Categories
Industry Insights IT Solutions Managed IT Services

Are There IT Security Gaps in Your Network? Yes

Cyber security threats are not new but many managed IT services providers ask the same question, are there IT security gaps in your network? Yes.

A recent research study revealed some worrying IT trends on the level of accountability for IT security.  There was a clear indication to the lack of confidence in determining the effectiveness of IT security technologies within an organization.

The study from Ponemon surveyed over 570 IT professionals and IT security professionals in the US and the  results were alarming:

  •  63 percent of IT consultants reported their IT security leadership does not report to management
  •  40 percent of IT security professionals stated they do not report to the board or management at all
  •  63 percent of surveyed reported their IT security leadership needs better monitoring tools
  •  56 percent of IT professionals state security allow hackers to penetrate its defenses
  •  24 percent of respondents say they have a mature measurement and metrics program
  •  40 percent of respondents say they do not track the organizations security posture at all
  •  30 percent of IT security professionals report having a partial cyber security metrics program
  •  39 percent of IT security professionals report their findings to the board or management

Many organizations with IT security as well as the effectiveness of their current IT security practice.  Data breaches and other IT security incidents continue to plague organizations.  Are there IT security gaps in your network?  Yes, but organizations need to shift to a proactive IT security approach to ensure a strong IT security infrastructure, policy, procedure, and engagement,

Some organizations think they have a good IT security monitoring practice, but they fall short.  This is another part of their IT Security gaps identified by the study.

Are There IT Security Gaps in Your Network (2)

Every organization has parts that are critical to its ability to function daily.  This can range from corporate email, accounting, enterprise resource planning (ERP), Line of business (LOB), and customer service to mention a few.

If any of these systems goes down for example email or accounting, your staff would not be able to communicate, and your organization would suffer.  This is where a good IT security monitoring practice comes into play and addresses IT security gaps.

Any managed IT services or IT department is aware that security monitoring is critical to an organization as it allows organizations to close their IT security gaps.  This is a vital element to any organizations cyber security strategy and policy as it can prevent and minimize the potential loss of revenue, data, value, and trust associated with a cyber security breach.

Why do so many businesses fail to fall victim to cyber threats including malware, phishing, ransomware? Mostly because they fail in their approach to IT security when it comes to core business functions.

Unfortunately, trusted managed IT services providers, IT consultants, cloud services provider, and managed security services providers try to implement security strategies however budgets are small, or organizations think they will not get hit.  The issue is that when an organization does experience a cyber security breach, the budgets are out the window, as all hands are on deck to assess and contain the cyber threat as well as recover critical business operations.

Of course, this is a reactive approach in the aftermath of damage control.  Therefore it is essential to understand the IT security vulnerabilities and its security gaps so you can implement the necessary practices to help prevent such a cyber breach from happening again.

Are There IT Security Gaps in Your Network (4)

Security is Simple as 1, 2, 3 or is it?

Security can be simple however it is an ongoing daily challenge for IT departments, managed iT services providers, and cloud services providers.   As the IT security landscape constantly shifts, it can be difficult for organizations to find a solid foundation as well as the greatest return on their IT security investments.

Here are some monthly security threat items that can greatly reduce the risk to your organization.  These include:

  • Keep all systems and software up to date. This includes proactive regular system and software patching as well as upgrading platforms that are no longer supported.
  • Enforce user permissions. You should proactively review user accounts, applications, service accounts, and network resources to ensure the appropriate permissions are up to date.
  • Train, train, train. Organizations must constantly train and educate users on IT security policies and procedures when it comes to safe practices. The training should include cyber security awareness including ransomware, phishing, social engineering, and much more.

Here are some free cyber security training options for employees:

  1. 365 iT SOLUTIONS Quick Security Awareness User Training
  2. TED Talks 12 Must-Watch Cybersecurity Videos
  3. Stanford University Advanced Computer Security
  4. ESET Free Cybersecurity Awareness Training

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Security IT Solutions Managed IT Services

Support World Mental Health Day on October 10

It is World Mental Health Day! Let’s talk about some underlying causes of depression and anxiety that you can start addressing today! #WORLDMENTALHEALTHDAY

365 iT SOLUTIONS is proud to support World Mental Health Day on October 10.

World Mental Health Day is marked every year on October 10.  Its goal is to raise awareness about mental health issues as well as advocating for increased support.

Half of all mental illnesses begin by the age of 14. We must commit to providing mental health support from an early age to help prevent mental distress and illness among adolescents and young adults.

According to the World Health Organization, one person dies by suicide every 40 seconds.

The previous World Mental Health Day, they focused on suicide prevention.

This year on World Mental Health Day, they are encouraging people to take 40 seconds of action to improve awareness, reduce stigma associated with suicide, and provide support to people who may be struggling.

If you need help or know someone that needs help, please see the following resources:

World Mental Health Day 365 it solutions (1)

Categories
Industry Insights IT Solutions Managed IT Services

Business Email Cyber Attacks Increasing at an Alarming Rate

Email is the largest single attack vector available and this has resulted in business email cyber attacks increasing at an alarming rate.

According to a recent report, email cyber attacks account up to 269% from last quarter.  There has been a massive spike in emails containing dangerous file types, malware attachments, and spam in target inboxes.

Business Email Cyber Attacks Increasing at an Alarming Rate cloud services provider toronto

The email cyber security report reviewed more than 260 million emails and the statistics are alarming:

  • Over 480,000 users were affected by cyber threats
  • Approximately 28.8 million were spam
  • Over 28,808 contained malware attachments
  • Approximately 28,726 contained dangerous file types
  • Over 60,000 of these messages contained phishing email scams

 

As there is an increases in email cyber attacks, they are affecting business productivity, business profitability, and affecting the bottom line for all organizations.  This includes a wide variety of cyberattacks including phishing, impersonation, insider threats, and much more.

 

Business Email Cyber Attacks Increasing at an Alarming Rate Managed IT services torontoHere are some more alarming statistics from the cyberattack on email report:

  • Negative business impact has increased to 61% compared to 58% a year ago.
  • 1 in 10 stakeholders feel their organization will inevitably suffer a business impact from an email-borne attack.
  • Over 67% reported seeing impersonation cyberattacks increase.
  • Over 73% of impersonation attack victims experienced a loss from the attack.
  • Approximately 71% were hit by a cyberattack where malicious activity had spread from across users

There are many tools out there, but human error is one of the largest risks to organizations.  Many research documents have shown that human error ranks even higher for cyber risk to an organization than software flaws and vulnerabilities resulting in over 90% of breaches.

In a recent test, a phishing simulation was conducted on 6,500 employees that do have security awareness training. Over 500 of the employees clicked on the phishing email link in under a second.

Here are seven things to consider for email security in your organization:

  1. Don’t play defense, play offense. Over 61% of respondents believe they will suffer a negative business impact from an email cyberattacks.
  2. Security breaches not only slow you down, they have a direct impact to your business. Organizations hit by ransomware average three days of downtime including loss of productivity and profitability.
  3. Impersonation cyberattacks are increasing. Approximately 85% of respondents experienced an impersonation attack or phishing cyberattack as well as reporting a huge increase.
  4. Internal cyber threats can cause a chain reaction. Over 71% of organizations saw malicious activity spread from one infected user to other employees, an increase over last year’s 64%.
  5. Phishing cyberattacks are here to stay. Approximately 94% of respondents experienced a phishing attack in the previous 12 months.
  6. Ransomware is increasing at an alarming rate. Over 53% of organizations have been hit by a ransomware attack that directly impacted their business resulting in a 27% increase from 2019.
  7. Data loss is the biggest concern. Approximately 73% of organizations hit by ransomware experienced a direct loss including data, financial, or loss of customers.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

Going to the cloud or worried about security? We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Business Email Cyber Attacks Increasing at an Alarming Rate 365 it solutions

Categories
Industry Insights IT Solutions Managed IT Services

What Can You Do After a Data Breach?

