Chat with us, powered by LiveChat
678-389-6200

The Growing Cyber Security Threat

The Growing Cyber Security Threat

How serious of a problem is cybercrime? A study by Cybersecurity Ventures predicts these crimes will cost the world $6 trillion a year by 2021. This is a big number, but it’s no surprise to anyone who has followed the exploits of hackers and online scammers.

Cybercrimes have become big news, with large data and security breaches at companies generating headlines, and cyberthreats from foreign locales such as China and Russia threatening U.S. businesses and elections.

The increasing amount of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity, as well. Data breaches expose sensitive information that often leave exposed users at risk for identity theft, ruin companies’ reputations and almost always leave the company liable for compliance violations.

Security breaches have increased by 11% since 2018, and the average lifecycle of a breach in 2019 was 314 days (from the breach to containment). That’s a lot of time for data to be stolen, corrupted, or held for ransom.

Even enterprise companies and multinational corporations are discovering that their current IT security is not sufficient to fend off an ever-evolving list of cyber threats. This is perhaps most evident in the recent high-profile data breaches that have made headlines. A network breach can result in catastrophic losses of data and high costs for recovery and damage control. A breach can ruin a company’s reputation, making it harder for them to do business in the future. Security breaches at large companies are a matter of national security, as they have damaged our infrastructure and threatened our financial markets.

It’s tempting for small-to-medium sized businesses to assume that they won’t be a target of threats such as ransomware, malware, and phishing because of their size. The reality is that hackers target thousands of businesses simultaneously — size is not really a factor. If you have a connection to the internet, you’re a target.

Dependence upon cloud computing and an increasingly remote, mobile workforce means threats that compromise one system can compromise a larger network relatively easily. All it takes is a single security gap. To combat these threats, businesses are naturally turning to their own IT departments to shore up their networks, implement disaster recovery plans, and coach their fellow employees on data security.

Unfortunately, skill shortages and budget constraints have made security a significant challenge even at the largest, most well-funded companies.

To augment their own IT departments, manage costs, and gain access to additional IT resources, businesses of all sizes have relied on managed service providers (MSPs).

What is the difference between a Managed Service Provider and a Managed Security Service Provider?

It’s important to understand the difference between a managed service provider (MSP) and an MSSP. An MSP is a third-party organization that is contracted to perform ongoing IT services, essentially an outsourced IT department for businesses or organizations who do not want it all managed in-house.

A managed security service provider (MSSP) is similar to a managed service provider, but with more cybersecurity capabilities such as virus and spam blocking, next-generation firewalls, breach detection, and end user security training. An MSP can function as an MSSP as long as they offer that level of specialization and select services, which mPowered IT is.

Both MSPs and MSSPs are designed to help organizations tackle complex IT problems without taking on the burden alone. Each tends to operate on a strategic level, offering valuable solutions and insights throughout all stages of the business’ life cycle.

Why do Businesses turn to MSSPs?

Skilled IT Professionals are in Short Supply

There simply aren’t enough trained and experienced cybersecurity specialists to handle the needs of the modern threat landscape. Unfortunately, hackers and other bad actors can function alone or in small cells, but cybersecurity is typically a team effort that requires constant attention from skilled individuals.

IT Departments are Often Spread too Thin

When a business’ internal IT department becomes overwhelmed, they will often turn to MSPs or MSSPs to fill in gaps. This is generally a much faster way to find and deploy a knowledgeable team without spending months hiring and training new staff.

Even Small Businesses need to be Secure

Small businesses are being targeted more frequently as larger enterprises shore up their own security. Hackers usually look for the weakest points, and that is usually the small business who isn’t taking cybersecurity seriously, not the massive corporation with a huge IT budget.

Cyberthreats are Constantly Evolving

One of the most challenging aspects of IT is that it is constantly evolving — and that goes double for the cybersecurity landscape. IT professionals and cybersecurity specialists must maintain a constant state of continuing education to keep up with the changes in their industries. This isn’t the kind of thing that business owners or C-level executives have time to do on their own. By working with an MSSP, a business can be sure that their defenses are evolving to meet the changing needs of the times.

What Services does an MSSP Provide?

The typical MSSP works as an extension of your business through consulting, planning, and project-based action or ongoing management. Cybersecurity must work in layers, and that means every business needs a tailored suite of solutions working together to completely protect their network and data.

