Cyber insurance is an invaluable tool in your risk management arsenal. Think of it as one of the many weapons you have against cyberthreats. However, there’s a widespread misconception that having cyber insurance is enough. The truth is—without a comprehensive cybersecurity strategy, your insurance can offer only limited protection.
Through this blog, we’ll help you understand why cyber insurance should be seen as a safety net rather than a replacement for strong security.
Understanding the Limits of Cyber Insurance
In today’s business landscape, cyber insurance is a must. However, having insurance doesn’t guarantee a payout. Here are a few things that cyber insurance can’t help you with:
Business Interruption:
Your cyber insurance policy can never fully cover the cost of lost productivity due to a cyberattack. The payouts, in most cases, would be partial and won’t be enough for you to recover from the business interruption.
Reputational Damage:
Cyber insurance can’t help you win back customer trust. It would take a lot of work to repair your organization’s reputation.
Evolving Threats:
Cyberthreats are constantly evolving, and your insurance policy might not be able to offer a payout against new tactics.
Social Engineering Attacks:
Cybercriminals often trick unsuspecting victims through social engineering attacks. If your business suffers losses due to a social engineering attack, like a phishing scam, you might not be covered.
Insider Threats:
Losses resulting from an internal risk are rarely covered by insurance providers. If the breach occurs because of a threat within your organization, your policy provider may not entertain the claim.
Unsure of what an insider threat is? Visit our blog here to learn more.
Nation-State Attacks:
Some rogue state nations deploy their hackers to carry out cyberattacks in other countries. Many insurance providers consider such attacks as acts of war and do not cover them.
Six Steps to Build a strong cybersecurity posture
Implement these steps proactively to strengthen your defenses:
1. Employee training is critical for building a strong defense against cyberthreats. Hold regular sessions and bootcamps to educate your team on cybersecurity best practices.
2. Implement strong password policies and utilize a password manager.
3. Using multi-factor authentication will phenomenally improve your internal security.
4. Regularly back up your business-critical data. This will ensure you can bounce back quickly in case of a breach or a ransomware attack.
5. Keep your software and security solutions up to date. Monitor and resolve issues before hackers have an opportunity to exploit them.
6. Think of your network like your castle and do everything to protect it from hackers. Build a strong network security infrastructure, complete with firewalls, anti-virus software and threat detection systems.
Databranch can help your business implement these security measures and much more. By partnering with us, you can have peace of mind knowing that any IT issues will be addressed promptly, reducing the impact on your operations and enabling your business to run smoothly without interruption.
Build a Resilient Future For Your Business
To build a strong defense posture, you need a good cyber insurance policy and a robust cybersecurity plan. However, it can be stressful having to juggle the responsibilities of managing your business and implementing a comprehensive security strategy.
That’s where a great partner like us can offer a helping hand. We can evaluate your current IT infrastructure and create a strategy that is right for you and your unique business needs. Reach out to us today at 716-373-4467 option 6 or [email protected] to get started.
Read More
Imagine starting your day with a cup of coffee, ready to tackle your to-do list, when an email that appears to be from a trusted partner lands in your inbox. It looks legitimate, but hidden within is a phishing trap set by cybercriminals.
This scenario is becoming all too common for businesses, both big and small.
Phishing scams are evolving and becoming more sophisticated with every passing day. As a decision-maker, it’s crucial to understand these threats and debunk common myths to protect your business effectively.
The Most Popular Phishing Myth
Many people believe phishing scams are easy to identify, thinking they can spot them due to poor grammar, suspicious links or blatant requests for personal information.
However, this is far from the truth. Modern phishing attacks have become highly complicated, making them difficult to detect. Cybercriminals now use advanced techniques like AI to create emails, websites and messages that closely mimic legitimate communications from trusted sources.
Most phishing attempts today look authentic, using logos, branding and language that resemble those of reputable companies or persons. This level of deception means that even well-trained individuals can fall victim to cleverly disguised phishing attempts.
Different Types of Phishing Scams
Phishing scams come in various forms, each exploiting different vulnerabilities. Understanding the most common types can help you better protect your business:
Email Phishing:
The most common type, in which cybercriminals send emails that appear to be from legitimate sources, such as banks or well-known companies. These emails often contain links to fake websites, which they use to steal sensitive information.
Spear Phishing:
Targets specific individuals or organizations. Attackers gather information about their targets to create personalized and convincing messages, making it particularly dangerous since it can bypass traditional security measures.
Whaling:
A type of spear phishing that targets high-profile individuals like CEOs and executives. The goal is to trick these individuals into revealing sensitive information or authorizing financial transactions.
