Categories
IT Security IT Solutions Managed IT Services

When Two-factor Authentication Is Not Enough

Interesting to see an article stating when two-factor authentication is not enough but this is a reality organization must face to understand their cyber security.

Two-factor authentication (2FA) or multi-factor authentication has been one of the best and most secure go to gold standard of cybersecurity.   Many are still adopting it at a fast rate however there still are many not using it.

There are many cyber security solutions and services out there, but you cannot build any security solution without two-factor authentication enabled.

In an interesting turn of events, a professor at the Rochester Institute of Technology professor suggested two-factor authentication (2FA) can be manipulated by bad cyber criminals.  His business article makes a strong case that managed IT services providers (MSP), IT departments, and other IT security professionals should not take this potential weakness for granted.

It is important to understand the fact that two-factor authentication (2FA) is not 100 percent guaranteed and by no means is this a reason to stop using it as no security tool or service is perfect.  Two-factor authentication (2FA) is still worth using as it still significantly decreases the likelihood of account compromises.

A recent The New York Times article stated that 2019 was a tough year for two-factor authentication (2FA) as many organizations were enabling two-factor authentication (2FA) thinking it was enough and ignored that a smart cybercriminal could still get access to your account.

When Two-factor Authentication Is Not Enough 1

So, where does two-factor authentication (2FA) stand today in 2021?

An online cyber security service recently caught up with a couple of noted cybersecurity experts for their thoughts on the current state of two-factor authentication (2FA) and there were some interesting points.

They all confirmed that two-factor authentication (2FA) is not perfect, but it is still safer than not using it at all.

The battle against cybercriminals and hackers is an ongoing battle with no sight of the end.  Organizations need to increase their spending on their IT cyber security budgets and also measure if the in-house team can handle all the new threats.

Whether and organizations is using two-factor authentication (2FA) or other any other technology such as biometrics, if an organization does not have the business culture about cybersecurity, then it will not matter what cyber security service you pick.

Corporate users are not always safe, and cybercriminals will find a way to access the network.  It is very important to continue cyber security education as well as changing your IT best practices as a regular routine.

Organizations need to increase spending on their IT infrastructure as well as hire the right IT professionals to keep the system and data secure.   Your IT partner should continue education in cyber security knowledge and skills.

The most potent weapon organizations and managed IT services (MSP) can deploy is not technology, it is educational.

When two-factor authentication is not enough?  There are ways to make it better.

When you use two-factor authentication (2FA) for security purposes, you usually gat an SMS message.  This message can be intercepted and decoded by cyber criminals.   To get around this, some organizations use Virtual Private Networks (VPN) connections on all devices as this will encrypt the data from point-to-point.

365 iT SOLUTIONS  is federally certified by the Canadian government under CyberSecure Canada certification.

Have Your Passwords Been Stolen in a Data Breach?

Our free data breach scan today will look at the Darkweb to investigate if your passwords have been stolen in a data breach.

365 iT SOLUTIONS  is a leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  offers industry leading Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring as an IT consulting boutique firm in Toronto.

We Make IT Simple!

 

Categories
IT Security IT Solutions Managed IT Services

Microsoft Launches Windows 365 Cloud Desktop

Organizations are excited to see Microsoft launch Windows 365 cloud desktop as remote users will have easy access as well as increased simplified cyber security for organizations.

 

Does your organization work with remote desktop or use VPN for connectivity?  Now organizations have the option to use Windows 365 cloud desktop to stream apps, settings, and content.  This will give organizations the ability to be more agile, secure, and productive using Windows 365 Cloud PC.

Windows 365 cloud desktop gives organizations the power to combine the power and security of the cloud with the versatility and simplicity of the PC.  It enables a variety of new scenarios for business in the competitive world.

What is offered with Windows 365 cloud desktop according to Microsoft?

  • The ability to purchase, provision, and deploy in minutes.
  • The ability to launch automated operating system (OS) updates.
  • The ability to give users access anywhere to their personalized Windows desktop experience.
  • The ability to create custom configurations for an elastic workforce.
  • The ability to continue working from where the user left off on the device of your choice.
  • The ability to optimized user experience on Windows endpoints.
  • The ability to scale on a per-user pricing.

Windows 365 cloud desktop is offer in two packages. Windows 365 Business that is designed for small businesses that want to deploy cloud PCs for up to 300 seats.  The good news is there are no technology prerequisites for the organizations, simply purchase, deploy, and manage.  Windows 365 Business is simple as you do not need an Azure subscription or an Active Directory (AD) domain controller.  Windows 365 Enterprise gives an organization much more control however not as much as Azure Virtual Desktop.  The good news is the pricing is simple and cheaper than Azure Virtual Desktop.

Windows 365 Cloud Desktop work in synch with other Microsoft cloud services such as Microsoft 365, Office 365 or any of Microsoft cloud services.  Microsoft reported that they do not expect compatibility issues and expect the majority of users to use QuickBooks, Adobe Creative Suite, and other mainstream applications.

What is not a recommended environment for Windows 365 cloud desktop?

Microsoft does not recommend Windows 365 cloud desktop for intense data processing requirements.  The Windows 365 Business Plan comes with a data cap of 20GB per user per month on the low end and up to 70GB per user per month on the high end. This is based on downstream and not upstream. This will only cause issues for organizations that try to use it for video editing.

What are the benefits to Windows 365 cloud desktop?

  • Desktop-as-a-Service (DaaS) – Windows 365 cloud desktop is far more cost effective that Desktop-as-a-Service (DaaS). For Desktop-as-a-Service (DaaS), you have a monthly payment for the hardware, software, licensing, and commitment.
  • Company Supplied Computer – If any organization wants to compare to a physical system, we can do easy math here on the business case. We will us the following example:

Lenovo E15 with i5 processor, 8GB of ram, and 256 GB SSD with 3-year warranty will cost you $1,350. An equivalent Windows 365 cloud desktop with an instance of 2 vCPUs, 8GBs of RAM, and 256GB of cloud storage will cost you $54 a month.

At first glance based on three years, the Lenovo laptop wins as it will cost you $1,350 compared to Windows 365 cloud desktop at $1,944 over the same period.

On a long-term outlook, the organization does not have to worry about replacing a legacy system, losing a system, or damaged system.  This also give organizations to have employees use their own devices to access company data and resources securely.

This will also include the ability to use Windows 365 cloud desktop features such as the ability to revert to previous versions, take a system snapshot, or recover the system.  Organizations also have the ability to use Microsoft Defender software as it is built in.

Windows 365 cloud desktop has just opened the possibilities for companies to be more competitive using technology and the possibilities are endless.

