Monthly Archives

March 2021

Security Protocols

Mitigating Potential Threats with Sound Security Protocols

By | Cloud, Data Protection, IT Support, managed It services, Networking, Security
Cloud Migration Free Resource

As cybersecurity becomes increasingly more complex, many organizations lack the resources or knowledge they need to create an effective security strategy. That’s why you need a trusted expert who not only understands the latest security trends but can accurately define your business requirements and implement a plan that aligns with your current and long term needs.  This is especially critical as companies move toward more hybrid cloud environments.  

 

One of the biggest advantages of the cloud―flexible data access―can also be a major weakness if security isn’t effectively factored into the equation. Safeguarding systems and assets against rising threats is crucial, but levels of protection should be carefully balanced against your unique business objectives.  

 

Technology plays a critical role, but equally important is the need to work with an experienced security expert capable of creating and maintaining effective security practices. Bad actors and cybercriminals s are continuously exploring new ways to penetrate your defenses, which underpins your need to develop and implement sound policies based on defined user preferences and your unique business needs.

 

Your managed service provider should be capable of implementing advanced security techniques and practices, including strong access controls, the latest malware protection, and proactive security scanning. You’ll want to make sure the provider you work with can adapt to change and growth and remains on the cutting edge of technology innovation.  

 

Your service provider’s security operations team should be able to clearly demonstrate the practices and processes it uses to safeguard vital business assets. To protect sensitive data, IT policy controls should be automatically enforced through technical elements, such as authorization, authentication, access controls, password complexity, alerting, and system monitoring. 

 

Your security provider should be clear about its procedures for keeping you informed about the ongoing performance and support issues. Your service provider should be able to clearly outline and define its response capabilities. What is the expertise level of support staff? What is the standard response time? What are your protocols for data access? 

 

Most managed security teams operate 24/7, with staff working in shifts to continually track and record activity and mitigate potential threats. Among the core operational protocols and security responsibilities include: 

 

 

Manage access. 

 

Strong application controls like encryption and authentication can help safeguard information across networks and on endpoint devices, helping to thwart attackers from transferring or copying critical business data. Your cloud provider should be able to provide documentation that shows a separation of duties for administrative functions, disclosing the level of access that each user has and how those levels are maintained. 

 

 

Define policies and procedures

 

Usage policies define what behaviors are and aren’t acceptable. You most likely have some protective measures in place to address internal threats. To help bolster this vital layer of defense, your security provider will work with you to define and implement policies and practices based on your usage preferences and requirements or mandates specific to your particular market.

 

Data protection. 

 

Data encryption is critical for organizations operating in a cloud environment, helping to make sure critical data remains protected while in use, at rest, or in transit. For even greater protection, consider full-disk encryption, which it encrypts the complete hard drive, safeguarding the data as well as the applications and operating system.  

 

Manage deleted data. 

 

Within a typical cloud environment, sensitive data can easily find its way into uncontrolled and hidden systems and services. When it’s time to delete confidential data, or remove resources storing sensitive data, it’s important to consider the potential spread or replication that often occurs during normal IT operations. Your service provider will analyze your cloud environment to determine where confidential data may have been cached or copied and decide the proper steps to help ensure successful deletion of the data.   

 

Preventative measures

 

To help potential threats, effective security protocols include preventative measures designed to keep team members up to date on the latest cybersecurity trends, recent advances in security techniques, and updates on new emerging threats. This knowledge can help shape your security roadmap and improve disaster recovery planning, helping to guide and prioritize your response in the event of a data breach. Preventative measures and protocols also include actions to mitigate potential, including regular updates to existing systems; modernizing firewall policies; identifying and correcting vulnerabilities.

 

Continuous monitoring

 

Security controls define the methods and protocols used by the operations team to monitor the network to identify anomalies or suspicious activity. Continuous network monitoring helps ensure your security team is immediately informed of potential or impending threats, putting them in the best position to prevent or mitigate impact. Continuous monitoring enables security teams to strike and optimum balance between proactive and reactive measures as any abnormality in activity is immediately detected.  

 

Effective recovery. 

 

In the event of a disaster, security protocols will be executed to recover systems and restore compromised or lost data. Actions may include wiping endpoint devices, reconfiguring and testing security systems, or implementing effective backups to circumvent the attack. Effective recovery execution will return your cloud infrastructure to its original state. Procedures and steps should also be in place to figure out what happened and how it happened. The security team will use event and log data to track the problem and identify the source.

