What exactly is preventive cyber-security?

2017February15_Security_A

By EDITOR

There has been a movement among technology providers to promise “proactive” cyber security consulting. Small- and medium-sized businesses love the idea of preventing cyber-attacks and data breaches before they happen, and service providers would much rather brainstorm safeguards than troubleshoot time-sensitive downtime events. But it’s not always clear what proactive cyber-security means, so let’s take a minute to go over it.

Understand the threats you’re facing

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

  • Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
  • “Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
  • Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
  • Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
  • Antivirus software that specializes in the threats most common to your industry.

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security by giving us a call for a demonstration.

Posted in Uncategorized | Leave a comment

New Mac malware linked to DNC hacking group

2017Mar2Apple_A

By EDITOR

Fancy Bear, also known as APT28, is the Russian cybercriminal group responsible for hacking the Democratic National Party last year. Since then, the group has developed a host of tools to exploit Linux, Android, and Windows vulnerabilities. Last month, they spread a new strain of malware that specifically targets Apple Macbooks. If you own a Mac or an iOS device, here are some crucial details about the new malware.

According to antivirus provider Bitdefender, the new malware — named Xagent — is a Mac OS backdoor that is usually delivered via spear phishing emails.

To deploy the malware, hackers attach a Trojan software downloader in the email. If users interact with it, the program immediately creates a backdoor and connects to the cybercriminal’s network.

The malware then avoids detection by checking for antivirus software; and if it determines that cybersecurity solutions are offline or unpatched, it will begin to send system information, locally-saved passwords, iPhone backups, and desktop screenshots back to hacker headquarters.

Although security updates for the new malware are still unavailable, there are some things you can do to minimize the possibility of infection.

Approach emails with caution
Since hackers use phishing scams to distribute the Xagent malware, train your staff to be critical of email links or attachments, even if from the CEO or a close friend. And under no circumstances should you interact with any email from an unknown sender.

Keep your OS up-to-date
Always remember to install the latest operating system and application updates to make sure that Mac vulnerabilities are covered immediately.

Don’t save passwords
While it may be easier to save your passwords on your local browser, it gives hackers easy access to your accounts. If you can’t remember all your passwords, consider password management software. And while we’re on the subject, make sure you set unique passwords with a good combination of letters, numbers, and symbols.

Encrypt backups
To add another layer of protection, encrypt your iOS backups. This ensures that unauthorized users won’t be able to read the contents of your iOS data even if they do manage to gain access to your computer.

Cybersecurity is a universal issue, even for Mac users. But adopting these basic security habits will keep any hacker, whether from Russia or the US, at bay. Fortify your defenses by giving us a call today.

Posted in Uncategorized | Leave a comment

WordPress websites under attack

2017February27_WebandCloud_B

By EDITOR

It’s no surprise that millions of websites are on WordPress — it’s easy to manage, operates on an open source framework, and covers most webmasters’ Content Management Solutions (CMS) needs. What’s also no surprise? That it’s prone to attacks. Recently, some 20 attackers defaced thousands of WordPress websites. If you think 20 attackers is frightening, wait ‘til you read more.

WordPress attacks by the numbers

In 4 separate attacks, an estimated 40,000 websites were compromised, defacing 67,000 web pages, which has quickly gone up to 1.5 million. A security release update, WordPress 4.7.2, was immediately launched to mitigate the flaw, but not everyone was able to deploy it on time, thus inflating the number of corrupted web pages.

Although WordPress took measures to ensure that the vulnerability would go unnoticed, hackers found a way to get around the initial fixes and exploited the sites that remained unpatched. Those who haven’t applied WordPress’s latest security release were the ones most harmed by the defacement campaigns, and it soon became highly publicized.

Steps taken

Fixes have been deployed and stronger patches are in the works, but hackers do not just sit around and wait to be taken down. In fact, more attacks are being launched concurrently with security developers’ attempts to strengthen blocking rules.

In preparation for further exploits, WordPress liaised with cybersecurity firms to implement protective measures. Google did their part by announcing via Google Search Console the critical security updates that webmasters must install to protect against the WordPress-specific attacks. Meanwhile, web application vendors and web hosting companies are poised to protect their customers from attacks by installing web filters on their customers’ web servers.

Despite these measures, the attacks are expected to continue and the masterminds behind them will come up with strategies more insidious than merely modifying several web pages. Updating security patches that can effectively alleviate the vulnerabilities’ impact will also take time to develop and launch.

The importance of patches

Some attacks may cause a blip on your business’s networks, while others might cause its demise. From all these attacks, one lesson is worth emphasizing: Applying the most up-to-date patches is critical to your systems’ security and business’s survival.