Have Your Passwords Been Stolen in a Data Breach?

Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  365 iT SOLUTIONS  is one of Canada’s first organizations to be CyberSecure Canada certified by the Canadian government.

We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is a leading IT consulting boutique firm in Toronto offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

Categories
IT Security IT Solutions Managed IT Services

Large Amounts of Corporate Data Are Stored on Employees USB Devices

As organizations try to keep their data safe from cyber criminals, there large amounts of corporate data stored on employees USB devices making security a large risk.

According to a report from an industry leading SaaS data protection company, there has been a 123 percent increase in the volume of data downloaded to USB devices by employees since the start of COVID-19.

Remote working and working from home (WFH) have become widespread due to coronavirus and many employees have been left to figure out how they have to deal with working remotely and remote file access.

According to the cyber security report, here are some interesting statistics:

  • 74 percent of that data is subject to data governance policies based on regulated industries.
  • 84 percent of cloud storage and USB devices have become the most preferred data storage after COVID-19.
  • 89 percent of data has moved outside an organization since the COVID-19
  • 80 percent of data hit the cloud or USB devices the first month following WHO‘s COVID-19 pandemic.
  • 72 percent increase of employees uploading a huge amount of data to the cloud,
  • 62 percent increase in malicious cyber security activity from external hackers.
  • 54 percent increase in incident response investigations required due to cyber security concerns.
  • 25 percent of small- to midsized-sized businesses (SMBs) use free cloud storage services.
  • 51 percent of companies use at least one cloud services storage platform.
  • 11 percent small- to midsized-sized businesses (SMBs) store banking data in cloud services.
  • 14 percent of organizations store medical records in free cloud storage services.
  • 87 percent believe the cloud is very secure when using use a free version of cloud storage services.

The good news is that organizations have accepted that the economic and health effects of COVID-19 however it now has them thinking outside the box when it comes to remote workers.  We may not know when something or this nature will ever happen again however remote employees trying to store classified data at across uncontrolled devices will always be an issue unless measures are taken.

Organizations management, IT departments, and managed IT services providers need to consider implementing data storage and security solutions that provide visibility into this behaviour.  This will ultimately give them full control and the potential to avoid a costly potential data breach.

Try our free data breach scan today and start protecting yourself from cybercriminals to find out if your passwords have been stolen in a Data Breach?

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

 

Categories
IT Security IT Solutions Managed IT Services

365 iT SOLUTIONS Ranked on Channel Futures MSP 501

365 iT SOLUTIONS Ranked on Channel Futures MSP 501—Tech Industry’s Most Prestigious List of Global Managed Service Providers

 Annual MSP 501 Identifies 365 iT SOLUTIONS as An Industry’s Best-in-Class Business

Growing Via Recurring Revenue and Innovation

JULY 14, 2021: 365 iT SOLUTIONS has been named as one of the world’s premier managed service providers in the prestigious 2021 Channel Futures MSP 501 rankings.

365 iT SOLUTIONS has been selected as one of the technology industry’s top-performing providers of managed services by the editors of Channel Futures.  For the past 15 years, Managed Services Providers (MSP) from around the globe have submitted applications to be included on this prestigious and definitive listing.  The Channel Futures MSP 501 survey examines organizational performance based on annual sales, recurring revenue, profit margins, revenue mix, growth opportunities, innovation, technology solutions supported, company demographics, and client demographics.

Managed services providers that qualify for the exclusive list must pass a rigorous review conducted by the research team and editors of Channel Futures.  Their mandate is to rank applicants using a unique methodology that weighs on financial performance according to long-term health and viability, commitment to recurring revenue and operational efficiency.

Channel Futures is pleased to name 365 iT SOLUTIONS to the 2021 MSP 501.

“I am thrilled to be on the top MSP 501 list again,” said Razmig Sagharian, President, 365 iT SOLUTIONS.  “Our company growth came from our hard-working team members, and 365 iT SOLUTIONS was one of the first managed services providers in Canada to achieve the new federal Cyber Secure Certification.”

The Channel Futures MSP 501 survey this year attracted a record number of applicants and was one of the most competitive in the survey’s history.  Winners are being recognized on the Channel Futures website and will be honored at a special ceremony at the MSP Summit held in Las Vegas as part of the Channel Partners Conference & Expo.

Since its inception, the Channel Futures MSP 501 has evolved from a competitive ranking into a vibrant group of innovators focused on high levels of customer satisfaction at small, medium, and large organizations in public and private sectors.  Today, many of their technology services and technology offerings focus on growing client needs in the areas of cloud, security, collaboration, and support of hybrid work forces.

“The 2021 Channel Futures MSP 501 winners are the highest-performing and most innovative IT providers in the industry today. They stand head and shoulders above the competition,” said Robert DeMarzo, vice president of content for the Channel Futures and Channel Partners Conference & Expo division of Informa Tech Channels. “Coordinated by Channel Futures MSP 501 editor Allison Francis, this year’s list was clearly one of the best ever on record.”

“Vendors that are aligned with the Channel Futures MSP 501 are driving a new wave of innovation in the industry. Through their partnerships they are demonstrating a commitment to moving the MSP and entire channel forward,” said Kelly Danziger, general manager of Informa Tech Channels. “We extend our heartfelt congratulations to the 2021 winners and gratitude to the thousands of MSPs that have contributed to the continuing growth and success of the managed services sector.”

The complete 2021 MSP 501 list is available on Channel Futures’ website.

Background

The Channel Futures MSP 501 2021 list is based on confidential data collected and analyzed by the Channel Futures editorial and research teams. Data was collected online from March 1-May 24, 2021. The MSP 501 list recognizes top managed service providers based on metrics including recurring revenue, profit margin and other factors.

About

To be competitive in today’s economy, businesses need cost-effective IT services and IT consulting services they can count on. 365 IT SOLUTIONS believes in being long-term partners with our clients by providing proactive and hassle-free Managed IT Services, IT Support Services, IT Consulting, Cloud Services, IT Outsourcing, and IT Management.

Since 2003, 365 iT SOLUTIONS has developed a proven industry leading method of having a cost- effective IT services and IT solution to address all your information technology needs and business goals. As one of Toronto’s top boutique IT consulting and tech support services providers, we are extremely confident that our reliable managed IT services is unmatched in the industry.