Smishing:
A social engineering attack that involves sending phishing messages via SMS or text. These messages often contain links to malicious websites or ask recipients to call a phone number, prompting them to provide personal information.
Vishing:
Involves phone calls from attackers posing as legitimate entities, such as banks or tech support, asking for sensitive information over the phone.
Clone Phishing:
Attackers duplicate a legitimate email you’ve previously received, replacing links or attachments with malicious ones. This tactic exploits trust, making it hard to differentiate fake email from genuine communication.
QR Code Phishing:
Cybercriminals use QR codes to direct victims to malicious websites. These codes often appear on flyers, posters or email attachments. When scanned, the QR codes take you to a phishing site.
Protecting Your Business from Phishing Scams
To safeguard your business from phishing scams, follow these practical steps:
- Train employees regularly to recognize the latest phishing attempts and conduct simulated exercises.
- Implement advanced email filtering solutions to detect and block phishing emails.
- Use multi-factor authentication (MFA) on all accounts to add an extra layer of security.
- Keep software and systems up to date with the latest security patches.
- Utilize firewalls, antivirus software and intrusion detection systems to protect against unauthorized access.
Collaborate for Success
By now, it’s clear that phishing scams are constantly evolving, and staying ahead of these threats requires continuous effort and vigilance. Partnering with Databranch will allow you to focus on your business operation while we help tackle your cybersecurity needs.
Together, we can create a safer digital environment for your business. Don’t hesitate, get in touch today at 716-373-4467 option 6 or [email protected].
Read More
Whether you’re a small business or a multinational corporation, your success hinges on the integrity and availability of critical data. Every transaction, customer interaction and strategic decision relies on this precious asset.
As your dependence on data grows, so do the risks. Cyberthreats and data breaches aren’t just potential disruptions when you possess valuable and sensitive data; they’re existential threats that can undermine your business continuity.
Key Considerations for Data Security
Fortunately, ensuring data security is achievable with the right strategies. Here are some steps you should consider taking:
Data Backups:
Regularly back up your data to secure off-site locations. Cloud storage services by reliable providers are a good choice. Consider using external hard drives or network-attached storage (NAS) devices. These backups ensure that even if your primary systems are compromised, you can swiftly recover essential information.
Databranch offers our BCDR solution from Datto, the leader in Total Data Protection. Not only will the Datto backup all your data to the device itself, but it will also backup everything to 2 separate offsite cloud storage locations.
So, in the event that the local device is destroyed, you can still access your information even from a remote location.
With Datto you will receive daily backup verifications and screen shots of your virtual servers, giving you peace of mind and ensure that your backup data is working and accessible to you when you need it.
Encryption:
Encryption is your digital armor. It protects sensitive data during transmission (when it’s being sent) and at rest (when it’s stored). Implement strong encryption algorithms like Advanced Encryption Standard (AES) to render data unreadable to unauthorized individuals. Remember that encryption scrambles data, making it inaccessible to anyone without the decryption key.
Access Control:
Implement strict access controls to limit who can view or modify sensitive information. Role-based access control (RBAC) can effectively assign permissions based on job functions.
Multi-factor authentication (MFA) adds an extra layer of security. It requires additional verification steps (such as one-time codes sent to mobile devices) to ensure that only authorized personnel can access critical data.
Remote Work Security:
As scattered work environments become more commonplace, secure remote access is vital. Here’s how you can implement it:
- Virtual private networks (VPNs): Use VPNs to create a secure connection between remote devices and your internal network. This shields data from prying eyes.
- Secure remote desktop protocols: If employees access company systems remotely, ensure they use secure protocols like RDP (Remote Desktop Protocol) over encrypted channels.
- Strong password policies: Enforce robust password policies. Encourage passphrase-based authentication for added strength.
Incident Response Plan:
Develop a detailed incident response plan. Consider the following:
- Roles and responsibilities: Clearly define who does what during a data breach or cyberattack.
- Communication protocols: Establish channels to notify stakeholders, including customers, employees and regulatory bodies.
- Recovery procedures: Outline steps to recover affected systems and data promptly.
Continuous Monitoring:
Implement continuous monitoring of your IT systems. Tools like Security Information and Event Management (SIEM) track and analyze security-related data. Proactive threat detection allows swift responses to potential breaches.
Partnering with Databranch means your business will receive our 24 x 7 proactive monitoring and alerting service which allows you to take this off your plate and focus on your business needs.
Employee Training:
Regularly train employees on data security best practices, such as:
- Phishing awareness: Teach them to recognize phishing attempts, such as fraudulent emails or messages that trick users into revealing sensitive information.
- Understanding of social engineering: Educate employees about social engineering tactics used by cybercriminals.
