Tag: Network Security

Cybersecurity Recommendations for Companies During Pandemics

“This changes everything.” We’ve heard this many times before. Also, “This time, it’s different.”

Usually, it’s not different. Things feel different for a little while, and then things return to normal.

This time, I think, truly is different. The COVID-19 pandemic has forced most businesses to close their doors. Conferences, concerts, and sporting events have been cancelled. And companies have their employees working from home. More employees now work from home than ever before.

“When a crisis like the new coronavirus temporarily forces companies into remote work, it tends to show them that it can be done successfully,” says Kate Lister, president of Global Workplace Analytics and cited in the Chicago Tribune.

Remote work probably is here to stay. For that reason, honing your remote work policy is my number one recommendation during the pandemic. I also recommend working on and practicing your disaster and contingency planning policies, storing sensitive data centrally, and encrypting sensitive information.

 

A little background on me: I’m a former CIA officer, so I know a thing or two about traveling and working remotely. Almost 15 years ago, I started working “remotely” under minimal supervision. My work was representing the US Government in meetings with other governments. These were countries most people have never heard of.

When I left the Agency, I found myself consulting and working remotely for companies throughout the US and throughout the world. My clients extended as far away as Poland and Ukraine. I never met my clients Poland face to face. The business was entirely remote.

I co-founded a company. My partners and investors were based in Boston. I worked, you guessed it, from home. My responsibilities necessitated travel. I had to spend some personal time with my team in Boston. I spent about one week each month onsite.

The amount of time needed on-site could vary. While my startup required a good deal of me being onsite, many consulting projects were done remotely. I’d say most any job can be accomplished remotely.

There has been significant discomfort in the past about remote work. I have experienced this first hand. As I rose through the ranks at the CIA, people wanted me for increasingly senior positions. My working from home became more of a problem for my supervisors. Companies might be comfortable with a developer or designer telecommuting. They are definitely not comfortable when it comes to a job that involves managing a team. Last January, I had discussions with companies who loved my skills and experience. They wanted what I had to offer. But the distance and telecommuting was a deal-breaker. So they backed out because they were uncomfortable.

Technology has made Location Irrelevant

Before the coronavirus, management and HR policies were stuck with the old ways of doing things.

The need for physical distancing has forced us to work from home. Many business leaders, managers, and even employees were uncomfortable with the concept. Most will find remote work isn’t bad or scary. Many will even become comfortable with remote work as standard policy. An April 6, 2020 ZDNet article reported that 74% of CFOs say they expect to move previously on-site employees remote post-COVID-19. Gartner found that a quarter of respondents will move at least 20% of their on-site employees to remote work permanently.

Pandemic Recommendation #1: Hone the Remote Work Policy

Remote work is here to stay. Remote work maximizes worker time by cutting out commutes. It decreases the need for parking and office facilities. It saves energy too. Not as much gasoline is used. There are fewer traffic accidents. There is less pollution because people are not driving to work en mass.

But remote work also raises a whole new set of security issues. How do we keep customer or other sensitive data secure when that data is in an employee’s home?

Simple mistakes can lead to large consequences. Failing to patch a computer program or server invites hackers to exploit the flaw.

Do you remember the Equifax incident? Equifax couldn’t be counted on to patch its centralized systems.
Their systems contained huge amounts of personal information. How can we handle personal information printed on little Johnny’s color printer? No company wants to be responsible for the next Equifax-type incident because its employees are working from home.

Having employees work from home presents more vulnerable endpoints. “More personnel telecommuting adds to cybersecurity risks. These people carry devices packed with data. “Opening remote access creates more challenges,” according to Parry Aftab, Executive Director of The Cybersafety Group. Be sure you have considered endpoint security as part of expanded remote access.

And what happens if a worker is injured while working from home? Will they be eligible for Workers’ Compensation benefits?

For these reasons, my number one recommendation is to hone in on your Remote Work Policy. If you don’t already have a remote work policy, then you need one right away. What is the policy now, and what will it be after the crisis is over. If you do have one, now is a great time to review the policy. Make sure it still fits today’s needs and contexts. Update the policy as needed.

The policy should include the expectations of employees. What security measures are employees expected to use at home. Clarify legal liabilities. How will you protect privacy and remain GDPR and/or CCPA compliant? What are the company’s policies on equipment use and repairs? A complete Remote Work Policy will address these issues.

Ensure that employees maintain a safe remote work environment. Secure their devices with anti-malware software. These devices should have personal firewalls, and regular patching for software vulnerabilities.

