Category

Security

wifi-security

Safeguarding Your Business from Wi-Fi Vulnerabilities

By | IT Support, Security

Businesses today must manage an ever-growing number of security risks. From client database breaches to malicious ransomware attacks, cybercriminals are continuously searching for new opportunities and methods of exploitation. One high-risk area that is often overlooked is your company’s Wi-Fi network.

While Wi-Fi offers the advantage of fast and easy access, this convenience is also its weakness. Unprotected Wi-Fi connections provide hackers with easy network access, allowing them to introduce malware onto any connected systems and devices. This malware can instigate a number of serious attacks, including phishing, DDoS, ransomware, and more.

 

Closing the gaps on Wi-Fi security

In the age of digital proliferation and broad network connectivity, creating a detailed, well-defined network security strategy is more critical than ever. It requires a holistic approach that effectively blends proven practices with cutting-edge techniques. Following are some common sources of Wi-Fi security vulnerabilities, along with some best practice strategies to address them.

 

Outdated firmware.

Keeping your business-critical data secure hinges on making sure your Wi-Fi network is operating with the latest firmware updates and patches. In some cases, your router will prompt you when an update is due. But for many IT teams, keeping firmware and drivers up to date can be a tedious, easy-to-overlook task. The best approach is to stay proactive. Periodically check the manufacturer’s website for any updates or patches for your device and keep this task high on your list of ongoing IT priorities. Today’s cybercriminals are persistent. Staying one step ahead requires ongoing diligence on your part.

 

A poorly protected print environment.

All devices connected to a business network, including copiers and printers, represent an area of risk that often falls outside the normal security responsibilities of an IT organization. Still researchers have identified print networks and printers as potential sources of security failures and data breaches. That’s why print security best practices should be given ample attention and action, including configuring appropriate IP addresses and status, and password-protecting connected printers, along with the entire print network.

Improperly managed user behavior.

A security system’s overall effectiveness hinges on correct user behavior within that system. Even robust systems can be compromised by an employee clicking on a phishing email, an ineffective firewall, or even accessing a network site on an unfamiliar device. Another area that demands business Wi-Fi attention is mobile device security. Inappropriate user behavior on a business network, including digital apps and email, can threaten a network’s security. Mobile device management focuses on both business-owned mobile device security protocols, and private or guest devices on a network.

 

Network piggybacking. 

Piggybacking on network access is a way of creating a wireless connection by discretely tapping into another subscriber’s wireless service without their knowledge or permission. This can be done from any wireless-enabled computer, and depending on the location of your business’s wireless access point, and can be completed from up to 1,000 feet away. Once on your network, the unwanted users can hack into sensitive information, monitor web traffic, or conduct other illegal activities.

 

Ineffective firewall.

A properly implemented firewall plays a vital role in helping to keep your company’s networks separated from the Wi-Fi. It helps prevent potential hackers from breaching the Wi-Fi connection and making unwanted entry into your servers and company networks. In addition to your network firewall, consider installing a host-based firewall, which provides an extra layer of protection between the network and connected devices.

 

Lack of data encryption

Encrypting the data on your wireless network helps prevent those who might gain unauthorized access from actually viewing it. Should hackers breach the Wi-Fi connection, any data they obtain is scrambled and unreadable. Several encryption protocols are available to help enable this protection. The strongest encryption currently available is Wi-Fi Protected Access 3 (WPA3). While WPA and WPA2 are also available, the best approach is to implement technology that specifically supports WPA3, since other protocols lack the robust protection today’s networks require.

 

Reaping the benefits of outside expertise

Whether you are upgrading your existing Wi-Fi network or starting from scratch, the best protection can be achieved through careful planning and expert execution. That’s where the knowledge and experience of a competent managed serviced provider can deliver substantial value.

By outsourcing your Wi-Fi security to an outside expert, you benefit from a more robust network design, clear policies and procedures, and better awareness of potential vulnerabilities and weaknesses. These outside experts can suggest tools and techniques for improving network speed and efficiency and recommend the latest best practices for securing your Wi-Fi network. These include:

 

Network monitoring.

Monitoring is the first line of defense against unstable or unforeseen events that affect your network performance and security. Real-time monitoring of Wi-Fi traffic through routers and network servers provides IT teams with vital insight into user behavior and trends, and helps speed response time in the event of a breach. Proactive monitoring of your business Wi-Fi network can help your thwart issues before they become a more serious problem. Remote monitoring capabilities are particularly critical for satellite offices.

 

Router protection.

Keeping your router out of public reach can help reduce the potential for tampering or someone attempting to circumvent security protocols. It only takes a few seconds to restore the access point to factory default settings. For optimum safety, keep the router high on a shelf, secured behind a door, or otherwise out of reach where a bad actor could potentially gain access without authorization. Router ports can also be secured by properly defining the IP address.  Be sure your router access point is housed in a secure area, such as a locked room or closet.

 

Maintain antivirus software.

Be sure to install the right antivirus software and keep your virus definitions up to date. Make sure your practices include automated patching to help enforce policies and keep systems and networks up to date and enforced with the latest software patching. Also, make backups of all your data and software on a storage device that is not attached to your network or computer. Confirm that all your backups are operating properly and test them on a regular basis to make sure they will perform when you need them.

 

Protect your SSID.

To help prevent hackers from gaining easy access to your network, avoid exposing your SSID. At the minimum, be sure to change your SSID to a unique identifier. Keeping the manufacturer’s default ID in place could open the door to an attacker skilled at identifying the type of router and possibly exploit any known weaknesses.

 

Employ a VPN.

Installing a Virtual Private Network (VPN) as part of your Wi-Fi infrastructure can be a highly effective way to bolster your overall network security strategy. VPNs conceal user identities by masking IP addresses and routing data through a, alternate IP address.  By encrypting connections and sending and receiving points, VPNs help keep out improperly encrypted traffic. Cybercriminals who manage to access to data via your VPN will find it useless, since it is encrypted on its way from sender to a receiver.

 

Bolstering your IT strategy

With losses from cybercrime now reaching epic proportions (up to $6 trillion globally), Securing every aspect of your network is more crucial than ever before, and that includes making special considerations for your Wi-Fi security. Wi-Fi security is not only essential to sound IT strategy; it’s a smart business practice.

construction-company-cybersecurity

Everything Your Construction Company Needs For Cybersecurity

By | Data Protection, Security

As a construction company, you may be surprised to learn that hackers are increasingly targeting the construction industry. One study performed by security vendor Sophos found that out of 203 construction companies, 68% had suffered a cybersecurity attack in the past year. There was even one instance where hackers were able to take control of a crane remotely. 

Some construction companies may not be interested in cybersecurity, as they want to focus mostly on what they do best. Many owners may downplay potential cybersecurity threats, but they should be paying attention to these threats. Even if your construction company does not want to actively focus on cybersecurity, there are a few reasons why you should care about cybersecurity. There are also some cybersecurity essentials that you need to have in order to properly protect your business. 

 

Why Should A Construction Company Care About Cybersecurity?

Cybersecurity is important no matter what industry you are operating in. There are a few reasons that your construction company should care about cybersecurity. The most important reason may be data. 