- Device security: Remind them to secure their devices (laptops, smartphones, tablets) with strong passwords and regular updates.
Partner for Success
Worried about where to start? Download our infographic to review possible strategies.
Our expert team is here to help. Databranch can assess your current data security setup, identify areas for improvement and develop a tailored plan to protect your data and strengthen your business continuity.
Contact us today at 716-373-4467 option 6, [email protected], or complete the form below to schedule a consultation and take the first step towards securing your business’s future.
Read More
Cybersecurity is an essential aspect of any business or organization. As technology evolves, so do the threats that can harm an organization’s operations, data and reputation. One of the most effective ways to defend against these threats is through the Defense in Depth (DiD) approach.
DiD is a cybersecurity approach in which multiple defensive methods are layered to protect a business. Since no individual security measure is guaranteed to endure every attack, combining several layers of security is more effective.
This layering approach was first conceived by the National Security Agency (NSA) and is inspired by a military tactic with the same name. In the military, layers of defense help buy time.
However, in IT, this approach is intended to prevent an incident altogether.
Essential Elements of DiD
Implementing all the elements of an effective DiD strategy can help minimize the chances of threats seeping through the cracks. These elements include:
1. Firewalls
A firewall is a security system comprised of hardware or software that can protect your network by filtering out unnecessary traffic and blocking unauthorized access to your data.
2. Intrusion Prevention and Detection Systems
Intrusion prevention and detection systems scan the network to look for anything out of place. If a threatening activity is detected, it will alert the stakeholders and block attacks.
3. Endpoint Detection and Response (EDR)
Endpoint detection and response (EDR) solutions constantly monitor endpoints to find suspicious or malicious behavior in real time.
Databranch is excited to announce a new detection software that we have begun implementing for our clients. The Huntress Managed Detection and Response (MDR) for Microsoft 365 secures your users with 24/7 protection.
Huntress MDR can detect and respond to early signs of cyberattacks such as unauthorized access, email manipulation, and suspicious login locations.
The software then utilizes Huntress’s 24/7 Security Operations Center (SOC) which is comprised of experts who analyze and interpret the threats. An actual Huntress employee will review these detections, provide incident reports, and will deliver actionable remediations for recovery.
4. Network Segmentation
Once you divide your business’s network into smaller units, you can monitor data traffic between segments and safeguard them from one another.
5. The Principle of Least Privilege (PoLP)
The principle of least privilege (PoLP) is a cybersecurity concept in which a user is only granted the minimum levels of access/permissions essential to perform their task.
Visit us here to learn more about the risks associated with Local Administrative Privileges.
6. Strong Passwords
Poor password hygiene, including default passwords like “1234” or “admin,” can put your business at risk. Equally risky is the habit of using the same passwords for multiple accounts.
To protect your accounts from being hacked, it’s essential to have strong passwords and an added layer of protection by using practices such as Multi-Factor Authentication (MFA).
7. Patch Management
Security gaps left unattended due to poor patch management can make your business vulnerable to cyberattacks. When a new patch is delivered, deploy it immediately to prevent exploitation.
Databranch offers a Patch Management solution for our managed client’s that automates and manages service packs, hot-fixes, and patches from a single location.
How IT service providers help defend against threats
As a Databranch client, our experienced team members will help you divide DiD into three security control areas:
1. Administrative controls
The policies and procedures of a business fall under administrative controls. These controls ensure that appropriate guidance is available and security policies are followed.
Examples include hiring practices or employee onboarding protocols, data processing and management procedures, information security policies, vendor risk management and third-party risk management frameworks, information risk management strategies, and more.
3. Technical controls
Hardware or software intended to protect systems and resources fall under technical controls.
They include firewalls, configuration management, disk/data encryption, identity authentication (IAM), vulnerability scanners, patch management, virtual private networks (VPNs), intrusion detection systems (IDS), security awareness training and more.
4. Physical controls
Anything that physically limits or prevents IT system access falls under physical controls, such as fences, keycards/badges, CCTV systems, locker rooms and more.
Don’t worry if you are struggling with developing a DiD strategy for your organization. Databranch is here to make things as simple as possible. Contact us at 716-373-4467 option 6, or [email protected] to start the process of making your organization more secure.
Read More
Social media has significantly transformed the way we communicate and do business. However, this growing popularity also comes with potential risks that could cause harm to businesses like yours.
Unfortunately, many organizations remain unaware of these rapidly evolving challenges. In this blog, we will explore the dangers associated with social media and share practical tips to safeguard your organization’s reputation and financial stability so that you can safely reap the benefits of social media platforms.