Protection against a data breach is becoming increasingly complex for organizations and everyone should be aware of what can you do after a data breach.

Here are some alarming statistics from various sources:

Although protection is an essential part of cybersecurity, the odds of a breach are also rising no matter the size of your organization and budgets.

Here is a quick list of the biggest data breaches of 2019 so far:

  • Evite: Hacked in February of 2019 and over 10 million exposed names, usernames, email addresses, passwords, dates of birth, phone numbers and mailing addresses.
  • Toyota: Data breached in February and March of 2019 saw two separate data breaches of over 3.1 million.
  • American Medical Collection Agency (AMCA): Data breach occurred February 2018 and March 2019 of over 20+ million records including medical data and financial information, bank account details including healthcare billing company Optum360.
  • Capital One: Breach occurred in March 2019 of over 106 million records of customer personal data including names, addresses, dates of birth, credit scores, Social Security numbers and bank account numbers.
  • MongoDB: Data breach in April 2019 of 275 million Indian citizens was exposed including name, sex, date of birth, email, mobile phone number, education details, salary and more.
  • Canva: Data breach occurred May 2019 of 139 million records involving personal data such as email addresses, geographic locations, names, passwords, usernames and financial data.
  • Desjardins: Data breach occurred June 2019 of 2.9 million records based on an insider-instigated data theft including first and last name, date of birth, social insurance number, address, phone number, email address and details about banking habits.
  • Suprema: Data breach occurred August 2019 of 27.8 million records involving biometric data such as fingerprints, facial images, usernames and passwords, employee records and entry logs to secure areas.

Each case was handled differently based on organization but they all had a plan to address the question on this article, what can you do after a data breach?

What Should You Consider to the Cost of a Data Breach?

When examining the cost of a data breach, there are hundreds of factors to consider from detection and notification costs to regulatory fines, legal costs, lost business, and reputation.

Studies have shown the most damage comes from malicious cybercriminal attackers because breaches caused by malicious attackers took much longer to identify and contain.  The longer delay to identify and contain a breach gives the attacker move time to move around your network and cause damage.

What Can You Do After a Data Breach?

Here are four things you can do to help cut down on your response time and minimize the financial damage of a data breach.  You should review this with your IT department, IT consultant, or managed IT services provider.

  1. Test Your Incident Response Plan

Do you have an Incident Response Plan? If not, not is the time to develop one.  The data breach incident response plan will depend on building it, testing it, and adjusting it.  The next part is based executing it.  The plan is only as good as the people executing it.  Employees must be careful they don’t develop cyber rage and stay calm, cool, and collected. Your IT department or managed IT services provider should be part of the plan.

What Can You Do After a Data Breach (4)

  1. Understand Your Risks and Optimize IT Security

It is important to review the importance of your information and data as well as put down the importance of it. Over 51 percent of breaches were caused by malicious or cybercriminal attacks.  By having your IT department or managed IT services provider use threat intelligence, it can help provide insights into the different motivations, capabilities and intentions of attackers.  This will allow you to understand your risks and make more efficient IT security investments.

 

 

 

 

 

 

What Can You Do After a Data Breach (3)

  1. Have a Business Continuity Plan and Back Up Your Systems

Lost business is the largest damage a data breach can cause your organization.  Proactive detection, escalation, and notification are a fraction of the cost.  Your business continuity plan and backup plan must prevent you from amplifying the issue by shutting down systems, losing data due to destructive attacks, or systems that are costly to recover.  Organizations should store backups offline, inaccessible from primary systems, so cybercriminals cannot compromise them.

 

 

 

 

 

 

 

What Can You Do After a Data Breach (2)

  1. Have IT Partners Ready, Just in Case

There are many managed IT services providers in Toronto as well as cloud services providers, and managed security services providers.  You should interview several of them to ensure you have found a trusted partner.  If your organizations experience a data breach, you have your team ready.   If your incident response team is under prepared, they will be little help and limited on how they can contain the cyber attack.

 

 

 

 

 

 

 

 

Cyber threats are real, and the cybercriminals are motivated.  The only thing that stands between them and your organization’s data is your IT security. Talk to your team and get the tools in place to take action.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

Going to the cloud or worried about security? We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

 

Categories
Industry Insights IT Solutions Managed IT Services

Disaster Recovery Plan for Your Business

Disaster Recovery Plan for your business is essential to protect against as it is the essential process of recovering data and resuming business operations following a natural disaster, site loss, or equipment failure.

Did you know human error, cybercrime or a natural disaster are the leading causes of lost data and lost productivity?  Many business leaders think disaster recovery (DR) is too expensive, too complex or that a disaster is unlikely to impact them however it is a business necessity.

 

Disaster Recovery Plan Toronto 365 it solutions

Organizations these days are challenged to do more with less in order to stay competitive.  There are a large number of projects, advances, and business requirements in every industry.  The struggle has come down to prioritizing business needs and goals to fit into the budget.

 

One major service that is often cut or reduced in capacity is often disaster recovery.  It is important to remember that backups are not a full disaster recovery service.

 

Organizations sometime think that “Disasters happen to someone else” or “it will never happen to me”.  This causes them to delay it until the next IT budget or use another service that restricts options in their time of need.

 

In this day of constant cyber threats, disaster recovery is not a luxury, it’s a necessity.  Technology and IT management have become a fundamental piece of every business no matter what industry.

 

When people think about disasters, they initially think of major natural disasters, such as hurricanes or flooding but unfortunately most from less extreme but potentially more damaging such as:

 

The Reality of Disaster Recovery

  • Hardware Failure – Most hardware manufacturers rate their business line of hardware at 99.999% of availability, but it still can fail. What happens if hardware fails? How does that impact what is running on the hardware? What if there is data corruption?
  • Software Issues – No software package is perfect as you can face issues with upgrades, new releases, or simple patch management.  There are many areas it can fail including integration, patches, and vulnerabilities.  What happens if your application has an issue and it loses data or fails to start?
  • Malicious Threats – The daily news is full of the latest security vulnerability, ransomware or cryptolocker. If your organization’s data is held hostage, how will you recover?
  • Malicious Users – You trust your employees and most hope that they would never intentionally do something to compromise your network or data, but it does happen. If you have no recovery options in place, you will not be able to resolve it quickly and can face data loss or corruption.
  • Accidents – Click, click, oops. People make mistakes and it can happen to anyone. They can be minor mistakes and resolved easily, while others are more pressing and require immediate IT intervention.

Disaster Recovery Plan Stats: The average downtime across industries costs a company $5,600 per minute according to a survey done by The Ponemon Institute.


Organizations DR Resiliency

It is rare not to find an organization without backups as many feel this is all they need to protect their environment and data.  Data backups are necessary for long-term retention, file recovery and even system recovery. Backups are not disaster recovery.  If you want a full resilient business continuity solution,  you need backups and disaster recovery DR.

“Disaster Recovery DR must be looked at as insurance for something that hasn’t happened.”

