Filter: Data Security

malicious adware

Getting Rid of Malicious Adware

Cisco estimates that nearly 75% of organizations have suffered an adware infection. Adware, or advertising supported programs, are software with embedded advertising that automatically displays or downloads advertising material when a user is online. Have you ever tried to install Adobe Reader and found it offering to install an “optional” extra program, such as Google Chrome or a McAfee security solution? This is an example of adware from legitimate and respectable companies that can easily fool your security program because they appear as advertisers and not criminals. Then there are thousands of shady advertisers with junk programs that try every trick in the book to install something without your consent. For instance, a web page with a phony message warning you that your Adobe Flash needs to be updated comes up and you click OK without reading it too closely and you immediately get a host of new useless programs on your computer, eating up your resources or even spying on your browsing activities.

You can be one errant click away from your screen being inundated with web page pop-ups, links to ads, or your system being injected with malicious programs, browser extensions and add-ins. And that is just the beginning. When adwares are part of a malware cocktail comprising of rootkitsTrojans and more, then it can be an even more serious problem. Since malicious adware is designed to make its way onto your computer and stay there, slowly driving you insane, you are probably interested in learning the steps can you take to get rid of unwanted adware.

What to Do After the Infiltration of Adware 

Adware from malicious hackers that use unethical business practices are harder to remove by design and generally require the use of an adware cleaner or removal tool.

  1. Disconnect: To prevent the adware programs from sending out sensitive information or from opening more backdoors to your computer, you can disable your network connection or simply unplug the Internet cable from your computer.
  2. Remove Malicious Programs from Your System: There are two distinct methods that can be used to remove adware from the system, either through manual removal or automatic adware removal. After disconnecting from the Internet, you can quite simply remove any adware or spyware listed in Add/Remove Programs from Control Panel, and reboot the computer. Then run a full system scan using any up-to-date antivirus scanners, preferably in Safe Mode (to limit the adware’s access to your system components). If prompted, allow the scanner to clean, quarantine, or delete as necessary.  You won’t find adwares that install themselves within your browser as plugins or extensions, in the Control Panel. Therefore, take the following steps-
  • To remove adware in Chrome browsers, navigate to ‘Extensions’ under ‘Settings’.
  • For Firefox, open menu in the top right corner, and check ‘Extensions’ under ‘Add-ons’ to remove any suspicious extensions installed.
  • In Internet Explorer, access and uninstall adware serving extensions through ‘Add-ons’ under ‘Tools Manage.’
  1. Reset Your Setting: Adware can often modify your browser settings in order to change your homepage or redirect you to malicious websites. You will need to reset any such settings.
  • For Google Chrome, go to ‘Settings’ and check the pages present in the “On startup” section.  To remove any of them, click the “X” button next to a page. To change your search settings, go to ‘Manage Search Engines’ under ‘Settings’ and set up your default search engine.
  • For Firefox, press ‘Open Menu’ and go to the ‘General’ section and modify your homepage in the startup section. Then go to the ‘Search tab’ on the left side of the menu to set up your default search engine and add or remove search engines, according to your need.
  • In Internet Explorer, go to ‘Internet Options’ under the ‘Tools’ section and modify the URL you want in the homepage section.

You also need to ensure that your HOSTS file hasn’t been hijacked and any undesirable websites haven’t been added to your Trusted Sites Zone. Sometimes, manual adware removal may not do the trick because these programs contain various components that come in a pack and you can often unintentionally leave unwanted files and similar components on your computer.

Automatic Adware Removal

Thankfully there are other ways to remove and defend against malware-related adware too. Automatic adware removal is the most reliable way to eradicate adware and its components using legitimate anti spyware programs that have extensive parasite signature databases for easy detection and elimination.

Major operating systems have their own built-in removal tools, such as the “Malicious Software Removal Tool” from Windows, which scans and removes adware. Even Mac OS X can automatically scan and quarantine known threats. But your system has to be up-to-date, or these OS tools won’t work properly.

There are popular third-party security and anti-virus software, such as Norton, Kaspersky, Avast and McAfee that include adware detection and removal tools. Keep them updated with the latest patches and definitions. Run a scan if you think your computer is infected.

The Final Word on Adware

While adware may be a more manageable threat than rootkits or Trojans, they can still wreak havoc on your system and act as a gateway for other, more serious types of infection later. All you have to do is be more careful about the sites you visit, and watch what software you install.

mobile workforce

How to Successfully Secure Your Mobile Workforce

Maintaining Security for a Mobile World Part 2:

Security in the mobile workforce is now a top priority for every business with increasing mobile device threats that can result in data loss, security breaches and regulatory compliance violations. You can take a number of steps to keep your data assets secure and to reduce the risks posed by mobility, while addressing related legal, privacy, and security requirements associated with mobile devices. Implementation of robust policy creation, communication about the implication of faulty mobile security practices, risk assessment, use of mobile enterprise technology, and continuous monitoring can help meet the security challenges associated with use of diverse mobile devices. In this article we help you understand how your business can efficiently manage your data in today’s mobile environment and apply rigorous security standards to minimize risks, while ensuring agility, and productivity.

Help Employees Secure Mobile Data

There should be proper documentation, security protocols, and best practices in place for your employees to ensure your mobile data is protected at all times. Every company should have a full policy with regard to usage of mobile devices for work and it should be updated and shared regularly with your staff. Employees need to be educated about the necessity of strong passwords and multilevel access control. All employee smartphones or tablets should be protected with a PIN or access code. Do not allow apps to save passwords, store sensitive information, or use automatic logins. Wherever possible, do add a security layer to the app process, such as two-factor authentication for added account protection, or else you will have to take measures to double up on document protection. It should be mandatory for any device connecting to or holding company data to be encrypted at the disk level. Make your system secure by setting up automatic lock screens for all your mobile devices when it remains idle for a few minutes. Users should download apps only from an authorized app store. All updates should be downloaded as soon as they are available as they often contain security patches.

