Archive for the ‘Security’ Category

The Changing Face of Data Governance

In our age of data-driven decision making, the new GDPR laws have once again brought the criticality of data governance to the forefront. Believed to be one of the most extensive revisions to the European data protection and privacy legislation, GDPR and its associated changes have presented businesses with the unique opportunity to organize their data houses.

So, executives should consult with experts familiar with GDPR on its impact on their operations. Businesses need to get used to the idea of handing over control of the data they share with people; only then can they achieve GDPR compliance and establish a better rapport with customers. But how does data governance figure into all this? Find out below:

 

 

Shortcomings in Traditional Data Governance

 

 

There’s nothing wrong with traditional data governance; in fact, it offers a rigorous and strategic framework for designing outline roles, data standards, and responsibilities, along with procedures and policies for data management throughout the organization. What’s more, without traditional data governance, businesses wouldn’t have been able to increase their efficiency and productivity in the use of core business data resources in data and transactional warehousing environments.

The focus of these methods was on data quality, trust, and protection, and they were great for recognized data sources that had known value. However, the modern industry is full of unstructured or unknown data sources like IoT and big data, and traditional data governance just can’t keep up. With the added features of machine learning and artificial intelligence, the shortcomings of the conventional approach are becoming obvious.

Owing to their rigid structure, conventional data governance procedures and policies hinder the possibilities formed by advanced analytics and data technologies by forcing them to fit the age-old mould for legacy infrastructure and data platforms.

 

 

Impact of Emerging Technologies

 

 

IoT provides thousands of unrelated data sources a chance to connect on the same platform. IoT gadgets are more than just data source; they are data generators and gatherers. Sensors, wearable devices, and other modern computing technology can accumulate data by the millisecond and stream the same data into a cloud of possible consumers.

Artificial intelligence and machine learning systems analyze the data in real-time to identify relationships and patterns, gain knowledge, and plan a suitable course of action. While these are data-based autonomous actions rather than explicit instruction or programming, they possess the power to find gaps or extra data requirements and send requests back to the IoT gadgets for collecting or generating fresh data.

Traditional data governance makes the onboarding of IoT devices very difficult because of conventional authorization and validation needs. To foster machine learning and artificial intelligence in these initial stages, the data lifecycle must rely on non-conformity with predefined standards and rules. So, governance must allow new data to be incorporated quickly and efficiently, and offer mechanisms to mitigate dangers, maximize value, and encourage exploration.

 

AI and IoT under the New Data Governance Methods

 

Concepts like IoT and AI aren’t new but they are still highly competitive markets for businesses. While the two undergo expansion, they tend to hypercharge the growing volume of data, especially unstructured data, to unexpected levels. As a result, the volume, velocity, and variety of data increase in unison. And as the volume rises, so does the speed and velocity at which data need to be processed. In such cases, the types of unstructured data increases as well. To manage all this, businesses have to implement the necessary data governance.

Storage and Retention

Big data has increased the variety and volume of data considerably, which means more data storage is a necessity. Data storage and data integration and provisioning are used interchangeably, but they are very distinct. Governance must address them separately and appropriately. While storage normally means the way data is physically retained by the organization, in conventional data management methods, the data storage technology impacts the storage requirements like size and structural limitations. Along with retention practices and budget limitations, often dependent on compliance, these needs restrict the amount of data stored by the business at a certain time.

 

 

 

Security and Privacy

 

 

Security and privacy are the major areas of focus for conventional data governance. But new technologies expand the scope of what needs to be secured and protected, emphasizing the need for additional protection. Even though “privacy” and “security” are thought to be one and the same, they are not.

Security strategies safeguard the integrity, confidentiality, and availability of data created, acquired, and maintained by the company. Security exclusively means protecting data, while privacy is more about protecting entities, like individuals and businesses. Privacy programs make certain that the interests and rights of an individual to control, use, and access their private details are protected and upheld. However, without a successful security strategy, a privacy program is unable to exist. Privacy needs often inform policies in large-scale security operations, but the program itself influences the processes and technology need to implement the necessary controls and protection.

As far as IoT is concerned, security is one of the most crucial aspects. The regular addition of systems and devices constantly leads to new vulnerabilities. Even though business comes first, protection is possible only if they protect and secure the network along with every touch point where data travels. Thanks to IoT, data security isn’t just about permissions and access on a given system. Data protection now incorporates network segmentation, data encryption, data masking, device-to-device authentication, cybersecurity monitoring, and network segmentation. That’s a whole lot more than what traditional governance programs envision.

 

Escalated Digital Transformation

 

The changes in digital transformation will be far-reaching. In fact, the new data governance measures will accelerate the process, thereby rewarding organizations that commit to more than just compliance with data governance. Moreover, a stronger foundation in the field of data governance will provide organizations with various benefits, such as increased operational efficiency, decision-making, improved data understanding, greater revenue, and better data quality.

Data-driven businesses have long enjoyed these advantages, using them to dominate and disrupt their respective industries. But it’s not just meant for large businesses. The moment is right, for your company to de-silo data governance and treat like a strategic operation.

Data governance is changing, and you need to work hard to keep up or get left behind in the industry. However, you can follow the tips given below for the best health and ensure your company is prepared for GDPR.

 

Author : Rahul Sharma

The Biggest Threats from the Dark Web That Keep Businesses on Their Toes

Beyond the glitz, glamour, and glory of the World Wide Web as we know it is a virtual world that’s not half as bright. It’s the dark web. Technically speaking, it’s a network of web pages that can’t be indexed by normal search engines. The anonymity of this network means it brings out the worse in human beings more often than it makes good things happen. The dark web has been known to facilitate an exchange of illicit goods such as firearms, drugs, child pornography, and what not. Very recently, an Instagram hack revealed the personal contact details of the world’s top celebrities, which were duly put for sale at prices like $10 apiece by cybercriminals on the dark web.

 

Deep Web, Dark Web, Darkness, Binary, Code, Null, One

Why Should The Dark Web Be A Matter of Concern for Businesses?

Governments around the world have been making rapid strides in bringing down the shutters on dark web networks. The question is – what implications does this nefarious network has on businesses? Well, the dark web is said to be the dark side of the Internet city, where cybercriminals reside and run their black market of trade of information, digital tools, and physical materials that are then used to commit crimes, inflict self-harm, and perpetuate negative propaganda in communities. For instance, ransomware script creation tools, keyloggers, phishing kits and manuals – everything is available for sale on the dark web. It’s the platform for selling Cyber-crime as a Service!