Here are some of the Essential Services Offered by MSSPs:

  • Offsite Backups and Recovery Plans
  • Employee Awareness Training
  • Next-Generation Firewall Protection
  • Encryption Services
  • Password Regulations
  • Security Assessments
  • Email & Web Filtering
  • 24/7 Network Monitoring
  • Offsite Backups and Recovery Plans
  • Antivirus Services
  • Breach Prevention Services
  • Automated Updates
  • Dark Web Scanning
  • Multi-Factor Authentication

End User Awareness Training

In most of the recent high-profile security breach cases, the cause was employee negligence — usually initiated by a phishing email or SMS text message. Humans are almost always the weakest link in a security chain, which means the weakness must be addressed through training in threat awareness and avoidance.

According to a study reported by Tech Republic, 54% of the 1,000 IT professionals surveyed said poor password policies and the careless actions of employees were the root causes of cybersecurity incidents at their companies. More than 50% of the companies surveyed had experienced a ransomware attack in the past year, and 79% of those affected said the ransomware entered their system through a social engineering attack (such as phishing).

What are the other common culprits? Poor password maintenance, a lack of two-factor authentication, or having no password regulations in place at all.

While it’s important to strengthen your network, the human factor must be addressed for your security effort to be successful. MSSPs can be contracted to create a culture of security at your company. They’ll coach your employees to recognize common security threats like phishing emails and malicious links. They can even help you establish a password policy so that passwords are updated regularly and stronger company-wide.

24-7 Network Monitoring

Most organizations can’t afford a staff of in-house IT professionals to manage their network around the clock. Network Operations Center (NOC) monitoring is an important service provided by MSPs, typically to monitor for network outages, server overloads, and other errors by scanning critical network functions. MSSPs provide 24/7 Security Operations Center (SOC) monitoring to identify security issues, manage firewalls, scan for vulnerabilities, and provide intrusion protection and prevention.

MSSPs can monitor networks continuously via their own SOC or through specialized third-party providers. In the event of an issue or security threat, engineers at the MSSP are notified and act quickly to resolve problems. This type of active monitoring is the surest way to ensure data security and minimize downtime.

Emergency Backup and Recovery

Data backup is common at most companies and often required when regulatory compliance is a factor.

Offsite data protection ensures your data is secure and ready to be recovered in the event a system crash or internal error. It also ensures your data is protected in the event of a catastrophic natural disaster. Secure, reliable backups can also serve as a means to access and recover data in the event of a ransomware attack.

Antivirus Services

To combat growing security threats, modern organizations need a layered approach to security. This includes enterprise level antivirus software as well as anti-malware, Next-Generation Firewall Protection, intrusion detection and prevention, and well-trained employees. An MSSP provides all of these security layers as part of a package to your organization.

Don’t make the mistake of relying on consumer-grade antivirus software in a business environment. While many commercial antivirus solutions are fine for personal use, they do not offer all of the solutions needed when protecting a business. You should be able to manage and monitor all your devices from a single platform. Your antivirus software should receive automated updates and provide advanced protection beyond what is needed for personal use.

Email & Web Filtering

Email filtering helps to identify spam and phishing emails and delete or quarantine them before they can do harm. Most modern email platforms, such as Gmail or Office 365, have a built-in spam filter, but hackers have become very good at bypassing these filters. Since some spam will always make into your employees’ inboxes, scam or fraudulent emails will always be a threat to your business.

An MSSP can provide you with advanced layers of email filtering services along with training to help you identify harmful emails before they’re opened and clicked. The security tools provided by an MSSP can also help you filter out malicious websites when your employees are browsing online. To increase employee productivity, you can also use web filtering to block specific types of content such as online shopping sites, social media sites, and gaming sites.

Breach Prevention

A breach occurs when data is compromised and finds it way into the wrong hands. This can happen through network intrusion, through a malicious email link, or if someone downloads your data to physical storage and then uploads it to the dark web (like from a stolen device).

With so many ways for breaches to occur, cyber defense must move beyond the IT department and into your organization as a whole by fostering a culture of security. In addition to monitoring for attacks and unusual behavior, an MSSP can help you create this culture at your company through training, monitoring, and technical expertise. They’ll help you get control over who is accessing your data so you can stay proactive and prevent dangerous activity before it occurs.

Automated Updates

Updates to your applications, software, and operating systems aren’t just to improve functionality. Many updates are sent to protect the software or device against a new type of threat or to patch vulnerabilities that have been recently discovered. These updates don’t always download and apply themselves automatically. They must be authorized by a user, or by an administrator. Too often, important updates are neglected because internal IT staff are overstretched or unsure of what an update will do to the system. Neglected updates quite frequently leave your system vulnerable.