Protect the Mobile Enterprise

Every new employee-owned device being introduced to the organization gives hackers an easy access route to classified information so direct steps have to be taken to secure the mobile enterprise.  Choosing the right tools for the job is of utmost importance and here are some of the major technologies available in the marketplace to implement BYOD (bring your own device).

  • Enterprise Mobile Device Management (MDM) Systems

Mobile Device Management (MDM) allows you to take control of data in a BYOD environment. make it possible to install remote updates and take remote control over mobile devices, including the ability to wipe a mobile device that is stolen. MDM software automates the policy enforcement of network attached mobile devices that operate inside and outside the firewall and it also supports remote data backup for easy recovery of data in case a device is lost or stolen.

  • Endpoint Mobile Security Solutions

Viruses that spread on mobile devices are a real threat to your sensitive company data. While employees can be educated not to download suspicious software, apps, documents or even click on malicious links, it is critical to install security suites, including antivirus, anti-spyware,  and malware security solutions across all mobile devices. There are intrusion detection and prevention systems, vulnerability scanning and application blocking and data loss prevention software that can be used to protect multiple mobile devices. Enable automatic updates of the software so that the security software remains current on every device to defend against the latest security risks.

  • Network Access Control

NAC tools can inspect mobile devices connected to the network to make sure they are up to date with the latest security patches and download updates automatically, before allowing the device to connect. It is necessary for organizations to track and keep tabs on the locations of all outdated devices that may still have access to data. NAC is important in the onboarding and offboarding of devices from wireless and wired corporate networks. All mobile devices should be wiped clean before donating or getting rid of them.

  • Endpoint Virtualization

It is possible to use a single console to deploy and manage endpoint virtualization solutions for complete separation of personal and work computing on the same device by placing each in its own virtual machine.

  • Enterprise-level Mobile Content Management (MC)

MCM and collaboration solutions help IT staff secure and manage mobile access to an organization’s files and data. An on-premises file synchronization solution can provide users with the ability to share and access company information on the road, while enabling administrative control, and security necessary to keep data assets safe. There should be security protocols for file transfer mechanisms to ensure data is being moved into and outside of the organization securely. Mobile- and web-based transfer tools can help IT departments in enterprises have oversight of data while achieving enhanced productivity.

  • Remote Security Services

Many organizations hire remote security and outside services to support mobile workforce and to facilitate system security, including mobile data access. Remote monitoring services can watch mobile data traffic being delivered through the cloud and guard for suspicious activity or indicators that a handheld device has been hacked or stolen so that intruders can be shut out before they can do real harm.

  • Cloud Technology

The challenge of distribution and perceived lack of control over data stored across multiple mobile devices can be directly addressed by cloud technology. Cloud computing provides enterprises with the capability to store disparate data in a centralized service location while enabling tight security control. Users can leverage any mobile device to access and process their data or perform work on a series of cloud services that have control of the data. A cloud security gateway can enforce corporate policy in cloud applications and data. Check out scalable or private cloud hosting plans from Lunarpages.

Mind Your Future

Supporting a mobile workforce can be a real challenge especially with threats from malware, cloud service attacks, and phishing on the rise but the flexibility and productivity benefits of a mobile workforce far outweigh the security risks. Keep to these best practices to ensure a free, flexible, and secure mobile workforce. Mobile engagement is necessary for the future success of organizations, as is taking steps to protect & manage data for users across heterogeneous devices.

security threats

5 Major Security Threats of a Mobile Workforce

Maintaining Security for a Mobile World Part 1:

The new tech-savvy generation currently live an extremely connected life and vulnerable to security threats and thus have introduced new approaches to work including mobile and email which have become an integral part of everyday work. Mobile computing and the ability to access email and business documents ‘anytime anywhere’ is now essential for all business. This 24/7 BYOD (Bring Your Own Device) workplace trend is not going to change because it increases employee productivity and gives businesses a competitive edge. According to a report published by IDC, the U.S. mobile workforce will surpass 105 million by 2020, which is about 72.3% of the U.S. workforce. According to Citrix research, companies urgently need to make provisions for the ever increasing mobile workforce as the average employee uses over three or more mobile devices for work activities and nearly 61% of employees spend some time working outside the office. With employees, vendors, and partners file sharing and collaborating on multiple mobile devices, ensuring the security and confidentiality of company data has become a nightmare.

The diversified way of working and proliferation of mobile devices and cloud services has made secure backup, quick recovery, sharing of data, and an effective breach response more difficult.  Security analysts have predicted that by 2018 nearly 25% of corporate data will completely evade perimeter security and move directly from mobile devices to the cloud. The reputational damage from a data breach for a business can be massive, especially if the public perceive it as a preventable data breach. Companies find it hard to repair their reputation, recover their sales or even attract new customers. In this article we help you identify areas of security risk associated with diverse mobile devices.

Security Risks Of Mobility

According to Gartner, the focus of endpoint breeches will shift to tablets and smartphones by 2017. The ratio of attacks of mobile devices to desktop attacks is already 3 to 1. The major security threat and attack vectors for mobile devices can be categorized into five broad areas.

