What is a security audit and why does your business need one?

Nowadays, it makes sense to assume that your business will face a cyberattack in the near future, rather than be complacent and hope for the best. One of the best ways to ensure that your organization has the capability to weather or resist a cyberattack is by conducting a security audit.

Auditing and the security strategy

Audits are necessary to ensure and maintain system quality and integrity. These system checks help identify security gaps and assure business stakeholders that your company is doing everything in its power to protect its data.

An audit is usually made up of three phases: assess, assign, and audit. Having a methodical way of auditing helps you avoid missing important details. It is also crucial that each stage is treated with the same level of importance to ensure thorough and comprehensive outcomes.

During the assessment phase, have your IT partner look at the security system you have in place. All of your business computers and servers, as well as every program and every user, need to be checked. The assessment should give you an overview of how secure your business currently is, along with any weak points that need to be addressed.

After the assessment, you need to implement the appropriate solutions and partner with the right providers. Ask your IT provider about solutions they can provide for each of your network/system gaps. And for issues that they can’t handle (perhaps because certain machines and software are highly specialized), ask your IT provider for their recommended list of partners.

Finally, conclude your audit cycle with an “audit,” which is one last look-around before releasing the system back into the wild. Make sure that installations, patches, and upgrades are integrated properly and working seamlessly. For future reference, take down notes just in case you need information about software and hardware improvements done during this audit cycle.

What exactly should be audited?

When conducting an audit, there are three factors you should focus on:

The state of your security
Security — especially digital security — is never at an impasse, and it is always in flux. That’s because cybercriminals are always concocting new malware attacks and threats to infiltrate company networks. And that’s not even accounting for cyberattacks that exploit human error like phishing and other social engineering attacks. This means that system security has shorter and shorter expiration dates nowadays, making audits all the more crucial to implementing your security strategy.

The changes made
The key to having long-term data integrity is a continuity plan and not just one that addresses severe business disruptions such as those caused by calamity or disaster. A true continuity plan tries to address every conceivable risk realistically, especially those that can trip up business operations, such as cyberattacks. This can only be possible if you know what kind of hardware and software comprise your system, as well as their respective updates and improvements.

Who has access to what
Data systems should allow administrators some control over who sees what. Total accessibility is a very dangerous prospect, especially since business nowadays is increasingly hinged on your internet presence. An audit will let you check on user access so that you can make necessary adjustments to protect your data.

If you are looking for help in developing a security strategy for your business, contact Net Activity today to see how our managed solutions can help.

3 Steps You Must Take to Prevent Remote Shadow IT

Shadow IT is no laughing matter, despite its overly theatrical name, as it describes the rogue technology and software being used in your business without being cleared or vetted. While it has always been a problem with in-house operations, the widespread adoption of remote work has made it even more dangerous.

Let’s examine how businesses can fight the phenomenon of shadow IT through trust management and communication.

Why is Shadow IT a Big Deal Right Now?

Considering how many people have been forced to embrace remote operations with the rise of COVID-19 making office work far more dangerous, it is no wonder that many people are improvising as they try to work in an unsure and unfamiliar way.

Unfortunately, this improvisation has led to some of them introducing unvetted software onto the devices they are doing work on without clearing it with IT. In doing so, they could easily expose your business to a hidden threat or vulnerability… all unbeknownst to you. While there are solutions available to help you minimize these risks, one of the best means of reducing the risk of shadow IT is to create a relationship between your team and your IT resource that is founded on trust.

Helping IT and Business Users Act as One

As mobile solutions have become more common over the years, the endpoint management solution has become a critical tool that enables a business to retain control over its technology, even when that technology is being used remotely. This technology can be used to accomplish various business-centric objectives:

• Remotely locking or wiping a device
• Installing applications and updates
• Access to push messaging services
• Blocking non-business essential features and applications

As a result, this technology has the capability to fulfill a variety of business needs, assuming that it is properly managed by the organization leveraging it.

How Remote Devices Need to Be Managed

There are multiple steps to properly managing remote devices used for work purposes.