About Channel Futures

Channel Futures is a media and events platform serving companies in the IT channel industry with insights, industry analysis, peer engagement, business information and in-person events. Our properties include Channel Futures MSP 501, recognizing the most influential and fastest-growing providers of managed services in the technology industry, Channel Futures DEI 101, honoring and celebrating those who have often been under-represented in tech channels; Channel Partners Events, delivering unparalleled in-person events, including Channel Partners Conference & Expo, The MSP Summit, and Channel Evolution Europe; and DEI Community Group, our initiatives to educate, support, promote, and sustain diversity, equity, and inclusion (DEI) in the IT channel industry. Channel Futures is part of Informa Tech, a market-leading B2B information provider with depth and specialization in the Information and Communications (ICT) Technology sector. Every year, we welcome 7,400+ subscribers to our research, more than 3.8 million unique visitors a month to our digital communities, 18,200+ students to our training programs and 225,000 delegates to our events. Channel Futures is where the world meets the channel; We are leading Channel Partners forward. More information is available at channelfutures.com.

 

Media Contact

MSP501 365 iT SOLUTIONS Logo

Ginette Andre

Associate Marketer, VIP Relations

ginette.andre@informa.com

 

Allison Francis

Editor, Channel Futures and MSP 501

allison.francis@informa.com

 

365 IT SOLUTIONS Unveils New Logo And New Office To Better Service Clients

Enzo Logozzo

365 iT SOLUTIONS

Director, Sales and Marketing

enzo@365it.ca

365 iT SOLUTIONS  is a leading Managed IT Services, Cloud Services, and Managed Security Services in Toronto.

365 iT SOLUTIONS  offers industry and award winning leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR)Cyber Security Training and Dark Web MonitoringIT Outsourcing Services, and Tech Support Services,

We Make IT Simple!

Categories
IT Security IT Solutions Managed IT Services

365 iT SOLUTIONS Awarded CyberSecure Canada Certification

365 iT SOLUTIONS is proud to announce that we are the 7th organization in Canada to achieve CyberSecure Canada Certification.

CyberSecure Canada is the country’s new cybersecurity certification program for small and medium-sized organizations.  The certification gives 365 iT SOLUTIONS a competitive advantage by letting organizations know we are a federally certified cyber security company and trusted business partner.

CyberSecure Canada Certification was developed by the Canadian Centre for Cyber Security with the consulting help of Canadian Cyber Security industry leaders.  The mandate of the CyberSecure Canada certification program is to help Canadian SMB (small and medium-sized business or small and midsized business) defend against the most common online cyber security threats as well as grow in today’s competitive digital economy.  When an organization becomes certified, it is announcing to its customers, clients, suppliers and investors that their sensitive data is safe within their network.

The Canadian federal government set two goals to help certify Canadian organizations:

  1. Help Canadian organizations boost their cybersecurity maturity by implementing baseline security requirements.
  2. Use the certification as a competitive advantage to assure customers that the firm is cyber security safe.

How can CyberSecure Canada Certification help your business?

The Canadian federal government is trying to make its CyberSecure Canada certification program easy by encouraging more small-and- medium-sized businesses to apply to be accredited.

  • It helps organizations against the most common cyber security threats based on the 80/20 rule.
  • An organization can achieve 80 percent of the benefit from 20 percent of the effort based on data on organizations below 500 employees.
  • It helps organizations defend against the most widespread cyber threats using easy-to-implement cyber security technical measures that are not expensive.
  • You could avert a business-crippling cyber-attack. The fallout from ransomware attacks and the theft of sensitive personal information such as banking details can be both in terms of impact to finances and reputation.
  • It helps organizations attract new business and investors as they can display the CyberSecure Canada certification mark.

What must my business do to become CyberSecure Canada Certified?

The most cost-effective approach is to find a CyberSecure Canada Certified managed IT services provider to help prepare and organize the certification process.  Once complete, the organization will need to find a certified CyberSecure Canada accredited certified body to audit your organization.  These ‘certified bodies’ are private organizations accredited by the Standards Council of Canada.

CyberSecure Canada Certification Step 1

You will need to contact a certified managed IT services provider if you need assistance or you can contact Cyber Security Canada stating interest in certification.

CyberSecure Canada Certification Step 2

You will need to implement the Baseline Cybersecurity controls with the assistance of a certified managed IT services provider or credited certification body.

CyberSecure Canada Certification Step 3

Submit documentation to Cyber Security Canada and undergo a certification audit from an accredited body.

CyberSecure Canada Certification Step 4

Once the required measures are in place and the necessary controls are verified and documented, your organization will be awarded certification with a 2-year expiration.   Prior to the expiry of the certification, your organization will need to repeat the certification process.   The renewal of certification will be much easier as you will already have the cyber security controls in place.

Cyber-Secure-Certification_2023- 356 it solutions

The CyberSecure Canada Certification Step Baseline Security controls

To achieve CyberSecure Canada certification, organizations will need to implement 13 controls set out by the Canadian Centre for Cyber Security.

The 13 CyberSecure Canada Certification controls are:

  1. Develop and implement a corporate response plan.
  2. Develop and implement a proactive patch management strategy.
  3. Develop and implement a proactive malware protection strategy.
  4. Develop and implement a secure strategy at protecting devices.
  5. Develop and implement a strong authentication protocol.
  6. Develop and implement a proactive cyber security employee training program.
  7. Develop and implement and effective backup strategy.
  8. Develop and implement a secure mobile devices strategy.
  9. Develop and implement strong perimeter defences.
  10. Develop and implement secure cloud services.
  11. Develop and implement website security.
  12. Develop and implement strong access controls.
  13. Develop and implement portable storage devices security.

How much will the CyberSecure Canada Certification cost?

The cost of certification will vary for organizations.  It will depend on several factors such as the Certified Body you choose, the size of your organization, and the complexity of your IT network.  The most cost-effective avenue would be to hire a certified CyberSecure Canada managed IT services provider as they can implement many of the 13 controls using their knowledge and tools.

The average time to achieve CyberSecure Canada Certification is approximately 12 months based on the state of your current IT infrastructure, IT policies, and IT procedures.  Due to existing cyber security policies and procedures in place, 365 IT SOLUTIONS was able to achieve full certification in 2 months.

365 iT SOLUTIONS  is a leading Cloud Services Providers Toronto and Managed Security Services in Toronto.

365 iT SOLUTIONS  offers industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support Services, Cloud ServicesBusiness continuity and disaster recovery (BCDR)Cyber Security Training and Dark Web MonitoringIT Outsourcing Services, and Tech Support Services,

We Make IT Simple!

365 iT SOLUTIONS Awarded CyberSecure Canada Certification

Categories
Industry Insights IT Solutions Managed IT Services

Ransomware for the First Quarter of 2021

Here is a listing for ransomware for the first quarter of 2021 based on January 2021, February 2021, and March 2021.