  1. Physical access

The portability and size of mobile devices make them ideal to carry around and it also makes them easy to steal or leave behind in airports, cafes or taxicabs. Theft or loss of smartphones is the biggest security risk for any business. Having physical access to a mobile device makes it easy for a criminal with malicious intent to circumvent the cleverest intrusion-detection system and also to access encrypted data.  It is possible to recover data from mobile devices even when it has been manually deleted or undergone a full factory reset using forensic data retrieval software. Having some sort of password protection can limit the damage and cost of losing a phone so all staff should ensure that their mobile device has password protection and they should also have further passwords for access to important applications. Companies should also use remote control software to delete files or even disable the phone permanently in case of loss or theft.

  1. Malware

Mobile malware Trojans are being designed to harvest passwords, steal sensitive data, and other important financial information over the mobile phone network or any connected Wi-Fi network. These are spread through bad links in SMS’s and by way of applications, where they are then free to spread to other devices.  Mobile malware security threats are generally socially engineered to trick the user into clicking on malicious links with infected malware through email, on social networking sites, and rogue applications. Even mobile ads or ‘malvertising’ and suspicious downloads are increasingly being used as part of many attacks to spread viruses. There has also been an increase in browser-based attacks, distributed denial of service, and buffer overflow exploitations to gain control of the mobile device to access data.

  1. Infected Apps

Employees often download and use apps to help with business tasks but most of them often do not even meet minimum security requirements. Developers are concerned with the functionality of the applications but not the application security. Therefore cybercriminals find unsecured apps an easy attack vector to breach mobile devices and to access enterprise assets.  Gartner found out that by 2017 nearly 75% of security breaches will be the result of mis-configured apps.

  1. Interception On Unsecured Networks

Smartphones are susceptible to Wi-Fi hacking and man-in-the-middle (MITM) attacks. Hackers can easily set up rogue Wi-Fi networks to trap people logging onto them to intercept, redirect, and even decrypt cellular data transmission.  Weaknesses in Wi-Fi hot spot services and mobile data protocols are being used regularly to hijack users’ sessions for online services, including web-based email. Employees logging on to enterprise systems from these unsecured networks may be giving hackers access to the entire corporate database. Wi-Fi access should be used with caution by all staff.  To avoid this potential risk enterprises could invest in unlimited data contracts for their staff so that they never have to use any open access points.

  1. Insider Security Threats

Company data is even at risk through employees and other malicious insiders. They can use mobile devices to misuse or misappropriate data by downloading sensitive corporate information to the device’s flash memory card, or by using email services to transmit data to external accounts and even by eluding data loss prevention (DLP) technologies. Anyone with criminal intent can also misuse personal cloud services through mobile applications to transfer enterprise data leading to data leaks that the enterprise may be totally unaware of.

Meeting the Mobility Challenge

Managing this increased risk from different security threat vectors, while empowering employees and respecting their privacy can be a daunting challenge. In the next blog article, we will share with you simple measures your organization can take to successfully secure your mobile workforce, protect your enterprise network and corporate data.


Protect Your Systems Against the Real Threat of Ransomware

The threat of  ransomware is real businesses and enterprises across multiple industries face daily challenges from external threats such as computer viruses and emerging malware and spyware – any one of which can potentially wreak havoc on their internet-technology systems.

No One Is Safe

Are you aware of the most recent multi-million-dollar crime extortion malware vexing everyone from hospitals to banks, police departments to even Congress?

It is ransomware and it is the latest type of malware developed by hackers to lock the system, compromise sensitive data on hard drives through encryption or prevent the computer from booting up at all.  The hackers do this with one goal in mind.  To extract money from unsuspecting victims. These victims get locked out of their computer making it incredibly difficult to gain access to all the files and other sensitive business data without the encryption key. Usually the ransom has to be paid in newer electronic payment methods such as Bitcoin and Ukash so that it cannot be traced back to the culprits. Moreover, businesses can potentially suffer a full scale data breach from ransomware infections resulting in huge fines and loss of consumer trust.

Evolution of Ransomware

Yesterday’s annoying viruses have now evolved into terminal malwares designed to steal money from its victims.

Though ransomware first came into circulation on a widespread scale in Russia between 2005 and2006, it has begun making regular headlines since 2013 with the arrival of CryptoLocker and its many variants like CryptoWall and TorrentLocker. This type of ransomware was created to encrypt files on the infected machine and to identify the country from its IP address so that the extortion message to buy the decryption key could be delivered in the local language.
With technological advances and the rise of ‘Ransomware as a Service’, hackers have progressed from targeting home users to much more sophisticated attacks on SMB’s and enterprise networks. Cyber attackers have built robust platform infrastructures using Domain Generated Algorithms and assets in Top Level Domains, Generic Top Level Domains and Country Code Top Level Domains. According to a recent report by Intel Security, the ransomware industry has grown exponentially by over 3,000% since 2012, with new threats being discovered every year.

Some of the new varieties of ransomware holding businesses to financial ransom over their data, such as Petya, Dogspectus, Ransom.Win32.Xpan and Princess Locker, display potency across infection vectors and have selective encryption and target-awareness capabilities.

Before learning how to protect your business from these dangers, you must first understand how ransomware infects computers as well as the mode of infection.  Also, become familiar with what steps your company must take to prevent, track and respond to ransomware attacks.

How Can Ransomware Get on My Computer?

Ransomware attackers utilize a number of techniques to infect users, from spear-phishing campaigns, email lures, and exploit kits, and other infections such as Angler.
Users can accidently infect their own computers with Ransomware through one of many seemingly-innocuous actions, such as inadvertently opening an infected email attachment, clicking on a malicious link or malvertisement or even visiting a compromised site.

