Tag Archive for: backups

How Much Cybersecurity Is Enough?

Cybersecurity investments can be infinite: Here’s how to find your floor.

You can make unlimited investments in cybersecurity and still never achieve that nirvana of being “totally secure.” At the same time, service interruptions or losing customer data are so detrimental to your company’s reputational trust and financial bottom line that security is paramount. So, just how much time, effort, and money should your organization invest to ensure it’s secure?

Because cybersecurity perfection is elusive, it’s important to first determine your floor–the minimum amount of security your organization needs to meet your base-level requirements. These should include:

  • Recoverability of data and systems should a catastrophic breach occur
  • Meeting foundational security best practices for current threats, such as employing multi-factor authentication (MFA), deep packet inspection, lateral movement defenses, stringent password hygiene, and security operations center services/endpoint detection and response tools
  • Adequate security to meet ethical responsibilities (and be able to demonstrate due diligence in) protecting organizational/customer data
  • Meeting all regulatory requirements around data protection and privacy, pertaining to your specific industry and organization

Recoverability: The importance of backups

In our experience, few companies understand that backups are one of the most important security controls for an organization’s future. All breaches end with data exfiltration, backup/mass destruction, or both. To disrupt the breach pattern, organizations must first assume it is impossible to prevent all breaches. Threat actors target backups for encryption or destruction 93 percent of the time in attacks like ransomware, so it’s essential to ensure you can recover without resorting to paying ransoms (because even ransom payments don’t guarantee recovery).

Prioritize having stringent controls within and around your backups while also ensuring that threat actors cannot move laterally in your network to access, damage, or destroy these data stores. Also take great care that these safeguards are well-orchestrated, secure, resilient, redundant, and complete, which protects against the risk of total loss. Backups must also be “immutable,” meaning incapable of being changed, deleted, or moved outside of set retention policies or strict access procedures.

Protect sensitive data and meet regulations

Every company has–at a minimum–an ethical obligation to protect the data they hold in trust about their employees, customers, partners, and operations. Law firms must protect their clients’ private and sensitive legal case information; healthcare organizations must maintain patient data privacy; critical infrastructure and government entities are the custodians of highly sensitive data, the loss of which can have serious consequences for people’s lives and national defense.

Most industries also have a varying number of legal obligations to protect data. Regulatory frameworks like HIPAA, GDPR, FedRAMP, and others outline standards that applicable companies must meet to ensure data security and privacy. The cybersecurity rules adopted in July 2023 by the SEC further mandate additional governance, policy, and process requirements for publicly traded companies, holding C-level officers accountable. Your organization should meet applicable requirements and be able to demonstrate due diligence against ethical goals and frameworks.

Insurance carriers and clients may also dictate minimum security requirements.

How can you meet your minimum requirements?

The key to security efficiency is understanding how breaches progress, including tactics and patterns (“breach context”), and then working to disrupt the breach context with highly prioritized investments and efforts.

There is a pattern to breach progression: The attacker compromises credentials; creates persistent network access; elevates access; and then moves laterally in the environment to execute malicious acts (including exfiltrating data, encrypting, and/or destroying backups).

Effective security requires moving backwards in the chain. First, ensure that your backups are impenetrable and recoverable. Next, secure systems so that lateral movement is impossible (by rigorous application of MFA on all administrative controls). Then, focus on locking down credentials and endpoint access (and so on).

To keep this process scalable, it is important to do all these tasks with full knowledge of the tactics, techniques, and procedures of today’s threat actors–how they are compromising organizations today in real-world breaches–so you can prioritize your efforts and focus your dollars. Security frameworks like NIST and many organizational security programs are too blind to current threat patterns, tactics, and methods to be effective. By focusing on defending against in-use threat tactics and patterns, companies can hone their efforts. It’s equally important to only buy tools and solutions you or a third-party team have the skills and breadth to fully utilize, rather than purchasing expensive and complicated tools that sit idle or underutilized.