Dark Web: A Black Market for Sale and Purchase of Stolen Corporate Data

Agreed – it’s a bad place if people sell firearms and drugs using this network. That’s a government problem, though, and not a business problem. Well, it’s estimated that at least one-third of the dark web activity is about the sale and purchase of corporate data. This includes, but isn’t limited to:

  • Login credentials to enterprise applications, stolen from careless and unsuspecting employees
  • Extracts of email addresses and phone numbers of several thousands of employees of big businesses
  • Email threads mentioning keywords such as hiring, resign, pay, cost, etc., which can be used to leak important information or to blackmail key executives

https://upload.wikimedia.org/wikipedia/commons/thumb/8/8f/Deep_Web.svg/1200px-Deep_Web.svg.png

 

 

Real World Examples of How the Dark Web is Keeping Businesses at the Edge

Nothing explains the real impact of dark web activity on business organizations of all scales and sizes like some recent examples. Here’s a list of the top examples:

  • The Australian Tax Office had to suspend its use of Medicare cards after realizing that many of these identities were for sale on the dark web.
  • In Sep 2017, UK dailies carried news of how month long valid UK rail passes were available at 15% of their market value, on the dark web, with the scam’s financial impact estimated at £200m.
  • Among the hottest selling products on the dark web are ransomware development kits for Android that don’t require the user to have any coding experience to make it work!
  • It’s common for cybercriminals to offer the money back guarantees on digital assets such as corporate employee identities, if the identities don’t prove to be at least 80% accurate, for instance!

 

Dark Web and Insider Threats: A Deadly Combination

Because of the unbelievable success and sustenance that the dark web has enjoyed for the past decade, in spite of public knowledge of its despicable existence, immoral web users are tempted to earn a bit of easy money by participating in dark web related crime. The simplest example is of an insider of your business, one of the thousands of employees, who’s willing to share seemingly innocuous information (such as a list of email IDs of people who worked for the company in the past 5 years). A more dreadful example is that of the insider willingly compromising company network security to let a cyber-criminal access sensitive information. The same could be done by negligent employees, as well as rogue intruders who have access to stolen application login credentials.

 

The solution: enterprise IT security teams need to be proactive about monitoring user behaviour, accessing risks, proactively looking for process weak spots, and advancing the general security awareness of the staff.

 

Technology to Detect Data Breaches on the Dark Web

Traditionally, enterprise capabilities of detecting data leakages on the dark web have been staggeringly insufficient. It’s estimated that in Europe, the time delay between a data breach and its detection is 469 days. This makes it mandatory that organizations be super cautious about data breaches. Because the dark web is non-indexable, detection becomes difficult, even if your corporate information is the hottest discussed topic there. Thankfully, organizations now have access to monitoring tools that can look beyond the indexable web. This means that if a dark web cyber-criminal openly discusses your business or creates a listing of your digital assets, you’d come to know within minutes.

 

GDPR and Dark Web: The Stakes Are Higher Than Ever

When GDPR becomes legally binding for businesses in May 2018, the implications of a data breach will be much higher than what they are today. GDPR allows organizations a period of 72 hours to report a data breach after becoming aware of it. Remember the Uber data breach? The company didn’t reveal its knowledge of the breach for more than a year. Had GDPR been in force then, Uber could have been staring at penalties to the tune of tens of millions of pounds. Organizations run the risk of being penalized up to 4% of their revenue if they fail to comply. The dark web is one of the major challenges that companies will face as they try to stay on the right side of the lines drawn by GDPR.

 

Concluding Remarks

Bring in dedicated capabilities to combat the security risks posed by the dark web. Embrace monitoring tools that can ‘listen’ for discussions relevant to you on the dark web. The dark web is a dark reality, and it’s more closely linked to your business than you’d care to acknowledge.

Reliable Tips That Will Prevent You From Being Victimized by Ransomware

In spite of the fact that it’s causing millions of dollars of cybercrime-related damage to businesses annually, not many enterprise computer users truly understand what ransomware is. Naturally, till the time WannaCry and Petya ransomware attacks became global discussion points in the first half of 2017, even the general understanding of this form of cybercrime wasn’t any good. A recent survey done with business executives revealed that 1 in 3 would agree to pay to retrieve stolen or locked data. For organizations that have already been targeted once, the percentage becomes almost double (55%).

 

A Refresher on Ransomware

Ransomware is perpetrated via spam links and phishing emails, which eventually lead to the installation of codes that lock out your computer’s data, after which the perpetrators ask you to pay ransom to get the data unlocked. Because business and massive financial value (even if it’s notional) it’s clear that the ‘revenue model’ of ransomware will keep on motivating cybercriminals to advance their means and methods. The responsibility of keeping your data secure rests with you. And there’s a lot you can do. Read on.

 

Become a Data Backup Ninja

Why would anybody pay a ransom if they had another copy of the locked data available! The way to do so has become a process at backing up your business data. For starters, you have the option of storing your data in external hard disks. That’s because the costs per GB of this mode of storage are dropping regularly. Then, there are many affordable clouds based storage service that you can trust to automatically sync up your imports data folders to an online database, ensuring you always have the latest data backup ready. Even cybersecurity experts agree; next to having a reliable anti ransomware software protecting your computers, taking regular backups is the best way to stay safe from ransomware.

 

Separate Personal and Work Activity to Different Hardware

Your business data is invaluable. Separating business and personal work to different hardware can be a pain, but the rewards are worth the pain.

Invariably, the applications and web-based tools you use for personal work aren’t half as secured as the applications that your business’ IT team takes care of. Don’t let convenience become a cause of falling prey to ransomware.

 

Educate End Users about Ransomware Cyber Crime and Related Tactics

Lack of awareness that cyber criminals are out there on the prowl is a major reason why people end up as victims of ransomware. To make things better, leading organizations are already using these strategies:

  • Conducting regular training to make employees aware of terms such as spear phishing, social engineering, etc.
  • Simulating social engineering attacks with the help of internal IT to showcase vulnerability
  • Making it mandatory for end users to pass regular security quizzes and tests

 

It’s high time you used a mix of these strategies.

