional secrets are likely against corporate policies. Your company may track sensitive documents and you could get into hot water.
  • Read your company’s Acceptable Electronic Use (AEU) policy, and follow the policies for safe use of your devices.
  • When backing up to cloud services, be sure to talk to your IT department first, for a list of acceptable cloud solutions. Organizations can make this part of their AEU policy and make it a fire-able offense.
  • Best Practices for When to Contact Support

  • Call IT before you get in over your head. Often what starts as a simple update can be made more complex by attempting to “fix” the problem.
  • When you Bring Your Own Device (BYOD), ask your IT department if your device is allowed to access corporate data before you upload anything to it. Use authorized applications to access sensitive documents.
  • Learn the process for allowing IT to connect to your system. This can save time when you contact support and they need access to resolve an issue.
  • Learn basic computer hardware terms. This can save valuable time when you contact support and don’t have to describe the “mouse connector-thingy.”
  • Used with permission from Norton by Symantec by Nadia Kovacs

    As today’s companies are increasingly tending to run their business on the basis of digital assets, information security has become an even more critical factor of the business model, as it protects the most essential asset: information.

    We know that security is not a goal, but rather a process. As such, prevention and constant reinforcement of the outer edge of the corporate system are vital elements in the defense of assets in cyberspace.

    But despite this, contingencies occur, and the risk of suffering a security breach must always be considered. So let’s look at what action we should take in the face of this type of scenario to overcome a situation in which the organization’s resources could be compromised.

    Here 5 steps to take after a company is infected:

    Step 1: Determine the scope of the infection

    Time and time again, companies that have been victims of infections assess the traces of the impact just by using their intuition, rather than by means of an analytical examination of the problem. Clearly, after detecting an infection at the company, reaction speed is extremely important. However, hurrying to make groundless appraisals can divert your attention away from the right actions to take.

    If the necessary precautions have been taken, and there has consequently been an investment into the development of robust contingency management systems, it is possible to quickly gather the bits of evidence you need to answer some of the first key questions.

    In this way, to be begin with it is necessary to establish which systems have been compromised and in what way. Is the infection limited to a single piece of equipment or subnetwork? Has any sensitive data leaked out? Are we talking about corporate data, or private data relating to employees and/or customers?

    Step 2: Ensure continuity of service

    In the case of a leak of information which might compromise employees or end users, the second step would be to give them a warning of the possible breach and advise them to watch out for any unusual movements they might notice regarding the data they have stored under your service.

    If any physical equipment has been seriously compromised, you must set in motion any processes to activate backup resources, in order to maintain customer service. For this reason, it is critically important to plan your defense against attacks on availability, creating redundancy of equipment and connections. This, together with an action plan suitably defined at the level of the organization, will enable a rapid response to any events that lay siege to corporate security.

    Step 3: Contain the infection

    The containment of an infection begins with isolation of the equipment that you know has been compromised. Shutting down the segments of the network that include this equipment prevents the infection from continuing to spread throughout the corporate network, and interrupts any connection that may have been established with the attacker for the purpose of stealing information.

    If the traffic generated by the malicious agent turns out to be encrypted, the analysts must try reverse-engineering it to obtain the cryptographic keys. However, if communication is taking place on non-confidential protocols like HTTP, it will be exponentially easier to track the commands used by the attacker.

    Either way, studying these commands can lead the investigation to the discovery of new infected equipment, and the generation of traffic patterns should be translated into firewall rules, to quickly generate a first line of defense.

    To achieve this, it is necessary to have correctly labeled traffic captures in order to speed up processing. Once again, it’s self-evident that proactive prevention and detection of threats are the cornerstone of information security and define a company’s capacity to respond in times of crisis.

    Given that most of the procedures mentioned involve non-automated analysis of information, it is crucial to put in place a comprehensive corporate security solution in advance. This will make it possible to instantly deploy actions to block any harm that a malicious agent might attempt to inflict after penetrating your defenses.

    The latest generation of ESET corporate solutions was developed to be a key factor in the containment process, thereby preventing the spread of infectious components through the company’s different transaction systems.

    Step 4: Mitigate the infection and eliminate the line of attack

    Removal of the malicious part is a complex procedure which initially involves a detailed analysis of the code in order to understand how it works. Antivirus solutions support this type of activity by enabling automatic disinfection and saving valuable time in the process of responding.