365 iT SOLUTIONS is a leading managed IT services provider in Toronto and educated organizations with possible damages from cybercrime that is expected to hit $6 trillion this year.  This is up from $3 trillion in 2015 and it will continue to increase in the number of ransomware attacks using new cyberattack forms that are very sophisticated and disruptive.

These are not all ransomware attacks however these are the largest or ones that have made headline.

Ransomware Attacks January 2021

Here are the Top 10 cyberattacks on organizations for January 2021.

  1. Apex Laboratory a home phlebotomy healthcare organization that performs blood work at home disclosed a cyberattack that happened earlier in 2020 after data stolen during the cyberattack showed up online.  On December 31st, a notice posted revealed that they were the victim of a cyberattack that resulted in certain systems that were encrypted and inaccessible.
  2. Amey an infrastructure support service provider was the target by the Mount Locker ransomware cybercriminal group in December 2020 resulting in documents with government departments being posted online.
  3. Hackney Council is a London billing authority for tax and collection of precepts on behalf of the Mayor’s Office for Policing and Crime reported that they had been the cybercrime victim of a very sophisticated cyberattack after data leaked online in a double extortion style attack ransomware and it included personal identifiable information.
  4. Northern Territory Government is a membership to the Racing Commission in Australia experienced a cyberattack that forced its systems offline for 3 weeks as the cyberattack involved a third party supplier of one its cloud-based IT systems however the claim government data was not compromised during the cyberattack.
  5. OmniTRAX is a rail operator and logistics provider in Colorado and it experienced a ransomware cyberattack that targeted its parent company resulting in posted data on a dark web leak site however the parent company refused to pay the ransom.
  6. AKVA Group is a global supplier of technology to the aquaculture industry in Norway and they stated that that have been hit by a ransomware attack and ransom. Their statement claimed they were working with Norwegian authorities to limit damage.
  7. Dassault Falcon Jet Corp is a aircraft manufacturer in the US suffered a ransomware attack and according to the statement, the cyber criminals maintained access to company systems for roughly six months, between June 2020 and December 2020 resulted in compromised data including information belonging to employees such as personal information.
  8. Wentworth Golf and Country Club is an exclusive golf club in England that was forced to send an email of apology to its 4000 members after its clients list was accessed by cybercriminals resulting in their website claiming, “your personal files are encrypted!” with a Bitcoin cryptocurrency payment demand for decryption.
  9. City of Angers in France stated on social media networks that the city had suffered a ransomware cyberattack over the weekend in January 2020 and they targeted the information system of the city which caused the closure of certain services.
  10. Serco a global government outsourcer responsible for running part of the UK’s COVID-19 Test and Trace system suffered a cyber security attack.  The cyber security incident involved ransomware uploaded to a dark web website resulting in a note addressed to Serco the cyber criminals claimed: “We’ve been surfing inside your network for about three weeks and copied more than 1TB of your data.”

Ransomware Attacks February 2021

Here are the Top 10 cyberattacks on organizations for February 2021.

  1. Companhia Paranaense de Energia (Copel) is a Brazilian state-owned energy company and they reported a cyberattack from a cybercriminal gang that stated they have stolen more than 1000 GB of sensitive data.
  2. Automatic Funds Transfer Services (AFTS) is a US based payment processor used by many cities and government agencies and they suffered a cyber security attack from a Cuba based gang that caused a significant disruption to their business operations with a potential data breach of stolen data being leaked on their dark web site including sensitive financial documents.
  3. Eletrobras is a large power utility company in Brazil and it suffered a cyber security attack that resulted in them suspending some critical systems to protect the integrity of the network once the cyberattack was discovered.
  4. Foxtons Group is a large British real estate company and made headlines when a ransomware attack made headlines and revealed a large quantity of personal and financial information belonging to clients was posted on the dark web including over 16,000 credit card details.
  5. Remax Kelowna  in British Columbia is a real estate agency and it was hit by a cyberattack that listed all information on a dark web cyber leaks website.  They report that the cyberattack copied some files however they were non-personal in nature.
  6. Ness Digital Engineering Company is an IT provider that was hit by ransomware that affected its networks in India, US, and Israel. Clients including government ministries, hospitals, and local municipalities were not compromised in the cyberattack.
  7. Mutuelle Nationale des Hospitaliers (MNH) is a French health insurance company and they suffered a ransomware cyberattack that resulted in a significant impact on operations resulting in an independent IT security firm to negotiate the ransom.
  8. Discount Car and Truck Rental is a large car rental agency and it was hit by a cybersecurity ransomware gang after it posted a notice on its dark web leak site stating they had copied 120 GB of corporate, banking, and franchise data.
  9. Kia Motors America reported a cyber security incident after suffering a major IT outage across the US resulting in internal website sites used by dealers, mobile apps, phones, and payment systems being down.
  10. TietoEVRY is a Finnish IT provider and were the victim of a cyberattack that caused issues for their services including retail, manufacturing, and service resulting in 25 clients being impacted however they stated that no critical or personal data was accessed or stolen by the cybercriminals attackers.

Ransomware Attacks March 2021

Here are the Top 10 cyberattacks on organizations for March 2021.

  1. Prism HR a payroll services organization with over 80,000 organizations as customers and over 2 million employees reported a cyberattack that they had suffered suspicious activity leading to immediate shut down of their servers and network.
  2. Flagstar a US bank and mortgage lender stated the suffered a data breach following a cyberattack with a ransom demand for payment in bitcoin or the exfiltrated data would be released to the public.
  3. Standley Systems is a US based Managed Service Provider (MSP) and they suffered a cyberattack by cybercriminals that stated they have obtained sensitive data including more than 1,000 social security numbers.
  4. Qualys is a cloud security organization that had data stolen including screenshots of stolen files including invoices, tax documents and purchase orders on a dark web data leak site as proof. The stated that the cyberattack had no operational impact but unauthorized access had be obtained to a server.
  5. Molson Coors is a beer maker and they stated that they suffered a cyberattack which caused significant disruption to their operations, production, and shipments.  They are working with IT forensic technology firms along with legal counsel to investigate the incident and restore systems according to industry best practices.
  6. Acer a computer manufacturer made headlines with a $50 million ransom as cybercriminals shared some exfiltrated data on their dark web leak site as proof of the successful cyberattack including financial spreadsheets, bank balances, and bank communications.
  7. Sierra Wireless, a manufacturer of Internet of things (IoT) devices and they were forced to halt production after a ransomware attack when cybercriminals were able to infiltrate their network.  They report the cyber security breach was limited to internal systems however client facing products had not been affected.
  8. CNA is a US based insurance organization and they have suffered a ransomware attack using a new variant of cryptolocker.  According to cyber security professionals, over 15,000 devices were encrypted, and remote employees logged into the VPN were also affected.
  9. FatFace is a clothing retailer and they had to pay $2 million to the Conti gang when their data was held to ransom. They are currently facing criticism for failing to disclose the incident in a timely matter and for attempting to insist that affected customers keep the matter quiet.
  10. Royal Dutch Shell is an Anglo-Dutch multinational oil and gas company and they became victim ransomware after sensitive data from a file transfer service used by the oil giant leaked the stolen data online to prompt them to pay a ransom.  The information included employee visa and passport information.