Exploring the Risks
Social media presents several risks that you need to address, such as:
Security Breaches
Cybercriminals can exploit social media to steal sensitive information by creating fake profiles and content to trick people into sharing confidential data. Social media platforms are also vulnerable to hacking, which can have a negative impact on your business.
Reputation Damage
Negative comments from dissatisfied customers, envious competitors or even unhappy employees can quickly spread online and cause significant damage to your brand’s image within seconds.
Employee Misconduct
Certain employees may share offensive content or leak confidential information on social media, which can trigger a crisis that can be challenging for business leaders to handle.
Legal Accountability
Social media has the potential to blur the boundaries between personal and professional lives, which can, in turn, create legal liabilities for your business. If your employees make malicious remarks about competitors, clients or individuals, the public can hold you responsible for their actions. Employees may also face the consequences if their social media behavior violates the organization’s regulations.
Phishing Threats
Social media phishing scams can target your business and employees by installing malware or ransomware through seemingly authentic posts.
Fake LinkedIn Jobs
Cybercriminals often pose as recruiters on LinkedIn and post fake job listings to collect data for identity theft scams.
Securing Your Business
Taking proactive measures is essential to avoid social media risks, including:
Checking Privacy Settings
Set privacy settings to the highest level across all accounts, restricting your and your employees’ access to sensitive information. This includes removing Local Admin Privileges for employees.
Strengthening Security
Employ robust passwords and multifactor authentication (MFA) to bolster account security.
Establishing Clear Guidelines
Enforce clear social media rules for company and personal devices, customizing policies to fit your industry’s unique risks.
Educating Your Teams
Educate your team on social media risks, imparting safe practices to thwart scams and phishing attempts. Our Employee Cybersecurity Training not only offers an annual cybersecurity training, but also contains weekly micro-trainings to keep your employees up to date on real world threats.
Identifying Impersonation
Develop protocols to detect and manage fake profiles and impersonations swiftly. Remain vigilant and report any suspicious activity.
Vigilant Monitoring
Set up a system to monitor social media, promptly addressing fraudulent accounts or suspicious activity that could stain your brand image.
Act Now to Safeguard Your Business
Understanding the risks and adhering to social media best practices are crucial for businesses of all sizes. By following these guidelines, you can reduce your business’s vulnerability while reaping the rewards of social media.
For comprehensive insights into social media safety, download our eBook “From Vulnerability to Vigilance: Social Media Safety.”
Reach out to Databranch today at 716-373-4467 option 4 or [email protected] if your business is looking to increase their cybersecurity awareness.
Read More
In recent years, email has become an essential part of our daily lives. Many people use it for various purposes, including business transactions. With the increasing dependence on digital technology, cybercrime has grown. A significant cyber threat facing businesses today is Business Email Compromise (BEC).
Why is it important to pay particular attention to BEC attacks? Because they’ve been on the rise. BEC attacks jumped 81% in 2022, and as many as 98% of employees fail to report the threat.
What is Business Email Compromise (BEC)?
Business Email Compromise (BEC) is a type of scam in which criminals use email fraud to target victims. These victims include both businesses and individuals. They especially target those who perform wire transfer payments.
The scammer pretends to be a high-level executive or business partner and will send emails to employees, customers, or vendors. These emails request them to make payments or transfer funds in some form.
According to the FBI, BEC scams cost businesses around $1.8 billion in 2020. That figure increased to $2.4 billion in 2021. These scams can cause severe financial damage to businesses and can also harm their reputations.
How Does BEC Work?
BEC attacks are usually well-crafted and sophisticated, making it difficult to identify them. The attacker first researches the target organization and its employees. They gain knowledge about the company’s operations, suppliers, customers, and business partners.
Much of this information is freely available online. Scammers can find it on sites like LinkedIn, Facebook, and organizations’ websites. Once the attacker has enough information, they can craft a convincing email. It’s designed to appear to come from a high-level executive or a business partner.
The email will request the recipient to make a payment or transfer funds. It usually emphasizes the request being for an urgent and confidential matter. For example, a new business opportunity, a vendor payment, or a foreign tax payment.
The email will often contain a sense of urgency, compelling the recipient to act quickly. The attacker may also use social engineering tactics. Such as posing as a trusted contact or creating a fake website that mimics the company’s site. These tactics make the email seem more legitimate.
If the recipient falls for the scam and makes the payment, the attacker will make off with the funds. In their wake, they leave the victim with financial losses.
How to Fight Business Email Compromise
BEC scams can be challenging to prevent, but there are measures businesses and individuals can take to cut the risk of falling victim to them.
