Blog

July 10th, 2014

Security_July07_CA common issue many businesses face, regardless of their size, is that their computer systems and devices get progressively older and slower, unless they are constantly updated. This can frustrate some employees who may have up-to-date personal devices, so much so that they simply start to bring these devices into the office. The idea of BYOD, or Bring Your Own Device, is not all that new, but it is a growing concern and if it's not handled properly it can pose a security risk.

What should I do about BYOD?

The first reaction of many office managers and business owners, worried about security threats that could stem from BYOD, is to impose an outright ban of devices. While telling your staff they are not to use their devices for work may seem like a quick and easy solution, you can be 100% sure that there will be employees who ignore this policy and use their personal devices for work regardless.

This could put your business at a higher security risk if the rule is ignored, especially if you don't implement any security measures to protect your networks and data. In order to minimize the potential threats BYOD can expose your business to, we suggest you do the following:

1. Consider embracing BYOD

Instead of simply banning personal devices in the workplace take a step back and look to see if there are any benefits BYOD can offer. For example, if you operate on razor thin margins and have not replaced hardware in years, there is a good chance your employees will have better systems at hand. This could help you reduce your overall tech costs.

The same goes for phones for your employees. Why not offer to pay for the plan and allow employees to use their own devices? Of course, you are going to want to implement security measures and usage rules, but if this is easily achieved then it may help reduce your overall operating costs. Before you do implement a system like this however, we strongly recommend you read the rest of this article and follow the steps below.

2. Set up separate networks for employee devices

Oftentimes, the main reason employees bring their devices to the office and use them for work purposes, especially when it comes to mobile phones, is because they can happily connect to Wi-Fi for free without using their data plans throughout the day.

Chances are high that because they use the work Wi-Fi on their device for non-work tasks, they simply keep using the device when they are doing work related activities. This could pose a security risk, especially if you run business-critical operations on the same network. You could nip this potential problem in the bud and simply install another Wi-Fi network for mobile devices and non-critical business processes.

It is usually quite affordable to simply purchase another line and the networking equipment to support this, not to mention the fact that it will keep business-critical processes secure from errant malware. As an added bonus, you will likely see increased productivity because the bandwidth demand will be limited, so important data will move quicker.

3. Educate your staff about security

In our experience, the vast majority of BYOD related security risks are exposed by mistake. An employee may have a virus on a personal phone and be unaware of it. When they connect to the network it can then be unintentionally spread to other computers resulting in a potentially massive security breach.

One of the simplest ways to prevent this is to educate your employees about proper mobile safety. This includes how to spot apps that could contain malware, sharing security threat updates, and teaching your employees how to secure their devices. You really need to stress just how important security is to them.

On top of this, contact an IT expert like us for a recommended anti-virus and spyware scanner for mobile devices that users can easily install. Encourage employees to not just install this but to keep it up to date too. Many of these mobile specific scanners are free and just as powerful as desktop versions.

4. Work with an IT partner to establish a solution that works for you

Beyond education and simple network establishment, it is a great idea to work with an IT partner like us. As experts, we keep tabs on the trends and solutions related to BYOD and will work with you to establish a program that works for your company.

It may be that you don't actually need to integrate BYOD but to update hardware or software to newer versions instead. It could be that there is a simple solution to employees feeling frustrated with slow performance of existing systems at work.

If you do implement BYOD, we can help establish security measures and policies that will ensure your networks and employee devices are secure. The best advice we can give however, is to do this before you start allowing BYOD, as it can be far more challenging to implement and enforce changes when employees are already using their devices at work.

Looking to learn more? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 26th, 2014

Security_June23_CThe increasing number of businesses turning to a virtual environment is parallel with cyber criminals looking to breach that security. While many businesses think their virtual servers are safe and secure, some are unaware of major security myths that can leave your business vulnerable to attack. With that in mind, isn’t it time you familiarized yourself with five common virtualization security misconceptions to keep your virtual environment secure?