An MSSP ensures that you’ll never have to worry about missing updates and making yourself vulnerable to avoidable threats. Part of their job is to find outdated software and provide automated updates and patching services so you’ll never need to go through your systems and apply updates manually.

Password Standards

As we mentioned, humans are usually the weakest link in a security chain. One way that is true is that people are often careless with creating and maintaining their passwords. When employees are responsible for creating and maintaining their own passwords, you can expect vulnerabilities. Employees will often use the same password for all their accounts, use passwords for years at a time, or they may use a very weak password like “12345,” “password,” or their name and birthdate.

Passwords like these are easy for password cracking programs to decipher. If the same password is used for multiple logins, it could give hackers access to your entire system as well as any software you use. Part of the issue is that too much of the burden is placed on individual employees, many of whom simply want to log in and get to work without having to deal with complicated passwords.

Without any guidance, they’re likely to pick a password that’s easy to remember and stick with it. An MSSP can help your company develop a strong password policy and implement password standards for all your employees. Password regulations, or password policies, govern how your employees create, manage, and use passwords. You may also benefit from using a password manager to help your employees keep track of their passwords. This may be necessary if they use several accounts throughout the day.

Data Encryption Services

Data encryption is important for businesses that must meet regulatory requirements, but every business should include encryption as part of their security strategy. The most comprehensive approach is usually to encrypt any and all data that may be passing through or coming from your business via email, your website, or the internet in general.

Encryption is about protecting data during transit so that theft by interception is nearly impossible. There are many forms of encryption including website, email, network, and hardware encryption. Encryption is becoming the new standard for many businesses. Most major email plat- forms either encrypt emails automatically or make it easy to encrypt emails yourself. At the beginning of 2017, Wired magazine reported that at least half of the web is now encrypted.⁵

Nonetheless, managing the encryption of your data can be difficult and time-consuming. An MSSP can provide your company with Encryption as a Service (EaaS) so you can focus on other tasks with the knowledge that your data is secure. They can also provide additional network layer encryption and hardware encryption.

Security Assessments

Many organizations are bound by regulations and must have certain security measures in place in case they are audited, but any organization that handles important data should check their security status regularly. An MSSP can help you conduct such evaluations and asses your own security. It’s important to do this regularly, as time creates gaps in security that can make you vulnerable to new forms of attack. During a security assessment, an MSSP will look for common problems, including:

  • Poor network architecture
  • System configuration errors
  • Data integrity and confidentiality
  • Weak passwords and poor password regulation
  • Missing system updates and patches
  • Network vulnerabilities

An MSSP can provide an initial security assessment of your organization followed by periodic assessments to keep you secure.

Dark Web Scanning

The dark web is part of the internet that is hidden from conventional search engines like Google, and thus, doesn’t attract much legitimate traffic. It acts as a marketplace for stolen data and hosts many other illicit activities and illegal trades. When a system is breached, it’s common for cybercriminals and other bad actors to post data on the dark web for sale. An MSSP can provide you with dark web scanning to help identify any of your data for sale on the dark web, thus allowing you to minimize further damages.

Although the best protection is to protect your business from breaches in the first place, dark web scanning helps to mitigate damages. It also serves as a means to located stolen data that could have been originated before your current cybersecurity strategy was put into place.

Multi-Factor Authentication

Multifactor or Two-factor Authentication (2FA) has become almost essential, as it helps to offset the risks associated with weak passwords. While you should still focus on creating strong passwords and enforcing password policies at your company, you should also take into account the possibility that at least one of those passwords will eventually be compromised. Hackers can decode passwords using cracking programs, buy them from adjacent data breaches, or bypass them using phishing scams.

Once a password is revealed, it won’t matter how strong it is. If one email account is breached, it can be used to reset the passwords of other accounts or perform further spoof email attacks within the network.

In a two-factor authentication (2FA) system, an account holder must provide two separate pieces of information to access an account. This often takes the form of a primary password and a temporary, randomly generated PIN that is usually sent to the account holder’s smartphone via SMS or email.

This can also be accomplished through a specific device that generates a random PIN, token, or password which the account holder possesses. The second piece of information, or token, is secure because only the account holder has access to it. Additional layers of security can be put in place for extremely sensitive information. For example, you can add biometrics, such as a thumbprint, as a requirement for access. Such an approach offers three layers of protection: “something the user knows,” “something the user has,” and “something the user is.”