 

RPO versus RTO

RPO stands for Recovery Point Objective.  This is how far back in time you will go when recovering data in an event.  Traditionally, backups run once a day at off hours which can lead to unacceptable RPO timelines.   Example – If you only have a nightly backup and something happens before the next backup can occur, this would potentially put you back 20+ hours.  How much data was lost?  How many orders?  How many projects?  What is the impact of having to find and recreate 20+ hours of data?

RTO stands for Recovery Time Objective.  This is how long it takes you to recover that data.  Large data sets or even full systems can take hours to recover.  When combined with an old dataset, your business could be down for over 24 hours from the recovery process time and the last known good state of your data.  If it is mission-critical to your organization, and you can’t afford for it to be down for 24 hours, it needs to be protected with disaster recovery techniques that meet the appropriate RPO and RTO.

 

Disaster Recovery DR Can Be Affordable

There are many ways to do disaster and we will discuss a couple of examples below:

 

Disaster Recovery Plan Azure Site Recovery Toronto 365 it solutions

Azure Site Recovery is Microsoft’s disaster recovery as a service (DRaaS).   Azure helps your business to keep doing business even during major IT outages.  Azure Site Recovery offers ease of deployment, cost effectiveness, and dependability.  Deploy replication, failover, and recovery processes through Site Recovery to help keep your applications running during planned and unplanned outages.

Azure Site Recovery is simple to deploy and manage, reduces infrastructure costs, and minimizes downtime with dependable recovery.

Disaster Recovery Plan Datto Toronto 365 it solutions

Datto offers an all in one full platform for backup, recovery, and business continuity for local, virtual, and Cloud environments.  With instant virtualization, this gives organizations the ability to recover with a single click based on image-based backups.  These can be booted from the physical device or secure cloud.  When disaster strikes, you can act fast by getting the server back up and running using virtualization.

 

Disaster Recovery Plan Stats: Over 50% of the surveyed businesses said the outages affected their reputation according to survey done by The Ponemon Institute.

 

You Cannot Afford to Cut Disaster Recovery DR From the Budget

Organizations cannot afford to cut disaster recovery DR.  The cost of a disaster both from a monetary and perception standpoint can be incalculable.  As a business, the “IF” factor should not be considered and measured on “when: it will happen.  When it comes to technology, any number of things can happen from malicious software to a simple mistake. Only organizations with a tried and tested disaster recovery DR plan can weather these issues without incident.

 

Discover the 365 iT SOLUTIONS Difference

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

With over 15 years of experience supporting customers and their critical workloads, we have firm understanding of the space and what it takes to develop a resilient business continuity strategy. We approach our services with the goal to provide customers with secure, easy-to-adopt solutions that enable them to be cutting edge within their industry.

We provide client with quick and effective support when required to manage their IT infrastructure.

Our complimentary network and security assessment can put your IT organization and Disaster Recovery Plan to the test.

Categories
Industry Insights IT Solutions Managed IT Services

How do Managed Security Services Providers Help Organizations?

Cyber security and hackers are a constant business threat but how do managed security services providers help organizations succeed at being secure and productive?

The question maybe simple and there are many managed security services offerings out there in Toronto, but they are not all built the same way.  Below we will cover the proper way managed security services providers help organizations.

How do Managed Security Services Providers Help Organizations

 

What is a Managed Security Services Provider MSSP?

A managed security service provider (MSSP) is an IT service provider or IT consulting firm that provides an organization with proactive cybersecurity tools, monitoring, and management.  These tools may include next-generation virus, spam blocking, intrusion detection, next-gen firewalls, advanced threat protect, as well as encrypted virtual private network (VPN) management.

 

What is the cost of cybercrime in 2019?

Recently, Accenture and the Ponemon Institute analyzed the latest cost of cybercrime in 2019 in order to help organizations target IT security investments and technical resources.

The study looked at 11 countries in 16 industries including the input from 2,647 senior leaders from 355 companies in order to establish the economic impact of cyberattacks on an organization. The study showed that cybercrime is increasing, and it is taking more time and resources to resolve.

Here are some highlights outlined in the study:

  • Security breaches grew last year by 11 percent from 130 to 145
  • Average cost of cybercrime for an enterprise increased from $1.4 million to US$13.0 million
  • Total value at risk is $5.2 trillion globally over the next five years

This is only one of many studies as to why a managed security service provider (MSSP) is a strategic partner within an organization.

How do Managed Security Services Providers Help Organizations (4)

Why do organizations use Managed Security Service Providers?

Managed security services providers in Toronto come in many different flavours.  The true question is how much security services does your organization need? Not all organizations have the same requirements therefore not all managed security services providers are the same either.

Organizations may either outsource all or aspects of their IT security functions to Managed security services providers (MSSP).  A MSSP can offer a variety of different levels of security monitoring, vulnerability risk management, threat intelligence, as well as intrusion management.

These services can even be offer managed security services to support organizations in regulated industries that must meet compliance requirements.  This can include the Health Insurance Portability and Accountability Act (HIPAA) or Europe’s General Data Protection Regulation (GDPR).

The success to the managed security service provider (MSSP) is industry comes down to cost savings.  If an organization were to setup an internal in-house cybersecurity team, the cost and ongoing training would be large.  For this reason, using a MSSP is a more cost-effective option as it will save money on equipment, software tools, and other operational costs.

How do Managed Security Services Providers Help Organizations (5)

What tools do Managed Security Service Providers use?

There is a wide variety of tools that a Managed Security Service Provider (MSSP) can use to protect and organization from cyber security and other online threats.

Here is a list of some tools that help Managed Security Service Provider (MSSP) protect organizations proactively.

  1. Industry leading Next Generation FirewallNext Generation Firewall managed IT services managed security service toronto

When meeting with potential clients and the discussion of security happens, the first level of defense mentioned is next generation (next gen) firewalls.  Usually the next question from the client is what is a next generation firewall compared to a regular firewall?

Firewalls are a standard security tool for many companies, but in today’s changing threat landscape, next generation firewalls are the only firewalls that can provide proper protection.

According to Gartner, a next generation firewall (NGFW) is a deep-packet inspection firewall that moves beyond port and protocol inspection.  It blocks and adds application-level inspection, intrusion prevention, antivirus, and intelligence from outside the firewall.

What is the difference between traditional firewalls vs. next generation firewalls? A lot to be honest.

Next generation firewalls are much more powerful and advanced than traditional firewalls used many organizations.  Even thou their basic function of protection is the same, next generation firewalls have extremely more horsepower.  They use both static and dynamic packet filtering as well as offer VPN support to ensure that all connections between the network, internet, and firewall are valid, encrypted, and secure.

The most obvious difference of a next generation firewall is the ability to filter packets based on applications since they have extensive control and visibility of applications.  This enables the ability to identify using analysis and signature matching.  You can use a white list, or a signature based IPS to distinguish between safe applications and unwanted ones using SSL decryption.

Additional benefits of next generation firewalls include the ability to block malware from entering a network as they are more powerful and are equipped with features such as Advanced Persistent Threats (APTs).  These firewalls are a low-cost option for organizations looking to improve their basic IT security since they include antivirus, firewall, intrusion prevention, content filtering service and much more.

If you are in business, installing a next generation firewall should be a requirement and not an option. Cyber threats are increasing an alarming rate and changing every day.  Next generation firewalls give flexibility as it protects devices and organizations from a wide variety of cyber security threats.