Pandemic Recommendation #2: Disaster Preparedness & Contingency Plans

A few years ago, I was walking the halls of RSA with one of my clients, helping them make sense of the complex and confusing world of cybersecurity. RSA is *the* conference for cybersecurity. 45,000 people attend each year including more than 600 vendors. We were walking the expo halls. We saw an endless supply of hi-tech security offerings. There were vendors offering proactive protection. Some had advanced threat detection, while others had automated or AI-augmented remediation tools.

 

There were vendors offering proactive protection of one kind or another. Out of the 669 vendors at RSA, not one were there to help companies prepare for disaster recovery and contingency plans.

Out of the 669 vendors at RSA, how many were there to help companies prepare for disaster recovery and contingency plans? I didn’t see one. When it comes to pandemic, we’re mostly on our own. There is no Coronavirus as a Service (CaaS). When we face potential times of crisis, it’s a good reminder to test our continuity plans. If there are no continuity plans to test, then it is vital to create them.

It all starts with your business continuity & disaster recovery plan. Such a plan is a standard part of a NIST 800-53’s CP-1.
It includes strategies like having alternate data storage sites. Alternate data storage sites are important if the main storage site becomes inoperable or compromised. Backups should be in multiple locations far from each other. If one is on the west coast of the United States, the other should be on the east coast. The midwest is also a very good location for remote workers. That region is good for fail over data centers or other cloud resources.

You will want to review your plan. Identify and account for all assets, both technology and human.

Review alternate operations center options. Current areas of operations may become inaccessible. A pandemic may make it unsafe for people to congregate in one place. This is a good time to review or create work-from-home programs. Consider remote fractional vCISO services. Ensure you can maintain your security operations even if employees can’t physically come to the office.

Pandemic Recommendation #3: Store Everything Securely

With so many employees working from home, it’s easy for sensitive information to leak. Remote work often involves creating and editing work-related information. These can be emails, Word documents, and Excel spreadsheets. A customer’s personal identifying information could be left on a personal printer. Sensitive business information can end up on a CD that gets misplaced. There are number of possible security mishaps.

Imagine you recently became GDPR compliant. At a cost of more than $100,000 for 74% of organizations, according to a CPO Magazine article. If you don’t protect personal information at your worker’s homes, you might still be facing a GDPR fine. According to the UK Information Commissioner’s Office, a company in England was fined $340,000 for leaving documents with personal information unlocked,

To reduce this risk, it’s important to store files in a centralized location. A secure cloud is the best location. If the information stays in your cloud, it’s much less likely to end up somewhere it shouldn’t be.

Bio-based authentication and encrypting mobile devices prevents others from reading and using the information on a stolen or lost device.
Pandemic Recommendation #4: Encrypt Data

When more employees work from home, it’s more likely that their devices will be lost or stolen. Encrypting these devices prevents others from reading and using the information on a stolen or lost device. Full disk encryption on personal computers, phones, and tablets is a good method. It will encrypt all storage on the employee’s device. Or at least create an encrypted partition to store sensitive data.

Advanced Encryption Standard (AES) is a good encryption standard to use. The US Government uses AES to keep classified data secure, according to an article in TechRadar.

Even if an employee’s computer is encrypted, there are security risks. The data may not be encrypted when it’s in transport. If an employee has full-disk encryption, the data will not be encrypted in transit. Ensure that data is encrypted before transit. This way anyone who intercepts the data cannot do anything with it. Another good strategy is to set up a secure protocol like Transport Security Layer (TLS).

Technology can go a long way to keep your data secure, but security is essentially a people business. Most breaches occur when people make mistakes. There is no substitute for educating your team. Train and retrain them on the fundamentals. Establishing standards for shutting down each day is a good idea.

Ransomware Risk Mitigation: The Desktop-as-a-Service Solution

Ransomware is a dangerous and growing threat. Find out how security-minded executives establish best-in-class protection.

2019 has proven to be an alarming year for cybersecurity professionals and cyber-attacks show no signs of slowing down in 2020.

One cybersecurity firm characterized the rapidly growing pace of cyberthreats across all industries as an “unprecedented and unrelenting barrage”. Within 24 hours of its report, the City of New Orleans and several other municipal organizations fell victim to ransomware attacks.

But it’s not just large-scale enterprises and public institutions that are under attack. Small and mid-sized businesses offer low-hanging fruit for opportunistic cyber criminals, who often use automation to widen their area of attack.