 

Have Your Passwords Been Stolen in a Data Breach? Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

 

Categories
Industry Insights IT Solutions Managed IT Services

What is Azure Conditional Access?

What is Azure conditional access and how can this industry leading modern cyber security perimeter help?

365 iT SOLUTIONS now helps organizations extend cyber security beyond the network to include user and device identity.  Organizations can now utilize these identity signals as part of their access control decisions for their cyber security.

 

Azure conditional access is a proactive cyber security tool used by Microsoft Azure Active Directory to bring signals together allowing the managed IT services provider, IT department, and management to proactive decisions and enforce organizational cyber security policies.

What is Azure Conditional Access?

Azure Conditional Access policies can be defined in their simplest form as “if-then” statements for network access. If a corporate user wants to access a resource, then they must complete an action.  Example: A an HR manager wants to access the human resources data and is required to perform multi-factor authentication to access it.

Azure conditional access has two primary goals for organizations to address:

  • Allow organizations to empower users to be productive from anywhere.
  • Allow organizations to proactively protect their assets.

When an organization decides to use Azure Conditional Access policies, they can apply the right access controls when needed to keep their organization proactively secure as well as not put unnecessary roadblocks for users when not needed.

Special Note about Azure Conditional Access: Conditional Access policies are enforced after first-factor authentication is completed and is not intended to be a first line of defense against denial-of-service (DoS) attacks.

What are common signals of Azure Conditional Access?

Common signals of Azure Conditional Access that it can take in to account when making a policy decision include the following signals:

  • Azure group or user membership.
  • Corporate policies for specific users and groups.
  • IP Location information.
  • Trusted IP address ranges.
  • Specific countries, regions, and IP ranges to block or allow traffic from.
  • Users with devices of specific platforms can be used when enforcing Conditional Access policies.
  • Users attempting to access specific applications can trigger different Conditional Access policies.
  • Real-time and calculated cyber security risk detection.
  • Policies to identify risky sign-in behavior.
  • Policies to perform password changes or multi-factor authentication.
  • User application access and sessions to be monitored and controlled in real time.

What are common decisions of Azure Conditional Access?

  • Azure Conditional Access – Block access
    • This is the most restrictive decision.
  • Azure Conditional Access – Grant Access
    • Users require multi-factor authentication.
    • Users require device to be marked as compliant.
    • Users require Hybrid Azure AD joined device.
    • Users require approved client app.

What are common applied policies for Azure Conditional Access?

Microsoft Azure Conditional Access allows many organizations to have common access concerns that policies can help with such as:

  • Requiring users with administrative roles to use multi-factor authentication.
  • Requiring the use of Azure management tasks to use multi-factor authentication.
  • Blocking sign-ins for users attempting to use legacy authentication protocols.
  • Require trusted locations for Azure AD Multi-Factor Authentication registration.
  • Blocking or granting access from specific locations and blocking risky sign-ins.

What are license requirements for Azure Conditional Access?

In order to enable the Azure Conditional Access feature, the organization will require an Azure AD Premium P2 license.

Have Your Passwords Been Stolen in a Data Breach? Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

Categories
Industry Insights IT Solutions Managed IT Services

Microsoft Team Training

Microsoft Teams training is great resource for any organization looking to meet, chat, call, and collaborate with everyone in just one place.

With Microsoft Teams, everyone in your organization can instantly go from group chat to video call with the touch of a button.  This gives your team seamless connectivity while offering secure connectivity, access to resource, ability share to share documentation as well as real time collaborate on files and projects.  Your team will be able to stay organized by keeping notes, documents, and shared calendars.

 

Microsoft Teams is divided into four separate categories including:

  • CHAT – Your team can share their opinions and have fun with GIFs, stickers, and emojis in a group chat or in one-to-one messages in Microsoft Teams.
  • MEET – Your team can instantly change from group chat to video conference with a seamless touch of a button that can accommodate two to 10,000 people in one place in Microsoft Teams.
  • CALL – Your team can make and receive calls directly with advanced features like group calling, cloud voicemail, and call transfers in Microsoft Teams.
  • COLLABROTE – Your team can easily find, share, and edit files in using real time collaboration using Microsoft Word, Microsoft PowerPoint, and Microsoft Excel in Microsoft Teams.

 

How to get started with Microsoft Teams?

In this blog, we will learn the basics and get started with Microsoft Teams.  365 iT SOLUTIONS is a leading managed IT services provider in Toronto, and we will show you how to streamline business communication and collaboration using Microsoft Teams.

You will learn how to easily create a seamless environment so you can easily communicate so they can save time, collaborate, and create a teamwork environment to complete any task or project in one central space.

The Microsoft Teams training will cover the following areas:

  • Set up your profile and notifications in Microsoft Teams.
  • Use Microsoft Teams chat and calling.
  • Schedule and attend meetings in Microsoft Teams.
  • Use Microsoft Teams to align your workgroup and projects.
  • Use real time collaboration on files and tools in Microsoft Teams.

 

Welcome to Microsoft Teams

Microsoft Teams can be used on your PC, Mac, or mobile device.  It allows you to pull together a team, use chat instead of email, securely edit files at the same time, and use likes, mentions, and replies with just a single tap.  Now you can customize it by adding notes, web sites, and apps. Our Microsoft Teams Training blog will help.

 

How do you use Microsoft Teams Effectively?

365 iT SOLUTIONS will show how to run effective meetings within Microsoft Teams using optimization within Teams.

We will help you to prepare and assign resources for a Microsoft Teams meeting to ensure it is productive.  This will allow your team to be more engaging, productive, and have better time management as they use Microsoft Teams.

The Microsoft Teams training will cover the following areas:

  • Setup and schedule Microsoft Teams meetings including group and calls.
  • Use Microsoft Teams to collaborate including sharing, whiteboards, meeting notes, and recording.
  • Allow users in Microsoft teams to access important meetings and content.
  • Use Microsoft Teams certified equipment including audio and video devices based on meeting needs.

 

How do you use Microsoft Teams channels and teams?