Who are we?

mPowered IT provides a full range of IT Support, including technical helpdesk, data backup and recovery, and strategic consulting to small and medium-sized businesses. We take cybersecurity very seriously and always go the extra mile in securing both ourselves and our clients from the latest cyber threats.

We work with many types of businesses throughout the area, and strive to eliminate IT issues before they become costly and frustrating. You can continue to drive your business forward while we make sure your technology is functional and secure. Our dedicated staff loves seeing our clients succeed.

Give those hours wasted on IT problems back to your staff and create a lasting impression on your clients through superior technology services and customer care. Give us a call at 678-389-6200 or visit our website to learn more. 

SOURCES

Cyberattacks in School Districts

Since 2016, there have been 855 cyber incidents publicly disclosed by U.S. schools and districts, according to data from the K–12 Cybersecurity Resource Center. There were 348 in 2019 alone, nearly three times the number in 2018. With the increased use of technology for teaching, learning and continuing school operations in today’s remote environment, schools have also become more vulnerable to cyberattacks.

PHISHINGThe most common threat is social engineering attacks, which includes phishing. Phishing is a tactic scammers use to trick users into giving them confidential information such as passwords and network credentials or installing malicious software through fraudulent downloads or attachments. Campaigns run the gamut from impersonating government agencies asking for bank account information to issue stimulus checks to fake businesses pretending to sell personal protective equipment.

RANSOMEWARE ATTACKS – Ransomware attacks, which involve bad actors encrypting data files and systems through malicious software and requiring districts to pay a ransom to regain access, are also another huge threat to school districts. These attacks are particularly challenging in a remote environment because a lot of systems aren’t necessarily set up to be automatically patched once they’re off the network.

EXPLOITATIONCyberattacks also exploit open Remote Desktop Protocol (RDP) ports and Server Message Block (SMB), a protocol used for file sharing and access to remote services, to spread malware like wildfire. Users accessing blocked websites has become a bigger challenge with everyone working remotely.

It’s not often that the technology fails. It’s individuals behaving in ways that put an organization at risk by not using a complex password, or showing reluctance to using multifactor authentication. Educating users is important, especially with looming budget cuts that may affect spending on security improvements such as firewall upgrades and higher-level endpoint protection. Training needs to be ongoing and should include everyone in a district.

Are you interested in learning more on how an MSP could help your organization stay safe? Give us a call at 678-389-6200 or visit mPoweredIT.com.

Sources: K–12 Cybersecurity Resource Center https://k12cybersecure.com/map/ 

Your Own Employees are Your Biggest Threat

Your Own Employees are Your Biggest Threat – and Last Line of Defense Against a Ransomware Attack on Your Business

employees defense ransomeware

Major ransomware attacks are on the rise across the country, not just taking down single businesses, but entire infrastructure systems. The cybercriminals are gaining in sophistication, finding more clever ways to hack into your network. They hold your systems and data hostage and demand payment. What can your business do about it?

Train Your Employees! In the past, cybercrime was easier to notice and avoid. Today, the criminals are savvy and can fool even those who are watching and aware. Your employees are answering phone calls and emails all day every day, and they need to be well trained and hyper aware of the dangers around them. All it takes is one employee responding to a bogus email, or providing a bit of information on a phone call, to allow a cybercriminal access to your network. Most employees already know to ignore emails from people they don’t know, and never click a link from an unknown sender. But increasingly bogus emails are looking exactly like real ones. Phone calls can seem to be from legit sources, and the person on the other end knows exactly how to gain trust and extract information. mPowered IT CEO John Mamon is a huge advocate for training employees to protect the employer’s business. “We have extensive technology to protect businesses from all kinds of security threats, and they work extremely well,” he explained. “But one employee can innocently give a hacker enough info to get into your system and hold your data hostage. The employee won’t even know they did anything wrong.”

Small businesses are ripe for ransomware attacks Most small business don’t have real security measures in place, or the security they have is outdated and ineffective. Security measures have to keep innovating to stay ahead of cybercriminals, who spend all day every day thinking up more devious ways to get your data, take your money, or both. To stay ahead of the criminals, you need an MSP who focuses on security, stays ahead of security technology, and can train your employees to be the last line of defense. For more information, call mPowered IT at 678-389-6200 or visit mpoweredit.com.