Next generations firewalls are great network security, but they are one piece of the puzzle used by Managed Security Service Providers.

The success to network security is a multi-layered security approach.

 

  1. Next Generation Antivirus with artificial intelligence (AI) Next Generation Antivirus with Artificail Intellignece (AI) managed IT services managed security service toronto (2)

There is standard anti-virus and now there is Next Generation Anti-virus.  It carries other names such as “Next-Gen Anti-virus” or “NGAV”.  We outline some key differences including why Managed Security Service Providers (MSSP) use Next Generation Anti-virus (NGAV) instead of standard.

Standard anti-virus is based on the four following principles:

  • Signature Detection – Signatures is a collection database (DAT file) that needs to be consistently updated by the vendor in order to recognize new threats such as files, applications, and data. Due to the nature that this change frequently, it does not always catch everything and does not offer solid reliability.
  • Heuristic Detection – Heuristic detection is a great tool that can be used to detect Potentially Unwanted Programs (PUPs).  PUPs are simple changes but can be harmful such as changing your search engine settings or cracked software that has a virus in it.
  • Virus Scanning – Virus scanning is simply the scanning using the signature detection listed above.  The system looks at each file on the system and tries to match it against a virus database.  Issue here is the signature may be behind or not updated as well as the system needing up to an hour to scan depending on your system, operating system, hardware, and infections.

Next-Gen Anti-virus (NGAV) systems do it a little differently however much more effective as it is based on the four following principles:

  • Exploit Techniques – A Next-Gen Anti-virus (NGAV) tries to block a process which is doing an exploit and trying to bypass a normal process operation. It is not looking at the file type, it is looking at the process. The CONS to this method is there may be false positives as processes and applications may do things that resemble the behavior of a virus.
  • Application Whitelisting – This the process for validating and controlling. Every process is permitted or denied access to the operating system.  This requires control over the OS as well as access to a list of application signatures.
  • Micro-Virtualization – This method blocks Direct Execution for a process however this uses a lot of CPU and does not really detect viruses, it disables the ability to affect your operating system.
  • Machine Learning – This technique enables accurate detection and block rates of cyber threats based on behaviour as well as whitelisting. The more data, the longer it runs and the more effective it is for your organization.
  • Artificial Intelligence – The good thing about AI is that it can adapt to the changes quickly therefore blocking or detecting.
  • EDR Forensics – This process a large set of data collected from the endpoint such as logs, packets, and behavior.

Organizations must understand that anti-virus is one line of defense on a multi layered approach to security.

 

 

  1. Enterprise-class Remote monitoring and management (RMM) Enterprise-class Remote monitoring and management (RMM) managed it services toronto managed security services toronto

No matter if you are a managed IT services provider (MSP), Managed Security Service Provider (MSSP), or internal IT department, you should be using an enterprise class Remote monitoring and management (RMM) tool to proactively manage your network.

Remote monitoring and management (RMM) tools help organizations to automating tasks, track systems and devices, as well as implement security policies to protect the organizations from cyber security threats.

Organizations should inquire as to which Remote monitoring and management (RMM) tools are being used by your managed IT services provider (MSP) or Managed Security Service Provider (MSSP) to ensure it is not free or freeware.  The provider should also make it clear on how many automated scripts are available as well as how many are dedicated towards security.

 

  1. Proactive Device Hardening

Device hardening is provided in various security layers. The layers include protection at the host level, the application level, the operating system level, the user level, the physical level and all the sub levels.   The goal of systems hardening is to reduce security risk by eliminating potential cyber attack options.

This includes a unique collection of tools, industry leading techniques, and best practices.  This will reduce vulnerability in applications, systems, infrastructure, firmware, and other areas that may open a door to hackers.

This would essentially eliminate non-essential programs, functions, applications, ports, permissions, and access therefore giving cyber criminals and hackers fewer opportunities.

A Managed Security Service Provider (MSSP) provider will use a methodical approach to audit, identify, close, and control potential security vulnerabilities including the following:

  • Application hardening
  • Operating system hardening
  • Server hardening
  • Database hardening
  • Network hardening

Device hardening is an ongoing continuous effort that pays off in the long run. Most organizations, even with internal IT departments do not have the time or resources to stay ahead of this cybersecurity threat.

 

  1. Employee Phishing Attack Simulation and TrainingPhishing Attack Simulation Managed it services toronto managed security services provider toronto

There are many security features than can be put in place but if an organization wants to reduce their largest attack surface, they must train their end users, period.

In real-world cyber-attacks, organizations and end users are relentlessly bombarded with spear-phishing and socially engineered schemes from cyber criminals.  They wait on an unsuspecting user to click, the process starts.

When working with a Managed Security Service Provider (MSSP), they will be able to simulate hundreds of realistic phishing attacks on your users.  Based on the outcome, they will be able to better tune the network as well as outline what training is required to keep your organization safe.

They will help you understand your security health and measure overall risk levels across your organization.

 

  1. Organization Penetration Testing

Penetration testing is also known as pen testing or ethical hacking.  The goal of it is to test organizations, network, applications to find security vulnerabilities that a cybercriminal or hacker can exploit. Penetration testing can be done on multiple levels including applications as well as performed manually by a Managed Security Service Provider (MSSP).

How do you choose a penetration testing partner?

Penetration testing has become very popular due to all the security concerns in the news daily.  Here are 8 best practices when selecting a penetration testing (pen test) partner in Toronto:

  1. Define what type of pen test your organization requires
  2. Evaluate the skills of the pen test IT consulting team
  3. Ask for relevant pen test references
  4. Find out how the pen test data will be secured
  5. Ask for business liability insurance on the penetration testing partner
  6. Get a sample report of their pen test
  7. Clarify the methodology and process that will used during the pen test
  8. Ask about options for periodic pen test in the future

How do Managed Security Services Providers Help Organizations (3

 

When evaluating a Managed Security Service Provider (MSSP) for penetration testing, you need to ensure they understand best practices, the functionality of everyday IT functions such as being a managed IT services provider more than the cost.  You need to ensure your organization thoroughly evaluates their methodology, deliverable, data security practices, and project management capabilities.

When picking a long-term partner such as a Managed Security Service Provider (MSSP), you need to ensure that they will reduce the IT security and compliance.  They need to deliver flexible managed security services and threat intelligence that align with your business goals, enhance existing security services, infrastructure, and employee management.

The Managed Security Service Provider (MSSP) should include services such as Targeted Threat Intelligence, Log Monitoring and Management, Managed Security Services, Security Device Management, Professional Security Services, Network and Vulnerability Management, Compliance Services, Cloud and Virtualization Security, and Critical Incident Response.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

Is your organization ready to go to the cloud or worried about security?

We are your leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Montreal F1 Weekend with SportPesa Racing Point F1 Team and Acronis

365 iT SOLUTIONS was a proud attendee and partner of Montreal F1 Weekend with SportPesa Racing Point F1 Team Point and Acronis.

Who is Acronis?

Acronis is a global technology company with headquarters in Schaffhausen, Switzerland and Singapore with an international presence of 18 offices worldwide.  Acronis is a leader in the industry and develops on-premises and cloud software for backup, disaster recovery, secure file sync, and data access.

Who is Racing Point F1 Team?

Racing Point F1 Team competes in the F1 as SportPesa Racing Point F1 Team.  They entered the Formula One World Championship using the constructor name of “Racing Point”. They are based in Silverstone, United Kingdom and compete under a British license.