365 iT SOLUTIONS will show how to collaborate with other users and workgroups so you may access shared files, various apps, and conversation threads.

We will help you to learn how to maximize collaboration, provide complete visibility, and manage teamwork from one space.  Microsoft Teams offers a robust collaboration tool to your users that will provide you anywhere and anytime access to all your projects, operations, resources, and business initiatives.  You will be able to use Microsoft Teams channels and teams to a seamless collaboration environment and virtual workspace for your entire group.

The Microsoft Teams training will cover the following areas:

  • Use Microsoft Teams to join and organize your channels and teams.
  • Setup and use features to streamline projects and operations.
  • Use Microsoft Teams to collaborate with your entire team.
  • Setup new and manage teams as an owner of the team.

 

How do you use Microsoft Teams collaborative workspaces?

365 iT SOLUTIONS will help you build industry best practices collaborative workspaces in Microsoft Teams as well as explore strategies for collaboration in Microsoft Teams.

The Microsoft Teams training will cover the following areas:

  • Use Microsoft Teams to determine your unique collaboration needs.
  • Setup and create workspaces in Microsoft Teams for the best teamwork experience.
  • Use Microsoft Teams best practices to enhance user productivity.

 

What are tips and tricks for Microsoft Teams?

365 iT SOLUTIONS will provide industry leading tips and trick for Microsoft Teams to enhance the experience with this free Microsoft Teams Training.

We will show you ways to enhance Microsoft Teams communications and productivity.  This will enhance communications and increase the efficiency and productivity in Microsoft Teams.  We will help your organization workday and make it easier to stay connected.

The Microsoft Teams training will cover the following areas:

  • Setup industry best practices on delivering messages.
  • Use Microsoft Teams integration tools and best practices to streamline.
  • Setup and implement Microsoft Teams to manage and organize your work.

 

Part 1 – Microsoft Teams Sign Up and Creation

Ready to start to get your organization using Microsoft Teams?

You can easily sign up and create a Microsoft Teams using an existing Microsoft account or look to migrate to Microsoft 365.  You will need to take the following step to complete. We have also included a handy video to help with Microsoft Teams.

  1. Go to Microsoft Teams
  2. Select Sign up for free.
  3. Type in your Microsoft account email
  4. Select Next.
  5. Choose an option the best suits your needs. For school, For friends and family, or For work and organizations.
  6. and select Next.
  7. Enter your password.
  8. Select Sign in.
  9. Add the final details.
  10. Select Set up Teams.
  11. You have the option on how to use Microsoft Teams:​​ Windows app, mobile app, or web app.
  12. Now copy link and invite your team members to join Microsoft Teams free.

 

 

Part 2 – How to start a chat in Microsoft Teams?

Ready to start a chat in Microsoft Teams?  Your employees will be able to Start individual chats or a Microsoft Teams group chat in app so they can speak privately or collaborate with a group of people.  We have also included a handy video to help with Microsoft Teams.

  1. Start a Microsoft Teams chat
  2. Click Chat then New chat.
  3. Add a contact(s) you want in the Microsoft Teams conversation.
  4. Type a message and click Send.
  5. Add a Microsoft Teams group chat name.
  6. Click the top of the chat.
  7. Click Microsoft Teams Group chat name.
  8. Type in a name and click Save.
  9. You can search a group chat name to make it easier in the future.
  10. Microsoft Teams group chat only supports name changes.
  11. Now you can reply or react to a specific Microsoft Teams message.
  12. Click and hold a message to see options such as Reply or Reactions.
  13. You can swipe right on a specific message to reply or like.
  14. Edit a Microsoft Teams message
  15. Click and hold the Microsoft Teams message you want to edit.
  16. Click to Edit message a Microsoft Teams message.
  17. Make all your edits and click done.
  18. Share GIFs and search from the database.
  19. Click emojis and tap GIFs where you want to type.
  20. Choose an option or search the GIF library.
  21. Click Send.

 

 

Part 3 – How do I create a Microsoft Teams template?

Here we will see how to create a Microsoft Teams template.  Your team will be able to create a Microsoft Teams team for a specific unique scenario with multiple Microsoft Teams templates that come with apps and channels.  We have also included a handy video to help with Microsoft Teams.

  1. Click on Microsoft Teams.
  2. Click Join or create a team.
  3. Click Create team.
  4. Select the Microsoft Teams template based on your business scenario.
  5. You have options for templates for added channels and apps.
  6. You can ​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​select from scratch to build a Microsoft Team.
  7. Choose a security privacy level: Private or Public.
  8. Include details about your Microsoft Team including team name and description.
  9. If you chose a Microsoft Teams template, you could edit channel names.
  10. Click Create.
  11. Now your team has been created.

 

 

Part 4 – How do you join a Microsoft Teams meeting?

Our free Microsoft Teams training will show you how to join a Microsoft Teams meeting from your calendar or even sign in as a guest from a web browser.  We have also included a handy video to help with Microsoft Teams.

How to join a meeting from Microsoft Teams app:

  1. Click on Microsoft Teams meeting from the app.
  2. Select Calendar feature.
  3. Select Join on a Microsoft Teams meeting.
  4. Turn on your camera for Microsoft Teams.
  5. Select your wanted Microsoft Background filters (Custom background or select Blur)
  6. Choose your audio settings.
  7. Select Join now the Microsoft Teams meeting.

How to join a meeting from Microsoft Teams in a browser:

  1. Open your Microsoft Teams email invite.
  2. Click join the Microsoft Teams meeting.
  3. You can also use a dial-in number if provided and conference ID from the email.
  4. You have three choices to connect: Windows desktop app, browser, or open Microsoft Teams app.
  5. Type in your name for the Microsoft Teams meeting.
  6. Choose your audio and video settings for Microsoft Teams meeting.
  7. Select Join now in Microsoft Teams meeting.
  8. Now you will be in the Microsoft Teams lobby until someone admits you.

 

 

Part 5 – How does Microsoft Teams channels and teams work?

In this section we will cover how does Microsoft Teams channels and teams work to bring together your employees to increase productivity via collaboration on tasks, projects, or common interests.  We have also included a handy video to help with Microsoft Teams.

Microsoft Teams has two options when it comes to channels.  There is Microsoft Teams standard channel that is available and visible to everyone.  The second Microsoft Teams option is private channel that is private conversations with a specific audience.

Each Microsoft Teams channel is built around a specific topic such as event, department, or just for fun like a hobby.  Microsoft Teams channels are where you employees hold meetings, conversations, and work on files together using collaboration tools.

You can user Microsoft Teams channels and teams the following way:

  1. Add a tab to your Microsoft Teams channel section.
  2. Click on the plus sign next to the tabs in Microsoft Teams.
  3. You can add Microsoft Planner to create a project board to track tasks.