Small businesses, large enterprises, and public institutions alike have all struggled to respond decisively to the ransomware threat. Until recently, executives had few options – and fewer defenses – in their fight against cybercrime. Now, Desktop as a Service (DaaS) solutions offer comprehensive, scalable ransomware protection services to organizations of all sizes.

 

What Exactly is Ransomware and How Does It Work?

 

There are a number of ways for a cyber intruder to take over your computer system without your knowledge. You won’t know about it until it’s too late.

The typical ransomware attack begins with the stealthy takeover of the victim’s computer. This may be accomplished through phishing, social engineering, or a sophisticated zero-day exploit – the goal is to have access to the network while remaining undetected.

Upon compromising the network, the cybercriminal can begin slowly encrypting important files. Most ransomware applications do this automatically, using a variety of different methods to evade detection. The process may take days, weeks, or months to complete.

Once the ransomware encryption algorithm reaches critical mass, it then locks users out of the network, displaying a ransom note demanding payment for a decryption key. Sometimes the demand is small – on the order of $500 to $1000 – and sometimes the demand reaches into six-figure sums.

Ransom demands are usually for bitcoins. “If one organization is willing to pay $500,000, the next may be willing to pay $600,000.”

Small sums make paying the ransom a tempting option, but a dangerous one. There is no guarantee that the cyber attacker will relinquish control of the network. Instead, executives who pay up reinforce the cybercriminal profit cycle. It is only a matter of time before the ransomware attacker strikes again.

Famous examples of ransomware variants include WannaCry, which spread to over 230,000 computers across 150 countries in 2017, and Petya. The WannaCry crisis targeted healthcare clinics and hospitals, causing untold damage and highlighted the risk that outdated IT systems represent in these industries.

Petya was unique because it did not encrypt specific files. Instead, it encrypted the local hard drive’s Master File Table, rendering the entire device unusable. There are dozens of other variants out there, and each one uses a unique strategy to take advantage of victims. NotPetya developed on Petya’s attack method, using the same vulnerability previously exploited by WannaCry.

Who Is At Risk of Ransomware Attacks?

 

Emsisoft reports that during the first half of 2019, 491 healthcare providers were hit with ransomware. The attacks are increasing and the demands are for larger ransoms.

Everyone. Although high-profile targets like hospitals and municipal institutions make headlines, thousands of business owners are defrauded every day. On average, one business falls victim to ransomware every 14 seconds.

Small and mid-sized businesses are especially vulnerable because they typically do not have access to the kind of comprehensive security resources that large enterprises can afford. Small businesses that do not rely on reputable third-party managed service providers make especially easy targets.

Cybercriminals have shown that they are willing to target hospitals and public institutions without shame. The greater the need for functioning IT systems is, the more likely the cybercriminals are to get paid. This is how the cybercrime profit cycle perpetuates itself.

What Can Small and Mid-sized Businesses Do About Ransomware?

 

Organizations caught unprepared have few options. Although cybersecurity experts correctly warn against paying the ransom, desperate business owners often pay anyways. But the relief is only temporary. 60% of small and mid-sized businesses victimized by cybercriminals do not recover and shut down within six months.

Preparation is key to successfully resisting a ransomware attack. Organizations that cannot afford to develop, implement, and deploy state-of-the-art security resources need to contract a reputable third-party vendor for the purpose.

Even enterprise-level organizations with tens of thousands of employees often find themselves opting for a managed solution instead of an in-house one. The cybersecurity industry is experiencing a widening talent shortage, making it difficult even for deep-pocketed businesses to hold on to their best security officers.

Introducing IronOrbit: Comprehensive Ransomware Protection

IronOrbit achieves best-in-class ransomware protection through a unique approach to cloud desktop hosting. There are three key processes that must work together flawlessly to guarantee ransomware resilience:

1.   Prevention

The best way to prevent a ransomware attack from taking place is preventing the initial malware deployment. Firewalls, email filters, content filters, and constant patch management all play a critical role in keeping malicious code out of DaaS systems.

Maintaining up-to-date software is more important than most executives and employees realize. Since NotPetya used the same attack vector as WannaCry, its victims entirely consisted of individuals and businesses who neglected to install security patches after the WannaCry crisis.

2.   Recovery

There is no way to guarantee 100% prevention. However, business owners and their IT teams can circumvent the damage ransomware causes with consistent backup and restoration tools. IronOrbit’s disaster recovery features can wind back the clock, reloading your entire suite of business systems to the state they were in just before the attack occurred.