 

Ensure compliance

 

Many cloud security processes are shaped by established protocols and best practices, but some are guided by compliance requirements. Your managed service provider is tasked with regularly auditing of enterprise systems to help ensure consistent regulatory compliance. Following regulatory protocols not only helps safeguard confidential data, it can also protect your organization from legal challenges and reputational damage resulting from a data breach.

 

A strategic approach to cloud security

As with any IT investment, migrating to the cloud comes with certain risks. Minimizing those risks and capitalizing on the full potential of cloud requires a strategic, pragmatic approach, evaluating essential infrastructure requirements, security protocols, risk factors, performance needs, and cost considerations.

it network assessment

Everything You Need To Know About Network Assessments

By | Cloud, IT Support, Networking, Security

Some businesses may think that once your network is set up you no longer need to invest any time or resources in it, but that is simply not the case. Your business’s network is constantly evolving and changing. Your network needs to be able to handle the growth of your business to ensure that there are no disruptions. One way to make sure your network goals and business goals align is by performing a network assessment

Unfortunately, assessing a network is often one task that is left at the bottom of any team’s to do list. This can create a number of problems that will send shockwaves throughout any organization. Any organization’s network can quickly become too complex and tangled to secure and manage if not properly managed. Companies that do not perform network planning and management miss out on optimization opportunities that could drive quality improvements and cut costs. 

Understanding the importance of a network assessment starts with a basic understanding of what a network assessment entails. 

Cloud Migration Free Resource

What Is A Network Assessment?

 

A network assessment is a comprehensive analysis of your organization’s entire IT infrastructure, management, security capabilities, and overall network performance. Network assessments are powerful tools that can be utilized to identify performance gaps, areas for improvement, and network functionality. The knowledge obtained during a network assessment can help executives make key decisions around IT infrastructure and strategy going forward. 

 

Often organizations will order network assessments when their IT systems become too big or too complex. There may be issues popping up that are difficult to pinpoint through standard IT analysis. At this point, it can be difficult for organizations to gain a full understanding of what is happening throughout their network. Companies should be performing network assessments often to ensure that their systems are never out of control. 

 

What Does A Network Assessment Include?

Every organization’s network is different, which means that every network assessment will also be unique. A majority of network assessments have a few commonalities that organizations can use to build their own network assessment strategy. 

 

Take A Physical Inventory

Any network assessment has to include accounting for all IT inventory that your organization has. If your organization has no idea how many servers and users have, then you will certainly have a difficult time understanding all of your IT infrastructure. Accounting for all of your physical assets can help your organization properly assess your network. For some organizations accounting for all IT assets could take weeks or even months. Identifying all of the physical IT assets can help teams identify which assets are being underutilized and what infrastructure needs are being neglected. 

 

Cybersecurity Evaluation

Another key part of any network assessment is identifying any vulnerabilities present in your IT systems. The cybersecurity assessment portion of a network assessment examines current security controls and how effective they are in reducing overall cybersecurity risk. This portion can identify any vulnerability in a network, such as an inefficient firewall or outdated software applications. 

 

A cybersecurity assessment does not just involve hardware and software; a proper network assessment will also look at how users interact with the network. Employees and customers are often the greatest risk in regards to cybersecurity. Understanding how big of a risk human error is in the context of a network can help an organization reduce that risk. 

 

Network Performance Evaluation

Assessing your network will also involve evaluating the overall performance of your network. A slow network can frustrate not only employees, but potential clients and customers using your network as well. Poor network performance can lead to lost revenue and missed opportunities. 

 

Network performance can suffer due to a number of causes, such as faulty software configurations or a high number of users. Identifying bottlenecks can help your organization resolve any network performance issues. A performance evaluation will help your organization identify the root causes of slow network functionality. 

 

Potential Network Assessment Benefits

Network assessments are not just for show; they provide a number of advantages to organizations who put the time and effort into performing them correctly. Companies who invest in network assessments will have an edge over competitors who neglect their networks. 

 

Patching Security Holes

A network assessment can help your organization find security vulnerabilities throughout your IT network. A network assessment that is properly done will uncover risks throughout a network. Typically, a network assessment will rank risks based on their threat level and likelihood of occuring. Decision makers can then take the appropriate measures to prevent the risks from turning into reality. Organizations can utilize the cybersecurity assessment to prevent catastrophic IT events, such as data hacks. A data leak can result in the loss of customer trust and hefty government fines. 

 

Identify Cost-Savings Opportunities

Another advantage that network assessments offer organizations is the chance to identify inefficiencies in IT infrastructure. A majority of organizations have networks that are ripe with inefficiencies. Even the simplest network assessment can identify low-hanging fruit that teams can easily work on. Executives can then capitalize on these opportunities and drive down costs and improve efficiencies. 