Achieve a security program that’s just the right size

Most people in IT and security understand you can’t create perfect security. But with knowledge of threat actor tactics, as they change daily, IT teams can disrupt the breach pattern at every stage and achieve relevant, timely defenses where they are the most vulnerable. While access to real-time threat actor data can be challenging, some managed security services providers can help. Coupled with a solid focus on meeting regulations for your specific industry, you can arrive at a right-sized, focused security program.

Contact our team of experts to learn more about developing a comprehensive cybersecurity training program for your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from Inc.com SOURCE

/by

Essential tips for making an effective disaster recovery plan

As a business owner, you know that data security is paramount. It’s therefore essential to ensure you have taken all necessary steps to protect yourself against potential data loss events, such as data breaches and natural disasters. In this essential guide, we will outline the key steps you should take in creating a disaster recovery plan (DRP). Following these can save your business from an incredibly costly catastrophe.

A DRP is a documented set of processes and strategies that an organization puts in place to be able to recover and restore its critical data and systems in case of a disaster or an unexpected event. The plan outlines the steps to be taken before, during, and after a disaster to minimize the impacts on the organization’s operations and ensure business continuity.

To create an effective DRP, follow these steps:

Conduct a risk assessment

A risk assessment is a critical component of any DRP, as it helps identify potential hazards, vulnerabilities, and risks that could impact an organization’s operations in the event of a disaster. By conducting a risk assessment, you can identify and prioritize the risks your organization faces and develop appropriate strategies and actions to mitigate those risks.

Develop a recovery strategy

Design a strategy to address each risk identified in the assessment phase. This could include developing backups of data or systems, investing in cloud-based services, using redundant hardware, or establishing alternative physical locations for your business operations.

Establish availability requirements

Availability refers to the ability of an organization’s systems, applications, and data to be accessible and functional in the event of a disaster or an outage. To determine your company’s availability requirements, identify the resources (e.g., servers, databases, etc.) and services (email, customer service) that are critical for your business operations and determine how quickly they need to be restored following an incident.

Set up backups

Select the most appropriate backup strategy (i.e., full or incremental) for your needs and devise the best plan for storing your backups safely off site so that you can access them when needed.

Without backups, important data and information can be lost permanently, resulting in significant financial and reputational damage to your organization. Backups are also used to restore systems and data to a state before the disaster occurred, helping ensure business continuity while minimizing the impact of the disaster on your business operations.

Test your plan

Test your DRP periodically to make sure it will work as planned when an incident occurs. A DRP is only useful if it can be executed properly, and testing helps identify and address any gaps in the plan.

Testing a DRP also provides an opportunity to identify weaknesses that could be improved or procedures that need adjustments. It allows you to verify that the plan is complete, up to date, and relevant.

Train your employees

Your employees are often your first line of defense when a disaster strikes, and their actions can significantly affect the outcome of a recovery effort.

Training employees on the DRP helps ensure they understand exactly what they need to do during an emergency. It also provides them with the knowledge and skills needed to carry out their duties effectively, minimizing the risk of errors or delays in the recovery process.

Are you concerned about data safety? Don’t leave it to chance — call us for all your DRP needs! With our cutting-edge technology, dedicated team, and industry-leading expertise, you can rest assured that your data and systems are in expert hands.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by

Don’t let ransomware ruin your Mac

If you’re a Mac user, it’s important to be aware of the growing number of ransomware attacks that are specifically targeting macOS devices. Just like Windows users, you need to take precautions to protect yourself from these threats. Here’s how you can secure your Mac against ransomware attacks.

Defining ransomware

Ransomware is a type of malicious software, or malware, designed to extort money from victims. It works by locking down access to an infected computer’s system and files and demanding payment, typically in a cryptocurrency such as Bitcoin, in return for unlocking the system.

Mac ransomware wreaking havoc

There is a common misconception that Macs are safe from ransomware. But as some recent ransomware attacks show, Macs are no safer than Windows computers from the growing threat of ransomware.