Patch, patch, and patch

 

Ransomware primarily targets minute security flaws in popularity enterprise software. By keeping applications at their best stable state ensures you plug the monitor gaps that cybercriminals can otherwise exploit.

 

Thankfully, most enterprise software vendors release security upgrades frequently. The best practices are to always embrace these upgrades. Activate the automatic update option for your business applications.

 

Add Later After Layer of Security

Having a layered approach to foil ransomware attacks in particular and malware in general works great guns for a business. This means making the conscious effort to not depend on a single mechanism of keeping ransomware at bay. So, a firewall won’t do alone. It must be supplemented by strong antivirus, with specific ransomware combat capabilities.

 

Thankfully, this doesn’t always mean that you have to inflate your cybersecurity budgets because most security products tend to anyways bring in a layered protection approach. Also, remember that most ransomware codes run execution files from the Windows App Data folder or the equivalent folder on other operating systems. So, disable the permissions for executable files to be run from these locations.

 

Cryptolocker ransomware

 

Restrict Privileges of Computers Operating As A Part of a Network

The big difference that ransomware makes on a computer that’s a part of a large network is that once one of the computers if affected, the ransomware can duplicate itself on all other computers in the network, and hence, multiply the damage. This is exactly why cybercrime groups target business networks most often.

Ransomware gets the same privileges as the computer it’s hosted in. So, if an infected computer has local or global admin privileges, the ransomware will be able to use the same wrack havoc. Surely enough, such a network will witness most computers infected with the same ransomware, because of the lack of control over admin privileges.

You’d much rather struggle with ransomware on one computer, than ransomware on the entire network.

 

http://picpedia.org/highway-signs/images/ransomware.jpg

Use Latest Versions of Web Browsers

Since most ransomware installations initiate from web activity, you need to do everything possible to keep your Internet sessions safe. One reliable method is to always update Mozilla Firefox, IE, Chrome, or whichever browser you’re using because the upgrades invariably make the browser more secure against newer kinds of malware.

 

https://media.defense.gov/2017/Jun/06/2001758041/780/780/0/170606-F-AY392-0001.JPG

 

Be Convinced Before You Open a File

We’re living in times where we encounter attempts of cyber-crime (of varying intensity) almost every day. Drastic problems call for drastic measures; one of them is to be careful about what you click on and open from the web. Emails, in particular, are a primary source for cybercriminals to send carefully planned messages with infected files, or malicious links, which lead to malware (specifically, ransomware) installations. So, if you make it a practice to question the source of emails before opening any attached files, you will significantly improve your prospects of staying protected from ransomware.

 

Concluding Remarks

As we finish finalizing this piece, the Atlanta ransomware attack news (25 March 2018) is beginning to send the world into another frenzy! These are tough times; stay secure.

 

 

Author – Rahul Sharma

Machine Vs Machine: A Look at AI-Powered Ransomware

Cyber-crime is a fast growing industry because it’s a simple way for nefarious people with computer skills to make money. Ransomware in particular, has been an ongoing security nightmare for the last couple of years. With attacks like WannaCry, which infected about 400,000 computers in 150 countries, making headlines for their ability to fuel fears about the vulnerability of data. It has gone from the 22nd most common form of malware to the 5th most prevalent type.

According to a recent survey from Sophos, 54 percent of surveyed companies reported having being hit by a Ransomware attack in 2017. Another 31 percent expect it to happen again in the near future. The data collected indicated that the average cost of a single Ransomware attack (including downtime, manpower, and network costs) was $133,000. Five percent of the respondents blazoned total costs of up to $6 million, exclusive of the ransom paid.

Ransomware is not necessarily more dangerous or trickier compared to other forms of malware that finds its way into your computer, but it can definitely be more aggravating, and often times devastating. As concerns around the weaponized use of Artificial Intelligence (AI) rises, one can’t help but imagine what an AI powered Ransomware attack would look like.

An AI-driven Arms Race

While some analyst tout AI as the key to overcoming security gaps within the enterprise, its actually a double-edged sword. As the maturity and abilities of AI, machine learning, and natural language processing improve, an arms race between security professionals and hackers is on the horizon. Researchers and security firms have been using machine learning models and other AI technologies for some time to better forecast attacks, and identify ones that are already underway.

Its highly probable that criminal collectives and hackers will use the technology to strike back. Security experts surmise that once AI development reaches consumer level adoption, cases of its use in malicious attacks will skyrocket. Ultimately, malware authors may begin creating machine learning models that learn from disruption detection models, defensive responses, and exploiting new vulnerabilities quicker than defenders can patch them.

According to a 2018 McAfee Labs threats predictions report, the only way to win the ensuing arms race is to – “effectively augment machine judgment with human strategic intellect”. Only then will companies be able to understand and anticipate the patterns of how the attacks will play out.

AI-driven Ransomware Attacks

AI-driven Ransomware is capable of turbo-charging the risks associated with an attack by self organizing to cause maximum damage, and moving on to new, more lucrative targets. Attackers can utilize artificial intelligence to automate multiple processes, mainly in the areas of targeting and evasion.

  • Intelligent Targeting – Phishing remains the most popular method of distributing Ransomware. Machine learning models are capable of matching humans at the art of drafting convincing fake emails. And they can create thousands of malware-loaded, fake messages at much faster pace without tiring. Much like a human, a machine learning model with the right ‘training data’ about a target could constantly change the words in a phishing message, till it finds the most effective combination. Ultimately tricking the victim into clicking anything or sending personal data. By going through your correspondence and learning how you communicate, messages crafted by an AI will easily bypass spam filters. And then mimic you in order to infect other unsuspecting targets.
    Intelligent Evasion – AI has the ability to make destructive hacks far less visible. An ML model can be used to hide a Ransomware attack by manipulating the system and disabling any active security measures. In this age of IoT, a self-targeting, self-hunting malware attack could easily high-jack IoT endpoints, manipulate data, and simultaneously infect millions of systems with ever being detected.

AI-driven Cyber Security

As more advancements are made in the field of artificial intelligence, it will become more accessible and inevitably used for ill. However, the upside is that the use of intelligent agents in cybersecurity services and applications offer an adequate and effective protection against incoming Ransomware and other related threats.