 

Data

Your organization is responsible for all of the valuable information and data that it holds onto. Hackers want this information and will do nearly anything in their power to gain access to it. Your company has to do everything in its power to prevent this from happening. The loss of competitive data, such as bidding strategies, can hamper your ability to do business. 

A hacker could gain access to valuable blueprints and designs, which could compromise an entire project. A hacking breach can result in the loss of trust between your company and a fantastic customer. You could lose valuable customers if you suffer a hacking incident. Hacking incidents can also make government contracts harder to win against a competitor who has not had similar issues. 

 

Downtime

Hackers can create serious headaches for any organization. One way that they can cause huge problems is by taking down machines, systems, and computers in an organization. Once a hacker gains access to your network, they can take systems offline and bring your entire company to a screeching halt. 

This can lead to multiple hours where employees cannot properly perform their work. If this happens multiple times each year, it can lead to millions of dollars in lost productivity. No organization wants to lose countless hours to get machines back up and running from a hacking incident. 

Now that we understand the importance of cybersecurity for construction companies, let’s discuss how your company can mitigate these risks. 

 

4 CyberSecurity Essentials For Construction Companies

Every construction company should at least have these basic cybersecurity essentials, which will give your business a comfortable level of security and protection. 

 

Firewall Protection

One of the most basic essentials that any company should employ is a firewall. A firewall is a network security system that monitors that incoming and outgoing internet traffic that can protect your construction company. The newest firewalls bring together a combination of security measures in order to keep your construction company safe. 

Firewalls can help prevent hackers from stealing valuable data and keep your systems free from any viruses. Most incoming potential threats will be blocked when it is detected by the firewall. Overall, a firewall should improve your cybersecurity outlook and prevent potential data loss. 

 

Email Security

Email has become one of the primary methods for communication for nearly all businesses. Ensuring that this line of communication is secure is key to any cybersecurity strategy. Having a dedicated email security software solution can help your company stay safe and build trust with customers. 

Email security solutions can scan outgoing and incoming emails to identify any potential threats and alert users to these threats. Two factor authentication can also help ensure that you are sending potentially sensitive documents to the right party. Email security will help keep your data safe, if employees are properly trained and educated. 

 

Education

Phishing scams are one of the most common ways that hackers utilize that enable them to breach an organization. Even the most educated, senior employees could fall for a sophisticated hacking scam. Consistent and thorough education will help employees make the right decisions when performing their daily activities and encountering phishing scams. 

Organizations should ensure that employees are educated about the latest phishing scams that are likely to impact safety. Employees that are educated on phishing can identify them and forward them to the appropriate team member. Your company can alert other employees to the scam to keep the hackers out of your organization. 

 

Backup and Recovery

Even the most robust cybersecurity strategies can fail at times, which is where backup and recovery comes into play. According to some estimates, more than 50% of all small and medium businesses do not have adequate back and recovery strategies in place. That is precisely why construction companies need to have backup and recovery systems in place for when something does go wrong. 

A proper backup and recovery system will ensure that your data will still be accessible if the worst happens. Construction companies can selectively choose which critical data will be backed up in a separate medium. You can rest easy at night knowing that your data has been backed up, if anything disastrous happens. 

All of these initiatives are not easy and require a certain level of knowledge. Most construction companies do not have the necessary expertise to ensure that these essentials are taken care of. Cybersecurity companies can help construction companies fill these knowledge gaps. BACS regularly works with construction companies in order to help them with cybersecurity projects. 

 

BACS Can Help You Construct Your Cybersecurity Defense

BACS has helped plenty of construction companies develop a customized cybersecurity defense strategy that can help your company fend off any potential hackers. Our team will work closely with your key leaders to understand your business and give you everything that you need. Your business can use our expertise to keep your data safe and secure. 

Reach out today to learn more about all of the offerings that BACS has. Our team is more than happy to answer any questions that you may have regarding cybersecurity. We can develop a customized cybersecurity solution for your construction company. Your team can focus on building your next project, instead of building your cybersecurity defense. 

 

Safe Harbor laws

Safe Harbor laws: Mitigating the impact of a data breach

By | Data Protection, Security

Today’s cybercriminals have become increasingly more sophisticated in their ability to exploit weaknesses in security defenses. When a data breach does occur, the biggest losers, of course, are businesses who must explain the impact to stakeholders and shoulder the cost of recovery.

To help minimize damage resulting from a data breach, most states have enacted Safe Harbor (Against Data Breach) laws, which are often linked to existing IT governance and security frameworks such as the National Institute of Standards and Technology (NIST). To be eligible, however, Safe Harbor rules require businesses to implement best practice security protocols and procedures as part of a clear, well-defined data security framework.

 

Safe Harbor advantages

The goal of safe harbor laws is to impel businesses to take proactive measures to protect sensitive and confidential data. When a data breach occurs, a notification requirement is triggered where the business must notify the compromised parties regarding the details of the breach. Depending on the jurisdiction, some laws may also require the business to notify credit bureaus and local government agencies.

Safe harbor laws provide businesses with two distinct benefits. First, they can help ease the level of scrutiny from regulators and reduce fines and penalties for data breach violations. The rationale is that if a business is following sound security practices, why should they be punished to the same degree as an organization that has invested little into data protection and security?

Second, the law provides a natural incentive for businesses to voluntarily improve their cybersecurity practices, which is a benefit for the marketplace overall.  What’s more, implementing robust security measures is a smart business strategy, particularly in light of today’s escalating cybersecurity threats.

 

Reaping the benefits of data encryption

Many safe harbor laws include a provision that rewards organizations that have implemented sound data encryption technology, allowing them to classify a data breach as an “incident” rather than a “breach.” The advantage of this classification is that it can exempt companies from the expense and (potential reputational harm) of having to comply with breach notification requirements.

While encryption offers an effective way to reduce risk, not all encryption will get you off the hook from notification. To fully protect your business and achieve safe harbor status, you must employ robust, role-based encryption and implement effective encryption key management techniques, including the protocols and procedures of how keys are generated, distributed, stored, and replaced.

Avoiding a breach altogether is always the better option, even if notification is not required. Understanding your current security posture and building an effective data security framework is more than managing a checklist of tools and policies. It requires a holistic approach that takes into consideration your unique data protection and access needs, regulatory and market pressures, and long-term business goals.

The good news is that with the right mix of technology, engineering know-how, and smart policies, building a solid data breach defense is possible.

 

Building a solid security foundation

While implementing the right technology, like strong access controls and user authentication methods, is important, it’s not the whole solution. The users who interface with IT systems must also be educated and instructed in how to perform their tasks. And, the policies and procedures that define the actions must be properly designed and consistently enforced.

Additional proactive measures can provide an extra layer as part of a comprehensive security strategy.

 

  • Create a culture in which people talk about data protection and security, and make security a clear priority. Teach users about secure online practices such as how to recognize potential threats and phishing attempts. Check their security awareness with in-house hacking checks and interactive security activities.
  • Simplify and streamline security with solutions that consolidate authentication, encryption and advanced threat protection into a single security suite. Compared with point tools, these integrated systems require a fraction of the IT resources required to maintain effective threat protection.
  • Deploy updated anti-malware to help prevent malicious software such as ransomware and viruses from sneaking into your network, and make sure your anti-malware software is consistently updated with the latest definitions
  • Define policies and procedures. Usage policies define what behaviors are and aren’t acceptable. Work with your internal team to define and implement policies and practices based on your usage preferences and requirements or mandates specific to your particular market.
  • Keep patches current―make sure your practices include automated patching to help enforce policies and keep systems up to date and enforced with the latest software patching.
  • Make backups of all your data and software on a storage device that is not attached to your network or computer. Confirm that all your backups are operating properly and test them on a regular basis to make sure they will perform when you need them.