You can pin and unpin a channel in Microsoft Teams. The pin will allow you to make important channels easy to find.

  1. To pin a channel, choose one Microsoft Teams channel to pin
  2. Click and then select More channels
  3. Click on Pin.

If you want to unpin a Microsoft Teams channel:

  1. Select the Microsoft Teams you want to unpin.
  2. Select More channels.
  3. Unpin the Microsoft Teams channel.

 

Part 6 – How to create and format a post in Microsoft Teams?

In this section we will cover how to create and format a post or announcement to start a conversation in a channel using Microsoft Teams.  We have also included a handy video to help with Microsoft Teams however some of the steps in Microsoft Teams may be out of sync with the video.

  1. Select the New conversation button in Microsoft Teams.
  2. Select Focused New conversation button in Microsoft Teams.
  3. Type a message in Microsoft Teams.
  4. Click Format Expand button.
  5. To create an announcement in Microsoft Teams, click a post type > Announcement icon.
  6. Type a headline and an optional subhead
  7. Select the color scheme
  8. Select the background image.
  9. Format your post including subject, font size, bold, bulleted list, numbered list, and insert link
  10. Click Send icon in Microsoft Teams.

If you would like to make changes to a post or announcement in Microsoft Teams, select More options icon  and then Edit Teams icon.

 

 

Part 7 – How do I filter activity feed in Microsoft Teams?

In this section we will cover how do you filter activity feed in Microsoft Teams via the activity button so you can see your Activity feed including a summary of everything that has happened in the Microsoft Teams team channels you follow.  We have also included a handy video to help with Microsoft Teams.

  1. Select the Filter icon button in Microsoft Teams.
  2. In the menu, Click on the type of notifications.
  3. Select X to close the activity filter in Microsoft Teams.
  4. For a more specific feed, go to the Feed menu.
  5. Click My activity and you will see a list.

 

 

Part 8 – How to upload and share files in Microsoft Teams?

In this section we will cover how to upload and share files in Microsoft Team from anywhere. We have also included a handy video to help with Microsoft Teams.

  1. In Microsoft Teams, select the paperclip icon.
  2. Click on the file to attach in Microsoft Teams to be shared.

Yu can also use the following method to attach a file in Microsoft Teams:

  1. Go to the Files tab in Microsoft Teams.
  2. Select Upload icon.
  3. Select single or multiple files from device computer or even OneDrive for Business.
  4. Select Open in Microsoft Teams.

 

 

Part 9 – How do I use apps in Microsoft Teams?

In this section we will cover how do you use apps in Microsoft Teams as they allow your employees to do more, and the apps can show up in several places in Microsoft Teams depending on their purpose is as well as how they are built by the developer. Microsoft Teams Apps can be accessed in tabs, channels, or even chats. We have also included a handy video to help with Microsoft Teams.

  1. Select the click to add an app in Microsoft Teams.
  2. Select the plus sign next to the tabs in Microsoft Teams.
  3. Click on the app you want to add.

If you would like to add Microsoft Teams apps in messages, do the following:

  1. Click on More options button in the Microsoft Teams message box.
  2. Select the app and click on Add.

 

 

Part 10 – How do you plan and schedule a live event in Microsoft Teams?

In this section we will cover how do you plan and schedule a live event in Microsoft Teams.  These Microsoft Teams live events is an extension of the apps capabilities that will enable your employees to produce live events for online audiences and clients with central control over video, sound, interaction, and reporting.  We have also included a handy video to help with Microsoft Teams.

  1. In Microsoft Teams click on the Meetings button on the left side of the app
  2. Select New meeting.
  3. In the dialog box, click new meeting.
  4. Click on New live event.
  5. Enter a meeting title, date, and time information.
  6. Select the people to invite to the event.
  7. Add who will be presenting and producing the event.
  8. Click Next in Microsoft Teams.
  9. Under Live event permissions, choose who can attend your live event.
  10. Click Schedule.
  11. Click the Get attendee link to copy the unique code.

 

 

Part 11 – How do you use Approvals in Microsoft Teams

In this section we will cover how do you use Approvals in Microsoft Teams.  Microsoft Teams Approvals is a simple way to streamline all your requests and processes with your team or partners in one central place.  From here you will be able to create new approvals and see all your approval history.  We have also included a handy video to help with Microsoft Teams.

  • Microsoft Teams Approvals Hub – All approvals that you sent or received are located here. All approvals will show up everywhere including Microsoft Power Automate, Microsoft SharePoint, and Microsoft Dynamics 365.
  • Microsoft Teams Approvals Chat – All approvals can be setup from your message box resulting in them being listed in your chat however only the people in the conversation can be added as approvers.
  • Microsoft Teams Approvals Card – The approvals card gives you a real-time summary of your approval status so you can see who has responded or who requires more time.
  • Microsoft Teams Workflow Approval – Microsoft Power Automate will allow you to create a workflow for approvals. You can create a new workflow and select a trigger such as a system driven event.

 

 

Part 12 – How do you user Shifts in Microsoft Teams?

In this section we will cover How do you user Shifts in Microsoft Teams as it is a project schedule management tool that helps you create, update, and manage schedules for your entire team in Microsoft Teams.  We have also included a handy video to help with Microsoft Teams.

  • Microsoft Teams Schedules – Create, edit, and manage in Microsoft Teams.
  • Microsoft Teams Groups – Name a group like a job type or location to keep your groups organized.
  • Microsoft Teams Shifts – You can add a shift from new, template or copy an existing one.
  • Microsoft Teams Open Shifts – The schedule has an open shifts row that anyone can request.
  • Microsoft Teams Time Clock – Time Clock allows clock in and out of a shift with a mobile device.
  • Microsoft Teams Requests – Review requests for time off, shift swaps, or offers.

 

 

Have Your Passwords Been Stolen in a Data Breach? Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

 

Categories
Industry Insights IT Solutions Managed IT Services

Ransomware, ransomware, ransomware… but the numbers do not lie

We keep hearing ransomware, ransomware, ransomware….the numbers do not lie, and this is why the headlines have a new story of the latest breach.

Here are some interesting statistics on the effect of ransomware from a  cloud security platform organization and a research study based on a survey of more than 500 C-level executives including CEOs, CIOs, and CTOs.