Myth No.1: Existing endpoint security will protect our virtual environment

Most traditional endpoint security solutions are virtual-aware and provide low levels of protection. This simply isn’t enough. Depending on the virtualization platform used (VMware, Microsoft, etc.), your traditional endpoint security suite can probably recognize virtual endpoints. However, this physical software often can’t bring its full tool set of anti-malware to the virtual world, meaning it can only perform basic tasks such as on-access scanning.

Therefore what you need is a solution that has been designed to keep both virtual and physical computing environments secure. There are a wide-number of solutions out there, and the best one for your business will depend largely on the virtual environments you employ. We strongly recommend talking to IT experts like us, as we can help determine, or even offer, the strongest security based.

Myth No.2: My existing anti-malware doesn’t interfere with my virtual operations

Performance issues can create security gaps that don't exist in your physical environment. Traditional endpoint security uses an agent-based model where each physical and virtual machine has a copy of the security program’s agent on it. This agent communicates with the server while performing security tasks. This is fine for physical machines, but if you have 100 virtual machines running off of one main environment that has been infected with malware, you’ll also have 100 instances of malware running on the machines.

This high level of duplication can cause massive performance degradation and waste tons of storage capacity. Therefore, you should make an effort to ensure that all of your systems including the main ones are without malware. This not only makes every system secure, but can also speed up overall operations.

Myth No.3: Virtual environments are inherently more secure than physical environments

Sadly, this just isn’t always true. Virtualization is designed to allow software, including malware, to behave as it normally would, and malware writers will target any and all weak points in a business’s network to accomplish their goals. An attacker who compromises one virtual machine and finds a way to jump to the hypervisor - the system that enables the virtualization - then has access to every virtual machine on that host.

Therefore, malware scanners on both the user and main systems would be a good idea. If it does happen to get on a system, the chances of it spreading are drastically reduced.

Myth No.4: Using non-persistent virtual machines effectively secures a network

In theory, any machine that encounters malware is wiped away and recreated cleanly. However, we are now seeing malware that is designed to survive teardown of individual machines by spreading across the virtual network. This allows it to return when new virtual machines are created.

Additionally, being too eager to create new machines on demand can result in virtual machine sprawl, which happens when virtual machines are created but then forgotten. This leads to an unmaintained virtual endpoint operating without your knowledge. Even if the rest of your virtual machines are secure, it’s possible for one machine to eavesdrop on the traffic of another virtual machine, leading to privacy and security risks.

The best solution to this is to employ an IT manager who can track and maintain systems. Many IT partners offer a solution like this, so experts like us may be able to help ensure your systems are secure.

Myth No.5: Specialized virtual security programs are more or less the same

There are various approaches to virtualization security and your network will probably need a blend of available options. This all depends on what you’re trying to protect.

A non-Web-connected server is going to have entirely different security needs than a virtual desktop of a server that manages customer information. Implementing one without the other simply just won’t do in today’s world, where attackers are set on getting their hands on your data.

Proper security is vital in making virtualization a critical component of your business IT infrastructure. Looking to learn more about virtualization and its components? Contact us today and see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
June 13th, 2014

security_June13_CThe parallel rise of technological advancement and malicious Internet activity is evident. With advances in technology comes an increase in security threats which, if not taken care of right away, can severely affect your business’ efficiency and overall success. With that in mind, it’s time you familiarized yourself with the top security best practice guidelines which will go a long way to ensuring your business is safe and secure.