Attackers find it much easier to gain entrance through existing browser or OS program vulnerabilities – caused by irregular updates – or weaknesses caused by previous machine malware infections.
Malware can also spread through infected removable drives including USBs and portable hard drives, and by application downloads with infected software bundles such as browser toolbars, instant messenger apps, third-party .exe files or software key generators.

Defensive Strategies to Protect Against Ransomware

No company should be without a strategy to prevent, detect, and respond to ransomware attacks as they can make your data inaccessible and grind your business to a jarring halt. While there may be no magic bullet to keep your organization’s data safe from ransomware, there are a number of steps every business should take to drastically reduce their chances of infection.

  • Educate end users about ransomware: As they say, the best offense is a good defense.  And, the first line of defense against ransomware is user awareness and education. You can block malware considerably by training employees through a variety of security awareness programs. Employees can be taught to recognize the potential dangers of opening attachments from unknown people, or clicking on suspicious links.
  • Learn about social engineering: Understanding how resourceful hackers use social engineering and clickbait techniques to spread infection can help end-users avoid those pitfalls. Periodic training sessions through interactive discussions can help employees remain alert to potential security threats they may encounter in cyberspace.
  • Authenticate incoming mail through scanning and enable filtering on your mail servers: All inbound emails should be scanned for known threats to block any suspicious attachments. Most email servers enable flagging of incoming mail that does not pass tests such as reverse IP lookup, SPF and DKIM records to filter potentially dangerous emails. Email servers can also be configured to automatically disallow any executable file with an EXE, COM or SCR extension. These preventative measures work well to stop ransomware distribution through emails.
  • Protect your system using mitigation strategies: It is possible for SMBs to protect against ransomware through controls such as application whitelisting, ensuring proper patch management for applications and operating systems (OSes), and by minimizing administrative privileges. Knowledgeable administrators can enlist whitelisting techniques to allow only secure and legitimate applications to run on your machine, thus preventing download and installation of any other executable malware on it.
  • Desktop security: With such high stakes, businesses should not skimp on the deployment of a proper, commercial desktop security suite. Further, they should layer that security with managed endpoint solutions.
  • Patch management: Because there are no infallible security products, companies should adopt an aggressive patch management on all programs to drastically increase AV effectiveness. As mentioned, malware developers try to exploit vulnerabilities in the OS, applications and even web browsers. That is why it is important to plug security holes once they have been discovered by regularly patching software and installing critical updates as soon as they become available.
  • Limit system permissions: Ransomware usually run the execution chain from temp folder so restricting program execution from temp folders can stop malware infections from spreading further. Network administrators should also limit systems’ permissions to prevent the unauthorized installation of malware on systems without an administrator’s password. The spread of malware infection can also be limited by segmenting sharing and access rights to critical data using redundant servers.
  • Be prepared with a comprehensive data backup strategy: It is absolutely vital to establish a robust backup regime in preparation for a ransomware attack. Comprehensive backup solutions for all critical business data assets can ensure the continuity of your business in case of a successful ransomware attack by restoring local and server apps and data to its pre-infection status.
  • Get to the Cloud: Ransomware works by causing disruption to your business. You can take steps to ensure business continuity by moving to the cloud, which offers a greater level of protection and overall security to a SMB. Cloud providers bundle multiple security controls like malware scanning, enhanced authentication, data loss prevention strategies and various other protections into the service to minimize the chance of a ransomware attack.  Cloud services also offer additional protection as add-ons, such as traffic scanning and site reputation checks to counter the threat of ransomware. With your data in the cloud, it should not be a major headache if your local machine becomes infected with a ransomware.

As you can see, ransomware is a very real threat. If you do not want your business to fall victim to this menace, simply follow the best practices outlined here to prepare and to protect against your well-prepared adversaries.

Protect Your Server Environment From Potential Threats

Web security and downtime are critical issues for any business that operates online. Web servers are often targets for hacking attacks by malicious cybercriminals because of the sensitive data they generally host. Attackers can exploit neglected user accounts, or an overlooked port to surreptitiously get past your server defenses.  Sometimes common administrator mistakes like badly configured virtual directories or even a forgotten share can also lead to unauthorized access. Some of the major threats to your Web server come from denial of service, unauthorized access, profiling, random code execution, privilege misuse and viruses, worms, and Trojans. So how can your business defend against various online threats while continuing to function normally?  What must you do to ensure the security of your website, web applications, network and also the web server? After all, a secure and correctly configured web server provides a protected foundation for hosting your Web applications.

Checklist For Securing Your Web Server
You may be doing most of the system administrator tasks to upkeep the server but unknowingly skipping some essential best practices. The real challenge of securing your web server is applying the right configuration settings while keeping with your security goals. Below are rough guidelines which should be a good starting point for getting your server configuration to be more secure, while ensuring convenience in your day-to-day server operations.

1. Stay On Top Of Updates

Outdated systems and applications are one of the most persistent threats in the server environment. Most security breaches and hacks are via security holes in old versions of web applications being used in forums and blogs. You must maintain a routine system upgrade for all tools and apps your business uses, both on the server-side and client-side. Pay close attention to security advisories to ensure all security flaws are patched. In rare cases where no patch has been made public for an existing vulnerability, make sure you disable the service until a patch is made available in order to remain secure.

2. Perform Regular Audits

Examine network services running on your server and look at updates from your intrusion detection system to find out if everything internally is working fine internally, such as server configurations implemented, active services, security protocols, applications running on your server and so on. Audit and monitor website access logs, operating system logs, and database server logs for abnormal log entries or strange activities to detect a successful attack or even an attempt of one. The logs should ideally be present in an isolated area of the web server to prevent any tampering.

