Category Archives: Network Security

Ransomware Protection Guide

Ransomware has become an epidemic in today’s IT world. It has locked down hospitals, universities, small businesses, and individuals all over the world. We’ve updated our Ransomware Protection Guide to include additional tips to help you protect yourself and your business.

What is Ransomware?

Ransomware is malware that infects your computer by locking access to your files until you pay a ransom – usually in Bitcoin. The malware typically gets on your computer through a malicious email or website. Hackers can also deliver it straight to your computer if it’s already been compromised.

Ransomware is replacing credit card theft as the number one scam for cyber criminals. Unfortunately, antivirus software alone is not enough to protect you from this threat. 

How Can I Protect My Data from Ransomware?

ACT recommends multiple layers of protection to defend against the latest risks. Here are some best practices to protect your network against ransomware:

  • Backups

    • If set up and maintained correctly, backups are the only guaranteed defense against ransomware. This goes beyond a periodic copy of your data. Best practices include snapshot image-based backups that are captured multiple times per day and kept securely both on-site and off-site.
  • Antivirus and Anti-malware Software

    • This is technology 101. Everyone needs to be running antivirus software on all their appliances…yes I said all. Desktops, laptops, iPhones, Androids, Macs, etc. Nothing is off-limits these days.
  • Firewall with UTM

    • In the old days, firewalls were the doors that kept the bad guys out. The problem now is that end-users are clicking on malicious emails and websites unknowingly, opening the door and inviting them in. Many firewalls today contain unified thread management features (UTM) that provide a suite of protection against today’s threats.
  • Operating System Security Updates and Service Packs

    • When was the last time your servers or workstations were updated? Microsoft is regularly releasing updates, patches, and security fixes to keep their operating systems up-to-date against vulnerabilities. Make sure you are installing them timely.
  • Email Security Software

    • If you find yourself weeding through dozens of junk emails on a daily basis, then it’s time to upgrade what you are using for email security. Cloud-based email security systems can stop threats before they ever make it to your company’s mail server. Spam, viruses, and malicious URLs are some of the easiest ways for ransomware to infect users.
  • Password Policies

    • Enforce strong password policies, encouraging passphrases, forcing employees to change passwords periodically, and not allowing them to reuse past passwords.
  • Multi-Factor Authentication

    • Use multi-factor authentication (MFA) for an extra layer of network security. Even if your passwords are stolen, MFA should prevent hackers from gaining access.
  • Domain Name System (DNS) Intelligence

    • DNS is the starting point for internet connectivity across all devices. Providers are now using DNS to secure networks in ways beyond the standard security products out there. This gives clients another layer of security across all platforms in their organization by protecting them from malware, botnets, phishing, and others.
  • Security Policies

    • One quick and easy way to help reduce the risk of ransomware on your network is to limit employees’ access to the network. There are a number of ways to do this. For example, you can remove permissions to specific files and folders, lock down desktops, and remove administrator roles for standard users, just to name a few. Keep in mind that malware can only access what the infected employee has access to. Thus, limiting employee access minimizes the threats.
  • Education

    • Employees are the front line to most businesses. Any email they open, attachment they click, or website they browse could be compromising the business. Many ransomware attacks can be prevented through employee education and training. This can be as simple as creating handouts for employees to review periodically, or maybe an occasional lunch-and-learn session. Remember, know before you click!
  • Did I Mention Backups Backups Backups?

    • Backups are so important that it has made the list twice. And don’t forget, the only way to truly know if your backups are working is to run a periodic test. Don’t wait until your network is compromised to find out that your backup may have failed.

So ask yourself: Is your business safe? Contact us to learn how a Security Assessment can help you determine how well your network is protected.

A 12-Step Approach to Protecting Data and Securing Your Network

In virtually every business environment, a wide variety of personal and ‘approved’ devices are used throughout the day. This includes computers, tablets, smartphones and other Wi-Fi enabled devices. Each piece of equipment puts your entire network at risk if it is not properly secured and managed.

You have a responsibility to protect the private information you collect about everyone you interact with. Whether it’s your employees, customers or business providers, you likely store an incredible amount of sensitive information, such as social security numbers, credit card numbers, and other sensitive data. A system breach could result in hundreds or even thousands of individuals having their privacy and finances compromised. That is why defending against ransomware and viruses is a top priority among businesses today.