10 Security practice guidelines for businesses

  1. Encrypt your data: Encryption of stored data, filesystems, and across-the-wire transfers is essential to protect sensitive data as well as to help prevent data loss due to equipment loss or theft.
  2. Use digital certificates to sign all of your sites: You should obtain your certificates from a trusted Certificate Authority, and instead of saving your certificates on the Web server, save them to hardware devices like routers or load balancers.
  3. Implement a removable media policy: Devices like USB drives, external hard disks, external DVD writers or any writeable media facilitate security breaches coming into or leaving your network. Restricting the use of those devices is an effective way to minimize security threats.
  4. Implement DLP and auditing: Be sure to use data loss prevention and file auditing to monitor, alert, identify, and block the flow of data into and out of your network.
  5. Use a spam filter on your email servers: Using a time-tested spam filter such as SpamAssassin will remove unwanted email from entering your inbox and junk folders. It is important that you identify junk mail even if it’s from a trusted source.
  6. Secure websites against MITM and malware infections: Start using Secure Sockets Layer (SSL) which creates a secure connection between a user and server, over which any amount of data can be sent securely. Through SSL, you’ll be able to scan your website daily for malware, set the Secure flag for all session cookies, as well as use SSL certificates with Extended Validation.
  7. Use a comprehensive endpoint security solution: Using an antivirus software alone is not enough to provide defense against today’s security threats. Go for a multi-layered product to prevent malware infections on your devices.
  8. Network-based security hardware and software: Start using firewalls, gateway antivirus, intrusion detection devices, and monitoring to screen for DoS attacks, virus signatures, unauthorized intrusion, and other over-the-network attacks.
  9. Maintain security patches: Make sure that your software and hardware defenses stay up-to-date with new anti-malware signatures and the latest patches. If your antivirus program doesn’t update on a daily basis, be sure to set up a regular scan and a remediation plan for your systems.
  10. Educate your employees: As simple as it sounds, this might be the most important non-hardware, non-software solution available. An informed user will more likely behave more responsibly and take fewer risks with valuable company data resulting in fewer threats to your organization.
Businesses cannot afford to take chances with security. Why? Because doing so can trigger a domino effect, causing a cascade of problems that can lead to operational outages, data loss, security breaches, and the subsequent negative impact to your company's bottom line. Looking to learn more about security for your business? Call us today for a chat.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 13th, 2014

Security_May13_CThe tool that allows the vast majority of businesses to utilize the Internet in order to carry out their day-to-day operations is the browser. While there are numerous browsers available, many businesses rely on Internet Explorer (IE). This browser comes pre-installed on all machines using Windows. However, if you use IE, there is a new exploit that you should be aware of.

What exactly is a zero-day flaw?

A zero-day flaw is a security vulnerability that is taken advantage of by hackers on the day it is discovered. In other words, there are zero days between the discovery of the vulnerability and people taking advantage of it.

The way most software programs work is if a user finds a security flaw, they will usually inform the developer who will then develop a fix and release it in a patch that users download. The problem is, sometimes it is a hacker who discovers this vulnerability. Instead of reporting it, they start to capitalize on the flaw, exploiting it to attack other users before the developer becomes aware of it and has a chance to fix it.

The IE zero-day flaw

In late April, news broke that a zero-day flaw had been discovered in Internet Explorer's code. The flaw affects IE versions 6-11 - essentially every supported version of the browser. Hackers had found a previously unknown flaw that allowed them to gain the same access rights as a user.

How it worked is that the hackers sent emails to users with links to a website that hosts a malicious code. These emails were largely phishing in nature, meaning they aimed to get the user to click on a link in the email. Some of the subject lines used in attacks included:

  • Welcome to Projectmates!
  • Refinance Report
  • What's ahead for Senior Care M&A
  • UPDATED GALLERY for 2014 Calendar Submissions
In these emails there was a link to a website that hosted a code which could then be executed if the user visited the site using IE. When executed this could potentially expose the user's system. Once vulnerable, the hackers could install malicious software without the user's knowledge.

How do I guard against this exploit?

The good news is that Microsoft has released a patch that fixes this exploit. This has definitely been welcomed, and what is really interesting is that Microsoft has actually released the update for XP users as well - this coming after the cessation of support for XP.

To guard against the exploit you should firstly update the version of Internet Explorer that you are using. The easiest way to do this is to go to the Internet Explorer website and download the latest version - version 11 - of the browser. Version 11 can run on both Windows 7 and 8, so the vast majority of users should already be running this latest version.