3. Proper Firewall Configuration And Intrusion Detection

All business networks ideally need comprehensive protection in the form of firewalls, authentication, and an intrusion monitoring system. Restricting traffic to and from your server through a firewall may be a good way of limiting access others have to your server. Firewall and properly applied security protocols are a primary requirement of ensuring a secure server environment. Since most workplaces have remote workers or employees working from home, adopting VPN solutions make it possible to effectively manage their devices while enabling secure access to corporate resources and business data.

4. Eliminate Unnecessary Services

Running default operating system configurations is not secure, especially since many pre-defined modules or network services get installed, such as remote registry services, internet information services, print server service, and more. The more unnecessary services you have running on your operating system, the greater the risk of leaving more ports open to abuse from outside connections. Manage startup scripts to switch off or disable all unnecessary services from running automatically at boot-up. This helps make your attack surface smaller and also improves server performances by freeing up hardware resources.

5. Disable Unused User Accounts

User accounts are often created during software installations on the operating system. Any such unused default user accounts created should be checked properly and permissions have to be changed as required. To find out if an account is active, you can search for files owned by that user and check their last modified date before removing a user from your system. If you do not want to delete user accounts, you should disable shell access. Every administrator with access to the web server should ideally have his or her own user account set up with the correct privileges.

6. Protect Databases

Failure to protect your database (e.g. Microsoft SQL Server, MySQL, Oracle) can lead to potential loss of private sensitive information such as usernames, email addresses, etc, and it allows an attacker to add entries that may create spam or malware links on your site. You should also consider how they are accessed for routine maintenance.

7. Restrict Remote Access

Where absolutely necessary, remote access to web servers can be allowed but it should be secured properly using tunneling and encryption protocols. To ensure security of your web server, do restrict remote access to a specific number of IP’s and to specific accounts only.

8. Setup Permissions And Privileges

Anyone with malicious intent can compromise your web server security through poor file and network services permissions to carry out tasks, like executing specific harmful files. The rule of thumb is to always assign the least privileges needed for a specific network service to run, such as web server software. Also ensure that you allocate absolutely minimum privileges to the anonymous user for accessing the website, web application files, and backend data.

9. Use Security Scanners

Hackers constantly scan your server for open ports and other vulnerabilities to exploit and so should you. You should be using security scanners to automatically monitor and run advanced security checks for open ports, network services, configuration problems, and other vulnerabilities in your web server and web applications. Security scanners ensure website and server security by checking for password strength on authentication pages, cross site scripting, SQL Injections and more. It also audits shopping carts, forms, dynamic Web 2.0 content and other web applications for vulnerabilities.

Establish A Secure Server
The real challenge of managing web servers is in ensuring that they function optimally and smoothly. You can enforce the measures discussed in this article to avoid technical complexities within the hosting environment. You can continue to function normally by maintaining due diligence on server security. Know that it is an ongoing process and not something you have to do once. For business owners who want to focus on growing their business without worrying about managing their site, Lunarpages offers Managed Hosting Services with extra security features, administration and technical support.

5 Things Businesses Can Do Today to Protect Against Hackers

Every business and individual should be vigilant about online security.  Businesses are especially vulnerable because they store an ever-increasing volume of user data on their servers.  Small to medium businesses are as likely as large enterprises to suffer from data breaches. While bigger organizations have the financial muscle, resources and skill to overcome setbacks from a cyber attack, small businesses often lack the security personnel and expertise needed to protect sensitive data in the first place or to recover from any breach should they be targeted.  Sadly, regardless of size, every business will suffer a consumer trust set-back as the result of a cyber hack. The good news is that there are simple measures that can be undertaken by any business owner to protect data from being compromised and to thwart attacks.  

1. Apply Encryption Software
Today, encrypting your own confidential information and your customers’ sensitive data files is an important step to protecting against theft or hacking. In fact, in order to be in compliance with various federal and state laws, businesses must encrypt confidential data to protect their customers. Modern encryption software uses algorithms to create nearly uncrackable ciphers of unintelligible, encoded characters, so that the data being transferred online is hidden.  There are many encryption software applications available for businesses.  Ideally these solutions should feature 256 bit AES (Advanced Encryption Standard) encryption algorithm, on-­the-­fly encryption to enable easy working with encrypted files such as plain text files, easy cloud backup for multiple encrypted files to allow secure storage, keylogger protection for access to safes/vault container files with passwords, and a easily navigable user-friendly interface to make encoding confidential files an intuitive exercise. Online businesses should consider adding an extra layer of security through HTTPS and if using FTP software, it is advisable to switch to SFTP. Webmail service should have SSL encryption on login pages for clients entering user names and passwords, to prevent easy access by third party interceptors to login details. Even email should be sent via SSL encryption, especially if it contains sensitive information.

2. Use A Password Manager
Research shows that 80% of stolen or compromised user credentials are from weak passwords and over 55% of people use one password for all logins. Cybercrooks use phishing, malware and social engineering to capture usernames and passwords. Small to medium sized businesses need comprehensive protection using password managers, such as enterprise version of LastPass, to securely store and enter encrypted account login details. It may be better to use password managers to set up an encrypted and secure master password or passphrases for protecting the list of passwords saved. Password managers enable setting minimum password standards across your company accounts to meet your policy requirements, or allowing restricted access to specific devices or groups and real-time syncing across devices.