Ask yourself:

  • Do you have policies and procedures in place to secure every device you provide?
  • Are you sure you have adequately secured your network?
  • Are you confident all your data is backed up daily, both on-site and off-site?
  • If there is a system failure or breach, do you know how you will identify and stop it? And are you confident your operations can be brought back online without loss and in a timely manner?

If you cannot confidently answer ‘Yes!’ to these questions, keep reading.

It is highly recommended that businesses of every size have multiple layers of protection in place to secure their data and defend against the latest risks. Below is an example of ACT’s 12-Step Security Plan that is implemented for all clients. These are areas you should address within your own companies – at a minimum:

  1. Ensure all devices – desktops, laptops, smartphones, and tablets – are running the most up-to-date antivirus software available.
  2. Upgrade your firewall with Unified Thread Management Features (UTM).
  3. Install the latest security updates/patches to your operating system.
  4. Implement a cloud-based email security system to capture spam, block phishing scams, and stop threats before they ever make it to your mail server.
  5. Implement a secure DNS solution that can protect your business beyond its perimeter.
  6. Enforce strong password policies, encouraging passphrases, forcing employees to change passwords periodically, and not allowing them to reuse past passwords.
  7. Use multi-factor authentication (MFA) for an extra layer of network security. Even if your passwords are stolen, MFA should prevent hackers from gaining access.
  8. Implement a hybrid solution that combines an on-site backup system that synchronizes real-time with a secure cloud-based storage system, providing maximum protection and quick restoration in the event of a disaster.
  9. Periodically test the backup system so you are 100% certain it’s working.
  10. Document a disaster plan to ensure your entire team understands what to do in the event of catastrophe.
  11. Implement network security policies that limit access to certain parts of the network.
  12. Educate staff, vendors, and anyone else who accesses your network on what they can (and cannot) click or download.

Ensuring the areas above are addressed on an ongoing basis should keep your company’s network and data secure. To learn more about this approach and how it can help protect your business, contact us today.

15 Best Practices that Help Prevent Cyber Attacks

Do you know what your greatest vulnerability is? It’s your people. Employees unknowingly click on malicious links and download a host of viruses and malware every day. In fact, there is a hacker attack every 39 seconds and 63% of all network intrusions are due to compromised user credentials.

Here are a few other disturbing facts:

  • 43% of cyber attacks target small businesses.
  • 60% of small businesses go out of business within six months of an attack.
  • 78% of people claim to know the risks of clicking on unknown links; yet they admit they still do!
  • 1 in ever 131 emails contains malware.

Since your employees are your first line of defense, it is vital to create a culture where security is top of mind. 

15 Best Practices to Implement Immediately

  1. Update the security software on your network and every connected device. Keep it current by turning on automatic software updates. That goes for your operating system and web browsers too.
  2. Get proactive with your anti-virus software by confirming that it’s running on all devices, scheduling automatic daily scans, ensuring it’s updating regularly, and educating staff on how to run manual scans on new downloads.
  3. Make sure your network is protected with a firewall. This is one important way to keep the bad guys out. If you don’t have a firewall appliance, make sure you have a software-based one enabled on your computer.
  4. Enforce strong password policies, encouraging passphrases, forcing employees to change passwords periodically, and not allowing them to reuse past passwords.
  5. Use multi-factor authentication (MFA) for an extra layer of network security. Even if your password is stolen, MFA should prevent hackers from gaining access.
  6. Restrict where sensitive data can be stored. Don’t allow personally identifiable information (PII) to be copied to an external drive or saved in a location outside of your secure network.
  7. Assess how your telecommuters work. Are they using a home computer for work, and possibly transferring files via an unencrypted USB drive? Is their home wi-fi network secure? Consider setting up telecommuters with a secure work device and setting firm rules around the computer’s use.
  8. Back up data on a regular basis (every day, every hour, or real-time, depending upon the nature of your business). Backups should be stored on-site and off-site and periodically tested to ensure they work.
  9. Safely manage email; it’s the biggest source of security breaches! Tips include never opening attachments or clicking on links from an untrusted source; never sending confidential information over public email (use a secure encrypted service); only using an official business email address that is protected by a spam filter (not personal accounts); and being wary of email phishing and extortion scams.
  10. Wipe hard drives before disposing of old devices, including computers, tablets, printers, copiers, external hard drives, flash drives, and fax machines.
  11. Don’t neglect mobile devices. Download apps from trusted sources and allow them to update regularly. Implement strong authentication, such as fingerprint recognition or a strong passphrase. Configure app permissions immediately after downloading.
  12. Protect your social networks by limiting who has administrative access to your account, setting up strong authentication, and carefully configuring privacy settings.
  13. Create policies for using USB drives. Disable auto-run and scan the drive before opening files. Don’t allow personal USB drives to be plugged into a work computer. Don’t allow sensitive information to be stored on an unencrypted USB drive.
  14. Establish a guest wi-fi channel that restricts access to sensitive areas.
  15. Educate employees on what they can and cannot do on their work computers, and how they can help strengthen spam filters by reporting suspicious emails and events. Also be aware of what your third-party vendors are accessing.