  • Early detection – Mainstream anti-malware and anti-virus products identify malicious software by matching it against a database containing digital signatures of identified malware. Machine learning enables the creation of a continually vigilant system that is capable of making decisions on the fly, based on complex algorithms and computational formulas. As more data is collected, the system learns by experience. Effectively preventing attacks by stopping the payload at download. And in the event is was successfully downloaded onto an endpoint, the additional steps of running exploits and running scripts and attacks in memory can be stopped.
    Effective Monitoring – Since AI has the ability to automate and self-learn, it significantly raises the effectiveness of guarding systems from attacks. The pro-active nature of a machine learning model allows it to anticipate attacks by monitoring glitches and patterns related to malicious content. A heuristic analysis can be performed to determine whether the behavior being observed is more likely to be malicious or legitimate, thus reducing the number of false positives or misdiagnoses. ML capabilities guarantee that any results that slip through are used to improve the system during subsequent monitoring.

Not all AI solutions are created equal. Despite the looming threat of a weaponized AI-driven attack, the key takeaway should be that prevention is possible. And as much as AI can be used to prevent Ransomware, the fight against malware threats is not all about software and security mechanisms. The first point of contact between the perpetrators and victims is usually a baited email. A lack of security awareness on the victim’s part is a huge part of the equation. In the fight of machine vs machine, the human element plays a crucial role. Measures to increase enterprise knowledge on the best practices to adopt and tricks to avoid has to be included in the overall defensive strategy.

Author: Gabriel Lando
image courtesy of freepik.com

Mobile Security Myths – Don’t Fall for Them

Mobility is the name of the game. Mobility is the frontier upon which the enterprise tech battles of the present and future are being fought. It’s estimated that enterprise mobility can help companies get as many as 240 hours of additional productive hours per employee per year. However, all is not well with the enterprise mobility world. At least, that’s what the myth spreaders will want you to believe.

 

 

Agreed, there are concrete mobile-specific security risks faced by enterprises. But the question is, at what point does the line between manageable risks and ambiguous myths become blurred? We’re here to demarcate these lines for you. Read on to get an understanding of the most common mobile security myths doing the rounds of cybersphere. More importantly, remember them so that skeptical arguments based on these myths don’t succeed in clouding your vision of enterprise mobility.

 

Mobile Data Encryption is Not Necessary

Well, a few years ago, when mobile devices were merely used as thin clients. In those times, mobile devices were not exactly meant for heavy data upkeep and transfers, and hence, mobile data encryption was an unnecessary addition to the entire security and maintenance task list. Today, it’s a different scenario.

Field personnel from leading enterprises, for example, use mobile devices all the day to access, edit and approve data. Price lists to customer signature images, media content to spreadsheets – the range of data and content formats used by enterprise employee on their mobiles is vast. Often, when the applications they use for data exchange are cloud-based, the data is encrypted by the application. However, for data exchange across emails and instant messengers, encryption is a must.

 

Mobile Security Audits are not for everyone

That’s totally untrue. For any enterprise that uses a fair amount of mobile devices in its IT ecosystem, it’s important to take care of mobile security audits. Such audits are ideally conducted biannually, because of the breakneck speed at which mobile technology is advancing. A mobile security audit must encompass:

  • All downloads and uploads of data using mobile devices
  • Applications logs on mobile devices registered with the enterprise Mobile Data Management (MDM) tools.
  • Employee mobile device usage practices while in field
  • Security methods and means used in the device

Contrary to popular belief, enterprises need mobile security audits to extract valuable insights about improving the mobile security strategy, instead of depending on MDM tools for the same.

 

Mobile Devices Are Inherently Less Secure Than Desktops

Well, there’s nothing inherent to mobile devices that make them more vulnerable to information security breaches than desktops. A key difference, however, is that mobile devices are always connected to the Internet. Also, a field personnel’s mobile device will be connected to networks other than the one provided by the company owned SIM card (such as public cafes, partner premise Wi-Fi, etc.). This could compromise the mobile device’s security.

However, because it’s an external factor, we can’t really deem mobile devices as less secure than desktops. In fact, when mobile phones mostly use cloud-based data, they’re actually more secure because all the data protection capabilities of the cloud vendor come to the fore. Desktops, on the other hand, store data in hard disks which are more vulnerable. Also, with mobile devices, it’s easier to manage data remotely in case the device is lost or misplaced, as compared to a PC.

 

Patching Mobile Devices with Latest Security Releases is Difficult

Patching is recommended as the single most effective best practice to keep malware and ransomware at bay. Patching, in fact, is a key aspect of wholesome enterprise device security strategy for cybersecurity teams.

It’s suggested that patching management on mobile devices is challenging. That’s because these devices are only intermittently available within the enterprise network. Secondly, the number of mobile devices in a mobility-focused enterprise grows so quickly that IT can always find itself chasing lofty patching goals, without actually achieving them.

In reality, IT security teams need to treat the mobile patching issue as a challenge that they need to meet. With centralized patching policies, focus on user education (and hence improving user initiated patching requests), and regular audits, IT can easily cover the extra mile.

 

BYOD Means Taking it Easy on Security

That’s a common misconception. Because most constraints on user experiences are mostly linked to the enterprise’s security policies, it also leads to users associating ‘ease of use’ and unconstrained user experiences with an assumed stance of relaxation and leniency in terms of IT security. However, the truth is that cybersecurity teams have to work in tandem with the mobility project team so that BYOD can be implemented securely in an enterprise. The flexibility of using one’s own mobile phone for business purposes helps significantly improve user experience, even though that is not linked with any corresponding removal of security provisions.

 

Allow What’s Necessary, Block The Rest – It Can Work For Mobile Too

 

Time and again, surveys have showcased how restrictive BYOD practices can be counterproductive to the whole purpose of mobility. At its center is the idea of enabling employees to work from remote locations and not be tied to their office desks to be able to get work done. Now whereas a ‘allow what’s indispensable and block the rest’ security philosophy can be sustained for a structured office desktop environment, the same is not true for mobile devices. Unless there are concrete and known security risks associated with personal mailbox apps, popular games, and IM apps, enterprise security would do well to not block them. At the very least, there must be an easy and quick mechanism for getting applications approved for mobile use.

 

Concluding Remarks

Enterprise mobility is a key success enabler and productivity enhancer for the modern enterprise. The path to mobility is challenging. IT managers and leaders, hence, need to make sure that common misconceptions and myths are not able to inflate the challenges in any way.