1. Take an Inventory: The first thing you’ll need to do (if you haven’t already) is compile a comprehensive list of all devices used for work purposes—company-owned and personal devices included. This will assist you in establishing who needs remote access to what resources, and where this remote access will be established.
2. Design Access Permissions Based on Roles: Once you know who will be using what, it is important that you limit a user’s remote access to company data, just as you should in the office itself. The rule of least permissions is a good one to follow here, where information is only shared on a “need to know” basis. Of course, we’re only talking about this regarding your business’ sensitive data. You should always keep clear and open communications with your team members when it comes to business matters.
3. Tell Your Team Why It’s Important: We all remember those rules that we had as kids that didn’t make sense to us at the time, simply because we didn’t understand the reasoning behind them. If you aren’t transparent with your team about why they have the solutions they do, they will be more likely to seek out alternatives when they encounter obstacles.

Of course, this all means that you should encourage that communication between your operational team and your IT team should take place whenever it is needed and that you have provided them with the preferred tools and training to complete their tasks appropriately.

Net Activity can help. Not only can we provide the technology your remote team needs to be productive, we’ll also help to support them as they do so with our managed IT services. To learn more about what we offer, give us a call at 216-503-5150.

Four Questions You Need to Ask Yourself About Your Data’s Security

Data security always needs to be considered as one of your most important business priorities. After all, the ramifications of data loss are wide-reaching and severe. To help you ensure that your data security is at the level it needs to be, we’ve put together five questions you need to answer regarding your business’ security preparedness.

“Are my processes based in security?”

Or, in other words: is your work environment designed in such a way that the most secure option is the default? End-to-end security is one thing, incorporating it into a proactive process is quite another. A foundation based upon secure functionality will help lead to better outcomes. Are your users trained to exclusively follow the most secure processes?

If not, this is where you need to start. A company culture steeped in security awareness is one of the best ways to protect your data, simply because it will help to minimize any improvisation that your employees would otherwise attempt. Educate your users properly, and they will turn into one of your biggest security assets.

“How regulated is access to different files?”

On the topic of your employees, how much data is accessible by any given person? There is no reason that one of your salespeople should have access to payroll information, just as your fulfillment division shouldn’t know any payment information beyond whether a bill was paid or not. Securing your data and only enabling access through role-based permissions with private usernames and multiple authentication measures will help shore up your risks. Remember, these permissions and access controls should be audited regularly to ensure that the data they protect remains on a need-to-know basis.

“Is my data encrypted?”

Or, as this question reads after being encrypted on a random website:

“?b64b0EbdbZMVy0aghJaLO+x2ic7F02JurazKFq4r6dv0y7RpMWaNL00qDWW1nQ39vgmELHKNtUl42u0iIhoc4AM1w==?64b”

Of course, without the decryption key, you can only assume that I’m being honest, which is kind of the point. Making sure that your data is encrypted can protect its contents should it be stolen. This means that you will want to be sure that the answer to this question is…

“?b64LQwXhsseeRhWY0MptIJLxsV4NyLYoBpSAzcypRZMD7BEQmmnDgbB4I6ks8ujGmza?64b”

…or, decrypted: “It sure is!”

The topic of encryption is far too complex to go into here in any detail. If you’d like to learn more about encryption and how it can help protect your business’ sensitive data, call us and ask one of our technicians to explain it to you (or to help you implement it)!

“Have I tested my security measures?”

Once your security measures are implemented, your job is far from done. To ensure that they remain effective, they must be stress-tested and evaluated under controlled conditions. What assets are the most important to protect, and what threats are they most in danger of succumbing to? How likely are these threats to come into play, and how are you vulnerable to them?

Establishing these benchmarks will give you greater insights into the weaknesses inherent in your processes and how they can be remedied.

Net Activity can help you find these insights and put the best solutions in place in response. To learn more about this process, reach out to our professionals at 216-503-5150..

Work From Home in America Sets Major Target for Russian Hackers

A Russian ransomware group named “Evil Corp” who was indicted by the Justice Department in December is now targeting employees working from home during the COVID-19 pandemic and attempting to get inside their networks with malware, according to Symantec.

In an urgent warning issued Thursday night, the company reported that Russian hackers had exploited the sudden change in American work habits to inject code into corporate networks with a speed and breadth not previously witnessed.