Why did SportPesa Racing Point F1 Team Partner with Acronis?

Back in 2018, SportPesa Racing Point F1 Team had to find a technology partner to address all their IT needs while delivering in the more secure environment.  They strategically partnered with Acronis due to their Acronis Cyber Protection Solution.

The Acronis Cyber Protection Solution included industry leading backup, disaster recovery, software-defined infrastructure, file sync and share, and anti-ransomware defenses.  This entire solution has been applied to SportPesa Racing Point F1 Team infrastructure including the F1 team’s factory, wind tunnel, as well as track side.

According to Racing Point F1 Team, they are faced with an incredible amount of data.  In the factory, they create a new stream of data when designing and developing a new race car or applying new race technology.  Each year, they are facing an increase of 50% that needs to be managed is constantly.

How Does Data Make a Formula One Car Faster?

Like every Formula One F1 car, the teams need real information in order to make the car go as fast as possible.  Racing Point F1 Team equips the racecar with hundreds of sensors that generate hundreds of gigabytes of data every race.  The team on the track as well as back in headquarters collect, process, and analyze in real time.  This helps the race team to make decisions on the spot during the race.  They then use this information to make changes to design and engineering for future improvements.

  • Front Wing Sensor – The wire cages on the front of a car are aero rakes and the most noticeable sensors on a Formula One F1 car. They are installed behind the front tires and attached to the monocoque.  These aero rakes are fitted with a number of ‘Kiel probes’ which monitor airflow in real time. They are also be fitted to measure airflow behind the diffuser or around the rear wing.
  • Tires – Sensors deliver one of the most important aspects of a car’s performance, the tires. Tires are considered a key to race strategy.  The sensors monitor tire temperatures, cornering loads as well as tire degradation.
  • Front Monocoque – Considered to be one of the most important sensors, the pitot tube is similar to those used by aircrafts. It is used in areas where teams measure air speed and are often found on the nose and air box.
  • Air box – The sensors on the air box measure engine temperatures to ensure they are staying within the optimal parameters set by the engineering team.
  • Rear Wing – Speed is nothing without control therefore aerodynamics and down force are crucial. These sensors measure airflow over both the front wing and rear wing of the car.

How Does Data Make a Formula One Car Faster - 365 iT SOLUTIONS Managed IT Services Toronto Cloud Services Providers Toronto

 

Meet Otmar Szafnauer, CEO and Team Principal of SportPesa Racing Point F1 TeamOtmar Szafnauer, CEO and Team Principal of SportPesa Racing Point F1 Team - 365 iT SOLUTIONS Managed IT Services Toronto Cloud Services Providers Toronto

Acronis was able to put together a fantastic dinner at Restaurant Jacopo in old Montreal.  Not only did we learn about the future road map for Acronis, we were able to hear from Otmar Szafnauer.

Otmar Szafnauer was able to show some of the leading IT solutions providers in North America how important technology is from their business point.  With the every growing amount of data collected, SportPesa Racing Point F1 Team needed a method to safeguard their IT infrastructure.

All the technology comes down to how do they get a faster lap for Lance Stroll and Sergio Pérez. Every one hundredth of a second makes a huge difference in a Formula One F1 race.

F1 is a development and innovation sport. They need technology to develop and innovate.

 

 

What Acronis products does Team Principal of SportPesa Racing Point F1 Team use?

The team needed to address protection from servers, mailboxes, and petabytes of data.  They selected the following products to help manage their IT infrastructure and protect their data.

 

Acronis Active Protection Acronis Backup Acronis Backup for Microsoft 365 Acronis storage - 365 it solutions managed it services toronto cloud services provider toronto
 

 

365 iT SOLUTIONS would like to thank Acronis and SportPesa Racing Point F1 Team for an incredible weekend at the Canadian F1 Grand Prix in Montreal.

Acronis Foundation 365 it solutions managed it serivces toronto cloud services provider toronto

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

Going to the cloud? We are your leading Cloud Services Providers Toronto.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

#teamupwithacronis

Categories
Industry Insights IT Solutions Managed IT Services

How Modern Cybercriminals Attack and How Data Breaches Affect Organizations

The tactics and techniques of how modern cybercriminals attack and how data breaches affect organizations is commonly used to bypass cybersecurity defenses and it catches organizations off guard.

Cybercriminals are for the most part smart and the successful ones are constantly altering their hacking techniques to bypass increasingly advanced cyber security technical controls.  This allows them to deliver credential phishing attacks, business email compromise, and different forms of malware to unsuspecting corporate users.  The unfortunate part is most employees click with rarely thinking twice about it.

How Data Breaches Affect Organizations?

An organization can suffer in many ways when it falls victim to a data breach, one of which is dealing with the huge potential financial repercussions coming down the pipe.

With the recent change to the Canadian Privacy Act, there is a wide range of different costs associated with a data breach, such as paying back any money taken as a result of the data breach, compensating affected clients or consumers, share value plummeting as well as having to pay for the right protection to ensure a data breach does not happen again.

More information: Canadian Privacy Breach Notification Rules Changed November 1, 2018

After the business pays off all the fines, the data breached organization also must deal with reputational damage. Data breaches have a massive negative impact on an organization’s client base, particularly if the breach involved sensitive personal data.  Clients lose confidence in the brand as they do not feel that their data is secure.  Another negative note is that a public data breach will also put off potential new clients.

The impact of a data breach is tied to the type of data involved. If confidential data has been exposed, it can have catastrophic effects in many ways.  If personal and financial details of staff and customers are breached, those people are left open to the risk of identity theft, financial loss, and much more.

Your security is only as strong as your weakest link therefore we are offering a quick security awareness user training video to share with your organization. This 7 minute video can save you a lot of headaches.

The tactics and techniques of how modern cybercriminals attack and how data breaches affect organizations is commonly used to bypass cybersecurity defenses and it catches organizations off guard.

According to the Cofense Phishing Defense Center, Their researchers analyzed data and found the following:

  • They analyzed 31,429 malicious emails sent between Oct. 2018 and March 2019
  • Approximately 23,195 of them included credential phishing attacks
  • Another 4,835 included malware delivery
  • Over 2,681 of them contained a business email compromise
  • A little amount of 718 contained some form of spam
  • They are included subtle tactics such as changing file types, shortened URLs, etc.

As part of their Cofense Phishing Defense Center 2018 report, they analyzed nearly 1.5 million user-reported emails.

The report produced so alarming numbers including the following:

  • 55,404 credential harvesting attacks
  • 27,501 campaigns delivering malicious attachments, including abuse of file-sharing services
  • 4,152 business email compromise (BEC) attacks

The reality here is that these emails are easily bypassing technologies such as email gateways and spam filters resulting in employee mailboxes becoming ticking time bombs.

Many managed IT services providers and IT department continue to actively make simple adjustments to their cyber security measures, but the real question is will it work?

Credential-phishing emails use fake log-in pages therefore they are tough to stop at the gateway because often associated infrastructure does not look malicious.  Some phishing or malware campaigns have a good disguise as well as send emails from genuine Microsoft Microsoft 365 or Gsuite email tenants that have already had compromised credentials or even sometime legitimate accounts.  The fake login page is hosted on Microsoft infrastructure is “nearly impossible” to distinguish for most users, even some tech savvy ones.

Cyber security researchers have reported that many secure email gateways do not scan every URL. Many of them focus on the type of URLs users actually click.  As more phishing attacks leverage single-use URLs, the organizational risk grows.  Cyber criminals only need one set of legitimate credentials to break into a network, which is why credential phishing attacks is a popular cyberattack technique.