 

Author: Rahul Sharma

Here’s What MSPs Want Their Clients to Understand About IT Security

Cybersecurity was once a considerably unique discipline. Vendors specializing in security services were more than equipped to handle the prevalent digital threats. Managed service providers (MSPs), specializing in other kinds of services, relied on the security folks to devise and implement measures to keep networks and data safe from constant cyber threats and hackers.

 

Unfortunately, the situation has changed considerably over the years. Now, digital attacks make the news almost every other day, and every aspect of your infrastructure or application is at risk. No wonder security has become a pressing concern for every MSP. To combat cyber-crime and prevent any breaches, employees, executives, and IT personnel need to team up and create a solid communication strategy.

 

Growing Area of Concern

As the number of electronic devices and gadgets worldwide increases, we are becoming always-connected. So, unlike the past, when the burden of cybersecurity fell squarely on the shoulders of the IT department, the responsibility is now shared and discussed at the executive levels. Pay attention to what is being discussed in a boardroom right now, and you’ll notice that it is all about cyber incidents, security questions, and data breaches. So, cybersecurity has gradually become a key concern for companies and it is being prioritized accordingly. Unfortunately, not all organizations have successfully managed to translate the digital threats into credible business concerns. As a result, there are plenty of businesses that have no idea how to proceed.

 

Impact on the Structure of the Company

 

 

Cybersecurity comes with a host of challenges and issues, all of which crop up during your daily discussions at work or home. So do the measures adopted to safeguard computer systems worldwide against unauthorized attack or access. But media headlines appear to highlight the newest data breaches, which expose the leak of the confidential details of millions of customers to the public. These circumstances often cause market executives to be fired from their work. Businesses also get harmed by this mishap and notice a rapid drop in the value of their stock market. They are required to pay a specified “ransom” to the hijackers to access their information once more. For smaller companies, however, a sudden hack could very well threaten their existence as a business.

 

All Is Not as Safe as It Seems

Businesses tend to spend billions of dollars every year on advanced technology. This new equipment is meant to preserve the safety of important information and data, and deter malicious hackers and insiders from their attempts to bypass security measures and swipe data without a second thought. Unfortunately, most of the cybersecurity breaches occur as a result of human actions or errors. Also, people seem to be completely unaware of what they have done until it is too late. So, if you thought that protecting vital details or your identity through the use of technology was enough, think again. You will always be targeted by hackers into spilling valuable secrets unknowingly. Through a method known as social engineering, they target the weakest link in the cybersecurity spectrum – humans and exploit them to find loopholes and other entry points. Thus, it is a no-brainer that both technology and people work better together.

 

What Can You Do?

Now that the world is always connected, and your private details of organizations and individuals are susceptible to misuse and exposure, everyone must focus on cybersecurity. We must all work together in harmony for technology to easily identify suspicious activity and assess the threat level. When a malicious threat actor or hackers steal classified information, they do so by transcending the boundaries of gender, age, race, nationality, beliefs, or culture. Remember, your digital footprint, as well as your computer, is carefully evaluated whenever an opportunity presents itself, mostly for economic gain. Only by working as a team can employees, executives, and IT develop an effective communication strategy for beating cybercrime and preventing further victimization.

 

Understand the Human Error

Most often, it is people who are targeted by hackers and other malicious online entities. Ironically, it is the same people who are often responsible for lapses in cybersecurity. The problem is, our trusting nature. Hackers take advantage of this trust and use our willingness to cooperate and curiosity to get us to “click on the link” in personal or business emails.  But the moment you clicked on a bad link, you might have unknowingly downloaded a virus or malware into your system. And if you’re one of the unlucky few, you might be the victim of a ransomware attack, where all your data is locked up, and unless you pay a certain amount, you will never be able to access the data again. At other times, the downloaded malware may unknowingly gather sensitive information, like passwords and credentials, so it can exploit them later.

 

So, even if these actions are accidental, the outcome can considerably harm your company, your community, your family, or yourself. Until you learn to be suspicious of too-good-to-be-true emails or shady links online, malicious insiders will continue to take you for a ride.

 

What Clients Should Change or Do Differently

Before you log onto the Internet the next time, whether at home or work, think before you connect. You need to adopt a balanced approach so that the cybersecurity threats to your wellbeing as well as your business are minimized. Find the middle ground between technology and people. Try following these eight tips on what clients should do to maintain the efficiency and safety of their organization and stop cyber attacks at the same time:

  • Teach employees, partners, and clients about the basics of cybersecurity.
  • Never forget to make backups of vital business data.
  • Adopt a people-focused approach to cybersecurity.
  • Make simplicity and ease of use a priority.
  • Install password manager software to boost password security and protect your accounts.
  • Use two-factor authentication for sensitive accounts and emails.
  • Update software regularly and scan your system.
  • Know what you are clicking on.
  • Use encryption.

 

Concluding Remarks

MSPs must familiarize their clients with all the common cybersecurity errors and work with them to strengthen their systems so that no data is lost or stolen by hackers. The more informed the client is, the better they will be able to protect their personal information.

Identifying The Top 10 Most Common Database Security Vulnerabilities

 

Cyber networks are the 21st Century’s principle attack fronts. Digital warfare is increasingly gaining prominence, and it doesn’t seem to be slowing down anytime soon. From tampering with elections to attacking businesses and personal accounts, attackers are leaving nothing untouched.

Currently, hackers are targeting systems every 39 seconds, affecting a third of Americans each year. And the risk is consistently growing with each network field expansion. By 2020, there will be 200 billion connected devices- translating to countless vantage points for perpetrators. This will push annual damages to $6 trillion, up from $3 trillion in 2015.

While there are multiple areas to attack in an organization, cybercriminals are particularly fond of going for the database. That’s where the bulk of sensitive information like corporate secrets, intellectual property, and financial records, is usually locked away. Generally, the higher the sensitivity, the more the profit hackers stand to make from the data.

Due to such imminent threats, the U.S. government is constantly reviewing its cybersecurity spending every year for improved protection. Unfortunately, that’s not the case when it comes to other organizations. Despite 54% of enterprises having experienced successful attacks, only 38% believe that they are prepared to protect themselves against a sophisticated attack.