 

Without a clearly defined plan and ongoing commitment to effective data protection and oversight, your organization may fail to meet the standards needed to reap the benefits of Safe Harbor protection.

Some important points to keep in mind:

  • Safe Harbor statutes can help minimize costs and potential reputational damage arising from data breach lawsuits.
  • Cybersecurity insurance can help ease the cost of recovery from a data breach incident.
  • Following data security best practices is the best way to leverage the benefits of Safe Harbor laws.
  • Building your security strategy around a framework like NIST can help ensure alignment with current security practices and techniques.

 

Combining technology with the right expertise

As cybersecurity becomes increasingly more complex, many organizations lack the resources and knowledge they need to create an effective strategy. That’s why you need a trusted security expert who not only understands the latest security trends, but can accurately define your business requirements and implement a plan that aligns with your current and long term needs

Safeguarding your vital IT infrastructure is not just a security concern; it is a fundamental business issue. It requires an intelligent investment in resources to meet an increasingly complex threat landscape. Ultimately, the cost of recovering from a breach will always be more exorbitant than any expenses incurred in safeguarding data with the right expertise and technology.

 

 

CCPA Privacy Act

What California Businesses Should Know About the CCPA

By | Data Protection, Security

The California Consumer Privacy Act (CCPA), which became effective January 1, 2020, grew out of a need to protect the privacy of consumer data at a time when data breaches involving the personal information of consumers are becoming commonplace. The state of California has the most data breaches and the most data records exposed (1700) in the U.S. That’s according to findings by Comparitech of data breaches between 2005 and 2020. During this time, California had a total of almost 5.6 billion records. It makes sense that the state would be the first in the U.S. to adopt strict regulations to protect the privacy of consumer’s personal information. Are you a California business wondering how the CCPA affects your operation? You should view the CCPA privacy rights as outlined in their entirety on the State of California Department of Justice website. The website provides all the information you need to determine if the CCPA applies to your business, what actions the business must take, and the penalties if the business does not obtain compliance.

The following are nine key takeaways from the CCPA for California businesses:

  1. The CCPA grants consumers specific rights regarding their personal information.
  2. The CCPA includes definitions of consumer and personal information.
  3. The CCPA impacts specific businesses.
  4. Businesses impacted by the CCPA have responsibilities regarding the personal information of consumers.
  5. Some personal information is excluded from the CCPA.
  6. The CCPA includes requirements for selling the personal information of children.
  7. Non-Compliance of the CCPA is enforced by the Attorney General.
  8. Consumers have legal recourse for business non-compliance of the CCPA.
  9. A security breach could become more costly.

1. The CCPA grants consumers specific rights regarding their personal information.

The CCPA grants consumers the following four rights regarding their personal information:

  • The right to know what personal information about them is collected, the purpose of collecting the information, and the reason collecting the information is necessary.
  • The right to request the deletion of their personal information collected by a business or service provider.
  • The right to opt-out of the sale of their personal
  • The right to not be discriminated against because they choose to opt-of sharing their personal information.

2. The CCPA includes definitions of consumer and personal information.

The two key concepts addressed in the CCPA are “consumer” and “personal information.” These terms are defined by the CCPA:

  • The CCPA defines a consumer as a natural person who resides in California, even if the person is temporarily outside of the state.
  • The CCPA defines “personal information” as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household such as a real name, alias, postal address, unique personal identifier, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.” The CCPA includes a long list of categories by which personal information can be identifiable.

3. The CCPA impacts specific businesses.

There are three questions that businesses can ask themselves to determine if the CCPA applies to their business:

  • Is your business a for-profit business that conducts business in the state of California?
  • Is your gross annual revenue more than $25 million?
  • Does your business “buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices”?
  • Does your business “derive 50% or more of their annual revenue from selling California residents’ personal information”?

If your business answers “yes” to any of the above questions, the CCPA applies to your business.

4. Businesses impacted by the CCPA have responsibilities regarding the personal information of consumers.

Businesses that are impacted by the CCPA must do the following:

  • Advise consumers that they collect personal information.
  • Inform consumers of the types of personal information they collect.
  • Inform consumers of their purpose for collecting personal information.
  • Reveal any third-party businesses to which personal information is distributed.
  • Provide a method for consumers to submit a request to access their personal data.
  • Provide consumers an opt-out option to selling their personal information. If a consumer later chooses to opt-in, the business must make the request and confirm their opt-in. The CCPA allows businesses to offer consumers who have not opted-out, a financial incentive.
  • Include a privacy policy on their website that includes the information stated above.

5. Some personal information is excluded from the CCPA.

The CCPA references the following exclusions:

  • Medical information that is governed by the Confidentiality of Medical Information Act (CMIA) or health information that is protected by the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 are not covered by the CCPA.
  • While employers are required to inform employees and potential employees about the personal information they collect and its purposes, the personal data collected and stored as part of being an employee, an employee’s emergency contact, or personal information used in processes for benefits is not protected by the CCPA.
  • Any aspect of the CCPA that prevents an impacted business from complying with other federal, state, or local laws is excluded.
  • Information that is available to the public is not covered by the CCPA.

6. The CCPA includes requirements for selling the personal information of children.

The U.S. federal government enacted the Children’s Online Privacy Protection Act (COPPA) in 1998 for the purpose of protecting the online privacy of children. The CCPA includes the following requirements of impacted businesses that extends that protection by giving parents and teenagers additional control over the personal data of minors:

  • Impacted businesses are prohibited from selling the personal information of consumers that are younger than 16 years old without prior authorization from a parent, legal guardian, or the minor consumer (when the consumer is age 13 or over).
  • The consent to sell personal information of minors must be verifiable using “reasonable methods” that are in line with the recommended methods stated in the CCPA. An impacted business must have knowledge that a consumer is under the age of 16.

7. Non-Compliance of the CCPA is enforced by the Attorney General.

The CCPA is enforced by the California attorney general. The attorney general has the right to bring a civil action against an organization that has been informed that they are not in compliance of the law and have not come into compliance within 30 days of being notified of the noncompliance. Violators of the CCPA may be hit with fines of up to $2500 for each violation and up to $7500 for each intentional violation.

An impacted business that chooses not to inquire about a consumer’s age is considered “willful disregard” of the CCPA and may result in a non-compliance violation.

8. Consumers have legal recourse for business non-compliance of the CCPA.

If a consumer’s personal information is involved in a data breach, the CCPA allows the consumer to bring suit against the organization.

There are three checks for this to apply:

  • The personal information must be a combination of the consumer’s first and last name and one of the items outlined by the CCPA.
  • The personal information must have been stolen, accessed without authorization, or disclosed.
  • The personal information must have been in nonencrypted and nonredacted form.