 

If your organization does not have the capabilities to properly conduct a network assessment, you may want to consider hiring some outside help. BACS has worked with various organizations to help them perform network assessments.  

 

BACS Helps Organizations Optimize Their Networks

The experienced team at BACS can help your organization perform a proper network assessment that will give you the big picture of your IT infrastructure. No matter how complex or simple your network is, BACS will ensure that you make the right IT infrastructure decisions going forward. From identifying security flaws to creating cost savings, network assessments can help drive your business grow. 

 

The BASC team is here to help you and answer any questions you may have regarding network assessments. Reach out to BACS today to learn more about network assessments and how a network assessment can help you drive business growth. We can develop a customized network assessment plan that meets your business needs. 

ent plan that meets your business needs.

Virtual Desktop Deployment

Benefits of Virtual Desktop Deployment

By | Business Continuity, Cloud, IT Support, Networking, Technology

Implementing virtualized desktops across your enterprise environment can provide users with a high-definition desktop experience while helping to improve security and reduce costs. While the potential benefits are compelling, implementing an effective virtual desktop environment requires more than installing and configuring software.

In planning your virtualized desktop deployment, it’s important to look beyond the potential cost savings and make decisions in the context of an actual business case. That means carefully considering your goals, computing needs, resources, and many other factors. 

While no single strategy can cover every possible need or scenario, a sound implementation plan should take into consideration potential risk factors and adhere to best practice methods and procedures for optimum performance and return on investment.

 

New call-to-action

 

 

Define business needs.

 Virtual desktop deployment projects can rapidly expand in scope and complexity. That’s why it’s important to be clear about why you want to move to desktop virtualization. Understanding which capabilities and which performance requirements are most critical will help ensure you choose the optimum mix of infrastructure for your unique business needs. If you’re starting with just a few applications, determining performance and infrastructure requirements is easier because you’re not transferring every desktop to the cloud, but rather just a few applications to certain end users. You can use this initial scoping exercise to begin capacity planning. What are your current processing and storage needs? How many users will you be extending desktop services to? What will your virtual environment look like in a year or two years? 

 

Create a server plan. 

Servers are at the core of your virtualized desktop infrastructure, so it’s vital that I/O, memory, and other resources are available to support the processing requirement of desktop users. This requires having a clear understanding of the capabilities and limitations of your existing server environment. What applications and workloads run on which servers? What level of performance and availability do these workloads require? One drawback with creating multiple virtual machines from a single piece of hardware is that if that hardware fails, the entire configuration can be compromised. One remedy is to distribute virtual desktops across several servers so that a failure in one server won’t shut down all users. A more advanced approach is to implement a server cluster for virtual desktops, which spreads workload processing across all servers and can transfer the load to other servers in event of a fault. 

 

 

Implement access controls.

Although virtual desktops can provide users with a more flexible experience, it’s critical to closely manage which users are allowed access to specific applications and data. The more connections linking to a single device, the greater the risk of data exposure or compromise. The challenge is creating policies that aren’t overly restrictive. Ideally you want users to be able to maintain control of their devices while making sure operational flexibility does not undermine existing security policies and controls. Also, be sure to sure you include virtual desktop servers and endpoint data storage in your overall backup and disaster recovery plan.

 

 

Check compatibility. 

Make sure the hardware you select is compatible with the software you intend to virtualize. Many virtualization packages will support a standard set of hardware regardless of where that software resides. This will help ensure you have a standard hardware design template for each virtual machine, helping to reduce the time and effort in managing different driver versions across your virtualized environment. Consider what components are needed for a successful scale-up. IT teams often overlook the components needed to scale up to a virtualized environment, including host hardware, storage, networks, and hypervisor.

Allocate sufficient resources.

Virtualization increases the hardware requirements for your environment. So in the process of scoping out your ideal virtual system configuration, it’s important to makes sure you have sufficient storage and processing power for your virtual machines and software. This means your host servers must first have enough resources to support your virtualization software of choice, plus the operating system and software used within the virtual machines. How many users do you anticipate using the service at the same time? Is your network infrastructure capable of supporting this new client-server communication load?  An inadequately powered virtual machine or server diminishes the benefits of desktop virtualization. 

 

Train users.

The shift to desktop virtualization will alter the way users manage their endpoint devices, so training is often an integral part of the deployment effort. The resource sharing capabilities that virtualization enables can presents a number of issues that will need to be addressed. Which users will have control? What new skills will be required?  Training doesn’t need to be extensive since the desktop user experience should not change substantially. However, users should be aware of changes to their access controls and rights concerning their desktop privileges.   