If you are using an older version, Microsoft has pushed the patch out via both IE's automatic update feature - so restarting the browser should install the update. The other option is Windows Update. Simply running the Update program and installing the updates should ensure that the latest version of IE is installed.

For Windows 7 and 8 users, you can do this by:

  • Opening the Control Panel on your system.
  • Clicking on System or Performance and Maintenance followed by System.
  • Selecting Automatic Updates from the menu in the window that opens.
  • Following the instructions in the new window that opens.
Once installed, you should restart your computer if you aren't asked to do so. If you noticed that Automatic Updates was already ticked, try restarting your computer and this should install the updates.

If you are using XP, you can visit the Microsoft Update website using Internet Explorer and following the instructions.

Aside from updating your browser, you should ensure that your anti-virus and malware scanners are up to date and scheduled to scan your system on a regular basis. Be sure to look at all emails closely as well, if one seems a bit dodgy, or you receive one from someone you don't know, it is best to ignore it and delete it right away.

Businesses who are using XP should seriously consider updating because Microsoft will not be introducing security updates in the future, leaving your systems at greater risk of attack. At the very least, it may also be a good idea to switch to another browser like Firefox or Chrome, both of which will work on XP and are updated regularly.

Worried that your systems are not secure enough, or still running XP? Contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
May 1st, 2014

Security_Apr28_CAs everyone knows, we use passwords to prevent anyone getting access to our personal accounts and gadgets. But, with ever-growing numbers of hackers determined to grab our data, people need to be extra vigilant. These cyber criminals are using sophisticated technology to steal information whenever there is a slight hint of opportunity. So don't give them a chance. Your passwords are your first defence. Use these tips to stay safer online.

Observe proper web security

With the rapid advancements in technology comes sophistication of methodologies used by hackers to steal data and destroy web security. Cyber crime is continuously evolving as new programs are made to unlock accounts and combine numbers, letters and special characters to determine passwords. The big question for internet users is – how to choose a strong password that can drive hackers away?

Passwords should have at least eight characters. It is highly recommended that you use a combination of uppercase, lowercase and special characters. “P@s$w0Rd45%” is a thousand times better than “Password1”. Veer away from using passwords that are found in dictionaries. Furthermore, avoid using your name, a family member’s name, phone number, birth date, social security number or any public information. Hackers have found a way to crack passwords with the aid of the many databases out there.

To create even more secure passwords, try using a password that is a full sentence, with random words. For example "I am a purple donkey" (with the spaces) will take a long time to crack, which means it's more secure then even the examples above.

Keep malware off your system

Malware are malicious programs that have been crafted in such a way that they appear authentic and trustworthy. Be careful not to click on pop-ups and links that will redirect you to that place where your security walls are torn down. And do not open email attachments from anonymous users. Mechanisms are often embedded in these programs to gain control of your system.

Get professional help by installing security software from a trusted name in the industry. Build your defences as early as possible. Remember the cliché – better to be be safe than sorry – and nowhere is this more true than in computer system and web security.

Keep your passwords private

While this may seem to be a no-brainer, sadly, a lot of people still tend to share their passwords with their office mates or friends. If you’re one of them, then it’s high time that you change your habits and your password again. Think like James Bond -passwords are for your eyes only.

In the event that you need to give your password to a co-worker to get an important document or presentation, make sure that you change them as soon as possible. Never use the same combination again.

Change password regularly

It also helps if you schedule a regular password change. Within a period of 30 to 60 days, you should update passwords across multiple sites. Moreover, never use the same passwords for different websites. If you use the same passwords, you are putting all of your accounts at a high level risk. Hackers are relentless. Once is never enough for them and they can come back time after time.