So we’ll attempt to reduce the gap by walking you through 10 of the most common vulnerabilities that attackers might capitalize on to successfully infiltrate your database:

  1. Deployment Failures

Deployment is a complex process because of the multiple variables and steps involved. In addition to comprehensively assessing IT needs, enterprises should systematically deploy various components whose architecture integrates with standard processes, then adequately review and test the entire system.

 

Since it’s a challenging process, it’s acceptable to make errors or omissions. Of course, these should be identified and mitigated at the review and text stage. But, some IT teams fail to conduct comprehensive checks. Any resultant unresolved problem becomes a vulnerability that could ultimately be used by attackers.

 

  1. Poor Password Management

The password is essentially the main key to the entire system and all its files. But, surprisingly, 67% of passwords scored poorly on a typical test. 33% were rated “good”, and none could meet “very good” standards. Even more shocking is the fact that 18% of the individuals surveyed reuse the same password on multiple platforms for easy remembrance; while 39% write it down on a piece of paper; and 10% chose to secure it in a computer file.

 

If perpetrators fail to guess correctly, they might as well access the passwords from unsecured computer files, or simply stumble upon papers with password details.

 

  1. Excessive User Privileges

It’s common for system administrators to grant other employees excessive database privileges that exceed the requirements of their job functions. Unfortunately, this increases overall risk because some workers may eventually abuse their permissions, and consequently trigger potentially detrimental data breaches.

 

If the job functions of respective users are not clear, CIOs should link up with their human resource departments to establish distinct clearance levels.

 

  1. Lack of Segregation

Leveraging a holistic and centralized database simplifies the whole integration process. But taking a literal approach results in a unilateral database that is fully accessible by not only the administrator and employees but also third-party contractors.

 

Even in a centralized database, files should be systematically segregated according to their sensitivity. The sensitive data sets should be adequately secured in a vault-like sub-sector of the database, accessible only by cleared parties.

 

  1. Missing Patches

According to the Microsoft Security Intelligence Report, 5,000 to 6,000 new vulnerabilities are emerging on an annual basis. That translates to at least 15 every day, all principally targeting system weaknesses. Software vendors subsequently respond with patches. But database administrators are often too busy to keep up with all the releases.

 

The longer a database runs with missing patches, the more susceptible it is to developing malware. If manual updates are proving to be a bit too cumbersome, enable auto updates across the board.

 

  1. Poor Audit Trail

Maintaining appropriate database audit details has always been important not only for compliance but also for security purposes. But many enterprises are leaving it off at the compliance level.

 

The resultant inability to comprehensively monitor data across the board represents serious vulnerabilities at many levels. Even something as simple as fraudulent activity cannot be detected in time to contain a breach.

 

  1. Inadequate Database Backups

A breach can be bad. But data loss is potentially catastrophic. As a matter of fact, 43% of enterprises that experience this never re-open, and 51% eventually collapse after two years. But despite this fact, many enterprises are still running inadequately backed up servers.

 

A good backup architecture encompasses primary, secondary and tertiary backup strategies that are repeatedly tested. It should also provide multiple restore points and real-time auto-updates.

 

  1. Unencrypted Data

While encryption has become standard during the data transmission process, some enterprises are still yet to implement the same for information held within their databases. Hackers love this because they are able to easily use stolen data in its rawest form.

 

  1. The Human Factor

Although malware is progressively getting sophisticated, human error is behind more than two-thirds of data breaches. And it’s expected to be the leading cause for the long haul, especially since enterprises are yet to implement sufficiently tight policies to protect their databases. While such a measure does not completely eliminate the risk, it will increasingly reduce vulnerabilities emanating from human errors.

 

  1. Database Management Inconsistencies

Overall, the lack of consistent database management continues to collectively contribute to all these system vulnerabilities. Database developers and system administrators, therefore, should have a consistent methodology of managing their databases to minimize vulnerabilities, prevent attacks, detect infiltrations, and contain breaches.

Conclusion

All things considered, a stable and secure database should mirror FileCloud’s efforts at maintaining risk-free servers. Get in touch with us to learn more about the features that make us industry leaders in data security.

 

 

Author: Davis Porter

Top 10 Cloud Security Threats In 2018 And How To Avert Them

 

2017 has seen a plague of cyber-attacks- from ransomware shutting down hospitals in Europe, to Equifax data breach, and malware targeting established brands like FedEx. By mid-year alone, the number of attacks in the U.S. had risen by 29% compared to the same time in the previous year. According to the Identity Theft and Resource Source, the organization that had tracked them, more attacks were expected at a growth rate of 37% per year.

Sadly, they were right. As a matter of fact, their prediction turned out to be barely an underestimation. By the end of the year, they had recorded a drastic upturn of 44.7% growth rate compared to 2016. Undoubtedly an all-time high.

If you assume that that must have been the hardest 12 months for cybersecurity, wait until we are done with 2018. According to the Information Security Forum (ISF), the data security organization that had predicted an increase in the number of data breaches in 2017, 2018 will be another painfully dire year. The number and impact of security attacks are expected to rise again over the next couple of months.

The year is also expected to be very thrilling for cloud computing, as more enterprises continue expanding their computing frameworks to the cloud. As a result, the volume of sensitive data in cloud servers is expected to expand at an exponential rate. And that translates to increased vulnerabilities and targets for cyber attackers.

But contrary to popular belief, method and scale of attack will not be changing drastically any time soon. IT professionals are already aware of 99% of the vulnerabilities that will continue to be exploited through to 2020.

So to help you tighten your defenses in the cloud, here are the top 10 threats we expect through 2018.

 

  1. Data Leak

The average cost of a data breach, going by figures published by Ponemon Institute, currently stands at $3.62 million. Hackers continue to target cloud servers they think have valuable information they could use. And unfortunately, many of them might turn out to be lucky due to vulnerabilities even as simple as private data shared on public domains.

In addition to defining and implementing strict data policies, organizations should invest in data security tech like firewalls plus network management solutions. Most importantly, they should only leverage proven cloud solutions with state-of-the-art security features.

 

  1. Data Loss

A data leak might be unfortunate, but not as much as data loss. While the former mostly occurs when your cloud server is successfully infiltrated, the latter is mostly caused by natural and artificial disasters. When you think you have all your enterprise data intact, it vanishes completely after physical destruction of the servers.

It’s difficult to predict natural disasters. So, to avoid going out of business due to data loss, implement a multi-layered backup system that consistently runs in real time.