The hackers group “Evil Corp.,” is a play off the “Mr. Robot” television series. In December, the Justice Department said they had “been engaged in cybercrime on an almost unimaginable scale,” deploying malware to steal tens of millions of dollars from online banking systems. The Treasury Department placed sanctions on them, and the State Department offered $5 million for information leading to the arrest or conviction of the group’s leader.

The attack’s methodology suggests it was intended for the work-at-home era.

The malware, Mr. Chien said, was deployed on common websites and even one news site. But it did not infect every computer used to go shopping or read about the day’s events. Instead, the code looked for a sign that the computer was part of a major corporate or government network. For example, many firms have their employees use a “virtual private network,” or V.P.N., a protected channel that allows workers sitting in their basements or attics to tunnel into their corporate computer systems as if they were at the office.

“These attacks do not try to get into the V.P.N.,” Mr. Chien said. “They just use it to identify who the user works for.” Then the systems wait for the worker to go to a public or commercial website, and use that moment to infect their computer. Once the machine is reconnected to the corporate network, the code is deployed, in hopes of gaining access to corporate systems.

New-school security awareness training can ensure your employees have the proper training while they transition to a work from home office environment.

MSN News has the full story: https://www.msn.com

Get Better at Managing Your Mobile Data

You may not think much about managing mobile data, but if your business routinely transmits sensitive data over the Internet, you should. Today, businesses of all types are using the Internet as a tool to drive their sales and marketing processes, but they don’t often consider the threats that come in when they use it for productivity. Let’s take a look at what a Mobile Information Management solution is, and how to leverage it for your business.

What is Mobile Information Management?

Mobile Information Management (MIM) is a security strategy that keeps sensitive data encrypted regardless of what mobile platform is used to disseminate it. It does this by only allowing approved applications access to the information. Often deployed in enterprise situations, smaller businesses may need to alter their expectations of the system to ensure that it falls inside their budget constraints.

The main draw is extending the breadth of your organization’s security for mobile. Since more is done on mobile devices than ever before, having a strategy in place that works to standardize access to data can work wonders in keeping sensitive information from being intercepted or stolen outright.

Mobile Information Management is typically just a part of an overarching mobile security policy. Working with your mobile device management policy, and a dedicated mobile application management policy, MIM adds an additional layer of security that isn’t typically considered, but is needed to protect your endpoints and sensitive data.

Some Useful Mobile Security Tips

To control your company’s security information that is transmitted over mobile platforms you need to adhere to solid data practices that include:

• Regular backup – Increasingly, mobile data is targeted by hackers. Between the seemingly endless stream of phishing attacks, the existence of ransomware, and other threats, data is at risk. By keeping data backed up, it ensures that the negative situations caused by a data breach don’t include losing data.
• Use mobile device management – Mobile device management is a practical-enough solution that it can handle the administration of data on mobile devices. Using your MDM to control access, manage data and applications, and monitor your staff’s mobile interactions with your company can bring a great deal of benefit to your business.
• Restrict access – One of the best ways you can control your data is to have some very specific use-case restrictions on it. By controlling who can access what through which applications, you reduce the risk of a data breach exponentially.
• Audit your mobile security – To ascertain how your solutions work to secure your data and infrastructure, you need to ensure that all security tools are running and working as intended.

Mobile data can be some of the most useful data, but if it isn’t secured, it can be a real problem. Call Net Activity today to talk about how we can help you secure your mobile data systems at 216-503-5150.

6 Ways to Keep Company Data Secure When Working Remotely

As coronavirus continues to spread and more extreme safety measures are being encouraged and enforced across the globe, the switch to remote work is on the fast track for many in the workplace.

Many companies, including Facebook, Amazon and Google have asked their employees to work remotely, canceled non-essential travel and separated their office populations to mitigate the spread of the virus. The Centers for Disease Control and Prevention also has released guidelines for businesses, including encouraging remote work to “increase the physical distance among and between employees.”

But as remote work becomes more widely practiced, we can expect data security to become more of a concern. From employees using unsecured Wi-Fi networks, to workers mingling confidential company documents with personal papers, remote work has added additional levels of security considerations for companies and their data.

According to Shred-It’s 2018 State of the Industry Report, 86% of business executives believe remote workers increase a company’s chances for a data security breach. Company leaders and their employees need to accept equal accountability in doing what they can to protect their company’s information.