It’s an unsafe online world out there. These online troublemakers will never be satisfied. So never let yourself or your organization fall prey to hackers. Take note of these safety measures and strengthen your web security arsenal.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 11th, 2014

Security_Apr11_CThe security of your systems and communication, especially those that utilize the Internet should be paramount for any business. Over the past few weeks a massive new security flaw has been uncovered. This flaw, codenamed Heartbleed, could potentially expose all your vital data and communications that flows between your computer and websites online. All businesses and Internet users should be aware of this Heartbleed so that they can take steps to stay safe.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.

You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.

About Heartbleed

OpenSSL is an open-source version of SSL and TSL. This means that anyone can use it to gain SSL/TSL encryption for their site, and indeed a rather large percentage of sites on the Internet use this software library. The problem is, there was a small software glitch that can be exploited. This glitch is heartbleed.

Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.

The problem with Heartbleed

There are two major problems with this bug. The first being that if an attacker can uncover the SSL handshake used by your computer and the server that hosts the site when you login or transmit data they will be able to see this information. This information usually is made up of your login name, password, text messages, content and even your credit card numbers. In other words, anything that gets transmitted to the site using that version of SSL can be viewed.

Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.

But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.

Am I affected by this?

What makes this so different from other security glitches is that OpenSSL is used by a large percentage of websites. What this means is that you are likely affected. In fact, a report published by Netcraft cited that 66% of active sites on the Internet used OpenSSL. This software is also used to secure chat systems, Virtual Private Networks, and even some email servers.

We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.

The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.

What should I do?

This is a big issue, regardless of whether a website uses this version of OpenSSL or not. The absolute first thing you should do is go and change your passwords for everything. When we say everything, we mean everything. Make the passwords as different as possible from the old ones and ensure that they are strong.

It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:

  • Facebook
  • Google
  • Gmail
  • Yahoo
  • Yahoo Mail
  • Instagram
  • Pinterest
  • Amazon Web Services
  • GoDaddy
  • Intuit
It would be a good idea to visit the blogs of each service to see whether they have updated to a new version of OpenSSL. As of the writing of this article, most had actually done so but some were still looking into upgrading. For a full list of sites, check out this Mashable article.

If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.

Contact us today to see how we can help ensure that your company is secure.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 4th, 2014

Security_March31_CComputers must have appropriate protection from malware attacks. Aside from creating annoyances, malware infections can also affect the performance of your computer. Furthermore, the data on your system and confidential information that you use online may also be tracked and used without your knowledge. Because of the severity of the problems that it can cause you need to be very cautious about preventing malware infections, and know how to deal with them properly.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.

If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.

Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.

After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.

How to prevent a malware attack

Prevention is better than a cure and this definitely applies to malware infections. It’s best to arm yourself with knowledge on how to avoid malware attacks and prevent your systems from being infected.
  1. Ensure that security protection is always updated and that you run system scans on a regular basis.
  2. Avoid downloading attachments or clicking links from unknown sites or senders.
  3. Enable firewall protection.
Malware can hugely affect business operations and the security of private information. One of the best ways to prevent this is to work with an IT partner, like us, who can help recommend and install protection systems. You might want to think about getting help in managing these solutions too, to ensure that your systems are secure at all times.

If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.

Published with permission from TechAdvisory.org. Source.

Topic Security
March 20th, 2014

Security_Mar17_CAny business that employs technology in any aspect will eventually begin to worry about how secure their systems are. In order to ensure security, many companies implement a security strategy. While these strategies are a great way to ensure the security of your business systems and data, there is one element that many business owners forget: The audit.

Auditing and the security security strategy

Auditing your company's security is important, the only problem business owners run across is where and what they should be auditing. The easiest way to do this is to first look at the common elements of developing security strategies.

These elements are: assess, assign, audit. When you develop a plan, or work with an IT partner to develop one, you follow the three steps above, and it may be obvious at the end. In truth however, you should be auditing at each stage of the plan. That means you first need to know what goes on in each stage.

During the assessment phase you or your IT partner will need to look at the existing security you have in place. This includes on every computer and server and also focuses on who has access to what, and what programs are being used. Doing an assessment should give you an overview of how secure your business currently is, along with any weak points that need to be improved.