How to Choose the Right IT Provider

There is no one-size-fits-all solution in the world of business technology. That said, the best IT providers will approach your situation with fresh eyes and develop a plan tailored to your unique needs.

Your IT provider should start by asking discovery questions that will inform them about your business. Only by understanding what you do and how you do it will the MSP be able to properly serve you.

Do you want to scale production? Improve customer service? Improve fulfilment? On the surface, it might not seem like technology can affect so many aspects of your business. In truth, an IT provider knows that technology can support — or hinder — every part of your business. A technology plan must address this and holistically support your plans for the business.

Your IT provider should be fully versed in business technology. Having skills that go beyond setting up basic hardware is crucial. Maintaining an entire network of computers, servers, peripherals, and devices requires many years of experience and high-level knowledge. MSPs need to have a deep understanding of business processes and industry best practices. This is especially true when cybersecurity and compliance come into play.

When interviewing a potential managed IT service provider, ask about scalability, staff with specific skill sets, proactive versus reactive support methods, and what they hold as general best practices in IT management. These questions tend to be far more important than those regarding the size of their support staff or their software certifications.

Choose a managed service provider that knows how to leverage technology to improve your business and has the expertise to make it happen. Avoid the provider that will only fix issues as they occur rather than helping you maximize your investment.

A good managed service provider should have your back 24/7/365. They should monitor your systems around the clock and resolve any problems regardless of the time or date. IT problems don’t take holidays off.

While remote monitoring and service can handle many problems, there are situations where an IT provider needs to come on-site for a fix or audit. These visits should always be accounted for in your plan, either built into the invoice or defined through blocks of prepaid time. Ensure that you know what you’re paying for and that you won’t be surprised with additional charges down the road.

For an IT company, maintaining consistent results and delivery is critical. Your IT company should be able and willing to share examples of their documented policies and processes, and show how they would be applied to your business. It’s a red flag if they can’t explain what they do, how they do it, and why it is effective. This also applies to current partnerships. Trustworthy MSPs are happy to share details of their value and can demonstrate how they justify their cost.

In addition to the above, make sure your prospective IT provider offers:

  • Proactive monitoring to detect and prevent problems before they cause downtime, data loss, or other catastrophes.
  • Modern detection and alert solutions, good response times, scaling potential, automation, and a comprehensive web-based user portal.
  • Regular audits of your technology, tests of backup and recovery systems, and comprehensive cybersecurity solutions including training.

The IT infrastructure of today has changed considerably since a decade ago. The typical office will have many desktops, laptops, servers, mobile devices, IoT gadgets, and software — and just as many different vendors.

An IT provider should design a support plan that encompasses all of your business’ technology. They must be able to handle all of the different software companies and vendors that make up your tech ecosystem. An MSP who has good relationships with multiple leading vendors is ideal, as is an IT provider who is familiar with your industry’s proprietary software.

On the other hand, you should seek out an IT provider who is vendor neutral. If they are contracted or partial to using only certain vendors’ products, you could end up with solutions that aren’t exactly right for your needs. A good MSP should always focus on selecting the technology that provides the best results for you.

HAVE QUESTIONS? The team at mPowered IT will be glad to answer any questions you may have about how managed IT services can transform your business. Call us at 678-389-6200 or contact us here.

USB Flash Drive and Their Cybersecurity Dangers

As cloud storage has grown in popularity, the use of USB flash drives has declined in many settings. The decline in popularity of USB flash drives, however, hasn’t necessarily diminished their threat. USB flash drives still enjoy a following in many environments. Data stored on USB flash drives is viewed as more secure because there is no network connectivity involved. While USB flash drives can be handy, they are only as secure as the people who handle them. One particular report from 2021 suggests that 37 percent of threats were specifically designed to utilize removable media, which almost doubled from the 2020 report (19 percent). 

What can you do?

  • Limit the use of USB flash drives. Where necessary, be sure to lock or otherwise secure areas (like the server room) so un-approved USB flash drives cannot be used.
  • Use encrypted USB flash drives with Windows Bitlocker or Mac Native Encryption. This provides a layer of protection should a USB flash drive with sensitive data fall into the wrong hands. Some models have fingerprint authentication.
  • Educate employees never to plug in unknown USB flash drives.

The bottom line: With so many vectors for cyber criminals to take advantage of, it would be easy to ignore USB flash drives. Doing so could cripple your business.

HAVE QUESTIONS? We would be glad to answer any questions you may have about how managed IT services can transform your business. Call us at 678-389-6200 or contact us here.

Web Analytics