9. A security breach could become more costly.

The average cost of a data breach will likely increase with the CCPA in force. According to a report by IBM, the average cost of a data breach is $3.86 million. Since 2003, California law has required organizations and state agencies to report data security breaches involving the unencrypted personal information of any California resident by an unauthorized person. Under the CCPA, an impacted business is required to pay a maximum of $750 for each data breach incident.

Next Steps

According to a report by the global computer security software company McAfee, only 31% of organizations in the U.S. have a plan to prevent IT security incidents. While the CCPA does not require that impacted businesses implement specific security methods, it’s a good plan for these businesses to take steps to obtain compliance.

The following are general steps that can help you obtain compliance with the CCPA:

  • Review the CCPA in its entirety and stay informed of any updates.
  • Understand the personal information of consumers that your business collects and stores.
  • Create or update your privacy policy to include the information required by the CCPA.

If you’re not sure where your business stands regarding the CCPA or need assistance obtaining compliance, BACS can help. BACS is a firm that provides IT security solutions. Compliance is one of the core areas of expertise of the firm. The professional staff has expertise in analyzing the security needs of organizations and developing a comprehensive and strategic plan that includes adherence to applicable regulations.

web-filtering protection

Why Every Business Must Implement Web-Filtering Protection

By | Security

Staying out of trouble may mean something as simple as just not going where problems hang out. Sound judgment and wise decision-making can help avoid mistakes with no harm done. However, when the potential for running into trouble involves the web, adventuring into unknown areas can lead to serious consequences.

 

The risks of unprotected computer systems include malicious hacking and dangerous downloads of malware, spyware, and ransomware. All intrusions can create extensive damage that you may never recover from completely. Web filtering protection offers an efficient and effective alternative that blocks malicious attacks on your company’s computer network.

 

 

How Does Web Filtering Work?

A safeguard that prevents anyone from accessing dangerous websites can successfully remove risk. Users who may unknowingly choose to visit a site that contains threats to your computer system can benefit from technology that prevents it. Web filters can prevent browsers from viewing pages from unacceptable sites through sophisticated identification of dangerous URLs or websites. A systematic approach to comparing known hazardous websites to a URL filtering database provides an effective defense against malicious intrusion. The technology can allow or prevent access to manage the controls that you choose.

 

 

Types of Web Filter Controls

By screening URLs, technology can identify acceptable websites for users to access. The filters that you establish for protection can block pages that threaten to damage your network. Avoidance of downloaded viruses, spyware, and other inappropriate content can spare a business some massive inconveniences.

 

Blocking websites with reputations as phishing sites or distributors of malware can prevent significant damage to a computer system. Of particular concern to business owners, malicious intrusion may destroy customer databases and deprive a company of essential CRM options.

 

With URL matching, a type of web filtering, you can enforce company policy and reject specific web traffic categories. With the criteria that you can select when installing web filtering protection, you can ensure the blocking of any information category.

 

 

Why Do Companies Need Web Filtering?

Prevention of cybersecurity attacks presents a viable reason that justifies an investment in web filtering. Additionally, the practice limits access to specified websites increases network security and enhances workplace productivity.

 

Employee Productivity

While almost no manager wants to admit that employees use office computers for purposes unrelated to work, most know that the practice exists. Some even acknowledge that letting employees take a break can contribute to productivity. An occasional visit to an online gaming site or a brief look at a streaming video may seem acceptable. However, going online to shop, check the news headlines, or catch up with the latest social media comments can impact productivity. Web filtering can reduce the use of bandwidth-guzzling applications and remove the temptation to access distracting and unproductive searches.

 

Compliance with Guidelines

Similar to placing a limit on employee access to entertainment, web filtering can prevent risks that can occur on sites that offer gambling or pornography. Often the source of cyber threats to computer security, the sites present risks that web filtering prevents.

 

Cyber Attack Prevention

A consistent defense with web filtering protects a computer network against malicious intrusion. Sites that can download webpages that introduce malware may need to make several attempts before succeeding. When companies identify malicious webpages as unacceptable, URL web filtering can exclude them from admission. The process protects companies from malicious downloads, cybercriminal activity, phishing expeditions, and malware installation.

 

What Benefits Do Businesses Get with Web Filtering?

The overall benefit of web filtering to businesses allows companies to control access to the internet. Within the expanse of benefits that accrue from the capability, many handle issues that companies need to address. The efficiency and ease with which web filtering manages business concerns make it worth considering.

 

Restricted Access to Specific Websites

Companies may have various reasons to limit employee access to selected websites, and many relate to productivity issues. Blocked access to illegal or inappropriate websites, dating sites, social media, or other interests can keep employees focused on work-related tasks. A reduction in lost productivity can favorably affect corporate profit for large or small enterprises.

 

Enhanced Network Security

Whether knowingly or not, employee actions allow breaches in network security. Every business hopes that company loyalty and respect for the organization prevents workers from allowing malicious attacks to a company network. However, the issue presents complications that companies cannot ignore. Websites that want to gain admission to networks can make attractive appeals to users while not seeming dangerous. Web filtering manages the threat to security by disallowing access to potentially hazardous sites.

 

Improved Connectivity

Extracurricular activities unrelated to job tasks may not seem like much of a drain on a company’s bandwidth. However, the amount can become significant with widespread use. A cost-saving measure that employees can accept willingly with an explanation, web filtering that blocks frivolous activity can affect the bottom line. Small businesses often face connectivity issues and need to avoid an unnecessary drain on bandwidth. Web filtering offers a viable alternative that resolves technical issues.

 

Respect for Copyrights

Employees who may have an incomplete understanding of the copyright laws in the United States can create liabilities for businesses without realizing it. Web content, documents, concepts, and ideas that belong to someone else have legal protection against unauthorized use. Intellectual property belongs to the person who originated it, and employees can create legal issues for companies by downloading copyrighted material.

 

 

How Can a Business Implement Web Filtering?

Businesses can implement web filtering with on-premise software or through a cloud-based managed service. The option to rely on in-house controls may work well for companies who install software on servers with protection behind a firewall. Limitations include making an original investment in a license and assigning a technician to set up and maintain the filtering variables. While it may lack scalability and flexibility, an in-house system may meet company objectives in the short term. As reliance on SaaS cloud applications increases, businesses may need to consider other options.

 

Implementing web filtering requires experts who can manage the transition with understanding and thoroughness. Selection of the URLs to block access to sites can deny it to someone in the company who needs it. The implementation processes may go along more smoothly with a managed service provider who understands the complexities that make it work well for everyone.

 

 

Choosing a Path to Protection

Whether you decide to install web filtering protection in-house or select a service provider to implement it, the key to safe browsing on the internet lies in using some type of protection. Avoidance of cyberattacks provides a justifiable reason for an investment, but it does much more. Companies can ensure compliance with guidelines without pinpointing anyone, and the restrictions become commonplace as employees realize their value. The benefits far exceed the cost of investment, and they produce a cohesive environment that promotes productivity and resistance to cyberattacks.

data-security

Why You Should Focus on Improving Your Cybersecurity Strategy

By | Security, Strategy

Your cybersecurity strategy has been established and now you feel confident that your organization’s data is protected. While you should be applauded for developing a cybersecurity strategy, you should never rest on your laurels. Cybersecurity requires your constant and full attention.  

The following are five reasons you should focus on improving your cybersecurity strategy:

 

1: Your organization’s personal data is valuable.