The assignment phase looks at actually carrying out the changes you identified in the assessment phase. This could include adding improved security measures, deleting unused programs or even updating systems for improved security. The main goal in this phase is to ensure that your systems and networks are secure.

Auditing happens after the changes have been made and aims to ensure that your systems are actually secure and have been implemented properly. Throughout the process you will actually need to continually audit and adjust your strategy.

What exactly should be audited?

When conducting an audit, there are three factors you should focus on:
  1. The state of your security - Changing or introducing a security plan usually begins with an audit of sorts. In order to do this however, you need to know about how your security has changed in between audits. Tracking this state and how it changed in between audits allows you to more efficiently audit how your system is working now and to also implement changes easier. If you don't know how the state of your security has changed in between audits, you could risk implementing ineffective security measures or leaving older solutions open to risk.
  2. The changes made - Auditing the state of your security is important, but you should also be auditing the changes made to your systems. For example, if a new program is installed, or a new firewall is implemented, you will need to audit how well it is working before you can deem your security plan to be fully implemented. Basically, you are looking for any changes made to your system that could influence security while you are implementing a new system. If by auditing at this point, you find that security has been compromised, you will need to go back to the first step and assess why before moving forward.
  3. Who has access to what - There is a good chance that every system you have will not need to be accessed by every employee. It would be a good idea that once a security solution is in place, that you audit who has access to what systems and how often they use them. This stage of the process needs to be proactive and constantly carried out. if you find that access changes or system access needs change, it would be a good idea to adapt your the security strategy; starting with the first stage.
If you are looking for help developing a security strategy for your business, contact us today to see how our managed solutions can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
March 6th, 2014

Security_May03_CAs a business owner or manager you face important security issues on a daily basis to look after business computers and systems. From malware to bugs in software, there is almost always a security issue to be dealt with and it can be an uphill battle dealing with them. But, knowledge is power and knowing about security threats can help you battle them more effectively. One of the latest threats to come to light is a bug in Apple's software that all Apple users should know about.

About the bug

News broke on many security websites mid-February about a potentially critical security flaw in Apple's systems following the company releasing an update to their mobile operating system, iOS.

The update notes released by Apple noted that the patch "provides a fix for SSL connection verification." This is a fairly common update as it is aimed at improving the security of communications between websites and the device. However, security experts found out that without the update attackers who can connect to a network are able to capture sensitive information being sent in banking sessions, email messages, and even chat messages using what's called an SSL/TSL session.

What exactly is SSL/TSL?

Secure Sockets Layer (SSL) and Transport Layer Security (TSL) are used in networks to essentially establish an encrypted link between a server and your computer. They are most commonly used to secure websites and the transmission of data. Take a look at some websites and you may see a padlock on the URL bar, or https:// in the URL. This indicates that the website is using SSL or TSL encryption to protect the data that is being transmitted e.g., your bank account information on a website.

In other words, SSL and TSL are used to ensure that information is exchanged securely over the Internet.

What was the problem and what software was affected?

It was found that there was a bug in the code Apple's software uses to establish a SSL connection which causes the whole SSL system to fail, potentially exposing data that should have been encrypted to anyone connected to the network with the right tools.

According to security experts, this bug has been found to affect devices running older versions of iOS 7, OS X 10.8 and newer, Apple TV, and possibly iOS 6. It is important to note that the bug is only found in Apple's SSL technology. Any app that uses Apple's version of SSL could be affected.

Has Apple solved this?

Luckily, Apple has released updates to all of their devices that should solve this security exploit. If you have not updated your device or computer since the middle of February you could be at risk.

How do I prevent my systems from being affected?

The first thing you should do is to update all Apple related apps and devices, including all mobile devices. If you are unsure about whether your apps are secure enough, try using another app, especially another browser. The reason for this is because browsers like Chrome and Firefox all use a different SSL technology and are unaffected by this bug.