3.   Remediation

Ransomware recovery cannot guarantee business continuity on its own without best-in-class remediation tools. Without the ability to trace the attack to its source in a fully logged environment, there is no way to tell whether the attack has been truly averted or not. IronOrbit uses state-of-the-art digital investigation tools to track ransomware attacks to their source and mitigate them.

Schedule a Consultation with an IronOrbit Security Expert

IronOrbit has helped numerous businesses capitalize on the efficiency and peace of mind that secure DaaS solutions offer. Protect your business from the threat of ransomware with the help of our expertise and knowledge.

 

What is the True Cost & Benefit of Moving to the Cloud

Moving to the cloud should be more of a business decision than an IT decision. Cloud servers are a keystone of modern business technology. Once you consider moving to the cloud as an initiative to make full use of new technology, you begin to envision the kind of agility, stability, and responsiveness the cloud enables down the road. It’s also a solid first step in future-proofing your business. This perspective demands a view on ROI that moves beyond calculating dollars and cents.

 

Calculating ROI
Calculating the ROI of your technology investment doesn’t have to be rocket science, but remember what Einstein once said, “Not everything that counts can be counted.”

Looking beyond spreadsheets and calculations means considering how your technology helps you meet your strategic objectives.  Long-term success depends on a proactive agenda of workforce transformation, strategic flexibility, security, and manageability.  Are your technology investments driving productivity for your business? Are they solving challenges or creating more problems? Answers to questions like these are the main reasons why many companies are moving to the cloud.

 

Forrester released a report in early 2019 that stressed the importance of corporate leaders to gain more fluency in the technology choices made. They need to understand the different performance yields of different innovation efforts. It’s important to be visionary about where the company is headed during the years to come. Know what is at stake should you keep your IT infrastructure on-prem or move it to the cloud. Become focused on how to make business technology a basis of a durable strategic advantage.

Board Meeting
While corporate leaders need not be able to use devices, programs, and apps, they should know enough about them to discuss them intelligently with the team.

In a more recent podcast, Forrester gives its top predictions in IoT, AI, and cloud computing.

About half the big enterprise outfits that try to transform their systems fail or stall under the sheer size, and complexity of the process. Certainly, a large part of the problem has its origins in the failure to design a strategic plan that works. Don’t put the cart before the horse. Remember the carpenter’s rule, “measure twice, cut once.” You’ll avoid costly mistakes, both in terms of time and money, if you do research and get as much information as possible before you start spending resources on cloud migration.

ADVICE FROM EXPERTS 

Every organization has its own unique strategic needs. Not all businesses have the same priorities. There is no one-size-fits-all approach to developing a strategy or plan to move to the cloud. Any significant technological transformation requires analyses and consultation with experts in the field. It also helps if these experts know as much as possible about your business goals.

The first step is to become clear-eyed on the business strategy.  Evaluate business objectives and assess how your existing technologies align with meeting those plans. Inevitably gaps will become apparent.

Utilize the insights from the best technology consultants you can find. They’ll be able to recommend available options and optimal routes. In some cases, there may not be an immediately available option that best suits your objective. In those situations, something more innovative and customized to specific needs may be needed. This is exactly why a good advisor is critical to successful cloud migration. A good advisor will be a true IT professional, one who stays abreast of the latest technologies, but also one who has a comprehensive understanding of business operations. Having this kind of resource on hand can mean all the difference between a successful transformation or one that goes off the rails. Failed attempts are costly with absolutely no ROI.

While it’s true that every company is unique and each one has its own set of priorities for future growth and productivity, there are a few technology industry trends that can serve as a guiding light.

THE INCREDIBLE EVER-CHANGING WORKFORCE

This isn’t your grandfather’s workplace environment anymore. It’s not even your father’s workplace environment.  For people to become fully engaged and productive, they need flexibility over the tools they use. The choice of places to work would be nice too. Employees need reliable and secure access to the resources they use and depend on.  Consistency of experience shouldn’t be over-rated either.

Wakefield Research conducted a survey showing the scope of this on-going technological evolution. Not too surprising, the report found that 69% of the employees regularly work remotely. Some 21% of them blend environments by working both in an office and somewhere else, such as at home or a communal workspace (Starbucks anyone?). The survey went on to show that a whopping 80% of the office professionals agree that, within 5 years, businesses will not be competitive without using cloud-based apps. Future-proofing means leveraging cloud servers and taking advantage of new technologies as they become available.

