Copeland Data News - July, 2017
We welcome you to the Summer Edition of Copeland Data News.
We hope that you are enjoying the summer and are able to spend time with your family. While the summer is meant for some rest and relaxation, we must continue to focus on security and ways to ensure our organizations are up and operational.
There is still an increase of businesses that are digitally attacked and many of them (60% of small to medium businesses) will close their doors as a result. What we are learning is that regardless of size or the nature of your business, you are a target. Hackers are scanning Internet connections robotically and if they can find a way in, they will exploit it.
In the January edition of our newsletter, we looked into CryptoLocker, Ransomware and Email Phishing attacks and some of the best practices to reduce your risk (click here to view that issue). In this edition we provide some system-level solutions for Desktops, Smartphones and Servers to also reduce your risk from an event. You can never protect yourself 100% from an attack but you can close the gap and be 80-90% protected and implement systems for quicker detection.
Please take in all of this important information, as it is pertinent to all types of businesses. That being said, if you think of anything today or in the future that you would like to discuss as it applies to your situation, never hesitate to drop us a note. We are here to help and serve you in any way we can.Thank you,
In this issue of Copeland Data News
What's Going On?
With all of these new threats, increased mobility and the increased complexity of computer systems, new solutions are emerging to help reduce the risks that come with conducting business electronically. The concept of "set it and forget it" can no longer be the norm and companies have to continuously review and improve their systems as new threats and solutions emerge.
Start Here – Plans and Policies
Many times we hear from business leaders that they become overwhelmed with all of this information and they do not know where to start. The easiest (and cheapest) place to start is with plans and policies. Most of the cost with getting these two pieces off the ground is internal time. You may look to have a consultant tie up the loose ends but a little elbow grease and Internet searching can get you 90% of the way there.
Think of a Cybersecurity Plan as a business plan for the security of your company. These documents will do the following:
- Designate the roles and responsibilities of your staff who take ownership of all things security.
- Identify and document any outside vendors or parties and their roles with securing your information.
- Describe your plan for rolling out new systems to address cybersecurity gaps and the timeline for them.
- Lists out all of your policies and the schedule to review them.
Your Cybersecurity Policies are the same as every company policy but pertain to how you keep your network and data safe. Some of these include:
- An acceptable use policy for Internet and email.
- Company email and other data on smartphones, tables and laptops.
- Saving data to local PCs versus other systems or public drives that may be more secure.
- Responsibilities of your associates when something happens that may put data at risk.
Systems that can Help Close up Vulnerabilities
There are many ways that a hacker can enter a network and there are new entry points showing up constantly. Typically, a hacker exploits a vulnerability, the vulnerability is reported and then a fix is released. While you can never completely protect your data 100%, you can make it more difficult for an attacker to get in or get what they want by doing some of these things:
- Patching Software
- When attackers exploit Windows or Internet Explorer or any other application, security patches are released to plug the hole. Microsoft is being more aggressive with this in new versions of Windows but you have to pay attention to all software as it is just not Microsoft anymore. Adobe, Chrome, Firefox and other applications need to be updated to plug the holes.
- What You Can Do: Microsoft Service Providers and internal IT departments are utilizing RMM (Remote Monitoring and Management) applications that take care of patch management and can notify you if software is out of date. These are typically per-device -per-month services that add large amounts of value.
- Public Drives
- Most companies have public drives that allow the organization to share data. Many of these are open to all users who authenticate. If there is any data that is confidential on these drives, hackers will go to this first as it is "low-hanging fruit."
- What You Can Do: begin limiting the use of public drives to non-confidential information. If you need to share confidential information, utilize a Document Management System or lock down the folders with tight permissions for specific users.
- Mobile Device Management and Laptops
- With an increasing number of users in the workforce going mobile, new threats have emerged with this mobility. Laptops are targets of theft along with mobile devices and many of these have company email and documents.
- What You Can Do: First off, encrypt any device that has the ability to be encrypted. This will require a thief to know the password of the machine to get the data. For all devices, utilize a mobile device management tool (Office 365 uses Intune) to control and wipe these devices if necessary. Any newer Exchange Server or Office 365 Email Account can remotely reset a mobile phone to factory defaults the next time the phone connects to the email account.
- Remote Access
- Also increasing in popularity is working from home. Any time you allow an outside PC to connect to your network, you open up your systems to new vulnerabilities. Most home PCs do not have proper anti-virus protection and the amount of Internet traffic is usually higher resulting in greater risk.
- What You Can Do: Ensure any device connecting to your network has the following:
- Secure VPN tunnel – Never open up Remote Desktop (RDP) access through the router. Use your firewalls recommended VPN connection or use a service like LogMeIn Hamachi.
- Require in your policies that all home users have anti-virus and are patched.
- Require in your policies that all home users have strong passwords.
- It is always best to have a company owned device that is under control sent home with the user if possible.
Tips specifically for PC/Laptops, Servers and Smartphones
Here are some tips that should be standard for all organizations to ensure their systems are not easily infiltrated by an outside party:
- Utilize disk encryption for any laptops or devices with important information.
- Always have strong passwords.
- Do not give your user full control permissions to the local PC.
- Never store any protected information to a local PC or send via email.
- Keep all applications up-to-date with supported versions and patches.
- Definitely utilize disk encryption.
- Never store non-public data (social security numbers, credit cards, etc.) in any folders or public drive.
- Ensure the server is never logged in for someone to walk up to and use.
- Ensure anti-virus is up to date, server is patched and supported versions of all software are used.
- Ensure you have a 3-2-1 backup solution:
- Three (3) copies of your data (production and two others)
- Two (2) different media types (disk, cloud, NAS, USB)
- One (1) off-site copy
- Make sure you have a Disaster Recovery Plan in place and it is communicated.
- Mobile Devices and Smartphones
- Have clear policies in place for mobile device use with company data. This includes password complexity and the company's ability to remotely wipe a device if necessary.
- Utilize a Mobile Device Management tool like Intune to control company and personal devices to ensure company data is protected.
- Familiarize yourself with how to wipe your device if your company uses Microsoft Exchange or Office 365 Email in case your device gets stolen.