With the right virtual desktop deployment strategy, you’ll be able to reap several important benefits:

Better productivity. 

Virtualized components can be configured and implemented quickly, reducing the time and complexity involved with provisioning new servers, storage or other resources. Fewer physical components also reduces the time and expense needed for ongoing management and support. 

 

 

Lower costs. 

The ability to create virtual versions of computers allows you to significantly reduce hardware costs. Less hardware to install reduces space requirements along with power and cooling expenses, allowing you to reinvest this savings into more strategic initiatives.    

 

Enhanced data protection. 

Virtualization helps simplify data protection processes. With consistent and automated data backups, meeting your recovery time objectives becomes a more reliable process.

 

 

Improved scalability. 

A core benefit of a virtualized environment is the ability to quickly configure the infrastructure to meet shifting business requirements. Virtual desktop machines can be rapidly reconfigured to enhance their “hardware” performance capabilities ‘on-the-fly”.

 

 

Better disaster recovery. 

Automated failover capabilities inherent in most virtualization platforms helps improve recovery so that if a disaster hits, your infrastructure is already preconfigured with the proper backup and recovery steps to ensure systems are brought back online quickly and securely. 

Charting a path to success

Making the right decisions about how to best leverage virtualized infrastructure can be confusing. It often involves tradeoffs with significant strategic impact. Your best bet: Don’t go it alone. Work with an experienced virtualized expert whose core focus is improving your technology and optimizing your return on investment. Implementing an effective, smooth-running virtualized desktop environment can be challenging and time-intensive, but when done correctly, the effort will pay dividends far beyond the initial investment.  

Reasons Your Cybersecurity Is Broken

3 Reasons Your Cybersecurity Is Broken (And How to Fix It)

By | Data Protection, Security

Fixing cybersecurity problems in your organization should be a priority. As the tactics of cybercriminals become more advanced and the number of attacks increases, fixing cybersecurity problems narrows the opening by which these malefactors can pass through. An incident that occurred at the close of 2020 and hammers home the importance of strengthening cybersecurity is the FireEye data breach. A cybercriminal was able to infiltrate the top security firm’s network and steal tools it uses for testing customer security methods. By all accounts, the security firm did everything right to prevent an attack. The unauthorized access in this incident was characterized as one that was custom designed to infiltrate FireEye’s specific data security system. If an experienced security firm can encounter a cyber incident, it can happen to any business.

The FireEye data breach has undoubtedly become a wake-up call for many organizations to fix the broken aspects of their cybersecurity. Unfortunately, there is no one-size-fits-all guide for resolving cybersecurity weaknesses. If you aren’t sure where to start with fixing cybersecurity issues, addressing the following three common problems can help to mitigate your organization’s cybersecurity risk:

 

1: Unpatched Security Flaws

2: Inadequate Access Controls

3: Human Error

1: Unpatched Security Flaws

Neglecting to patch flawed security is a significant problem because cybercriminals are aware that organizations often neglect to patch security flaws in a timely matter and search for these vulnerabilities to exploit them. A popular example of the consequences of unpatched software is the Equifax data breach. Equifax used third-party software for a consumer-based service (credit disputes) and were notified by the company that a security vulnerability existed. Just two months later, Equifax still hadn’t patched the software and cyber criminals gained access to internal servers containing customer data. Nearly 150 billion of Equifax’s U.S. consumer base was compromised. The unpatched security vulnerability ended up costing Equifax more than $500 million which includes their settlement to mitigate the damages caused by the incident.

Here are five tips for addressing unpatched security flaws:

The obvious first thing you should do is make sure all security patches are applied. According to a report published by Project Zero, a group of Google security analysts, 25% of the 0-days detected in 2020 could have been prevented by patching software.

Keep an eye on critical security vulnerabilities that may impact third-party organizations that have access to your network. One of the regular activities of the Cybersecurity and Infrastructure Security Agency (CISA) is to publish a list of Current Activity related to “high-impact types of security” that affect the U.S. While the listing includes basic information, vulnerabilities requiring software updates are most prevalent.

Patching software can be a tedious task, especially when you have multiple systems to update. Consider using a patch management tool that allows you to remotely deploy a software update to several systems at once from an interface that you can set up with your organization’s specifications.

If your organization is concerned about potential problems that a software update can cause, implement a patch evaluation process that consists of first testing patches on non-critical systems and monitoring the final deployments for any disruptions.