5 Steps to Take When Developing a Formal Cyber Security Plan

  1. Identify your sensitive data. Determine what you need to protect, such as employee social security numbers and payroll information; customer data; credit card information; and company secrets (proprietary formulations, patents, etc.). Ensure you know every location where copies are stored.
  2. Protect it. Assess what needs to be done to properly protect everything you’ve identified.
  3. Create a detection and alert system. Set up systems that will alert you if an incident occurs, including the ability for employees to report problems as they occur.
  4. Develop a response plan. Ensure everyone knows their role in helping to contain an attack and assess the damage.
  5. Develop a recovery plan. Once business operations are restored, you’ll need to determine if anything was lost and if you have any legal obligations to alert customers, vendors, and board members.

If you need help with any of the above steps, contact an ACT specialist today to learn how our Comprehensive Security Assessments can protect your organization.

Why Do Hackers Want My Data?

Hackers Want Your Data

By: David R. Herman – Director, Technical Services

Hacking has become so commonplace that many people have begun disregarding the potentially disastrous consequences of it. Why do hackers hack, anyway? Why are we burdened with the inconvenience and expense of firewalls, anti-virus programs, content filters, and having to sort through pages of spam selling you the next super vitamin.

As in many other facets of life – follow the money! While it’s true there are some hacking groups that use hacking as a canvas for their social messaging, bragging rights, corporate espionage and other reasons, the vast majority of ‘professional’ hacking is for personal and financial enrichment.

This article aims to help you understand what a serious effort is being made to steal and make money using YOUR data. Now is the time to ensure you are putting enough resources toward protecting your data (as opposed to glazing over and rolling your eyes every time your IT professional starts warning you about ‘those vile hackers’).

So how do hackers make money from your data? By selling it, of course!
Here are some of the most common ways hackers are profiting from your data right now:

  • Ransomware. Hackers encrypt the data on your computer or network so you cannot access it, essentially holding it ransom. Then they offer to ‘sell it back to you’ for a fee. Once you pay, they usually give you the key needed to decrypt it.

    – Motive: Financial gain through the direct sale of data back to its owner.

  • Stolen Financial Data. Credit cards, social security numbers and other identifying information can be used for immediate identity theft exploits. Hackers collect this information and then sell it on the deep web to groups skilled at using it to perpetrate identity theft. It is its own business and it’s happening 24 hours a day, 7 days a week.

    – Motive: Financial gain via short-term identity theft.

  • Stolen Data. If you’ve been to a doctor in the past few years, you’re familiar with the term ‘HIPAA guidelines.’ For providers, HIPAA causes numerous headaches as it forces practices to create special procedures, train their staff, and even invest in specialized software. As a patient, HIPAA provides you with data privacy and security provisions meant to safeguard your medical information. As medicine moves toward electronic medical records, it opens the door to medical data fraud. When a hacker obtains your medical data they can submit fraudulent claims, resulting in insurance and Medicare fraud, costing the industry billions of dollars each year ($6.2 billion according to a recent IBM/Ponemon report). Furthermore, since medical records contain personal data that is biometric and never changes, skilled groups can re-use this data for future identity theft exploits long after the data is obtained.

    While the example above is specific to the healthcare industry, it’s important to note that any industry with sensitive data about its clients is at risk, including the accounting, legal and financial industries.

    – Motive: Financial gain via short-term and long-term identity theft and insurance fraud.

These are just three of the more popular exploits we see every day. Unfortunately, there are many more, and they are ever-evolving. So, the next time you see a bright red and yellow pop-up warning stating ‘Your computer is vulnerable,’ don’t ignore it. There are full-time hackers working hard to get at your data.

Want to stay ahead of the hackers and keep your data secure? Give us a call to assess your vulnerability and secure your data.