 

  1. Insider Attacks

Netwrix conducted an IT Risks Survey and established that many enterprises are still experiencing difficulty gaining comprehensive visibility into their IT systems. They consequently remain vulnerable to data security threats emanating from both authorized and unauthorized users. Such an attack could be potentially detrimental since users can easily access even the most sensitive information.

Organizations should, therefore, implement strict user policies, plus effective administrative measures to track and maintain visibility to all user activities.

 

  1. Crime-as-a-Service

Cybercrime has developed to a level that malicious individuals can now hire hackers to target organizations. The ISF predicts an escalation of this in 2018, as hackers continue to access infiltration tools through the web, and criminal organizations develop complex hierarchies.

Since this mostly targets intellectual property and trade secrets, enterprises should encrypt data both at rest and during transmission.

 

  1. Human Error

The human factor continues to be the weakest element in cloud security. Your organization’s cloud users might, for instance, mistakenly share that extremely sensitive information you’ve been trying to secure from hackers. Unfortunately, this risk multiplies with every user added to the network.

In addition to strict user privilege management, organizations should invest in IT training to teach employees on cloud use, potential threats, and data handling.

 

  1. AI Weaponization

Researchers and information securities have been leveraging neural networks, machine-learning strategies, and other artificial intelligence tools to assess attacks and develop corresponding data security models. The downside to this is the fact that hackers will also use the same tools to analyze cloud vulnerabilities, and launch systematic attacks.

Since this threat is increasingly dynamic, it requires an equally multilayered system of data security strategies to prevent attacks from multiple vantage points.

 

  1. IoT Challenge

Enterprises are exceedingly capitalizing on the cloud to facilitate remote file sharing and access. But this introduces the threat of BYOD devices, which could serve as entry points for malware.

CIOs should, therefore, prioritize not only on server security but also device security. All devices allowed to access enterprise networks should be thoroughly scanned, and adequately tracked.

 

  1. Account Hijacking

If perpetrators figure out user credentials, they could easily gain access to the corresponding cloud account, hijack it, then manipulate data, eavesdrop on ongoing activities, and tamper with business processes.

In addition to closely protecting user credentials, accounts should come with multi-factor authentication, and the ability to regain control in the event of a hijack.

 

  1. Denial Of Service

By forcing cloud services to consume an excessive amount of system resources like network bandwidth, disk space, or processor, attackers continue to clock out legitimate users from server access.

An adequately updated antivirus and infiltration detection system should be able to pick up such an attempt, while a firewall will block off subsequent data transfer.

 

  1. Insecure APIs

Cloud services continue to provide access to third-party software and APIs, which facilitate collaboration and improve service delivery. But some of these APIs come with vulnerabilities that hackers are able to take advantage of to access the primary data.

This requires CIOs to comprehensively review and vet all third-party services before proceeding with subscriptions.

 

Conclusion
All factors considered none of these aversion measures would be effective on a cloud service that’s poorly secured. So get in touch with us today to learn more about the world’s most secure Enterprise File Sharing Solution.

 

 

Author: Davis Porter

10 Ways To Minimize Enterprise File Sharing Risks

 

 

If RightScale’s report on the state of the cloud in 2017 is anything to go by, the year 2016- for the first time in recent years- saw other cloud concerns surpass security. 32% of the IT professionals surveyed were particularly worried about the lack of relevant resources/expertise, compared to 29% who still considered security as the primary problem.

A year later, in 2017, concerns surrounding security went down further, and so did other worries. Now tying with managing cloud costs and lack of resources/expertise, cloud security is still a concern among 25% the professionals.

The significant reduction is evidently due to substantially improved cloud security systems coupled with fewer reports of large-scale data breaches. That notwithstanding, a quarter of IT experts are still worried about security, and that’s a considerably large portion.

According to a 2017 study by IBM and Ponemon on the cost of data breaches, they have every reason to be concerned. The average organizational, per capita data breach costs, are now at an all-time high of $225. Consequently marking a growth rate of 61% in just 10 years, primarily due to the fact that many organizations are exceedingly integrating their core processes into the cloud.

All things considered, you stand to potentially lose quite a lot now if your enterprise file sharing system was infiltrated. Data security is therefore critically important, more than ever before. But, unfortunately, organizations are not doing enough to enforce it, considering the bulk of security incidences are now emanating from enterprise-side vulnerabilities.

While service providers are progressively implementing superior security features, ultimate data safety is not possible without equally effectual measures by users. Here are 10 ways you can minimize enterprise file sharing security risks:

 

  1. Avoid EFSS Without Exclusive Data Control

Most of the other security measures are pretty pointless if you don’t have exclusive control over your organization’s data. Unfortunately, some enterprises are still going for free solutions, which for a long time, have been known to retain some of the data control rights.

 

Going with free solutions may be advisable in some special circumstances like trials. But not for organization-critical processes and sensitive data. You should rather opt for a paid EFSS system that grants you exclusive data control privileges.

 

  1. Go Private

To further enforce data control, you should consider keeping files in-house by choosing private over public EFSS. 72% of organizations are already within this bracket, mostly because of entirely exclusive data privileges.

 

If this proves to be too costly or resource-heavy, you could alternatively keep sensitive data within a much smaller private cloud setup, while leveraging a public EFSS. As a matter of fact, such a hybrid framework is currently the most popular, with 85% of enterprises.

 

  1. Set System Permissions

The more the number of people with unrestricted access to a system, the higher the number of potential vulnerability sources. So keep your system closely knit by managing network activities and system permissions.

 

Users’ system credentials should be managed according to their corresponding job duties and security clearance levels.

 

  1. Manage With Strong Passwords

81% of the hacking-related data breaches in 2017 occurred after attackers capitalized on stolen/weak system passwords. And this should not be surprising, considering “123456” is currently the most common password.

 

A simple password is easy to recall, but it’s also susceptible to hacking. So secure your EFSS system with a complex one, then back it up in an offline server just in case you forget.

 

  1. Manage Mobile Endpoint Devices

While system access through mobile devices can boost employee productivity by up to 9 hours per week, end-point gadgets will always be a major threat to your enterprise file sharing system.

 

Since it wouldn’t be advisable to completely eliminate them, consider implementing mobile device management solutions, and enforcing acceptable use policies.