In 2016, a ransomware named KeRanger made waves when it was found to have affected over 7,000 macOS computers. KeRanger managed to bypass Apple’s renowned security protocols by piggybacking on an official BitTorrent client called Transmission.

Meanwhile, in 2017, another ransomware strain targeting Mac was discovered. Called Patcher, this Mac ransomware was disguised as an application for patching programs like Microsoft Office. However, launching Patcher would encrypt user directories and demand payment for a decryption key that would never be provided due to the software’s faulty construction.

And finally, in 2019, the EvilQuest ransomware ran rampant on Mac computers around the world. Even after paying the ransom, EvilQuest victims weren’t able to gain back access to their systems and files

Prevention is key

Taking proactive steps to prevent ransomware from occurring is the best defense you can have. You can start by ensuring that your Mac’s operating system (OS) and applications are updated on a regular basis. Aside from improved system performance, OS updates usually include essential security patches that aim to address the latest security threats.

And to ensure that your data remains safe, perform regular backups and set up firewalls and antivirus software on your Mac. Doing so can significantly reduce the risk of unauthorized access or exposure to damaging malware. Additionally, creating backups can also help you recover important files in the event of a ransomware attack or any other untoward event.

Another essential security tip is to use strong passwords and multifactor authentication (MFA) whenever possible. These security methods can provide an added layer of protection to your data and systems, making it difficult for attackers to gain access to confidential information.

Furthermore, it is important to stay vigilant and aware of phishing emails since these are the most common delivery method for ransomware. If you receive an email from someone you don’t know, or an email you weren’t expecting, avoid clicking on suspicious links or attachments.

What to do in case your Mac gets infected

If you find yourself in the unfortunate situation of having your Mac infected with ransomware, take these steps to protect your data, restore access to files, and remove the malware from your device.

  1. Immediately disconnect from the internet or disable any form of wireless connection to contain the spread of the ransomware.
  2. After that, if possible, back up all of your important files and folders onto an external drive or file storage provider. Make sure not to include any encrypted files in this backup.
  3. Run an antivirus scan on your Mac and delete any detected threats.
  4. Reinstall any deleted apps or replace corrupted system files.
  5. Finally, connect to the internet again and check whether ransomware is still present on your Mac.

It’s also crucial to not pay the ransom fee. Paying the ransom does not guarantee that the attackers will provide you with the decryption key to release your data. Instead, you may explore free ransomware decryption tools online to remove the ransomware from your Mac.

Lastly, with a severe threat like this, it’s best to work with cybersecurity experts. They know all about the latest Mac security threats and will be able to best assess and address the situation, and take the necessary steps to keep your organization safe.

Don’t let ransomware and other cyberthreats ruin your Mac and your business. For more information about protecting your Macs from ransomware, contact us today. Our IT security experts will be glad to assist you.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by

WordPress website maintenance: 6 Most essential tasks

Maintaining your WordPress website is not as hard as it seems — just follow this simple maintenance checklist we’ve prepared for you. We’ve outlined six essential tasks that you should perform regularly to keep your WordPress site running smoothly.

Create complete backups of your website

One of the most important things you can do to protect your website is to back it up periodically. This will allow you to restore your site if something goes wrong, such as a hacker attack or server crash. There are several ways to create backups, including using plugins or manually copying your files and database. But while plugins like BackUpWordPress and hosting servers like SiteGround automate the backup process, performing manual backups may still be necessary to cover all your bases.

Verify your backups

Just because you have backups doesn’t mean they’re doing their job. You should test your backups regularly to make sure they are working properly. This can be done by restoring a backup to a test site or simply downloading the files and checking them to make sure they are complete. The last thing you need is for your backups to fail on the day you need them most.