3. Ensure Proper Backup
There has been a 30% increase in denial of service attacks in the past year. These attacks take up bandwidth and tend to last longer. With hackers designing breaches to destroy or modify files on the server, and with the rise of ransomware, you can protect your business information by creating an immediate backup.  If the computer where data is stored gets lost, stolen or hacked you will need to fall back on the backup copies for uninterrupted business. According to data privacy laws, your customers have the right to request access to personal information stored about them but if the original data gets compromised in a breach, you will not be able to comply with this legal requirement if you do not have a backup copy of your customer data. For improved productivity, better security and for legal compliance, it is critical for businesses to have backup copies of their own and their customers’ confidential files.

4. Protect Your Network
Businesses have to pay special attention when securing their network.  This means taking small but significant steps such as installing antivirus software, applying OS and application updates regularly, and controlling user access to a given system or data on a ‘need to know’ basis. Employees and users are often a weak link as they inadvertently provide an easy access route to your website servers. By lowering the number of people who have access to your data, you reduce the risk of a hacker using them to steal it. Some things you can do today to help protect your network include employ strong passwords, change them frequently, have logins expire after a brief period of inactivity, and thoroughly scan all devices plugged into the network for malware. Additionally, security audits or vulnerability scans can help prevent online threats and malicious cyber attacks by monitoring the integrity of your network solutions, examining ports, firewall policies, processes and software updates. Vulnerability scans minimize any risk of downtime, prevent unauthorized access, and address urgent risks to safeguard your brand image.

5. Check Security Measures for Third-Party Providers
The Ponemon Institute lists third party providers, such as web hosts, payment processors, and call centers as security risks to businesses—especially with regards to data protection. There should be rigorous checks in place for all third party vendors to ensure they have adequate and up-to-date security measures and practices. It is absolutely vital for businesses to vet all new providers, including software providers, for security best practice compliance like the Payment Card Industry’s Data Security Standard (PCI-DSS) and cloud-security certification SSAE16. Even cloud software vendors should be asked about their certifications and security management measures before working with them. Partnering with reputable vendors and using the right tools act as a safeguard for businesses to reduce the risk of security threats. Don’t overlook this.

Protect Your Business, Your Brand and Your Customers
Today the risk of data breach is a greater challenge than ever for large, medium, and small businesses alike. For the reputation of your business and the safety of your customers, it’s important to take the necessary steps to improve your business’s data privacy and follow comprehensive security practices for critical applications & data.

Bursting Some Popular Cloud Myths

The word “Cloud” still causes a lot of confusion among people, many of whom are left wondering what it actually is. When opting for cloud hosting, businesses are renting virtual server space rather than renting or purchasing physical servers. When virtual server space is rented, it is often paid for by the hour, depending on the capacity required at any particular time. These virtualized dedicated cloud servers have gained in popularity globally, because of their enormous shared computing power.  Even core products from Microsoft to Adobe such as Office 365 and Creative Cloud use data that’s stored on remote servers. There are, however, many myths about cloud hosting that seem to worry customers’ minds when considering a cloud-hosting provider. Let’s burst some myths to get to the truth about cloud server hosting.

Myths and Truths About Cloud Server Hosting

Myth #1: Cloud Hosting is Not Secure
Fact: Cloud hosting providers are continuously improving on their best practices and compliance levels for securing critical data and applications. Nonetheless, it comes down to choosing a leading cloud hosting company with good credentials and service level agreements. The company you choose should also offer the highest levels of security with fully managed firewall protection. Cloud hosting environments ensure 100% uptime with an SOC2/SSAE16 data center, high availability server architecture with multiple servers, 256-bit encryption, automatic off site backups, firewalls, routers, uninterrupted power supply, load balancers, switches mirror disks, RAID implementation, and 24/7 onsite monitoring. Additionally, software updates, including security patches, are applied to all customers simultaneously in the multitenant system. Most hosts treat cloud security very seriously and implement the latest technology and resources to protect the cloud environment, because if the cloud were to be proven unsafe then cloud companies would lose millions in sales.  Security in the cloud, even in large cloud environments, has so far been stellar. There have been very few security breaches in the public cloud, as compared to on-premises data center environments.

Myth #2: Cloud Services Are Complicated
Fact: Cloud hosting may seem confusing with its many variations of public cloud, private cloud, hybrid cloud and even community cloud, but cloud servers are no more complex than dedicated servers or VPS. Cloud hosting actually simplifies the job of an IT manager or CTO because of its easy setup, instant provisioning through an online control panel, utilization on-demand and customization. The online control panel in cloud storage handles all the tough work; making cloud storage as easy as dragging a file to an icon.

Myth #3:  Cloud Hosting Is Expensive
Fact: Cloud hosting helps businesses save considerable financial resources and offers flexibility and adaptability for both the short and long term. It is a much cheaper alternative to shared or dedicated servers, though cost comparison may prove to be tricky. With cloud hosting you only have to pay for data storage resources you use, so it works out much cheaper than other hosting services. The cost for what you use on the cloud depends on a few factors.  These include the number of users, data size, customized backups, applications used and exchange services.  Cloud computing replaces the need for installing local servers, network equipment, power conditioning, software and antivirus software, backup solutions, dedicated server rooms, along with reducing the cost of IT staff, user support and maintenance.

Myth #4 – Cloud Performance Is Not Reliable 
Fact: In the early days of cloud computing, there may have been some performance issues. However, these problems have been attended to by the leading cloud service providers who offer unique and work-specific solutions for high powered & high speed storage with guaranteed IOPS, along with other improvements. Cloud providers have made their systems resilient to avoid outages. No system is perfect and the cloud can fail too, but the fact is that those failures are fewer and far between as compared to other alternatives. The cloud environment can be engineered to adapt to strenuous workloads and high availability requirements that avoid any performance or failure issues.