2: Recovering from a cyberattack is expensive.

3: Your organization’s reputation is at stake.

4: Cyberattacks are on the rise.

5: Your greatest security risk requires constant coaching.

 

1: Your organization’s personal data is valuable.

 

The level of sensitivity may vary, but all organizations have personal information that they need to protect.  Just consider the following three ways in which personal information  can travel within your organization:

  • Employees collect information from individuals doing business with your organization.
  • Individuals and organizations transfer and or communicate information to your organization.
  • Employees and third-party organizations access information from within or outside your organization.

In just those three methods of transmission, multiple people have interacted with data. Should all the hands that touch your sensitive data have access to it? If you don’t know the answer to that question, it’s a good idea to inventory all the data assets in your organization and determine who requires access to the most sensitive information. Creating an inventory of your data will also help you understand the level of protection you need to implement. Effective recordkeeping and evaluation are important in this area because the information can change and the people who require access to it can also change.

2: Recovering from a cyberattack is expensive.

 

According to a report published by Ponemon Institute, the average cost of a data breach in 2020 was just under $4 million. Gartner Inc., an advisory firm, predicts that the worldwide cost of security will balloon to $170 billion in just a few years. What if your organization suffers a cyberattack and it is more devastating than the average? The costs are even higher. 

Consider the costs associated with the following five historical data breaches:

    • Epsilon – This company suffered an attack in 2011 that involved the personal information for 75 of its clients. The costs to recover from the incident were in excess of $4 billion. 
    • Veterans Administration – Unencrypted data of more than a quarter of a billion records was sitting on a laptop and external drive and stolen from this respected government agency. The VA reportedly was out of up to $500 million to recover from the incident.
    • Target – More than 150 million shoppers of this top retailer received the sad news just before the 2013 Thanksgiving holiday that a hacker “compromised the retailer’s credit card readers” and their card numbers were stolen. The company spent $162 million to recover from the incident.  
    • Capital One – A previous employer of this large financial institution illegally accessed a cloud-based server and stole the personal information of more than 100 million customers. The initial estimate of the data breach was $150 million. The eventual number was closer to three times the number of customers that were impacted–$300 million. 
  • Yahoo – Considered by many as the largest data breach ever, this web services provider first announced in 2013 that 1 billion customer accounts had been compromised. In October 2017, just after it sold itself to Verizon, the company changed the estimate to being closer to three billion records.  In April 2019, their settlement with individuals of the compromised accounts was $117.5 million.

 

3: Your organization’s reputation is at stake.

 

In addition to being expensive, suffering a data breach or other cyberattack can impact how other organizations or individuals feel about your organization. According to a survey conducted by Security.org of 1,000 people (including 300 victims of data breaches), 67.3% of the respondents had less trust in a company if they had a data breach, and  21.6% would not share their personal information with such companies. 

Of course, cyberattacks are not 100% preventable. However, the organizations and individuals that you work with expect you to perform an acceptable level of due diligence to mitigate your risk. An investigation often follows a data breach, especially one that impacts a large number of people or organizations. Once an organization suffers a security breach their reputation is damaged and it while possible, it is difficult to recover from.

Consider the following companies that struggled after a data breach:

  • Capital One – Shortly after they suffered the large data breach mentioned above, the stock of this large financial institution decreased in value. 
  1. FlexMagic Consulting – This small firm operated their business successfully for 34 years, had an A+ rating with the Better Business Bureau (BBB), and reported $2 million in annual revenue. They experienced just one data breach, but the effects of it forced the company to close their doors forever.
  2. LabCorp – In 2018, this large clinical laboratory suffered a ransomware attack that compromised millions of patient records. In 2019, the laboratory learned that 7.7 million of its patient records were accessed by unauthorized individuals via their collection agency, American Medical collection Agency (AMCA), for eight months. In 2020, a website misconfiguration by the laboratory led to 10,000 company documents being exposed. In addition to their stock losing value, LabCorp is the subject of multiple lawsuits by patients impacted by the multiple data breaches. 

 

4: Cyberattacks are on the rise.

 

One constant about cyber threats is that they are increasing. There are many reasons for the increase. One of the most common is that cyber threats are closely tied to major shifts in technology. Advancements in technology provide convenience but also new opportunities of exploitation for cyber criminals. 

Cyberattacks are also on the rise because of a series of special events. The 2020 presidential election was a major event with such increased cyber activity that the director of the National Counterintelligence and Security Center (NCSC) issued a press release warning Americans about international threats. Most recently, the Federal Bureau of Investigation (FBI) reported an increase in cyberattacks due to the COVID-19 global pandemic. Healthcare organizations have been targeted for vaccine information, video communication (increased during this time of social distancing) is being hacked, and social engineering attacks abound amid the news of government stimulus checks, COVID-19 vaccinations, and unemployment benefits.

The following are three additional reasons cyberattacks are increasing:

  • IT departments are understaffed and can’t keep up with cybersecurity demands.
  • A new digital currency (bitcoin) is available to exploit or use as ransom payment.
  • Cyber criminals want fame and compete to orchestrate the largest attack.

 

5: Your greatest security risk requires constant coaching.

It’s a common belief that the weakest link of a cybersecurity strategy are employees. A great example is a report by Trend Micro that uncovered that nearly 100% of the cyber threats based on the COVID-19 pandemic were spam or phishing threats. Human error is difficult to improve and probably one of the most important reasons you should focus on improving your cybersecurity strategy.

Training employees about phishing and other types of social engineering cyberattack methods is the obviously the best method of increasing employee awareness. However, you should focus the training on the weak areas of your employees’ behavior. The HubSpot Your Guide to Employee Phishing Scams document includes a suggestion of simulating phishing attacks to both train employees about them and test their awareness. You can easily carry out the simulations on a regular basis and adjust your cybersecurity strategy as needed.

 

Next Steps

Effective cybersecurity requires a dynamic process for protecting your organization’s data against the sophisticated and increasing threats of cyber criminals who are constantly changing their tactics.  When should you review your cybersecurity strategy? That depends on your organization. If your organization operates within an industry, such as financial institutions, with security compliance requirements, those standards will mandate the intervals in which updates are required. 

If there are no mandates or regulations for your organization to contend with, consider improving your cybersecurity strategy on a regular interval your security team determines proactive or when there are major changes in your organization or industry, there is an increase in a type of cyber threat that is a weakness for your organization, or there is a shift in technology or information that impacts your organization.

Here are five steps you can take to improve your cybersecurity strategy:

  1. Review the objectives from the last iteration of your strategy. 
  2. Evaluate the current protection of your sensitive data. 
  3. Evaluate employees’ security awareness.  
  4. Update the cybersecurity strategy based on your findings. 
  5. Obtain approval from key roles in the organization.
  6. Repeat steps 1 to 5 on a regular basis or during specific shifts that impact your business. 

If your security team is struggling to develop a comprehensive cybersecurity strategy, the security consultants at BACS can provide assistance. We understand that every organization is unique in its cybersecurity needs. We conduct in-depth assessments of IT infrastructures to learn the scope of an organization’s security needs.  We can then work with you to develop an effective strategy for your organization.