MEETING RISING EXPECTATIONS, PRESSURES, AND DEMANDS FOR INCREASED SECURITY

New business models, competitors, and customer preferences emerge seemingly from nowhere. Turn around for a moment, and there are new things to look at. During this age of acceleration, all of us have to stay on our toes. We have to practically reinvent ourselves from Monday through Friday. Companies of all sizes have to move quickly to capture new opportunities. And if you think it’s intense now, just wait until next year and the year after that. Modern technology and its impact on business is moving at an exponential rate.  I’m getting dizzy just thinking about it.

Even as things are moving at breakneck speed, security demands have never been greater. Security is also more challenging than ever.  Check out our previous blog on cyber attacks and ransomware for some not so gentle reminders of how costly cyber attacks can be. IT transformation has increased the opportunities available to would be hackers. And these hackers have their choice of mobile devices, web apps to IoT. New mandates, like the General Data Protection Regulation (GDPB) have raised the stakes for everyone.

As companies increasingly leverage the cloud to store customer data, SOC 2 compliance is becoming a necessity.
START AT THE BEGINNING

So, let’s start at the beginning of any company’s transformational journey. Ask the question, “Can your current technologies help you meet all the requirements in ways that enable you to move quickly and stay on top of your priorities?”

 

Wakefield Research shows that 69% of the employees regularly work remotely and 21% of them combine home and office environments.

MOBILE FORCES

MORE PRODUCTIVITY, WITH LESS STRESS AND IN LESS TIME

It’s becoming more common to see employees working from home or both at home and in the office.  Where ever they choose to plow through their day, they need tools that are smart, fast, seamless. They need to work collaboratively. They need to be open robust programs like Revit, or SoftImage, or After Effects, and use them quickly, seamlessly, and without interruption.  Having apps on cloud servers enable distributed teams to collaborate easily across great distances.  Whatever the scenario, the new IT setup needs to empower your people to get more things done, more easily.

 

KEEP IT SIMPLE

Before making an investment in technology, consider if it adds to the complexity of your workplace or helps reduce it.  Does it help to streamline operations? In other words, does it impose a burden of daily management that diverts attention and resources? Or does it free-up people’s time so that they can focus more on their own work.

 

SECURITY IS A CHALLENGE

The threat of cyber attacks is greater than ever. A breach of security can be devastating. Finding skilled security professionals has never been more difficult. The more complex the IT environment, the greater the security risk. There are more openings for attacks. Consider public networks, mobile devices, and web apps. There are insider threats, phishing, and so on.

Sometimes it may be worth taking on the additional security risk in exchange for exceptional business value. It’s a trade-off that should be factored into the evaluation of your transformation strategy. Keep in mind, if a technology can make security simpler, more transparent, and more effective, that’s an advantage.

Cryptojacking is the unauthorized use of one’s computing devices. It is accomplished by injecting the system with hidden code that immediately starts benefiting third parties. About two-thirds of companies targeted by ransomware attacks have been infected.
LEVERAGE THE FLEXIBILITY TO IMPROVE STRATEGY

It’s a great period of time to be an IT professional or developer. The hybrid, multi-cloud era has brought tremendous freedom and flexibility to what used to be just a metal box and a lot of colorful cables.  Now, cloud technology enables us to provision resources and demand, scale easily, and support users anywhere. Cloud servers also allow for beefed up security and greater performance. The cloud is where data rules supreme.  It’s not under the rug, in the closet, or filed away on hard drives stored in a drawer. We now have a place, seemingly with no limits, to put all the data we’re accumulating (organizations stockpile data but seldom dispose of it).

On the user side of things, cloud computing has given employees the freedom to choose any device, time, or place to work. These various cloud options mean a consistency of quality user-experience.

The prediction is that 41% of enterprise workload will be run on public cloud platforms by 2020. Another 20% will be private-cloud-based, while 22% will rely on hybrid cloud adoption.
NO TECHNOLOGY EXISTS IN A VACUUM

If one of your investments limits the utility of another, it degrades the value of both. A Good strategic transformational designer will always look at the big picture and assess how everything is connected.

When it comes to remaining profitable while future-proofing a company, not everything is about dollars and cents. Considering the ever-evolving workplace, with all its need for mobile applications, collaboration tools, data crunching, and massive amounts of storage. Keeping our eyes on the big picture is necessary if we’re to evaluate ROI accurately.

The true ROI has to do with information technology that advances key priorities such as productivity, reducing complexity, strengthening security, and ensuring choices are available whenever needed.