 

  1. Implement File Security Management Tracking

File management system tracking would excellently supplement your use policies and device management solutions. In addition to controlling overall data usage, you’ll be able to manage additions and exceptions, plus track and report adherence to existing policies.

 

This will not only help you minimize potential vantage points for data leakage, but also identify vulnerabilities before they eventually develop into full-blown attacks.

 

  1. Run Real-Time System Scans

If your firewall is breached, the best case scenario would be reacting to contain the threat as soon as possible. But sadly, it takes enterprises an average of 201 days to identify a breach, and 70 more to contain it.

 

One of the most reliable ways to mitigate this is implementing a full-scale antimalware solution that comprehensively scans the system in real-time. It should subsequently not only prevent attacks but also raise alarm in case one is detected.

 

  1. Train Users Adequately

24% of data breaches are caused by human error. A good example of one is when military contractors mistakenly shared President Obama’s classified security blueprints of Marine One.

 

It’s impossible to completely secure your files against such occurrences. But you can substantially minimize the number of potential incidences by adequately training all the users on system usage, plus corresponding protocols.

 

  1. Implement Comprehensive Encryption Protocols

Even when you comprehensively implement security measures to protect enterprise file sharing, you still have to be prepared for a possible attack. And a great way to do this is making data useless to hackers through encryption.

 

While encryption during transfer is pretty standard by now, some organizations are still yet to implement device and server encryption. This should also be a priority since enterprise data can still be accessed at rest.

 

  1. Use certified EFSS Providers

By now, all EFSS service providers acknowledge that security is still a primary concern among their consumers. Consequently, they all market themselves as impenetrable systems- including ones with comparatively weak security features.

 

Of course, this can be confusing at times, but thanks to industry certification, there’s a way to separate the wheat from the chaff. So focus only on certified service providers that comply with set security standards.

That said, it’s critically important to leverage a proven solution you can trust. Get in touch with us at Filecloud and let us help you set up a super secure enterprise file sharing system.

 

 

Author: Davis Porter

International Traffic in Arms Regulations (ITAR) Compliance in the Cloud

 

 

ITAR was enacted in 1976 to control the export of defense-related articles and services. It stipulates that non-US persons are not allowed to have logical or physical access to articles modulated by International Traffic in Arms Regulations; which is administered by the Directorate of Defense Trade Controls – DDTC, a sub-division of the State Department. The articles covered by ITAR are listed on the United States Munitions List – USML, and generally, encompass any technology that is specifically designed or intended for military end-use. ITAR was also contrived to govern the import and export of any related technical data that consists of describes, supports, or accompanies the actual exported service or goods unless exemptions or special authorization is created.

The goal of ITAR is to prevent the transfer or disclosure of sensitive information, typically related to national security and defense, to a foreign national. In most cases, non-compliance usually translates to the loss of assets and professional reputation. However, with ITAR, lives may possibly be at stake. This is why the International Traffic in Arms Regulations is a strictly enforced United States government regulation and carries some of the most austere criminal and civil penalties that not business or individual would want to be on the receiving end of.

ITAR is not applicable to information that is already available in the public domain, or that is commonly taught in school under general scientific, engineering or mathematical principles.

Who is required to be ITAR compliant?

The law essentially applies to defense contractors who manufacture or export services, items or other information on the United States Munitions List. However, any company that is in the supply chain for such items must make ITAR compliance a priority. ITAR has a fairly complicated set of requirements, and since the repercussions of non-compliance are severe, companies should not hesitate to seek legal clarifications of their obligations if they even suspect the regulation applies to them – better safe than sorry. The vague categories of the USML make it difficult to intelligibly understand what exactly falls under the purview of military equipment.

The list is inclusive of most technology used for spaceflight, along with a vast range of technical data such as product blueprints, software and aircraft technology. Most of these items were initially developed for military purposes but were later on adapted for mainstream purposes – in aviation, maritime, computer security, navigation, electronics and other industries. It is crucial for firms that offer products and services to government consumers to fully grasp this distinction, to avoid expensive legal violations. ITAR may also likely impact large commercial enterprises, universities, research labs, and other institutions who are not directly involved in the defense industry.

The Repercussions of Non-compliance

Violating ITAR could lead to both criminal and civil penalties. The imposed fines are virtually unlimited – typically, organizations are prosecuted for hundreds of violations at once. The penalties for ITAR violations, both criminal and civil, are substantial. Criminal penalties may include fines of up to a million dollars per violation and 10 years’ imprisonment while civil fines can be as high as half a million dollars per violation. Failure to comply with ITAR may also damage an organizations reputation and ability to conduct business. The State Department maintains publicly available records of all penalties and violations dating back to 1978. Organizations and individuals run the risk of being completely debarred from exporting defense-related services and items.

Challenges in the Cloud

ITAR compliance and the adoption of cloud platforms presents unique challenges. Uploading technical data to the cloud carries with it a huge risk of penalties and violations. There are a lot of questions in regards to whether or not regulated technical data can be stored in a public cloud. The intrinsic quandary in that cloud vendors use distributed and shared resources that will likely cross national borders, and this dispensation of resources is not entirely transparent to the end-user. Data back-up and replication are common security measures when sharing files and collaborating via the cloud, but they can inadvertently lead to unlicensed exports in the event data is sent to servers located outside the United States. Once technical data goes beyond U.S borders, the risk of non-US persons having access to it increases exponentially.

In 2016 for example, Microwave Engineering Cooperation settled an ITAR violation with the State Department after technical data related to a defense article was exported to a foreign person without authorization. So if giving a foreign person access to technical data, or placing it on a server in a foreign nation is deemed and export. What guidance does ITAR give to ensure the entire process is done in a legal manner? Or is cloud storage simply off the table?

The State Department maintains that technical data can be stored on servers outside the U.S, provided that the of the ITAR license exemption conditions are met, and adequate measures are taken to obviate non-US individuals from accessing technical data. In most cases, the measure typically involves ensuring that any data sent to a server beyond U.S borders, or that is potentially accessible by a foreign person within or outside the U.S has to be properly encrypted. It is important to note that by law, cloud providers aren’t considered exporters of data, however, your organization might be. So the burden of ensuring ITAR compliance when handling technical data falls squarely on the people within the organization. Organizations dealing with defense-related articles in any capacity have to exercise extreme caution when using any commercial file sharing and sync service.

 

Author: Gabriel Lando