Cloud adoption and cloud service are changing the game for cyber attackers hunting for employee login data. Businesses are shifting the location of their login pages and, consequently, access to network credentials. This adds a layer of protection, but it does not mean cyber criminals have given up.

It is important to understand that as organizations continue to move to cloud services, cyber criminals are constantly going after their cloud credentials.  Cyber criminals are also using popular cloud services such as SharePoint, OneDrive, and Windows.net to host phishing kits.  Once they obtain the user credentials, they are then able to log into the hosted service as a legitimate user.  Many times, they stay there watching for opportunity.

It is not simple task for organizations to stay ahead of these cyberattacks. The ability for IT departments and managed IT services providers to defend against cloud-based threats is difficult since visibility to logs in the cloud is different than onsite infrastructure.  Many organizations engage cloud providers however they fail to review security details in order to ensure their monitoring and visibility needs are met.

Most cyber attackers use different file types to bypass attachment security controls of email gateways in order to deliver payloads.  As an example, cyber security researchers point to when Microsoft Windows 10 changed file-handling for .ISO files, which gave hackers an opportunity to shift away from the .ZIP or .RAR files that were usually inspected by security tools.  They also reported that in April 2019, some unnamed cyber attackers started to rename .ISO files to .IMG therefore successfully transmitting malware through secure gateways and other security measures.

How does this cyberattack cheat the system?

Cyber Attack # 1 – Bypassing the email gateway or spam filter

The email gateway or spam sees this attachment.  You can download the file to the device as Windows 10 treats it as an archive and opens it in explorer.  This allows the victim to click the contents within the attachment. Basically, nothing changed in the malware, just the file extension name.

There is an ever-growing challenge in defending against these types of cyber threats because there are legitimate attachment types you cannot block without disrupting the business.  There are PDF files that include links to the malicious websites.  They then spoof a login page where they can capture the user login credentials.  The unfortunate part is that organizations cannot blindly block these file types, or it will grind everything to halt.

How Modern Cybercriminals Attack and How Data Breaches Affect Organizations (4)

Cyber Attack # 2 – Welcome to “installation-as-a-service” cyber threat

Cyber attackers have a trick up their sleeve, it’s called “installation-as-a-service”.  Using this service, they can pay to have malware installed on a machine or a group of machines anywhere in the world.  One example is Emotet which started as a banking Trojan.  It gained popularity as a loader for other malware as the cyber criminals transformed Emotet into a complex bot responsible for several functions.

Over 45% of cyber attackers who sent malware via malicious attachments in the past year had a strong preference for exploiting a Microsoft Office memory corruption vulnerability. In previous years, they used malicious macros, which only accounted for 22% of malware delivery tactics this past year.

A recent global survey of over 1,000 IT security decision makers released some alarming numbers:

  • 64 percent believe they have had either a direct or indirect breach due to employee access in the last year
  • 62 percent believe they have had a breach due to vendor access
  • 82 percent believe employee behavior continues to be a challenge for their organizations
  • 60 percent stated writing down passwords is an issue
  • 58 percent stated telling colleagues each other passwords is an issue

Believe it or not, geographical location makes a difference;

  • 20 percent of UK businesses are worried about employees downloading data onto a memory stick
  • 42 percent of Asia Pacific (APAC) region feel the same way
  • 71 percent of organizations agree that they would be more secure if they restricted employee device access

Unfortunately, restricting employee device access is not usually realistic or conducive to productivity.

Organizations are faced with the struggle to address both internal employees and third-party vendors as they need privileged access to be able to do their jobs effectively.  They need this access granted in a way that does not impede on productivity and security.  Cyber threats are growing and there has never been a greater need to implement organization-wide strategies and solutions.  The need to manage and control privileged access in a way that fits the organization, users, and third-party partners.

What are some more alarming stats for cyber security and data breaches?

  • Some organizations surveyed reported an average of 182 vendors logging in to their systems every week
  • With large organizations over 5,000 employees, 23 percent say they have more than 500 third-party vendors logging in regularly, highlighting the extent of risk exposure.
  • Their trust in vendor access is now lower than trust in employee access
  • Approximately 25 percent of organizations say they trust vendors and third-party suppliers
  • Approximately 37 percent of employees say they trust vendors and third-party suppliers
  • Just over 72 percent of businesses admitted that they have cultures that are too trusting of third parties

What are some emerging cyber threats organizations need to consider?

  • Internet of Things (IoT) poses a big concern with the visibility of logins from IoT devices
  • 76 percent are confident they know how many IoT devices are accessing their systems
  • 80 percent are confident they know how many individual logins can be attributed to these devices
  • 47 percent of security decision makers perceive at least a moderate risk from Bring Your Own Device (BYOD)

For all organizations, IT is becoming ever more complex.  Technology ecosystem are growing at rapid pace as well as the evolving landscape of cyber threats.  As employees are granted more trust, organizations need to accept that the way to mitigate risks is by managing privileged accounts through integrated technology and automated processes that not only save time, but also provide visibility across the network.

The goal is a proper cyber security policy and practice.  By implementing cybersecurity policies and solutions, organizations will also increase business performance while eliminating roadblocks in an employee’s way.

Cyber security strategy, cyber security planning, and cyber security procedures are effective for protection.

An effective web protection strategy requires policies to reduce the surface area of attack, appropriate tools and technology to enforce those policies, and protection to block attacks at every layer.

Establish the following best-practice policies and educate your user population about why they are important for the security of your organization.

Web Protection Policy Checklist

  1. Safe Surfing Policy – A safe surfing policy will block unwanted and inappropriate site categories to reduce the cyber threat surface area. Based on connectivity, organizations may also wish to control other categories in the interest of productivity, security, profitability, or available bandwidth.

Your minimum Safe Surfing Policy should exclude the following categories:

  • Adult, sexually explicit, nudity
  • Anonymizer proxies
  • Criminal activity, hacking
  • Gambling
  • Illegal drugs, alcohol and tobacco
  • Intolerance and hate
  • Phishing, fraud, spam, spyware
  • Tasteless and offensive
  • Violence and weapons
  1. Strong Password Policy – All organizations should strong password policies for creating strong passwords and maintaining a constant change.

Here is some password policy guideline that can be used:

  • Use long passwords
  • Include numbers, symbols, and upper- and lowercase characters
  • Do not use common dictionary terms
  • Do not use personal information such as names or birthdays
  • Change passwords every 90 days
  • Do not write passwords down

Another option for a strong password policy is to use a sentence.  This is not a new concept, full sentences and phrases are very secure due to their complexity and multiple ways in which they can be constructed.

  1. Application Control Policy – Standardize and limit the number of Internet browsers, applications and plugins in your organization and enforce this policy.
  • Browser: Use mainstream browsers only such as Internet Explorer, Google Chrome, Firefox, Opera, or Safari
  • Java: Unless there is a business requirement, limit or remove Java from your network
  • PDF reader: Use a single mainstream PDF reader. Keep it patched and updated.
  • Media player: If not required, avoid media player addons and codec packs. If needed, use operating system provided ones as your OS patch will keep it updated.
  • Plugins, add-ons and toolbars: If not require, do not use unnecessary browser plugins and toolbars
  1. Patch management policy – Ensure your managed IT services provider or IT department are updating your network consistently. You can also ensure the following applications have auto-updates activated where possible. Your IT team will ensure that you are actively applying updates or patches as they become available.