Another option for automating your patching efforts is to consider a cloud patch management service. These services usually consist of scanning systems for known vulnerabilities and deploying software updates, as necessary.

2: Inadequate Access Controls

You should know all the people, devices, and systems that are able to access your network and implement adequate access controls. How important is controlling access to your critical data? The notable Capital One security breach is an example of what can happen when there are insufficient access controls. A singleton cybercriminal (eventually discovered to be a former Amazon employee) was able to gain access to their server hosted by Amazon Web Service (AWS). The criminal obtained personal information for more than 100 million Capital One customers. Capital One estimated that recovering from the incident would cost the company about $150 million.

Implementing adequate access controls not only protects your organization from external intruders but also internal malicious attacks. According to recent research performed by Ponemon Institute LLC that was based on interviews of IT security professionals around the globe, insider breaches cost organizations as much as $871,686 and has tripled in frequency since 2016.

The following are five ways you can improve access to systems and data within your organization:

Create an inventory list of all the employees, resources, and data in your organization that have access to the network. Determine the level of access each of these requires. For example, specific individuals in a financial department require access to the company’s accounting information.

Develop an access control policy that specifies the employees and resources that are granted access to critical systems and data. Make sure you store the information in a safe place.

Implement an authentication system that verifies the identity of employees accessing critical data. To complement this step, consider investing in monitoring software that analyzes access to your network for unusual activity.

Prohibit employees or third-party vendors from connecting to your organization’s network using unsafe public Wi-Fi networks. As an alternative, consider implementing a virtual private network (VPN), which uses an encrypted virtual tunnel to connect to a network, for remote access users.

Hopefully, you already backup all data to a central server or cloud service and all employees know to use strong passwords. In case a system or device that is used to connect to your network lost or stolen, consider installing software on these systems that is capable of remote access that allows you to locate it and prevent unauthorized access to its data.

3: Human Error

If your organization’s cybersecurity plan is focused primarily on protecting the network from outside intruders, you likely have a critical weakness in your system. According to a Verizon Data Breach Investigations Report (DBIR), 34% of the more than 40,000 security events they analyzed were committed by internal actors. There are many data breaches that have exposed the importance of addressing human error. In September 2020, the U.S. Department of Veterans Administration (VA) suffered a security breach due to cyber criminals obtaining access to a financial system used by the organization. In addition to attempting to divert funds from the VA, the cyber criminals were able to access the personally identifiable information (PII) of nearly 50,000 veterans. Modifications to how the VA performs its financial operations are projected to cost $2.5 billion. The VA security breach highlights the consequences of social engineering. The cybercriminals were able to access the VA system using social engineering to trick employees into providing their credentials.

The types of social engineering include smishing (phishing via phone calls or text messages), harpooning (phishing by impersonating executives and using information from social sites), deepfakes (editing a legitimate video or voice clip for the purpose of acquiring personal information), and vishing (impersonation via phone calls or voice message).

The following are five tips for addressing human error in your organization’s cybersecurity plan:

Continuously train employees about social engineering, including, how to identify and report suspicious email, neglecting to provide personal information requested via email, and refraining from clicking a link in an email unless you are 100% sure it is from a legitimate source (contact the sender via phone or other means besides email to confirm).

Use network and email security solutions such as firewalls, antivirus software, antimalware software, anti-phishing solutions, and email spam filters.

Implement a multifactor authentication (MFA) system to add an additional method of validation.

Use SSL digital certificates to encrypt all data flowing to and from your network.

Create an accepted list (also referred to as a whitelist) of applications and email addresses that employees can access. Review this list regularly and make any necessary changes.

Next Steps

Hopefully, the FireEye data breach mentioned earlier doesn’t cause you to relinquish the quest to fix the problems with your organization’s cybersecurity. While such custom cyberattacks occur, they are not the most prevalent. Practicing due diligence and fixing cybersecurity problems that are impacting your organization will strengthen your defense system and help to prevent security incidents that can negatively impact your business and the relationships with your customers. If your cybersecurity team doesn’t have the resources to fix the critical problems mentioned above, it’s a good idea to partner with an experienced cybersecurity team to ensure all the cybersecurity problems impacting your organization are addressed.

BACS is a team of consultants with a full range of IT security experience. We are equipped with the tools necessary to perform comprehensive infrastructure analysis to determine where vulnerabilities exist and develop a comparable plan to resolve the issues and establish a robust foundation. We also offer assistance with developing a thorough cybersecurity training program to educate employees and help fix security issues associated with social engineering.