Managing-Passwords-What-a-Small-Business-Can-Do-to-Minimize-Risk

Managing Passwords—What a Small Business Can Do to Minimize Risk

By | Data Protection, Security

A network that is not adequately protected may be vulnerable to unauthorized access from competitors, government entities, and other malicious players. After someone gains access to your company’s network, that person could potentially use the information obtained to undermine your trade secrets. There is also a chance that malware, ransomware, or other dangerous software will be uploaded to a vulnerable server. Your organization must take network security seriously.

How Easy Is It to Hack Systems Protected By Weak Passwords?

The biggest problem with quality passwords is that they are hard to remember. Your employees may choose to create codes that they won’t forget, such as 123456, password, or birthdates. Unfortunately, most hackers know the weak passwords typically used to secure corporate servers, and they may be able to access your firm’s network without the need for fancy software.

It’s important to note that a hacker might gain access to a server through any device that connects to it. So, it’s essential that company smartphones, tablets, and computers have strong passwords.

What Can Small Businesses Do to Safeguard Their Networks?

Any passwords used to protect your company’s network should have a mixture of letters, numbers, and symbols. This practice makes it harder for passcode-cracking software to guess the sequence of characters needed to access a server. Plus, it is a good idea to change a passcode at least once every 30 days.

In addition to strong passwords, businesses can take other steps to prevent unauthorized access to their networks. For instance, it may be a good idea to require separate passcodes to access especially sensitive data such as customer data or trade secrets. These passcodes would only be given to top executives, certain classes of shareholders, and others who have a right to view this information.

It will also help to create server restart points every few minutes to ensure that information isn’t lost in the event of a ransomware attack. If such a scenario were to occur, you could take the server offline, find the breach’s source, and then roll the server back to the last secure restore point. It can also be worthwhile to create multiple virtual copies of your server’s data to ensure that it can’t be lost, damaged, or stolen.

Ideally, you’ll keep a physical server in a secure room that can only be accessed by members of your IT team. A server room may be secured by a lock that only opens if it recognizes a person’s fingerprint, retina, or other unique identifiers. Additionally, your firm should have a log of all the people who enter or exit the server room. If a security breach occurs, the log can be used to identify the person who may have gone rogue quickly.

How Can Employees Help?

There are several easy actions that employees can take to prevent a data breach from occurring. For instance, workers should refrain from using personal devices while on company property. Although a corporate network may be adequately protected from viruses, malware, or other exploits, personal devices secured by weak passwords may create a vulnerability that a hacker could exploit.

It’s also crucial for employees to refrain from using a company phone, tablet, or computer at home since their networks may not be as secure as those they use while on the job. This difference makes it possible for devices that were healthy when they left the office to return with viruses or malware.

Employees are also encouraged to follow best practices for creating strong passwords for any devices they use to complete work tasks. It also helps to use a password management program designed to create strong protection against those who may try to access their devices.

How Do Authentication Protocols Work?

Authentication programs require those who are attempting to access your company’s network to enter a one-time code in addition to the typical passcode that protects it. This code will be sent to a user’s smartphone, tablet, or another mobile device in most cases. If the unique code is not entered within a specified period of time, the person trying to access the server will not do so.

The Potential Consequences of a Data Breach

If customer information is obtained because of a data breach, a company may be held liable for any damages those individuals incur. It isn’t uncommon for thieves to use this data to commit identity theft, destroy a person’s reputation online, or otherwise cause long-term harm.

A data breach caused by an insufficient network security plan may also cause customers, investors, and others to lose confidence in your brand. This loss of trust could result in lost revenue, a significant decrease in your company’s share price, and other problems that might harm its ability to operate efficiently.

Depending on the circumstances of a given incident, there is a chance that members of your organization might face criminal charges after a breach occurs. This consequence may be especially true if a leak puts someone in danger of physical harm.

Now Is the Time to Create an Action Plan

If your company doesn’t have a network security plan, it’s essential to create one as quickly as possible. First, you’ll want to develop policies that ensure that your workers will create strong passwords, only use approved devices at work and follow other security best practices.

Next, you’ll want to provide training to your employees to ensure they understand these policies’ importance. These training sessions should go over the basics of what makes a strong passcode and why they need to be changed regularly. They should also introduce password management programs, authentication tools, and other technology that your employees may need to interact with regularly.

It’s generally a good idea to have refresher courses every few months to ensure that your employees comply with these rules. These courses can also be helpful because new threats are constantly emerging, which means that you’ll likely have to update your policies every few months.

Finally, you’ll need a system that measures how well employees comply with the rules you have implemented. For example, those who are seen using their personal devices might be given a written warning. Conversely, those who are seen adhering to the new protocols should be given bonuses, time off, or other rewards.

Strong passwords can be the foundation of a network security plan that keeps your business safe from sensitive data breaches. An IT professional will help you better understand the importance of implementing such a plan and how to do so correctly.

and resistance to cyberattacks.

Security Protocols

Mitigating Potential Threats with Sound Security Protocols

By | Cloud, Data Protection, IT Support, managed It services, Networking, Security
Cloud Migration Free Resource

As cybersecurity becomes increasingly more complex, many organizations lack the resources or knowledge they need to create an effective security strategy. That’s why you need a trusted expert who not only understands the latest security trends but can accurately define your business requirements and implement a plan that aligns with your current and long term needs.  This is especially critical as companies move toward more hybrid cloud environments.  

 

One of the biggest advantages of the cloud―flexible data access―can also be a major weakness if security isn’t effectively factored into the equation. Safeguarding systems and assets against rising threats is crucial, but levels of protection should be carefully balanced against your unique business objectives.  

 

Technology plays a critical role, but equally important is the need to work with an experienced security expert capable of creating and maintaining effective security practices. Bad actors and cybercriminals s are continuously exploring new ways to penetrate your defenses, which underpins your need to develop and implement sound policies based on defined user preferences and your unique business needs.

 

Your managed service provider should be capable of implementing advanced security techniques and practices, including strong access controls, the latest malware protection, and proactive security scanning. You’ll want to make sure the provider you work with can adapt to change and growth and remains on the cutting edge of technology innovation.  

 

Your service provider’s security operations team should be able to clearly demonstrate the practices and processes it uses to safeguard vital business assets. To protect sensitive data, IT policy controls should be automatically enforced through technical elements, such as authorization, authentication, access controls, password complexity, alerting, and system monitoring. 

 

Your security provider should be clear about its procedures for keeping you informed about the ongoing performance and support issues. Your service provider should be able to clearly outline and define its response capabilities. What is the expertise level of support staff? What is the standard response time? What are your protocols for data access? 

 

Most managed security teams operate 24/7, with staff working in shifts to continually track and record activity and mitigate potential threats. Among the core operational protocols and security responsibilities include: 

 

 

Manage access. 

 

Strong application controls like encryption and authentication can help safeguard information across networks and on endpoint devices, helping to thwart attackers from transferring or copying critical business data. Your cloud provider should be able to provide documentation that shows a separation of duties for administrative functions, disclosing the level of access that each user has and how those levels are maintained. 

 

 

Define policies and procedures

 

Usage policies define what behaviors are and aren’t acceptable. You most likely have some protective measures in place to address internal threats. To help bolster this vital layer of defense, your security provider will work with you to define and implement policies and practices based on your usage preferences and requirements or mandates specific to your particular market.

 

Data protection. 