Solutions To Reduce Risk of Data breach

Security comes down to a multi staged approach and proactive security employee training.

You must ensure your managed IT services provider or IT department are keeping your perimeter secure as well as other protective measures. Look at security services as well as two-factor authentication, encryption, next-gen firewalls and anti-virus with built-in learning AI services.

Encryption is great because this kind of control, but it must be the right kind of encryption. If a specific file or email is encrypted properly, you can control who can read it.  Even if your organization experiences a data breach of your IT system and cyber criminals gain access to sensitive data, they will not be able to read it.

This will reduce your data breach risks and protect your organization from cyber criminal’s high data breach costs.

This is one of a few security measure an organization can put in place to protect themselves.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

Going to the cloud? We are your leading Cloud Services Providers Toronto.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

What is Cybersecurity and What Do You Need To Know?

As cyber threats continuously change, there is a lot of uncertainty as to what is cybersecurity and what do you need to know about it?

In its most basic form, cybersecurity is the proactive practice of protecting your IT infrastructure from cyberattacks.

These cyberattacks are targeted at either accessing, changing, or destroying data or infrastructure.  The next step by hackers can be to extort money or interrupt normal business processes.

Implementing an effective proactive cybersecurity system is challenging as there are more devices that people within an organization.  The bigger challenge is cyber criminals are becoming more innovative.

What is Cybersecurity and What Do You Need To Know? We will breakdown in to several sections below.

Passwords and phishing 365 iT SOLUTIONS

Part 1 – Cybersecurity: Passwords and phishing

Many properly managed organizations have state-of-the-art remote monitoring and management (RMM) systems and centrally controlled and managed anti-virus and anti-malware programs.

That is a fantastic as your organization is being proactive but unfortunately that does not mean you are not at risk of a cybersecurity breach or that an employee is not putting your organization at risk.

According to Verizon’s 2018 Data Breach Investigations Report, employees are the weakest link in the any IT security plan.  Over 93 percent of cyber security breaches come from phishing and social engineering scams.

Passwords have become even more easier for hackers to obtain as it was recently discovered that there is a file on the dark web for sale that contains 2.6 billion of them for sale. Hackers Are Passing Around a Megaleak of 2.2 Billion Records.

Companywide cyber security training can prevent phishing attacks and password hacks.  The is why employee education is essential including making employees comfortable with reporting problems without worry about personal consequences.

Part 2 – Cybersecurity: Choosing a password

In its most simple state, a password is a word or string of characters used for user authentication. It is used to prove identity or access approval to a resource and must be kept secret.

Most people know a strong password means a mix of uppercase letters, lowercase letters, numbers, and symbols. Industry best practices states that passwords should be changed every 90 days and this was set by U.S. National Institute of Standards and Technology (NIST) back in 2003.

Here is the wild card.  Some employees bypass these rules.  They switched letters with symbols such instead of “S” they use “$”.   Unfortunately, hackers figured this out where symbols are being substituted for letters and they are aware that most users change passwords every three months and they simply add sequential numbers at the end.

Recently, NIST revised its guidelines as instead of using a hash of numbers and symbols, it now states that you are better off with a password that’s longer than 64 characters.  To many this sounds difficult however it is much easier because you can create a pass phrase with spaces between words. Choose words that don’t normally belong together, like “big cat small house.”

Another important consideration is to use multi-factor authentication (MFA).  Organizations should encourage employees to choose a good password, and then move on to multifactor authentication (MFA), and single sign-on (SSO).  This will make their lives even easier while making your business more secure.

Part 3 – Microsoft No Password 

Microsoft No Password 365 it solutions

Microsoft is actively on a proactive quest to kill off passwords forever.  Recently Microsoft has gained official FIDO2 certification for Windows Hello which is part of the Windows 10 biometric authentication system.

The good news is that Microsoft sites will be able to sign into with Windows Hello. This will give you access to Edge, Chrome, Firefox, Outlook.com, Microsoft 365, Skype, OneDrive, Cortana, Microsoft Edge, Xbox Live, Microsoft Store, Bing, and MSN to mention a few.

Part 4 – Spot a phishing attack

If you run a company-wide phishing scam test, the results will surprise you.  The reality is that employees are busy and unfortunately sometimes they get careless and may accidentally click.

Is seems harmless to them as they believe that if they do click on a bad link, their organizations antivirus and anti-malware software will save them.  Now this may help, and it does reduce your exposure, but nothing is 100% as cyber criminals are constantly changing their attack plans.

A test phishing scam will provide an opportunity to educate employees about real cyber security problems the company faces.

Ask yourself the following about your organizations cyber security policies and procedures:

  1. Are your employees aware not to click links or attachments from unknown senders?
  2. Are they aware if an email comes from an insider or someone they know?
  3. Do they know to hover their mouse over a link to see if the address is different from the hyperlink text?

Check out our Quick Security Awareness User Training as a great free resource for employees.

Part 5 – How to Spot a spear phishing or social engineering attack

Spear phishing is a targeted cyber security attack that is asking for data or wiring of money.

Phishing attacks usually contain malware while phishing attacks do not contain malware.  They completely rely on tricking employees to act on the request in the email.

There are various ways they can do these cyber-attacks.  Hackers will sometimes hack an email of the individual they are impersonating while other hackers rely on “spoofing”.  They may also use email address with a letter or digit off.  Other hackers can edit the “From” field to make the fake addresses identical to the real one but if you click “Reply,” they are different than what is shown.

Cyber criminals looking to put together spear phisher scams will look all over the internet for all information possible.  They will look at LinkedIn, Google, Facebook, Instagram, and other websites to learn about your company, personnel information, suppliers, and relationships with partners.  They then combine all the information to put together possible requests such as wiring money to pay an invoice or handing over an employee’s personal information.

Size does not matter as hackers go after small and large businesses.  If you Google phishing scams, you will even see large sophisticated tech companies that have been fooled by hackers.

Internet giants like Google and Facebook got duped out of $100 million through an email phishing scheme when a hacker impersonated a computer-parts vendor.  The FBI reported that criminals made off with over $676 million in 2018 using phishing scams that are attacks designed to trick company executives or accounting departments into sending money to fake vendors.

Cybersecurity education is vital to employee education and your organizations security.  When employees realize that their personal information is out in the open as well as your business data is at stake, they are more likely to pay more attention to training and become more vigilant at protecting data.

Employees are different and you need to ensure your employee security training will be able to recognize attacks and help protect your organization.

Security is only as strong as its weakest link, and as we have seen, that includes your employees.

spear phishing or social engineering 365 it solutions

Part 6 – Lost or stolen devices

Even if your employees have their own device and your company supports Bring your own device (BYOD), there are some basic rules to follow and make your employees aware.

If your employees lose their phone, are they aware they need to notify IT right away?  Does your company have a policy that educates employees to report the loss of the device?

Here is an example to consider when it comes to your security within your organization:

An employee loses a device on a Friday and they wait until Monday because they want to see if it turns up.  When it does not turn up, they will then report it.  The bad part is the phone has been out there giving potential cyber criminals a 48 window to take advantage to penetrate your organizations network and sensitive data.

When you put together your IT security training, you need to build a custom IT security curriculum with as much detail as possible including items such as how reporting a lost or stolen device right away enables IT to lock it down before information can be stolen.