    It is essential to understand that if the attackers are not completely eradicated from the network, they can resume their fraudulent activity on the infected equipment through another line of attack. Because of this, it is of vital importance to isolate the flaw that allowed them to enter in the first place, and then remove it from the system.

    Even after equipment identified as compromised has been cleaned, there remains a risk that other undiscovered infected equipment is still in operation. To prevent this from occurring, we need to reinforce the analysis of the packets transmitted by the network, as we now have the advantage of knowing the communication protocols and commands used thanks to the previous analysis of the infection.

    Together with a review of the firewall rules, changing the passwords on corporate networks is another preventive measure to take after detecting compromised resources, as this is one of the favored goals in corporate attacks. While the process of updating keys may take time and effort, it will prevent the attackers from using any stolen information to disguise themselves as a legitimate user.

    At this point, it is worth establishing whether the infection was the simple result of carelessness online, or whether it constitutes a successful link in a chain of persistent targeted attacks.

    If it is established that the infection was specifically targeting the organization, the real question to answer will be who lies behind these events, bearing in mind that another attack could be imminent.

    Step 5: Learn from any errors

    Carrying out an in-depth investigation into what happened will give cause for improving the processes within the organization. The removal of any vulnerabilities whose existence was previously unknown provides an opportunity to reinforce the perimeter of the corporate networks by identifying any other potential points of access to the system that had not previously been considered as falling within the scope of lines of attack.

    Infections are always absolutely negative events for a company; however, they offer opportunities to learn. They show which elements of the system’s design need to be strengthened and they allow you to discover the flaws in the current defense measures.

    Published with consideration from ESET. SOURCE

    Every time a stolen laptop leads to a data breach, you wonder why the business involved hadn’t set up any safeguards. When the unencrypted laptop was stolen from a former physician at the University of Oklahoma, for instance, or when a laptop was stolen from insurance provider Oregon Health Co-op containing data on 15,000 members.

    You’d think money would motivate them, if nothing else. In November, EMC and Hartford Hospital were ordered to pay US$90,000 to the state of Connecticut over the theft of an unencrypted laptop in 2012 containing data on nearly 9,000 people. The laptop was stolen from an EMC employee’s home.

    The problem extends far beyond the healthcare industry, too—such as the laptop stolen from SterlingBackCheck, a New York-based background screening service. The laptop contained data on 100,000 people.

    These types of breaches don’t quite grab the same headlines as major cybercrimes and hacking incidents, if only because a thousand employees affected by a laptop theft is less dramatic than 40 million customers at Target. But it’s a lot easier to steal a laptop than it is to hack into a corporate database, so the theft and loss of laptops, as well as desktops and flash drives, highlight the need for enhanced physical security and employee training.

    It’s easier to steal a laptop than to hack a database

    The organizations mentioned here have wised up. A spokesperson for the University of Oklahoma said it has launched an encryption program and new training for employees when it comes to handling sensitive data.

    SterlingBackCheck said it has updated its encryption and audit procedures, revised its equipment custody protocols, retrained employees on privacy and data security, and installed remote-wipe software on portable devices.

    Another threat to your data is the proliferation of Bring You Own Device (BYOD) policies and mobile workers.Gartner anticipates that half of all companies will have some need for a BYOD policy by 2017. Workers will be using their own devices as well as company-issued ones in the office or on the go. This opens up a new risk if devices are lost or stolen.

    Security firms like Sophos urge companies to put a robust policy in place for the handling of professional devices, including full disk encryption as well as encrypted cloud and removable media. A strong password is highly recommended too, but it’s not enough on its own.

    A greater sense of urgency wouldn’t hurt, either. In Oklahoma, the physician had actually left his position at the university before his personal laptop went missing. He couldn’t say for sure whether it contained sensitive data, but by the time that possibility arose, it was too late.

    In another incident, at manufacturer Tremco, an employee lost a company-issued laptop on a plane. It was several weeks before the employee realized that it contained spreadsheets of personal employee data.

    Encryption, remote wiping, better data tracking

    Companies need to know where their data is at all times—not just what device it is on, but where that device is located physically.

    This highlights the need for remote wiping tools, which SterlingBackCheck has put in place. If a laptop is lost or stolen, the company should have an easy way to remotely wipe the sensitive data to ensure it never leaks.

    Much like large-scale hacking attacks, it’s the consumer or the patient that really suffers when a data breach occurs. The onus lies with the company to handle this data responsibly, whether it’s in the cloud or on a laptop on the bus.

    Published with consideration from PCWorld. SOURCE