To start, leaders should educate employees about data security and how everyone is responsible for protecting it. They also need to initiate certain practices and procedures that will strengthen data security within their businesses. Remote workers must also prioritize data security education and safe practices, then commit to those measures. So what can companies and their remote workers do to protect their data? Here are six ways to get started.

1. Establish a Cybersecurity Policy

The first step in protecting company data is to make sure all employees know that data security is a priority. Believe it or not, some employees today might still not be aware that data security is something they should be concerned about, at both a personal and professional level.

Employees may assume if they are not working directly with customer data, or if they are not operating at an upper level within the company hierarchy, then they simply don’t need to worry about data security. Organizations cannot assume their employees know anything about cybersecurity or their role in it.

The best place to begin is by establishing a cybersecurity policy. Require all new and existing employees to review and sign the policy, regardless of whether they work remotely or not.

The policy document should cover the reasoning behind having a policy in the first place, as well as details outlining all of the various security protocols employees are expected to comply with, how the company will support them in complying (i.e., which tools and resources they will provide), and a place for the employee to sign their commitment to following the policy.

Everyone in the company must take ownership in protecting employer data, and by having an established policy in place, all employees — remote-working or not — will be on the same page as to what the expectations are.

2. Ensure all Internet Connections Are Secure

Using an unsecured Wi-Fi network is the most common way to expose your company to a data security breach. Everyone understands the need to get out of the house every now and then as a remote worker, and the lure of your local coffee shop — with the comradery of other remote workers and your favorite hot beverage — can be the perfect break. The last thing you want to do is forbid employees from working where they feel most energized and motivated. In this case, the remote workers just need to be educated about how to make sure they can keep the company’s data secure.

The easiest solution is to require employees to use a virtual private network (VPN). Using VPNs before signing on to public Wi-Fi networks will encrypt the internet traffic of the remote worker and monitor for any signs of infection. Remote workers can still get out of the house when they feel isolated, and companies can ensure their data is secure.

A note of caution: not all VPNs are created equal. To make sure your organization is using the right VPN, verify the VPN you are using covers all of the factors you need it to and not just last-mile encryption. After you decide the standards you want, review the provider’s reputation and conduct a cost comparison.

3. Keep Passwords Strong and Varied — and Use a Password Manager

Password safety is another relatively easy way to protect your organization’s data. Many people joke about password safety, admitting they use the same password from device to device and program to program, but educating remote workers about password protection is key to securing your company’s data.

Offering password security training can be yet another step in cybersecurity training for employees. Start with the basics of how to keep passwords strong and why it’s so important to not use the same one over and over again.

Another way for organizations and employees to mitigate this risk is by using a password manager that can randomly generate passwords for you and that stores all of your passwords safely. Then employees won’t have the daily struggle of remembering all of their different passwords for different programs and the company data can remain secure and uncompromised.

4. Rely on Two-Factor Authentication

Many organizations are moving to two-factor authentication (2FA) for their data security management. This method confirms a user’s identity by first requiring a username and password, as well as another piece of information, whether it be an answer to a “secret question” or perhaps a PIN that was sent to their cell phone.

Passwords can often be compromised or stolen, but with 2FA, the chances of someone also having the additional security question’s answer or a PIN is unlikely. This added layer in the security process can provide remote workers and their organizations the peace of mind they need in this digital age, when passwords just aren’t enough anymore.

To take it a step further, companies could move to multi-factor authentication requiring additional verification that might include biometrics like retina, voice or fingerprint recognition. The authentication is definitely more complex — and more expensive — but it could be worth it depending on the level of security an organization needs.

5. Use Encryption Software

Using encryption software is another way companies and their remote workers can protect themselves. If an employee’s device is stolen or lost, the information on that device can find its way into the wrong hands and expose the company to data breaches and vulnerabilities. Encryption software can protect company data by barring access from any unauthorized users of those devices.

Additionally, businesses should be mindful that any programs used for chatting, email or applications should utilize end-to-end encryption. Popular programs like Microsoft Office and Adobe Acrobat, for instance, can easily encrypt files and documents that your remote workers use and share with coworkers.