Unpatched systems are the easiest targets for hackers who are always on the lookout for vulnerabilities to exploit. If your organization lacks the capacity to manually update security patches, consider deploying patch management software. Keeping all your software updated with the latest patches may seem like an insurmountable task, but the price of neglecting it can cost you dearly.

WordPress remains the most widely used CMS and its popularity is not going to wane anytime soon. If your website runs on WordPress and you’re considering security options that will ensure your company is poised to handle breaches, contact us for advice.

Posted in Uncategorized | Leave a comment

Is fileless malware a threat to you?

2017March3Security_A

By EDITOR

There have been some truly horrifying cyber-security headlines popping up over the last month. If you’ve been reading about “fileless” malware attacking banks and other big-name institutions around the world, we’re here to set the record straight: Your business isn’t in direct danger. But even if you’re not, staying abreast of all the details is still worthwhile.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Where is it now?

Apparently being infected by this strain of malware makes you an expert because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber attackers to withdraw undisclosed sums of cash from ATMs.

Am I at risk?

It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.

If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.

Should I worry about the future?

The answer is a bit of a mixed bag. Cybersecurity requires constant attention and education, but it’s not something you can just jump into. What you should do is hire a managed services provider that promises 24/7 network monitoring and up-to-the-minute patches and software updates — like us. Call today to get started.

Posted in Uncategorized | Leave a comment

Advice from a failed disaster recovery audit

2017February28_Business_A

By EDITOR

We can write about disaster recovery planning (DRP) until our fingers bleed, but if we never discuss real-world scenarios it’s all just fumbling in the dark. Examining these successes and failures is the best way to improve your business continuity solutions, and the recent audit of a state government office is rich with valuable takeaways.

Hosting certain types of data, or managing a government network, legally binds you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures lead to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan.

Update and test your plan frequently

One of the first and most obvious failures of the department’s DRP was that it didn’t include plans to restore an essential piece of their infrastructure. The plan didn’t include steps to restore the department’s intranet, which would leave employees unable to complete even the most basic of tasks.

The reason for the oversight? The last time the plan was updated was in 2011 — leaving out more than six years of IT advancements. If annual revisions sounds like too much work, just consider all of the IT upgrades and improvements you’ve made in this year alone. If they’re not accounted for in your plan, you’re destined to fail.

Keep your DRP in an easy-to-find location

It may seem a bit ironic that the best way to store your top-of-the-line business continuity solution is in a binder, but the Michigan Department of Technology and Budget learned the hard way that the alternatives don’t work. Auditors found the DRP stored on the same network it was meant to restore. Which means if something had happened to the network, the plan would be totally inaccessible.

Your company would do well to store electronic copies on more than one network in addition to physical copies around the office and off-site.

Always prepare for a doomsday scenario

The government office made suitable plans for restoring the local area network, but beyond that, there was no way for employees to get back to work within the 24-hour recovery time objective.

Your organization needs to be prepared for the possibility that there may not be a local area network to go back to. Cloud backups and software are the best way to keep everything up and running when your office is flooded or crushed beneath a pile of rubble.

DRPs are more than just an annoying legal requirement, they’re the insurance plan that will keep you in business when disaster strikes. Our professionals know the importance of combining both academic and real-world resources to make your plan airtight when either auditors or blizzards strike. Message us today about bringing that expertise to your business.

Posted in Uncategorized | Leave a comment

Selecting the perfect Office 365 plan

2017March8Office_B

By EDITOR

Office 365 Business, Business Premium, Enterprise E1, E3, and E5. Each of these Office 365 plans offer different features and services. Implement the wrong one, and you may end up with a solution that doesn’t fully meet your company’s needs. To help your business select the right Office 365 license, we’ve summarized and listed the different features of each plan.

Business or Enterprise?
If you’re running a cloud-first business, you’ll have to decide between Office 365 Business and Enterprise. Both may have access to Office Online and OneDrive, but there are some notable differences between the plan.

For one, Office 365 Enterprise E3 and E5 plans have unlimited archive and mail storage space, while Business plans have a 50-GB storage limit and don’t provide archive access from the Outlook client.

When it comes to SharePoint, Business plans are short on enterprise search, Excel services, and Visio features. Additionally, unified communication solutions, Power BI, and Delve analytics are also missing from the Office 365 Business offering.

Although it may seem like Enterprise subscriptions are superior — and in some ways they are — Business plans are perfect for smaller companies running on a tight budget. Office 365 Business and Business Premium cost $10 and $15 per user per month respectively, while E5, the biggest Enterprise plan, costs $35 per user per month.