Perform daily security scans

One of the best ways to stay ahead of potential security threats is to monitor your website closely for any signs of compromise. A good way to do this is to perform daily security scans, which will help you track any changes or suspicious activity. There are a number of different tools and services that can help you with this, and one of the most popular ones is Sucuri. Not only does this plugin carry out inspections, but it also sends an SMS to notify you of any suspicious activity and emails you a daily status report of your website’s security.

Scan for malware

Cyberthreats are growing in both number and sophistication. With every passing day, new strains of malware are developed and released onto business networks and systems. Unless you are a bonafide hacker yourself, detecting malware might be a little tricky. WordPress plugins like Wordfence keep your website safe using the latest firewall rules and flagging the latest malware signatures and malicious IP addresses.

Conduct page speed audits

Slow and steady may be qualities valued by some, but not when it comes to your website. Plugins like Google Pagespeed Insights test how fast your site loads. If it takes more than five seconds, you should consider implementing caching and other measures to speed up your site. Slow sites put off visitors, and that further lowers those sites’ search rankings.

Review your site’s structure and content

Just as you should periodically review your website’s security, you should also take a look at its overall structure and content. Are the pages well organized and easy to navigate? Is the content relevant and up to date? If not, you may want to consider making some changes.

Forbes, National Geographic, and The New York Times are all powered by WordPress, which means you are in good company. By sticking to the checklist, you too can harness the power of this online, open-source website creation tool. Or, instead of signing up for half a dozen services that need daily check-ins, why not have us take care of all of it for you? If you have further questions, don’t hesitate to send us an email or give us a call!

Ask yourself what your website is doing for you and whether it’s aligned with your business needs and objectives. The GCInfotech professional web design team is here to help.

Published with permission from TechAdvisory.org. SOURCE

/by
,

How to protect your business from Mac ransomware

Windows users are often the victims of ransomware attacks. For example, in 2017, WannaCry and Petya ransomware infected hundreds of thousands of Windows PCs around the world. Unfortunately, ransomware strains that specifically target Macs are expected to grow in number as well. If you have a Mac, follow the security best practices below to avoid getting infected.

What is ransomware?

Ransomware is a type of malicious software that holds computer systems hostage via encryption until a ransom is paid. Attackers typically threaten to release the encrypted information to the public or destroy sensitive data if victims don’t pay within a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because these organizations tend to be worth a lot of money and have many valuable assets, and can’t afford to lose access to their critical data.

As its name suggests, Mac ransomware is simply ransomware that targets Mac desktops and laptops. And just like other types of ransomware, it is typically distributed via phishing emails.

Types of Mac ransomware

In 2016, the KeRanger ransomware was distributed through the popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade macOS’s built-in security measures and infect more than 7,000 Mac computers.

Meanwhile, the Mac ransomware strain Patcher was discovered in 2017. It disguised itself as a patching app for programs like Microsoft Office. When launched, Patcher would encrypt files in user directories and ask for a Bitcoin ransom. But the ransomware was poorly built, so there was no way to retrieve the decryption key once the ransom was paid.

In 2019, the EvilQuest ransomware encrypted files and forced victims into paying a Bitcoin ransom. Much like Patcher, however, there was no decryption key, leaving those who paid the ransom with nothing.

Ransomware attacks like these can make a resurgence at any time, which is why you need to be prepared in case of an attack.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves installing only programs from the official App Store and the latest software patches to defend against the latest threats.

Since phishing emails are the usual delivery method of ransomware, be wary of suspicious links and email attachments. Always be on alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the event that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, do not pay the ransom fee, as there’s no guarantee that hackers will provide a decryption key and release your data. Instead, use an up-to-date anti-malware program to remove ransomware from your computer. There are also free ransomware decryption tools online that you can use to remove the infection.

If these tools don’t work, contain the spread of the ransomware by disconnecting from the network. Afterwards, run data recovery procedures and immediately seek the help of our cybersecurity experts. We stay abreast of the latest Mac security threats and know just how to keep your business safe.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

/by