October 15, 2017 – Cybersecurity is not ONLY about responding to a ransomware or hacker but being prepared to prevent it from happening. When you are prepared to prevent an attacker for entering your computers or network, you make it difficult for them to be successful. For an attacker that means they will have to spend more time trying to get what they want. If it is simply to hold your computer and information for ransom, then they will likely move on. If it is your information that they want, they will expend the extra time to get it. But who said you had to make it easy?
So, what can you do? Well, a lot. But don’t despair. It may not cost you a lot to implement. Let’s follow the National Institute for Standards & Technology (NIST) Cyber Security Framework. In the framework there are two areas that are easily addressed. Identify and Protect.
Asset Management – Get a list of EVERYTHING that processes information electronically. It could be a security camera connected to your network, your computers & servers, a printer, all you network devices, etc. Record what it is, what operating system (Windows, Linux, macOS, etc) and what software is installed on it (Office 2016, Adobe Reader, Adobe Flash, and the other programs you use). If it is a device like a printer or a security camera, record the brand and determine the firmware version.
Maintenance – Update your software and firmware when new version are available as they may address security flaws in the software. For Windows and other applications, updates are provided monthly. Others, not so often. Check with the developer and see if they have an email list you can join to be notified when there are updates.
The longer a security flaw remains in your software or firmware the easier you make it for an attacker to be successful in taking or ransoming your information. But by doing these two things, you have done a lot to protect your information and taken a proactive stance in preventing an attack from being successful.
If you need assistance, let us know. We’ll be glad to help you become proactive!
As I mentioned in my last post, bringing your own device (BYOD) provides a benefit to businesses that need work done, but don’t have the money to purchase the equipment. But there was a caveat, that benefit must be weighed against the risk the business assumes by allowing BYOD.
Second to the businesses employees, the most valuable asset a company has is their information and the information they process. This information is what is at risk if there happens to be vulnerability that is exploited (intentionally or unintentionally) by an employee or other person that gets there hands on the device.
Some threats that pose dangers to your data is
1. Malware/Viruses/Spyware. Introduction of malware, viruses, and spyware into the company IT infrastructure could have a crippling effect on your business. The latest malware also known as ransomware encrypts the data on the users device and there by prevents the user from gaining access to the files needed. If a BYOD user gets hit with ransomware while connected to the business’ files, the business may be out of luck.
2. Lost/Stolen device. Perhaps the largest threat. The Veteran’s Administration is no stranger to lost portable electronic devices. In 2006 they lost a single laptop that contained a significant amount of information about U.S. veterans. It has not only happened to the Veteran’s Administration but also to car manufacturers, HR recruiting companies, etc. Once the device is lost, the data is potentially forever lost and possibly compromised.
3. Rooted devices. Device manufacturers go to great lengths to ensure some level of security on the devices they sell. But there are people that want more access to the inner workings of the device. The super power users inadvertently open their device to being an easier target for malware and misbehaving applications.
4. Outdated software. Numerous times each week, updates and patches to software applications are released to fix flaws within the application that not only affect how the application works, but also affect the security of the device and data.
5. Open WiFi. In this day and age, most are desiring the ability to be able to connect anywhere at anytime. Look at all the places that offer free or pay WiFi… airport, coffee shops, stores, restaurants, just about anywhere you go. When connecting to these WiFi sources, the connections are typically unprotected. Another person at the same coffee shop could snoop on the mobile device’s traffic and get all sorts of information. Maybe even get into the computer.
6. Unlocked devices. Locking the device provides a minimal measure of security. This prevents people from picking up the device and scrolling through documents, emails, or other files related to your business. It is a simple mechanism, but is often not implemented.
This just a summary of some of the larger threats associated with BYOD. In my next blog entry, we will look at what can be done to protect a business while still implementing BYOD.
Until then… Think twice and perform a cyber 360.