Educate Employees
Organizations should educate their employees about the risks of BEC, along with how to identify and avoid these scams. This includes employees recognizing tactics used by scammers such as: urgent requests, social engineering, and fake websites.
Training should also include email account security, including:
- Checking their sent folder regularly for any strange messages
- Using a strong email password with at least 12 characters
- Changing their email password regularly
- Storing their email password in a secure manner
- Notifying an IT contact if they suspect a phishing email
Contact Databranch today if your company lacks on-going cybersecurity training. Our Breach Prevention Platform and Security Awareness Training will give your employees the resources they need to spot real world phishing attempts.
Enable Email Authentication
Organizations should implement email authentication protocols.
This includes:
- Domain-based Message Authentication, Reporting, and Conformance (DMARC)
- Sender Policy Framework (SPF)
- DomainKeys Identified Mail (DKIM)
These protocols help verify the authenticity of the sender’s email address and can also reduce the risk of email spoofing. Another benefit is to keep your emails from ending up in junk mail folders.
Deploy a Payment Verification Process
Organizations should deploy a payment verification processes, such as two-factor authentication. Another protocol is confirmation from multiple parties when making a business related payment. This ensures that all wire transfer requests are legitimate. It’s always better to have more than one person verify a financial payment request.
Establish a Response Plan
Organizations should establish a response plan for BEC incidents. This includes procedures for reporting the incident as well as freezing the transfer and notifying law enforcement.
Use Anti-phishing Software
Businesses and individuals can use anti-phishing software to detect and block fraudulent emails. As AI and machine learning gain widespread use, these tools become more effective.
The use of AI in phishing technology continues to increase. Businesses must be vigilant and take steps to protect themselves.
Here at Databranch, our managed clients have the comfort of knowing that their systems are monitored and maintained on a 24/7 basis. Our tool-stack not only increases your protection from malware and phishing, but is also capable of detecting a breach in you network and isolating that device.
Enable Multi-Factor Authentication (MFA)
BEC can occur when a hacker gains access to your email’s login credentials. However, here are many valuable tools you can use to fend off these bad actors even after they have stolen your credentials.
According to a study cited by Microsoft, MFA is proven to prevent approximately 99.9% of fraudulent sign-in attempts.
This is because MFA adds a layer of cybersecurity protection by confirming the authenticity of users who are logging in to various platforms. This is completed by entering a code from your mobile device into the application you are trying to log into, or by approving a prompt that is sent to your mobile device.
This means that unless the hacker also has your mobile device, they will not be able to approve the login attempt.
Reach out to Databranch today if your interested in setting MFA up for your business accounts.
Need Help with Email Security Solutions?
It only takes a moment for money to leave your account and be unrecoverable. Don’t leave your business emails unprotected. Get in touch today at 716-373-4467 x115 or [email protected] to discuss our email security solutions.
Article used with permission from The Technology Press.
Read More
Cloud account takeover has become a major problem for organizations. Think about how much work your company does that requires a username and password.
Employees end up having to log into many different systems or cloud apps.
Hackers use various methods to get those login credentials. The goal is to gain access to business data as a user as well as launch sophisticated attacks, and send insider phishing emails.
How bad has the problem of account breaches become? Between 2019 and 2021, account takeover (ATO) rose by 307%.
Doesn’t Multi-Factor Authentication Stop Credential Breaches?
Many organizations and individuals use multi-factor authentication (MFA). It’s a way to stop attackers that have gained access to their usernames and passwords. MFA is very effective at protecting cloud accounts and has been for many years.
But it’s that effectiveness that has spurred workarounds by hackers. One of these nefarious ways to get around MFA is push-bombing.
How Does Push-Bombing Work?
When a user enables MFA on an account, they typically receive a code or authorization prompt of some type. The user enters their login credentials. Then the system sends an authorization request to the user to complete their login.
The MFA code or approval request will usually come through some type of “push” message. Users can receive it in a few ways:
- SMS/text
- A device popup
- An app notification
Receiving that notification is a normal part of the multi-factor authentication login. It’s something the user would be familiar with.
With push-bombing, hackers start with the user’s credentials. They may get them through phishing or from a large data breach password dump.
They take advantage of that push notification process. Hackers attempt to log in many times. This sends the legitimate user several push notifications, one after the other.
Many people question the receipt of an unexpected code that they didn’t request. But when someone is bombarded with these, it can be easy to mistakenly click to approve access.
Push-bombing is a form of social engineering attack designed to:
- Confuse the user
- Wear the user down
- Trick the user into approving the MFA request to give the hacker access
Ways to Combat Push-Bombing at Your Organization
Educate Employees
Knowledge is power. When a user experiences a push-bombing attack it can be disruptive and confusing. If employees have education beforehand, they’ll be better prepared to defend themselves.