As a general rule, start looking for Enterprise plans when your employee headcount exceeds 50 people and users require more storage space and solutions.

E1, E3, or E5?
If you do opt for Office 365 Enterprise plans, you’ll have to examine the features and choose one of three plans (E1, E3, and E5) that suits your needs.

E1 offers basic enterprise solutions such as Outlook and Word, OneNote, PowerPoint, and Excel online for only $8 per user per month. Apart from this, users also get access to SharePoint Team sites, video conferencing, and Yammer for enterprise social media.

E3 provides all E1 features and adds data loss prevention, rights management, and encryption to ensure business security and compliance. While E5 is a full enterprise-grade solution with all the aforementioned features plus analytics tools, advanced threat protection, flexible Skype for Business conferencing, and unified communication solutions.

Small- and medium-sized enterprises will usually select either E1 or E3 subscriptions and decide to add third-party applications to meet cloud security and VoIP demands. But if you have the resources and prefer a fully-managed suite of Microsoft applications, E5 plans are the way to go.

Migrating to an Office 365 platform is a big step, and if you’re still undecided about which plan to opt for, contact us today. We don’t just provide Office 365, we assess your business and find the best solution that meets your budget and objectives.

Posted in Uncategorized | Leave a comment

Apple’s new year comes with new malware

2017January25_Apple_C

By EDITOR

We love Mac computers as much as anyone does, but even we have to admit the notion of superior cybersecurity can be a bit overblown. Malware still finds its way onto Apple devices, and the only remedy is preparedness. Take a minute to brush up on the first Apple malware of 2017 before it puts a damper on your new year.

Where did it come from?

Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.

In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.

What does it do?

So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.

Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.

How should I proceed?

We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.

If you don’t have a managed IT services provider, this is the time to start considering one. Despite misconceptions, Apple devices need just as much care and attention as Microsoft and Linux PCs. And it’s not just security; if you want to optimize workstation performance, create a disaster recovery plan, or upgrade your database. Message today to get started.

Posted in Uncategorized | Leave a comment

Hackers use browsers to get credit card info

2017January27_Security_C

By EDITOR

Does filling in web forms sap all your browsing energy? Do you find it especially taxing to shop or register online using a mobile device? Google’s Chrome alleviated this dilemma when it introduced the Autofill feature in 2011, which made filling in forms much faster and making credit card purchases online more convenient. Unfortunately, it didn’t take that long for cyberthieves to find a way to take advantage.

How do they do it?

By concealing other fields in a sign-up form, users are tricked into thinking they only have to fill out a few fields. The trickery at work is that upon auto-sign up, other fields, which could include your billing address, phone number, credit card number, cvv (the 3-digit code used to validate credit card transactions), and other sensitive information, are auto-filled with the user none the wiser.

This sinister trick is nothing new, but since there hasn’t been any countermeasure since it was first discovered, the threat it poses is worth emphasizing. Finnish whitehat hacker Viljami Kuosmanen recently brought to light how users of Chrome and Safari are particularly vulnerable, and he even came up with a demonstration of how this phishing technique is perpetrated. The technique is so sneaky, it’s enough to make one give up online shopping forever.

Using plugins and programs such as password managers is also fraught with the security risk, as having access to such a utility empowers cyberthieves to do more than just obtain your credit card info; it opens them up to a great amount of personal details.

Preventing an autofill-related theft

So what can you do to avoid falling prey?

Using Mozilla Firefox is one of the easiest available solutions. As of today, Mozilla hasn’t devised a mechanism that affords its users the same convenience that Chrome and Safari users enjoy with autofill. When filling web forms on Firefox, users still have to manually pre-fill each data field due to a lack of a multi-box autofill functionality – a blessing in disguise, given the potential for victimization in autofill-enabled browsers.

Another quick fix is disabling the autofill feature on your Chrome, Safari and Opera (for Apple mobile devices) browsers. This would mean that when filling out web forms, you’d have to manually type responses for every field again, but at least you’d be more secure.

It’s not exactly the most sophisticated form of online data and identity theft, but complacency can result in being victimized by cyber swindlers. Take the first step in ensuring your systems’ safety by getting in touch with our security experts today.

Posted in Uncategorized | Leave a comment

3 Reminders for HIPAA compliance in 2017

2017January30_HealthcareArticles_A

By EDITOR

Even if notable punishments and fines for HIPAA non-compliance have only been doled out over the last 6 years, data privacy regulations have been around for 14. And with each passing year, these rules evolve in ways that make it near impossible to keep up without an expert on hand. As we kick off 2017, we want to review just a few of the most important talking points about HIPAA compliance.