Myth #5 – There Is Only One Cloud
Fact: There are hosting providers offering cloud services from the small business to the enterprise level and there is actually more than one type of cloud—a Public Cloud, a Private Cloud and a Hybrid Cloud. A Public Cloud shares network infrastructure which is accessible from an off-site Internet source. While it is easier to share files on a Public Cloud, a Private Cloud has advanced security features and guaranteed high quality maintenance on software and infrastructure. The third type of cloud is a Hybrid Cloud, which combines aspects of a Private and a Public Cloud. For example, businesses can keep their data and applications for QuickBooks or financial software hosting on a Private Cloud and less sensitive documents can be stored on a Public Cloud.

The Bottom Line
When considering cloud hosting, it all comes down to finding a hosting provider with a proven track record.  Try looking up comparison charts to find hosts with the most resources, an appropriate array of hosting products and excellent customer support to win your business. Cloud services have moved from being a second thought to being top of mind for businesses of all sizes. Amazon and Salesforce are just a couple of companies that are shining examples of the utility of Saas platforms in the cloud revolution. But cloud computing is not just for large enterprises, it offers greater IT efficiency and capabilities for all businesses from small to medium-sized.  Smart businesses should be ready to switch to the cloud in the future to leverage cloud technology or risk being left behind by their competitors who are already taking advantage of the value and benefits of cloud computing.

Cisco’s Managed Threat Defense: A New Era for Data Security Analytics?

IT security is no laughing matter, and organizations of all sizes and in all industries can’t afford to ignore it.

As CNN reports, Target CEO Gregg Steinhafel tendered his resignation after “extensive discussions” with the board of directors. Why? Because Steinhafel was in charge when company networks were hacked in December 2013, leading to the theft of 40 million credit card numbers. Unhappy consumers prompted a 46 percent drop in Target’s profit, and the retailer is now spending $100 million to upgrade its point-of-sale (POS) technology. But as a recent Sydney Morning Herald article points out, even if new POS terminals had been installed before the breach Steinhafel couldn’t have prevented the breach from happening.

Network giant Cisco thinks it has the answer to this cycle of security failure and executive blame: Managed Threat Defense. Is this the dawn of a new era for security analytics?

Changing the Locks on IT Security

In an ideal world, network security breaches wouldn’t happen. Defenses would outpace attacks, and security vendors could say with absolute certainty that attacks were impossible. Unfortunately, the opposite is true. As noted in Cisco’s Annual Security Report, 100 percent of companies admitted that some traffic coming from their networks headed straight for malware-laden websites.

Cisco’s Managed Threat Defense solution gives security analysts a “single pane of glass” to help identify suspicious activity, according to the company’s Data Sheet. In addition, the solution offers real-time predictive analytics powered by Hadoop 2.0, which can detect anomalous network patterns, zero in on “unknown” attacks and track emerging incidents.

Cisco’s offering is a combination of on-premises hardware and software — all incoming and outgoing data is monitored 24/7 by Cisco’s security operation centers, which can respond instantly in the event of a threat.

Seeing the Future of Data Protection

The Global Security Analytics Market 2014–2018 report from Research and Markets predicts a compound annual growth rate of 10.61 percent for security analytics through 2018. And while it sounds like smoke and mirrors, predictive analytics offers tangible benefits as the enterprise market shifts from reliance on local resources to as-a-service alternatives.

Creative malware developers and virus authors are taking full advantage of security gaps to write code that alters its structure with each execution. In response, security vendors have shifted away from walling off networks, because it’s all too easy to sneak through the gate; the new goal is to predict what a program will do before it has a chance to execute.

A recent IT-Director article talks about the need for security intelligence before, during and after an incident. The idea actually comes from Cisco’s Sourcefire and dovetails perfectly with the manifesto of Managed Threat Detection: end-to-end protection.

Current solutions focus on what happens before attacks by using blacklists of email addresses, applications and websites. After is also well populated by companies that can assess the extent of damage and help enterprises get back on their feet. During is when most solutions can’t perform. Managed Threat aims to close this gap by monitoring user environments in real-time for behaviors that may be the precursors of an attack. Instead of looking for a specific code or host, the solution uses streaming telemetry to evaluate network traffic on a moment-by-moment basis, in effect predicting the future.

A Three-Sided Defense or a Single Shield?

Not all companies agree with Cisco’s model — IBM, for example, believes end-point protection is still the first line of defense against malware and other cyberthreats. But it’s hard to argue with the idea that attacks are better handled on three fronts rather than one: Defend where possible, detect when able and destroy as necessary.

[image: voyager624/iStock/ThinkStockPhotos]

Data Security and BYOD: The IT Odd Couple?

For enterprise IT professionals, there’s no avoiding the bring-your-own-device (BYOD) trend. According to a Staples Advantage survey, 93 percent of employees say the kind of telecommuting programs made possible by BYOD are beneficial, while 53 percent of business decision-makers say allowing employees to access corporate networks with personal devices increases productivity.

But as IT admins have discovered, easy access increases the risk of a data security breach. Is this an all-or-nothing proposition?

The Great Divide Between IT and Staff

Employees expect access. A recent article from HealthITSecurity notes that physicians often carry tech devices, such as tablets or smartphones, and expect immediate access to hospital networks. IT departments are told to “make things work” but struggle to manage certificates and access keys across a broad range of devices.