Let employees know what push-bombing is and how it works. Provide them with training on what to do if they receive MFA notifications they didn’t request.
You should also give your staff a way to report these attacks. This enables your IT security team to alert other users. They can then also take steps to secure everyone’s login credentials.
Need help enhancing your employee training? Contact Databranch today or visit us here to learn more about our Breach Prevention Platform and Security Awareness Training with simulated phishing tests.
Reduce Business App “Sprawl”
On average, employees use 36 different cloud-based services per day. That’s a lot of logins to keep up with. The more logins someone has to use, the greater the risk of a stolen password.
Take a look at how many applications your company uses. Look for ways to reduce app “sprawl” by consolidating. Platforms like Microsoft 365 and Google Workspace offer many tools behind one login. Streamlining your cloud environment improves security and productivity.
Adopt Phishing-Resistant MFA Solutions
You can thwart push-bombing attacks altogether by moving to a different form of MFA.
Phishing-resistant MFA uses a device passkey or physical security key for authentication.
There is no push notification to approve with this type of authentication. This solution is more complex to set up, but it’s also more secure than text or app-based MFA.
Visit our website here to learn more about passkeys along with the other 2 main forms of MFA.
Enforce Strong Password Policies
For hackers to send several push-notifications, they need to have the user’s login.
Enforcing strong password policies reduces the chance that a password will get breached.
Standard practices for strong password policies include:
- Using at least one upper and one lower-case letter
- Using a combination of letters, numbers, and symbols
- Not using personal information to create a password
- Storing passwords securely
- Not reusing passwords across several accounts
Put in Place an Advanced Identity Management Solution
Advanced identity management solutions can also help you prevent push-bombing attacks. They will typically combine all logins through a single sign-on solution. Users, then have just one login and MFA prompt to manage, rather than several.
Additionally, businesses can use identity management solutions to install contextual login policies. These enable a higher level of security by adding access enforcement flexibility.
The system could automatically block login attempts outside a desired geographic area. It could also block logins during certain times or when other contextual factors aren’t met.
Do You Need Help Improving Your Identity & Access Security?
Multi-factor authentication alone isn’t enough. Companies need several layers of protection to reduce their risk of a cloud breach.
Are you looking for some help to reinforce your cybersecurity? To learn more about how we can help take this off your IT plate, call 716-373-4467 x 115 or email [email protected].
Article used with permission from The Technology Press.
Read More
Once upon a time, our most precious assets were confidently protected behind layers of security defenses. Cash was neatly stacked in a cast metal safe which was bolted to the floor of the building. Customer lists and bank records were locked in a filing cabinet and only accessible to the person who had the key. Human Resource records were protected by the shelter of the impenetrable HR office door.
Then, digital electronics revolutionized the typical business office. Instead of accessing records from a locked filing cabinet, employees now used computers to navigate a digital file system which contained an abundance of information – much of it considered to be confidential. The sensitive documents that were once tangible and secured behind a physical lock and key were now accessible in digital format and stored in the data network for end users to access.
Security controls such as passwords and file permissions were established to protect the confidential information in its new digital format. This was a time however, when computing devices were stationary and did not typically leave the confines of the physical office. Employees would report to the office for work, log onto their computer, and only then – be granted with access to confidential information. The data that companies treasured most rarely – if ever – left the building.
The same statement cannot be made today. Mobile computing devices are very popular and can be found in most corporate computing devices. Employees are no longer forced to work on a computer that is tethered to the floor beneath their office desk. Laptops and tablets have provided employees with the freedom and flexibility to work from just about anywhere. Mobile devices have also changed the corresponding security landscape too.
The Customer Lists, HR records and Bank Statements are now leaving the building.
The 2 Significant Risks Associated with Mobile Computing Devices:
People lose them and people steal them.
The most common item stolen by thieves is cash, the second is electronic devices. So, what happens when the hotel maid swipes your work laptop or tablet? Or, what if it’s accidentally left at a train station or airport?
The answer to both questions is simple: Someone now has a device that contains sensitive and confidential business information. Chances are that “Someone” is not a trusted entity at all. Many data breaches start with a stolen work device. The stolen property is then compromised, and the thief has the ability to use or sell the stolen data.
There is no doubt that mobile computing devices pose a real security challenge. We have grown accustomed to the elasticity they provide and it is unreasonable to think we will revert back to using the stationary computer we once used at our desk. Laptops and tablets are here to stay.
Human beings will continue to lose these devices and criminals will continue to steal them. Although we can fight to minimize these occurrences through effective awareness training, the reality is that we will not be able to prevent them all together.