Ransomware, ransomware, ransomware… but the numbers do not lie (2)

  • Over 43 percent of malware found is found in cloud apps
  • Over 55 percent of malware-infected files are found in cloud apps.
  • On average, an enterprise has an average of 977 cloud apps.
  • Approximately 46 percent of businesses have been victims of ransomware.
  • Over 73 percent of those organizations have paid a ransom.
  • Approximately 83 percent of organizations feel prepared for a ransomware attack.
  • Approximately 87 percent of businesses that deal with consumers feel prepared for a ransomware attack.
  • Approximately 17 percent of organizations responded they do not feel that their business is prepared.
  • Just over 32 percent of organizations said they are limited to research ransomware mitigation solutions.
  • Over 78 of organizations in the B2B category have paid a ransom.
  • Another 63 percent of organizations in the B2C category have paid a ransom.
  • Approximately 26 percent of organizations have never paid a ransom.
  • Approximately 60 percent responded they would pay ransom to get their files back quickly.
  • Over 53 percent would pay the ransom to protect their organizations public image.
  • Over 72 percent of organizations responded they have a plan in place to mitigate a ransomware attack.
  • Over 80 percent of B2Bs are better prepared for ransomware compared to 62 percent B2C organizations.
  • Approximately 76 percent of cloud storage apps dominate cloud DLP violations.
  • Over 28 percent of organizations do not have a plan to mitigate a ransomware attack.

What do these ransomware numbers mean to businesses?

When cyber security providers examined the presence of malware in organizations, they found there was malware found in cloud apps across the entire organization.   Many of the ransomware malware-infected files were shared with internal users, external users, and shared publicly.

The cyber security experts found that these ransomware attacks are delivered through phishing and email attacks using cloud services environments.  This allows infected and encrypted files to be quickly spread to other users through cloud app sync.

Ransomware, ransomware, ransomware… but the numbers do not lie (2)

What were some of the most popular cloud apps hit by ransomware?

This is a loaded as more popular cloud services have a greater risk of being listed due to it being adopted by a large number of users.  Among the topmost used cloud apps, it includes Microsoft 365 (Microsoft 365), Google Workspace, Facebook, and Slack.   This shows that cyber security teams need to prioritize this trend and pay close attention to sensitive information being shared within collaboration apps as well as get visibility and control over the apps that are integrated and sharing company data.

Ransomware, ransomware, ransomware… but the numbers do not lie (1)

Have Your Passwords Been Stolen in a Data Breach?

Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!

Ransomware, ransomware, ransomware… but the numbers do not lie (3)

Categories
Industry Insights IT Solutions Managed IT Services

Healthcare is the Biggest Cyberattack Target

The healthcare industry is at risk as healthcare is the biggest cyberattack target for cyber criminals and hackers worldwide.

The truth is that healthcare organizations are becoming increasingly susceptible to online cyberattacks.  This is essentially threatening their day-to-day work and compromising confidential patient data.

Healthcare is surrounded by long busy days which puts healthcare staff at a disadvantage as they do not have the time and resources to educate themselves about the ever changing online cyber security risks.

Healthcare is the biggest cybersecurity target but the good news if that healthcare leaders are ready to increase spending on cybersecurity to protect their organizations.  With new cybersecurity threats uncovered every day, it is difficult to know where an organization would be better off investing their IT budget.

There is an increasing demand for patient information and often-outdated systems are among the reasons healthcare is the biggest cyberattack target for online attacks.

  1.  Patient Information Is Worth A lot

Healthcare facilities including hospitals and clinics store an incredible amount of patient data.  This is extremely confidential data that is worth a lot of money to cyber criminals that they can sell it on easily on the dark web therefore making the healthcare industry the biggest cybersecurity target.   It is the duty of these organizations to protect patients personal records.  There have been many financial penalties for failing to follow The Information and Privacy Commissioner of Ontario as well as Personal Information Protection and Electronic Documents Act (PIPEDA).

It is important for IT departments, IT professionals, and managed IT services providers (MSP) to educate the healthcare client of the cost of securing data using multi-factor authentication (MFA) or two-factor authentication (2FA).  It is far less to pay for ransomware or similar cyberattack.  MFA or 2FA requires more than one piece of information to identify a user and then generates a one-time password on each login session. This makes it a lot harder for hackers to steal passwords and other information.

  1. Medical Devices Are Not Secure

Medical devices are there to help save lives but with all the innovations in healthcare technology these days, these devices are becoming increasingly hard to manage. Medical devices like technically advanced insulin pumps, x-ray, and defibrillators play a critical role in healthcare these days.   Now for cyber security experts, these devices are part of a new wide selection of cyber security entry points for hackers.    Medical devices are made to save lives and not with cyber security in mind.  The devices may not store patient data, but they can be used to launch a cyberattack on a server that does hold valuable patient information.  It can also be taken over by hackers, preventing healthcare organizations from providing vital life-saving treatment to patients.  Cyber criminals are aware the medical devices do not carry patient data, but they can easy target other network devices like laptops and computers.

  1.  Control Remote Staff and Work from Home (WFH)

Remote workers are nothing new but with the addition of work from home (wfh), now organizations have challenges. Collaboration is key in the healthcare industry as many units work together to provide the best solution for every patient.  As healthcare is spread out and people need access to information they are often working remotely from different devices.  Remote connectivity to a network is risky if the device is not secure. It is imperative that compromised systems do not get access to the network as it only takes one hacked device to leave the whole organization wide open.

  1. Resistance to New Technology

The healthcare industry is busy and employ some of the busiest staff in the most demanding industry. They tend to work long hours and shifts with tight deadlines and high pressure.  Most do not have the time or resources to add online security policies and security processes to their workload. It is important to understand that any managed IT services provider will suggest cybersecurity measures for healthcare organizations that must be considered.  This can impact current work practices.  It is important to align security measures with existing software and business processes.  There are many different authentication solutions available that work with software like Microsoft 365, Gsuite, Google Business so healthcare staff can perform their daily tasks without distraction.

  1. Educate Healthcare Staff

Healthcare and medical staff are trained to deal with a lot of high-pressure situations which usually does not leave much time for education in cyber security.  There is always budget, resources, and time constraints that does not make it simple for healthcare professionals to be well versed in the best cybersecurity practices. Cybersecurity solutions tend to be complex and require a secure network.  This gives peace of mind of knowing patient data is protected and that healthcare professionals can focus on their jobs.   There are cyber security solutions like (2FA) two-factor authentication and Single sign-on (SSO) therefore adding extra layers of cyber security.

Healthcare and medical organizations have a responsibility to react to the latest cyber security threats to keep their patient data secure.  It is very important to allocate a budget and invest in the right solution for your organization.

Have Your Passwords Been Stolen in a Data Breach? Try our free data breach scan today and start protecting yourself from cybercriminals.

Going to the cloud or worried about security?  We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.

We Make IT Simple!