You should also remain vigilant and not connect to any open or public Wi-Fi connections or even secured Internet connections that could be easy to break through. Basically, as long as you update you should be fine. However, it may be worthwhile using another browser if you are really worried about whether you have a secure connection.

If you are looking to learn more about this security flaw, or how you can secure your business from threats like this, contact us today. We can help.

Published with permission from TechAdvisory.org. Source.

Topic Security
February 20th, 2014

Security_Feb17_COne of the most common threats to business and individual systems is phishing. This form of hacking is well known and many users have educated themselves on the more traditional methods used by hackers. This has forced hackers to come up with different phishing techniques, and one of the methods that is causing problems is spear phishing.

What is spear phishing?

Spear phishing is a specialized type of phishing that instead of targeting a mass number of users, as normal phishing attempts, targets specific individuals or groups of individuals with a commonality e.g., an office.

Generally a hacker will first pick a target and then try to learn more about the related people. This could include visiting a website to see what a company does, who they work with, and even the staff. Or they could try hacking a server in order to get information.

Once they have some sort of information, usually a name, position, address, and even information on subscriptions, the hacker will develop an email that looks similar to one that another organization might send e.g., a bank. Some hackers have been known to create fake email accounts and pose as a victim's friend, sending emails from a fake account.

These emails are often similar to official correspondence and will always use personal information such as addressing the email to you directly instead of the usual 'dear sir or madam'. The majority of these emails will request some sort of information or talk about an urgent problem.

Somewhere in the email will be a link to the sender's website which will look almost exactly like the real thing. The site will usually ask you to input personal information e.g., an account number, name, address, or even passwords. If you went ahead and followed this request then this information would be captured by the hacker.

What happens if you are speared?

From previous attack cases and reports, the majority of spear phishing attacks are finance related, in that the hacker wants to gain access to a bank account or credit card. Other cases include hackers posing as help desk agents looking to gain access to business systems.

Should someone fall for this tactic, they will often see personal information captured and accounts drained or even their whole identity stolen. Some spear phishing attacks aren't after your identity or money, instead clicking on the link in the email will install malicious software onto a user's system.

We are actually seeing spear phishing being used increasingly by hackers as a method to gain access to business systems. In other words, spear phishing has become a great way for people to steal trade secrets or sensitive business data.

How do I avoid phishing?

Like most other types of phishing related emails, spear phishing attempts can be easy to block. Here are five tips on how you can avoid falling victim to them.
  • Know the basic rule of business communication - There are many basic rules of communication, but the most important one you should be aware of is that the majority of large organizations, like banks, social media platforms, etc., will not send you emails requesting personal information. If you receive an email from say PayPal asking you to click a link to verify your personal information and password, it's fake and you should delete it.
  • Look carefully at all emails - Many spear phishing emails originate in countries where English is not the main language. There will likely be a spelling mistake or odd wording in the emails, or even the sender's email address. You should look out for this, and if you spot errors then delete the email immediately.
  • Verify before you click - Some emails do have links in them, you can't avoid this. That being said, it is never a good idea to click on these without being sure. If you are unsure, phone the sender and ask. Should the email have a phone number, don't call it. Instead look for a number on a website or previous physical correspondence.
  • Never give personal information out over email - To many this is just plain common sense - you wouldn't give your personal information out to anyone on the street, so why give it out to anyone online? If the sender requires personal information try calling them or even going into their business to provide it.
  • Share only essential information - When signing up for new accounts online, there are fields that are required and others that are optional. Only share required information. This limits how much a hacker can get access to, and could actually tip you off. e.g., they send you an email addressed to Betty D, when your last name is Doe.
  • Keep your eyes out for the latest scams - Pay attention to security websites like those run by the major antivirus providers, or contact us. These sites all have blogs where they post the latest in security threats and more, and keeping up-to-date can go a long way in helping you to spot threats.
If you are looking to learn more about spear phishing or any other type of malware and security threat, get in touch.
Published with permission from TechAdvisory.org. Source.

Topic Security