However, there are security controls you can put in place to help minimize your businesses risk when it comes to laptops and tablets.
Use a VPN
Free Wi-Fi may be a welcome site when you’re on the road, but it can also be dangerous. You don’t know who else is using that Wi-Fi. A hacker hanging out on the connection can easily steal your data if you’re not protected.
It’s better to use either your mobile carrier connection or a virtual private network (VPN) app. VPN plans are inexpensive and will keep your data encrypted, even if you’re on public Wi-Fi. It is highly recommended that VPNs are secured using Multi-Factor Authentication, this provides an additional layer of security against threat actors.
Visit our website here to learn more about VPNs and what factors to consider when choosing a plan.
Backup Your Data
Don’t lose all your work data with the device! Back up your devices to the cloud or local storage before you travel. This ensures that you won’t lose the valuable information on your device.
Need help with a Data Backup and Recovery plan for your business? Contact us today or visit our website to learn more.
Restrict Privileges
Local Admin Privileges allow employees to make adjustments to their work computers without the need for IT interference. This means that they can download programs, connect to printers, and modify software already installed on their computer.
This can be convenient, but poses a major cybersecurity risk.
If a device is stolen and the thief were to gain access to an account with local admin privileges, the damage could be endless. This is especially true for a business that is not utilizing security measures such as Multi-Factor Authentication (MFA) or Password Managers.
Once a hacker has breached your computer they could download malware, spyware, or even ransomware. Resulting in computer files being locked, credentials being stolen, or even a virus spreading throughout your entire network.
Visit our website here to learn more about Local Admin Privileges.
Databranch Can Help
There are key digital solutions we can put in place to keep your business safer from online threats. Contact us today at at 716-373-4467 x115 or [email protected] to schedule a chat about mobile security.
Content provided curtesy of Cyberstone.
Read More
The need to back up data has been around since floppy disks. Data loss happens due to viruses, hard drive crashes, and other mishaps. Most people using any type of technology have experienced data loss at least once.
There are about 140,000 hard drive crashes in the US weekly. Every five years, 20% of SMBs suffer data loss due to a major disaster. How would you business be effected if you lost most of your critical business data? Visit our website here to set your Recovery Time Objectives (RTO) and calculate your recovery cost.
This increate in data loss has helped to drive a robust cloud backup market that continues to grow.
But one thing that’s changed with data backup in the last few years is security. Simply backing up data so you don’t lose it, isn’t enough anymore. Backing up has morphed into data protection.
What does this mean?
It means that backups need more cybersecurity protection. They face threats such as sleeper ransomware and supply chain attacks. Cloud-based backup has the benefit of being convenient, accessible, and effective. But there is also a need for certain security considerations with an online service.
Companies need to consider data protection when planning a backup and recovery strategy. The security tools used nowadays have to protect against the growing number of threats.
Some of the modern threats to data backups include:
- Data Center Outage: The “cloud” basically means data on a server. That server is internet accessible. Those servers can crash. Data centers holding the servers can also have outages.
- Sleeper Ransomware: This type of ransomware stays silent after infecting a device. The goal is to have it infect all backups. Then, when it’s activated, the victim doesn’t have a clean backup to restore.
- Supply Chain Attacks: Supply chain attacks have been growing. They include attacks on cloud vendors that companies use. Those vendors suffer a cyberattack that then spreads throughout their clients.
- Misconfiguration: Misconfiguration of security settings can be a problem. It can allow attackers to gain access to cloud storage. Those attackers can then download and delete files as they like. Visit our website here to read more about the Misconfiguration of Cloud Applications.
What to Look for in a Data Protection Backup System
Just backing up data isn’t enough. You need to make sure the application you use provides adequate data protection. Here are some of the things to look for when reviewing a backup solution.
Ransomware Prevention
Ransomware can spread throughout a network to infect any data that exists. This includes data on computers, servers, and mobile devices. It also includes data in cloud platforms syncing with those devices.
95% of ransomware attacks also try to infect data backup systems.
It’s important that any data backup solution you use, has protection from ransomware. This type of feature restricts automated file changes that can happen to documents.
Continuous Data Protection
Continuous data protection is a feature that will back up files as users make changes. This differs from systems that back up on a schedule, such as once per day.
Continuous data protection ensures that the system captures the latest file changes. This mitigates data loss that can occur if a system crashes before the next backup. With the speed of data generation these days, losing a day’s worth of data can be very costly.
Threat Identification
Data protection incorporates proactive measures to protect files. Look for threat identification functions in a backup service. Threat identification is a type of malware and virus prevention tool.