Part 7 – Wi-Fi and Bluetooth problems

Free Wi-Fi is everywhere, and many smart devices come with limited data plans.  This has now created a new thing where employees are constantly searching for open Wi-Fi connections everywhere they go.

This is good as it gives them faster internet as well as free internet but there are many considerations and warnings to consider.

It is very important to make employees aware how a free Wi-Fi connection can make it easy for a hacker to station himself between your employee’s device and the hotspot.  This will give them access to every bit of information they send over the internet including all their personal information as well as security credentials for your organizations network.

Once cybercriminals have the employee’s information no matter if it is business or personal, they can then easily log in and impersonate them anytime they want.  Public Wi-Fi can also allow hackers to send pop-up messages offering software upgrades where if clicked, they install malware and infect the device.

Wi-Fi is not alone as there is also Bluetooth to consider. Bluetooth is not safe either as it gives an open door to your network.  Cyber criminals have taken advantage of security flaws to hack into connections and steal business data from corporate networks. Once breached, it can easily spread malware to other nearby devices including office computers, printers, and much more. Although most devices have been patched for this particular problem, hackers tend to be one step ahead of device makers, meaning there could be other nasty surprises in store for the future.

Part 8 – Use a Virtual Private Network

Virtual Private Network 365 it solutions

Staying connected means you can work from anywhere.  Now to avoid security problems with WiFi and Bluetooth, most IT departments or managed IT services providers have employees use a virtual private network (VPN) connection instead as it is a private connection that encrypts all traffic, protecting your company’s data.

As stated above, nothing is 100%.  In order to follow industry best practices and harden network gear, it can make networks tricky to set up therefore an incorrect protocol can lead to security flaws and security holes in the network.

Your run a professional business and for this reason you should not use a free VPN solution as a recent study found that over 38 percent of free VPNs available contained hidden malware.

VPNs are used to encrypt communication between endpoints. They are not there to protect you from rogue applications or websites that may infect your network with malware.

Part 9 – Avoid USB drives

USB drives come in handy as it easily allows you to take information with you.  Unfortunately most of them are not encrypted therefore making it easy for hackers to get information or share malware with an infected USB drive.  Because they are so small, thumb drives are also easy to lose.

Here are some alarming statistics from a recent study on USB drives:

  • 90 percent of employees who use USB drives for company use
  • 80 percent of them are not using encrypted USB drives
  • 87 percent of the employees surveyed admitted they had lost a USB drive

What happens to USB drives when lost or to organizations?

Researchers planted over 300 USB drives in an experiment.  An alarming 48 percent of people picked them up and plugged them in to check them out.

Last year, Heathrow Airport Fined was fined £120,000 for a lost USB storage drive.  The USB drive was lost by a Heathrow employee and found by a member of the public who viewed its contents on a library computer. None of the data stored on the device was encrypted or password protected.

Employee training on how to properly use their USB drive responsibly and how to report a loss or theft is a crucial part of your security processes.  You need to engage employees and security policies by getting them involved with real life examples.

Part 10 – Cybersecurity takes a step forward

Companies are evolving and so is cyber-security.  Simply purchasing a cybersecurity solution is not enough.  Organizations need to rethink and design their IT infrastructure by implementing a security-by-design strategy.

According to Verizon 2019 Data Breach Investigations Report, there were 2,216 data breaches and more than 53,000 cybersecurity incidents reported in 65 countries in the 12 months ending in March 2018.

A proactive defense gives organizations the chance at holding off cyber-attacks.  Understanding the threats can help you manage risk effectively.

Part 11 – The human employee factor

proactive cyber security 365 it solutions

Your organization and employees must work as one when it comes to IT security and cybersecurity strategies.   The entire organization must be aligned as cybersecurity is a business pillar that must be used for all IT initiatives and IT projects moving forward.

Organizations must look at their IT department or managed IT services provider to ensure their employees are trained in cybersecurity.

When you look at the IT landscape, you will see how there are multiple levels to consider.

  • Internal IT departments are not Managed Services Providers (MSP)
  • Managed Services Providers (MSP) are not Managed Security Service Providers (MSSP)
  • Managed Security Service Providers (MSSP) is not an internal IT department or Managed Services Providers (MSP)

Organizations need to find the correct firm to address the proper  business goal. As complexity rises and demand is booming,  there is a large shortage of cybersecurity talent that is impacting global security.

Part 12 – How do you invest in Technology

Organizations have to properly align business goals with technology.

You need to look at some of the following steps:

  • Remote management and monitoring (RMM) for laptops, workstations, smart devices, and servers
  • Cybersecurity monitoring and management to monitor all aspects of your network
  • Next-generation firewall with active security services such as intrusion detection
  • Centrally managed and monitored virus and spam blocking

A strong network foundation is crucial for organizations that want to keep secure and thrive.

Managed Services Providers (MSP) and Managed Security Service Providers (MSSP) are always on the lookout for next-gen solutions that can create sustainable and resilient networks as well as make cybersecurity tasks easier and faster.

What is Cybersecurity and What Do You Need To Know?

Simple, cybersecurity allows organizations to operate while under persistent threats and sophisticated cyber-attacks.  This enables organizations to embrace disruption safely, strengthen customer trust, and boost value.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

Cyber Security is Challenging Organizations and Employees Are Being Sued

Cyber security is a challenging organizations and employees are being sued resulting in loss of trust.  Current court case for an employee being sued for a $250,000 online fraud.

In an interesting cyber security case, an employee is being sued for sending approximately $250,000 to an online cyber security hacker.  The employee of Peebles Media Group UK unfortunately was victim to a CEO phishing scam.  The cyber criminals sent the employee emails pretending to be her boss.

The lawsuit alleges that the employee was warned  by financial institutions about cyber criminals using phishing scams to trick employees into making payments online.  Unfortunately, the employee released over $250,000 (£193,250) of the organizations funds to cyber criminals.  It took a few days for this to alert the organization.

Lawyers for the organization accuse the employee of being negligent while the employee is accusing the organization of lack of training.

The financial institutions were able to refund the organization £85,268.28 however they are suing the former employee for the remaining sum.  The employee was dismissed from the firm for her actions in being negligent. The case is ongoing in court.

This case is in line with a recent study that shows just over 20% of Americans don’t trust anyone to protect their data properly.

The study was released from a hardware security organization that reveals that many people and organizations want more control over their personal data and privacy including tighter controls on how others handle and safeguard their data.

The biggest concern has been Identity theft as it is used to access personal and corporate data such as phishing scams.

Here are some alarming numbers that were produced in the security study of Americans.

  • 18 percent have been victims of a cyberattack
  • 68 percent have an ongoing fear identity theft
  • 34 percent want control of their personal data
  • 34 percent stated having control of their personal data helps them trust that organization
  • 38 percent stated organizations should fire their Chief Information Security CIS following a cyberattack
  • 31 percent stated organizations should fire their Chief Information Officer CIO in the same situation
  • 38 percent stated a cyberattack or hack should be a federal offense

The ultimate bottom line is if organizations continue to fall short on training employees as well as proactively managing their IT security, cyberattacks and breaches will affect their business.

The best defense in cybersecurity is a proactive one which includes hardware, software and education.

Your security is only as strong as your weakest link therefore we are offering a quick security awareness user training video.  Feel free to view and share this quick security awareness user training.

Our complimentary network and security assessment can put your IT infrastructure and business to the test.

365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry leading IT solutions including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Full article on the lawsuit is available at on BBC, Company sues worker who fell for email scam.