6. Don’t Forget Firewalls, Antivirus Software and Anti-Malware

Require remote workers to have up-to-date firewalls, antivirus software and anti-malware on all their devices — including cell phones and tablets, in addition to their laptops. Companies might also want to consider having the ability to remotely wipe devices in case they are lost or stolen. Mobile device management platforms can perform most or all of these services, allowing remote workers to continue to use their own devices while ensuring the safety of company data.

Remote work does not have to jeopardize data security. Once remote workers are educated and these top cybersecurity procedures are implemented, they can quickly become standard practices that everyone in a company can commit to with ease — and everyone within the organization can feel confident that they are doing all they can do to protect the security of their employer’s data.

Another WhatsApp Vulnerability Has Been Found

WhatsApp is the most popular messaging platform in the world.

Unfortunately, that means it’s got a giant bullseye on it where hackers are concerned.

In recent months, the company has faced no end of troubles as a raft of vulnerabilities have been exposed and exploited by hackers from every corner of the globe.

The company is still reeling from the blowback associated with these various issues, but their troubles don’t seem to be over yet.  Just last month, WhatsApp quietly found and patched another vulnerability.  This one is tracked as CVE-2019-11931. It is a stack-based buffer overflow issue relating to the way that older WhatsApp versions parsed MP4 metadata, allowing attackers to launch denial-of-service or remote code execution attacks.

All a hacker needed in order to exploit the flaw was a target’s phone number and a specially crafted MP4 file. It just had to be constructed in such a way that it installed a backdoor upon opening.  From there, a wide range of malware could be installed at the hackers’ leisure.  Worse, this vulnerability was found in both the consumer and Enterprise versions of WhatsApp for all major platforms, including Windows, iOS, and Android.

An advisory bulletin was recently published by WhatsApp’s parent company, Facebook. See the list of versions they provided below.

The list of affected versions are as follows:

• Business for iOS versions prior to 2.19.100
• Business for Android versions prior to 2.19.104
• Windows Phone versions prior to and including 3.18.368
• Enterprise Client versions prior to 2.25.3
• iOS versions prior to 2.19.100
• Android versions prior to 2.19.274

If there’s a silver lining here, it is that the company has confirmed that there have been no instances of this exploit having been used ‘in the wild’ and the company has already issued a patch.  If you’re one of WhatsApp’s legions of users, check to be sure you’re running the latest version. If not, update immediately to be on the safe side.

Get the Basics on 2-step and 2-factor Authentication

Cybersecurity is a vital component to businesses these days. You need to make sure that criminals cannot just hack into your network. When it comes to verifying users’ identity, there are two types of authentication used: two-step and two-factor. These two are so similar, many confuse one with the other. Learn the difference between the two, so you’re more knowledgeable on keeping your network secure.

If you want to improve your business’s cybersecurity for you and your customers, you should look at your authentication process. Two-step and two-factor authentication are two of the most commonly used options in cybersecurity. Many businesses use the terms two-step and two-factor authentication interchangeably. There are, however, subtle differences between the two.

Two-step authentication

A two-step authentication process requires a single-factor login (such as a password or biometric reading) as well as another similar type of login that is essentially sent to the user. For example, you may have a password for your first step and then receive a one-time-use code on your cell phone as the second step.

Two-step authentication adds an extra step in the verification process, making it more secure than single-step authentication (i.e., just the password). However, if a person or business is hacked, it won’t be enough to stop hackers from getting a hold of whatever they are looking for.

Two-factor authentication

On the other hand, there is two-factor authentication (sometimes referred to as multifactor authentication), which is significantly more secure. This type of authentication requires two different types of information to authenticate a user’s identity. For example, it could be a combination of a fingerprint or retinal scan as well as a password or passcode. Because the types of information are different, it would require a hacker a great deal more effort to obtain both forms of authentication.

The difference between the two

In essence, every two-factor authentication is a two-step authentication process, but the opposite is not true. With this information in mind, make sure that you are using the right type of authentication in your business to keep your company and customer information as secure as possible.

Your network needs the best security technology has to offer. The type of authentication you should use is just one of hundreds of choices that must be made to achieve that end. To take the stress out of securing and protecting your network, call us today for all the help you could ever ask for.