 

Data encryption is critical for organizations operating in a cloud environment, helping to make sure critical data remains protected while in use, at rest, or in transit. For even greater protection, consider full-disk encryption, which it encrypts the complete hard drive, safeguarding the data as well as the applications and operating system.  

 

Manage deleted data. 

 

Within a typical cloud environment, sensitive data can easily find its way into uncontrolled and hidden systems and services. When it’s time to delete confidential data, or remove resources storing sensitive data, it’s important to consider the potential spread or replication that often occurs during normal IT operations. Your service provider will analyze your cloud environment to determine where confidential data may have been cached or copied and decide the proper steps to help ensure successful deletion of the data.   

 

Preventative measures

 

To help potential threats, effective security protocols include preventative measures designed to keep team members up to date on the latest cybersecurity trends, recent advances in security techniques, and updates on new emerging threats. This knowledge can help shape your security roadmap and improve disaster recovery planning, helping to guide and prioritize your response in the event of a data breach. Preventative measures and protocols also include actions to mitigate potential, including regular updates to existing systems; modernizing firewall policies; identifying and correcting vulnerabilities.

 

Continuous monitoring

 

Security controls define the methods and protocols used by the operations team to monitor the network to identify anomalies or suspicious activity. Continuous network monitoring helps ensure your security team is immediately informed of potential or impending threats, putting them in the best position to prevent or mitigate impact. Continuous monitoring enables security teams to strike and optimum balance between proactive and reactive measures as any abnormality in activity is immediately detected.  

 

Effective recovery. 

 

In the event of a disaster, security protocols will be executed to recover systems and restore compromised or lost data. Actions may include wiping endpoint devices, reconfiguring and testing security systems, or implementing effective backups to circumvent the attack. Effective recovery execution will return your cloud infrastructure to its original state. Procedures and steps should also be in place to figure out what happened and how it happened. The security team will use event and log data to track the problem and identify the source.

 

Ensure compliance

 

Many cloud security processes are shaped by established protocols and best practices, but some are guided by compliance requirements. Your managed service provider is tasked with regularly auditing of enterprise systems to help ensure consistent regulatory compliance. Following regulatory protocols not only helps safeguard confidential data, it can also protect your organization from legal challenges and reputational damage resulting from a data breach.

 

A strategic approach to cloud security

As with any IT investment, migrating to the cloud comes with certain risks. Minimizing those risks and capitalizing on the full potential of cloud requires a strategic, pragmatic approach, evaluating essential infrastructure requirements, security protocols, risk factors, performance needs, and cost considerations.

it network assessment

Everything You Need To Know About Network Assessments

By | Cloud, IT Support, Networking, Security

Some businesses may think that once your network is set up you no longer need to invest any time or resources in it, but that is simply not the case. Your business’s network is constantly evolving and changing. Your network needs to be able to handle the growth of your business to ensure that there are no disruptions. One way to make sure your network goals and business goals align is by performing a network assessment

Unfortunately, assessing a network is often one task that is left at the bottom of any team’s to do list. This can create a number of problems that will send shockwaves throughout any organization. Any organization’s network can quickly become too complex and tangled to secure and manage if not properly managed. Companies that do not perform network planning and management miss out on optimization opportunities that could drive quality improvements and cut costs. 

Understanding the importance of a network assessment starts with a basic understanding of what a network assessment entails. 

Cloud Migration Free Resource

What Is A Network Assessment?

 

A network assessment is a comprehensive analysis of your organization’s entire IT infrastructure, management, security capabilities, and overall network performance. Network assessments are powerful tools that can be utilized to identify performance gaps, areas for improvement, and network functionality. The knowledge obtained during a network assessment can help executives make key decisions around IT infrastructure and strategy going forward. 

 

Often organizations will order network assessments when their IT systems become too big or too complex. There may be issues popping up that are difficult to pinpoint through standard IT analysis. At this point, it can be difficult for organizations to gain a full understanding of what is happening throughout their network. Companies should be performing network assessments often to ensure that their systems are never out of control. 

 

What Does A Network Assessment Include?

Every organization’s network is different, which means that every network assessment will also be unique. A majority of network assessments have a few commonalities that organizations can use to build their own network assessment strategy. 

 

Take A Physical Inventory

Any network assessment has to include accounting for all IT inventory that your organization has. If your organization has no idea how many servers and users have, then you will certainly have a difficult time understanding all of your IT infrastructure. Accounting for all of your physical assets can help your organization properly assess your network. For some organizations accounting for all IT assets could take weeks or even months. Identifying all of the physical IT assets can help teams identify which assets are being underutilized and what infrastructure needs are being neglected. 

 

Cybersecurity Evaluation

Another key part of any network assessment is identifying any vulnerabilities present in your IT systems. The cybersecurity assessment portion of a network assessment examines current security controls and how effective they are in reducing overall cybersecurity risk. This portion can identify any vulnerability in a network, such as an inefficient firewall or outdated software applications. 

 

A cybersecurity assessment does not just involve hardware and software; a proper network assessment will also look at how users interact with the network. Employees and customers are often the greatest risk in regards to cybersecurity. Understanding how big of a risk human error is in the context of a network can help an organization reduce that risk. 

 

Network Performance Evaluation

Assessing your network will also involve evaluating the overall performance of your network. A slow network can frustrate not only employees, but potential clients and customers using your network as well. Poor network performance can lead to lost revenue and missed opportunities. 

 

Network performance can suffer due to a number of causes, such as faulty software configurations or a high number of users. Identifying bottlenecks can help your organization resolve any network performance issues. A performance evaluation will help your organization identify the root causes of slow network functionality. 

 

Potential Network Assessment Benefits

Network assessments are not just for show; they provide a number of advantages to organizations who put the time and effort into performing them correctly. Companies who invest in network assessments will have an edge over competitors who neglect their networks. 

 

Patching Security Holes

A network assessment can help your organization find security vulnerabilities throughout your IT network. A network assessment that is properly done will uncover risks throughout a network. Typically, a network assessment will rank risks based on their threat level and likelihood of occuring. Decision makers can then take the appropriate measures to prevent the risks from turning into reality. Organizations can utilize the cybersecurity assessment to prevent catastrophic IT events, such as data hacks. A data leak can result in the loss of customer trust and hefty government fines. 

 

Identify Cost-Savings Opportunities

Another advantage that network assessments offer organizations is the chance to identify inefficiencies in IT infrastructure. A majority of organizations have networks that are ripe with inefficiencies. Even the simplest network assessment can identify low-hanging fruit that teams can easily work on. Executives can then capitalize on these opportunities and drive down costs and improve efficiencies. 

 

If your organization does not have the capabilities to properly conduct a network assessment, you may want to consider hiring some outside help. BACS has worked with various organizations to help them perform network assessments.  

 

BACS Helps Organizations Optimize Their Networks

The experienced team at BACS can help your organization perform a proper network assessment that will give you the big picture of your IT infrastructure. No matter how complex or simple your network is, BACS will ensure that you make the right IT infrastructure decisions going forward. From identifying security flaws to creating cost savings, network assessments can help drive your business grow. 

 

The BASC team is here to help you and answer any questions you may have regarding network assessments. Reach out to BACS today to learn more about network assessments and how a network assessment can help you drive business growth. We can develop a customized network assessment plan that meets your business needs. 

ent plan that meets your business needs.