This can lead to a lockdown mentality on the part of IT: Users must either agree to install security-monitoring apps or restrict themselves to devices approved by IT admins. The problem? According to, 41 percent of users circumvent these security measures, leaving corporate networks compromised and IT professionals in the dark.

Employees Don’t Feel Responsible for Security

When it comes to security, many employees take a  “not my problem” attitude, according to Centrify survey results discussed in a recent FierceCIO article.

Fifteen percent of survey respondents said their responsibility for protecting corporate information on their personal devices was “none to minimal”; 10 percent were still using devices without passwords or PINs. And although 45 percent of respondents said they understood the need for data diligence in BYOD, 43 percent admitted to accessing corporate services over insecure public networks. In other words, even employees with the best intentions put company data at risk.

Tech Republic, meanwhile, offers some specific examples. After granting “select executives” access to company networks using their iPads and smarthphones, a European firm found 10 times as many employees using the network without permission. A health and wellness company, meanwhile, discovered employees using public email services to send sensitive consumer data, such as credit card numbers and banking details.

Never the Twain Shall Meet?

Is it possible for BYOD and data security to coexist in the enterprise environment, or are IT professionals doomed to play catch-up and patch any holes left by well-meaning or overzealous employees?

One option is biometric mobile security, which includes the use of fingerprint, voice or iris identification, typically in combination with a password, to create a form of two-factor authentication.

News24 discusses this emerging technology and its possible benefits: For users, biometric options “feel” more secure and can seem less invasive than security apps. In addition, the use of a biometric service means authentication data is stored outside the mobile device; even in the event of a loss or theft, the phone or tablet itself can’t be mined for bio-identification data.

Forbes, meanwhile, offers companies more timely advice: Create backup plans. Start by making the data, not the user or the device, the priority. This means developing identity-management and remote-wiping protocols so admins always know who’s using a device and can cut off data access as needed.

It’s also important to engage employees and — given the power of social media — marketing departments. Education about device best practices, such as not using common passwords or relying on social media networks to transmit company data, is crucial. Ask employees what they expect from network access and get their input on mobile security; the democratization of technological power means IT staff must discuss rather than demand.

Data security and BYOD will never see eye to eye, but it is possible to maximize both access and authority with the right mix of technological forethought, backup planning and employee engagement.

[image: marinhristov/iStock/ThinkStockPhotos]

Fixing Heartbleed in All the Right Places

The OpenSSL vulnerability responsible for April’s Heartbleed bug has been patched — version 1.01g fixes the problem permanently. But for IT professionals, patching OpenSSL is just the beginning: Heartbleed hides in the most unlikely places.

First Steps to Stop the Bleeding

Clearing out Heartbleed starts with patching every version of OpenSSL a company uses. The problem is that this encryption technology is used by a host of internal and third-party web-facing processes. According to Forbes, enterprises need to make sure every website they operate has been properly patched; it’s worth checking with your web host to ensure that they’ve patched things on their end as well.

What’s more, you need to make sure any partner sites are similarly clean. If not, information securely entered internally can become compromised when it leaves corporate networks and ends up in the memory buffer of a Heartbleed-vulnerable website.

Refresh Your Keys and Certificates

Although patching OpenSSL means there won’t be any new information leaks, it doesn’t prevent malicious actors from causing trouble with data they’ve already obtained. As ReadWrite points out, it’s critical to generate new public–private encryption keys for every system on the network and to revoke old SSL certificates and generate new ones to verify the identity of other servers.

This prevents “certificate spoofing,” in which hackers use stolen SSL or private encryption-key data to set up dummy sites that appear legitimate but are in fact copycat versions intended to steal user information. Google recommends that its Compute Engine customers generate new keys, and certificate authorities like Symantec and GoDaddy are offering updated certificates for free.

CSO Online, meanwhile, reports that many security companies are also offering Heartbleed scanner tools for free, helping IT professionals track down this bug in hard-to-reach places. Newer versions are designed to scan Intranet websites, VPNs, FTP servers, databases, email servers, printers and smartphones. It’s worthwhile using more than one tool, however, since some released just after the bug was discovered were shown to report inaccurate results.

Heartbleed’s Impact on Mobile

In addition to websites and servers, it’s also possible for mobile devices to carry the Heartbleed bug. According to a recent Business Insider article, millions of Android users are potentially affected; any user running Jelly Bean 4.1.1 is a candidate for Heartbleed.

Google doesn’t release data for specific sub-version adoption, but over 34 percent of users worldwide are still running Jelly Bean 4.1, and security experts warn that “millions” of devices rely on 4.1.1.

This may seem like a distant threat for IT professionals, since this version of Jelly Bean rolled out in 2012. But for any organization that does business with individual subcontractors or has offices overseas, the mobile vulnerability represents a very real problem. The good news? This is the perfect opportunity to draft solid companywide mobile-use standards; there should be no problem getting C-suite approval to protect networks from leftover Heartbleeds.

A New SSL?

According to Theo de Raadt, founder of OpenBSD, OpenSSL isn’t worth fixing. As a result, his team has forked the code to create LibreSSL, which should deal with what de Raadt calls OpenSSL’s “discarded leftovers.” In an email to Ars Technica, he said that his group “removed half of the OpenSSL source tree in a week.” Even with such extensive pruning, the fork still compiles with no problems. Currently, LibreSSL is designed to run only as part of OpenBSD, although the group is taking donations and hopes to release a standalone version in the future.

Heartbleed has been bandaged; it hasn’t been eradicated. IT professionals need to patch every website, make sure mobile devices are secure and consider the possibility that OpenSSL may have outlived its usefulness.

[image: Adrian Vamanu/Hemera/ThinkStockPhotos]