Compliance leaves the office with you

When you take your phone, laptop, or tablet with you — as you return home, or go to a meeting outside your office or a seminar out of state — your data needs to get the same treatment it does inside the office. If you access data from unsecured devices or connections, you could be looking at stiff penalties when audit time rolls around.

As an extension of this principle, business partners with any involvement in your data storage, transfer, or protection are also required to employ best practices. If you have a legal firm on retainer with access to your network, it’s your responsibility to ensure that firm also adheres to compliance rules. Business Associate Agreements are the best way to shield yourself from mistreatment of data by a business partner, and they should be reviewed at least every year.

Most “optional” measures…aren’t actually optional

Confusingly, HHS’s Summary of the HIPAA Security Rule page has a heading titled Required and Addressable Implementation Specifications. The synopsis can be interpreted as, “Although we listed some safeguards as addressable, we actually mean that they have to be implemented. But how you do so is up to you.”

2016 saw a massive uptick in the number of HHS audits and the fines the government entity doled out. Consequently, whenever safeguards or measures allow for wiggle room or subjective interpretation, we always recommend going above and beyond. Compared to fines that soar into the millions of dollars, hiring a managed IT service provider is more than worth it.

This is about more than being “careful”

Some providers are quick to point out that compliance is about stringent safeguards to prevent even the tiniest of breaches. How do you think those practices would respond if you told them one Ponemon survey found that 90% of healthcare practices experienced a data breach during a two-year period?

Managing cyber security is becoming a problem for organizations in every industry. Business owners need to acknowledge that the threats are real, and that solutions must be exhaustive. In fact, most states have enacted their own variation of patient privacy legislation. So if you’ve found a thorough walkthrough of compliance written by someone located in another state, that’s not going to cut it.

To confidently achieve HIPAA compliance, you need IT technicians with experience adapting to years of changes to this complicated legal framework. Call us today so we can help you secure and manage your electronic medical records and protected health information.

Posted in Uncategorized | Leave a comment

Tips for a cloud-based unified communications

2017February1_VoIP_C

By EDITOR

The number of small businesses that will move their unified communications to the cloud is predicted to increase from 10% to 48%, while medium-sized firms and large enterprises follow, albeit in smaller percentages. These numbers are not surprising because migrating unified communications to the cloud presents a host of benefits to communication systems: simplicity, flexibility, and lowered costs. You probably have given it some thought, but haven’t concluded that migrating your unified communications is a good decision. These five tips for a successful migration could help your decision-making.

Opt for a gradual transition

Migrating unified communications to the cloud doesn’t have to be done at one fell swoop. You can move UC for departments that can benefit from it, while those with no pressing need for a cloud-based UC, such as a company’s call center, can keep using on-premise systems. This way, users can ease their way into the new system without experiencing network disruptions, which could lead to reduced productivity.

Secure sufficient bandwidth

Issues on speed and performance will inevitably arise, so make sure to cover all the bases before migration. That means securing a reliable internet service provider, checking the stability of your internal network, and having a Plan B. This is a particularly critical point to ponder if you have operations in locations where unstable or slow networks could pose serious difficulties. Determine the level of bandwidth your entire business needs, and get it from an ISP that can deliver.

Test, test, test

Transitioning UC to the cloud may appear seamless, but there may be a few unexpected kinks that would need ironing out long after the migration is declared a success. To soften the potentially costly and time-consuming impacts, test the systems throughout the duration of the migration. Whether you’re testing voice, data, or video, conduct tests, set benchmarks for performance, and predict future usage patterns.

Go live and act on identified problem points

After going live with your cloud UC, consider the overall user experience and availability of support for devices, applications and other components. Are persistent connectivity issues going to cause troublesome conference calls? This and similar issues may prove detrimental in the long-run, so keep them in mind when deciding to keep, enhance, or discontinue a cloud-based UC. Cloud migration should be solving problems, not causing them.

Constantly monitor performance and quality

Don’t be surprised if you encounter a few issues even after extensive testing. Migrating to the cloud simply requires planning and a sustainable strategy, whether your organization is dependent on instant messaging, voice conferencing, or video calling. There’s also a good chance that you will be working with several vendors, so always demand for the best service.

Having your UC moved to the cloud may seem like a daunting move, but with our cloud technology and VoIP know-how, we’ll make sure your unified communications in the cloud precipitates just benefits. Contact us today for advice.

Posted in Uncategorized | Leave a comment