Reasons Your Cybersecurity Is Broken

3 Reasons Your Cybersecurity Is Broken (And How to Fix It)

By | Data Protection, Security

Fixing cybersecurity problems in your organization should be a priority. As the tactics of cybercriminals become more advanced and the number of attacks increases, fixing cybersecurity problems narrows the opening by which these malefactors can pass through. An incident that occurred at the close of 2020 and hammers home the importance of strengthening cybersecurity is the FireEye data breach. A cybercriminal was able to infiltrate the top security firm’s network and steal tools it uses for testing customer security methods. By all accounts, the security firm did everything right to prevent an attack. The unauthorized access in this incident was characterized as one that was custom designed to infiltrate FireEye’s specific data security system. If an experienced security firm can encounter a cyber incident, it can happen to any business.

The FireEye data breach has undoubtedly become a wake-up call for many organizations to fix the broken aspects of their cybersecurity. Unfortunately, there is no one-size-fits-all guide for resolving cybersecurity weaknesses. If you aren’t sure where to start with fixing cybersecurity issues, addressing the following three common problems can help to mitigate your organization’s cybersecurity risk:

 

1: Unpatched Security Flaws

2: Inadequate Access Controls

3: Human Error

1: Unpatched Security Flaws

Neglecting to patch flawed security is a significant problem because cybercriminals are aware that organizations often neglect to patch security flaws in a timely matter and search for these vulnerabilities to exploit them. A popular example of the consequences of unpatched software is the Equifax data breach. Equifax used third-party software for a consumer-based service (credit disputes) and were notified by the company that a security vulnerability existed. Just two months later, Equifax still hadn’t patched the software and cyber criminals gained access to internal servers containing customer data. Nearly 150 billion of Equifax’s U.S. consumer base was compromised. The unpatched security vulnerability ended up costing Equifax more than $500 million which includes their settlement to mitigate the damages caused by the incident.

Here are five tips for addressing unpatched security flaws:

The obvious first thing you should do is make sure all security patches are applied. According to a report published by Project Zero, a group of Google security analysts, 25% of the 0-days detected in 2020 could have been prevented by patching software.

Keep an eye on critical security vulnerabilities that may impact third-party organizations that have access to your network. One of the regular activities of the Cybersecurity and Infrastructure Security Agency (CISA) is to publish a list of Current Activity related to “high-impact types of security” that affect the U.S. While the listing includes basic information, vulnerabilities requiring software updates are most prevalent.

Patching software can be a tedious task, especially when you have multiple systems to update. Consider using a patch management tool that allows you to remotely deploy a software update to several systems at once from an interface that you can set up with your organization’s specifications.

If your organization is concerned about potential problems that a software update can cause, implement a patch evaluation process that consists of first testing patches on non-critical systems and monitoring the final deployments for any disruptions.

Another option for automating your patching efforts is to consider a cloud patch management service. These services usually consist of scanning systems for known vulnerabilities and deploying software updates, as necessary.

2: Inadequate Access Controls

You should know all the people, devices, and systems that are able to access your network and implement adequate access controls. How important is controlling access to your critical data? The notable Capital One security breach is an example of what can happen when there are insufficient access controls. A singleton cybercriminal (eventually discovered to be a former Amazon employee) was able to gain access to their server hosted by Amazon Web Service (AWS). The criminal obtained personal information for more than 100 million Capital One customers. Capital One estimated that recovering from the incident would cost the company about $150 million.

Implementing adequate access controls not only protects your organization from external intruders but also internal malicious attacks. According to recent research performed by Ponemon Institute LLC that was based on interviews of IT security professionals around the globe, insider breaches cost organizations as much as $871,686 and has tripled in frequency since 2016.

The following are five ways you can improve access to systems and data within your organization:

Create an inventory list of all the employees, resources, and data in your organization that have access to the network. Determine the level of access each of these requires. For example, specific individuals in a financial department require access to the company’s accounting information.

Develop an access control policy that specifies the employees and resources that are granted access to critical systems and data. Make sure you store the information in a safe place.

Implement an authentication system that verifies the identity of employees accessing critical data. To complement this step, consider investing in monitoring software that analyzes access to your network for unusual activity.

Prohibit employees or third-party vendors from connecting to your organization’s network using unsafe public Wi-Fi networks. As an alternative, consider implementing a virtual private network (VPN), which uses an encrypted virtual tunnel to connect to a network, for remote access users.

Hopefully, you already backup all data to a central server or cloud service and all employees know to use strong passwords. In case a system or device that is used to connect to your network lost or stolen, consider installing software on these systems that is capable of remote access that allows you to locate it and prevent unauthorized access to its data.

3: Human Error

If your organization’s cybersecurity plan is focused primarily on protecting the network from outside intruders, you likely have a critical weakness in your system. According to a Verizon Data Breach Investigations Report (DBIR), 34% of the more than 40,000 security events they analyzed were committed by internal actors. There are many data breaches that have exposed the importance of addressing human error. In September 2020, the U.S. Department of Veterans Administration (VA) suffered a security breach due to cyber criminals obtaining access to a financial system used by the organization. In addition to attempting to divert funds from the VA, the cyber criminals were able to access the personally identifiable information (PII) of nearly 50,000 veterans. Modifications to how the VA performs its financial operations are projected to cost $2.5 billion. The VA security breach highlights the consequences of social engineering. The cybercriminals were able to access the VA system using social engineering to trick employees into providing their credentials.

The types of social engineering include smishing (phishing via phone calls or text messages), harpooning (phishing by impersonating executives and using information from social sites), deepfakes (editing a legitimate video or voice clip for the purpose of acquiring personal information), and vishing (impersonation via phone calls or voice message).

The following are five tips for addressing human error in your organization’s cybersecurity plan:

Continuously train employees about social engineering, including, how to identify and report suspicious email, neglecting to provide personal information requested via email, and refraining from clicking a link in an email unless you are 100% sure it is from a legitimate source (contact the sender via phone or other means besides email to confirm).

Use network and email security solutions such as firewalls, antivirus software, antimalware software, anti-phishing solutions, and email spam filters.

Implement a multifactor authentication (MFA) system to add an additional method of validation.

Use SSL digital certificates to encrypt all data flowing to and from your network.

Create an accepted list (also referred to as a whitelist) of applications and email addresses that employees can access. Review this list regularly and make any necessary changes.

Next Steps

Hopefully, the FireEye data breach mentioned earlier doesn’t cause you to relinquish the quest to fix the problems with your organization’s cybersecurity. While such custom cyberattacks occur, they are not the most prevalent. Practicing due diligence and fixing cybersecurity problems that are impacting your organization will strengthen your defense system and help to prevent security incidents that can negatively impact your business and the relationships with your customers. If your cybersecurity team doesn’t have the resources to fix the critical problems mentioned above, it’s a good idea to partner with an experienced cybersecurity team to ensure all the cybersecurity problems impacting your organization are addressed.

BACS is a team of consultants with a full range of IT security experience. We are equipped with the tools necessary to perform comprehensive infrastructure analysis to determine where vulnerabilities exist and develop a comparable plan to resolve the issues and establish a robust foundation. We also offer assistance with developing a thorough cybersecurity training program to educate employees and help fix security issues associated with social engineering.