It looks for malware in new and existing backups. This helps stop sleeper ransomware and similar malware from infecting all backups.
Zero-Trust Tactics
Cybersecurity professionals around the world promote zero-trust security measures. This includes measures such as multi-factor authentication and application safelisting.
A zero-trust approach holds that all users and applications need ongoing authentication. So, just because a user is logged into the system today, doesn’t mean they are completely trusted.
Some of the zero-trust features to look for include:
Backup Redundancy
If you back up to a USB drive or CD, you have one copy of those files. If something happens to that copy, you could experience data loss.
Cloud backup providers should have backup redundancy in place. This means that the server holding your data mirrors that data to another server. This prevents data loss in the case of a server crash, natural disaster, or cyberattack.
At Databranch, our Datto devices utilize a reliable data backup redundancy solution by storing your critical business data onto your local Datto device as well as 2 offsite cloud storages.
Air Gapping for More Sensitive Data
Air gapping is a system that keeps a copy of your data offline or separated in another way. This would entail making a second backup copy of your data. Then, putting it on another server that is disconnected from external sources.
This is a feature that you may want to seek out if you deal with highly sensitive data. It helps to ensure that you have at least one other copy of your backup. A copy walled off from common internet-based attacks.
Need Help With Secure Backup & Data Protection Solutions?
With Datto, your company can be up and running in just seconds after a disaster. Instant virtualization combined with the ability to backup as frequently as every 5 minutes means that with the click of a button, your Datto device recreates your computers and servers so your business can resume as if nothing had ever happened.
Our Datto devices utilize a reliable data backup redundancy solution by storing your critical business data onto your local Datto device as well as 2 offsite cloud storages. Datto even includes ransomware detection by running analytics to compare the two most recent backup snapshots to identify ransomware footprints.
Have you updated your backup process for today’s threats? Contact us today at 716-373-4467 x115 or [email protected] to schedule a chat about data backup and protection.
You can also visit our website to learn more about Datto and the benefits it provides.
Article used with permission from The Technology Press.
Read More
Upcoming Changes to Microsoft Office 365 Authenticator App
Microsoft has announced an upcoming change to the default method used in its Authenticator App. Starting May 8th, 2023, users will be required to input a verification number into the authenticator app. This date was previously February 27th, but Microsoft recently released a revision to the start date.
This number matching method is replacing the approve/deny push notification sent to mobile devices. Number matching is a key security upgrade to traditional second factor notifications in Microsoft Authenticator.
Microsoft will remove the admin controls and enforce the number match experience tenant-wide for all users starting May 8th, 2023.
Please note that this change will occur for both PCs and mobile devices. No action is required by the end users, this change will happen automatically by Microsoft.
If you have any questions regarding this upcoming change, or need any assistance, please contact Databranch Service at 716-373-4467 x4.
Microsoft Office 365 Changes to Security Defaults
Security Defaults are the preconfigured security settings that exist on your Microsoft accounts. Microsoft has announced that throughout the spring and summer of 2023, they will be rolling out Azure AD Security Defaults to all existing tenants.
Some of the changes enforced by the Security Defaults are below:
- Requiring all users and admins to register for MFA using the Microsoft Authenticator app.
- Challenging users with MFA, mostly when they show up on a new device or app, but more often for critical roles and tasks.
- Disabling authentication from legacy authentication clients that can’t do MFA.
- Protecting admins by requiring extra authentication every time they sign in.
Things to watch for:
- Automated emails/Reports from applications and vendors
- Scan to File Share
- Email functionality from applications
Customers will have the ability to disable the settings or configure alternate conditional access policies. However, disabling the Security Defaults would create vulnerabilities across your Microsoft accounts leaving your organization’s cybersecurity at risk.
Microsoft released Security Defaults back in 2019 to ensure that basic cybersecurity measures, such as MFA, were being used on their accounts. Because of this, over 30 million organizations already have baseline Security Defaults in place. This has allowed these companies to experience 80% less compromised accounts compared to companies without Security Defaults.
MFA alone is known for being the most effective tool at preventing compromised accounts, yet it is one of the most underutilized security measures. Microsoft’s Security Report states that MFA can block over 99.9% of account compromised attacks.
Databranch has taken the step of proactively enabling these Security Defaults for our own Microsoft tenant. This not only improves the cybersecurity of our Microsoft accounts, but it will also allow us to experience these changes first hand so we can better serve our clients.
We are also performing a review of the Office 365 tenants for all of our managed clients, so that we can proactively get their Security Defaults enabled, if they are not already.
Reach out today at [email protected] or 716-373-4467 if you have questions about these changes or wish to speak with one of our team members about enabling MFA for more accounts.
Read More