Having a predetermined plan can be the saving grace of a catastrophic data breach. The article from Bizjournals.com explains the top 6 ways to guard your business’ data. You can also call us for information on how we, at Citon, can design a personalized defense system to protect your data.
Protecting against a data breach:
Know what to look for. One important step in preventing a data breach is knowing what to look for to prevent a third party from intentionally compromising your data. Be on the lookout for these two things:
- Understand ransomware: An increasing number of stories demonstrate the threat of ransomware — the term used to describe malicious software that will lock your business’ data, offering to provide a password to unlock the data in return for payment of a ransom.
- Suspicious or unknown emails: If you receive an email from an unknown address, do not click on any attachments or linked information. Look at the email address of the sender carefully. Scammers can mimic email accounts to look as if you’re receiving email from Google®, Yahoo!®, TurboTax®, PayPal®, or even your business associate.
Backup data regularly. Backing up your customer data will put you ahead of the game when it comes to efforts by third parties to ransom your data back to you.
Encrypt your data. As simple as it sounds, taking efforts to encrypt your data can provide a significant shield from liability in several states.
Create a computer security policy – and enforce it. Require password protection on your business computers and require the password to be re-entered after a period of inactivity. Set up firewalls, install anti-virus software, and draft an employee policy that sets certain security and privacy standards when using company computers or technology. But remember, for these safeguards to be worthwhile, you must regularly update your programs, set up strong passwords and change them regularly, and enforce your company policies.
Keep data only as long as you need it. Small businesses often get into trouble by retaining credit card information and former customers’ information longer than necessary. Maintaining customer information longer than necessary increases your chances of becoming a target for a breach and widens your potential liability.
Prepare an incident response plan. Hackers and scammers are continuously becoming more sophisticated. Even if you take all the suggested precautions, your business could still be the victim of a data breach. An incident response plan is your game plan for dealing with a breach — how the breach should be handled, who will handle it, when counsel needs to be involved, who needs to be notified and what to say about it. Having an incident response plan in place can reduce the stress, and potentially some of the liability, of a data breach.
Contact us for more information on how to protect your business.
If you have had a data breach we have specialized tools to help mitigate the damage, and get your business back up and running fast.
Your next move:
How the Cloud can change your business.
Cloud storage isn’t just for large companies. It’s also not expensive or difficult to set up. The Cloud is low maintenance, secure, and takes up minimal to no space in your office. Curious to learn how it could benefit your business? Call us at (218) 720-4435
Why moving to the cloud makes sense
I’ve written before about how small businesses should think about optimizing cloud storage. For many small business owners, cloud solutions are a sensible and affordable early choice. In fact, many small businesses now opt for cloud storage right out of the gate, since there’s minimal upfront investment and few hardware or licensing costs.
The benefits of the cloud are numerous. For one thing, data storage requires no maintenance on your side, so you don’t need a large IT department. Hardware failure is also no longer a disaster, as the company’s data isn’t isolated to a physical server or scattered across a collection of laptops and hard drives. The cloud generally has built-in redundancy.
When starting out, most businesses make use of public clouds – hosted by a third party on servers that are shared with other clients – and this typically leads to some concerns. Not only do business owners worry about having to rely on a cloud host to keep data safe, but they also fear being at the mercy of service outages and performance degradation during peak hours. While these worries are not unfounded, there’s a tendency to overemphasize them. As long as you use a reputable provider, your data should be safe and accessible. Although there have been public cloud breaches and unexpected downtime, your data’s generally safer than it was sitting on a hard drive in your office. The main reason many businesses actually abandon the public cloud is that it stops meeting their needs in a cost-effective way.
Big thanks to Business.com providing this great article!
How to keep your small business data safe?
Here at CITON we share the importance and value of keeping your business’ data safe. Call to learn more from us about protecting with encryption, authentication, and data back up (218) 720-4435.
Data security or protection, put simply, is the procedure employed to ensure that your data cannot be corrupted or accessed illegally.
The idea behind securing your data is to protect your business’s data while ensuring that it stays private. Data includes all personal and business files that are stored in the database. The process of securing data generally follows these three steps:
- Encryption. For any data to be of any use, it has to be understandable on a human level. Encryption counters this by using a set of algorithms and mathematical schemes to scramble the information into an unreadable format. This encrypted text can only be decoded by someone who has the decryption key.
To take it up a notch, end-point full encryption is employed. It encrypts every last bit of data in your hard disk thus giving you a very high form of protection.
- Strong user Authentication. We encounter user authentication on a daily basis. Every time you try to login into your computer or social media account, you are required to go through a one-step verification process. One-step verification is weak and is easily hacked. A strong user authentication process will often involve multiple stages of verification making it very difficult to hack.
- Data Backup. You have to be prepared for when the worst happens. Securing your data will never give you 100% assurance. There is always the chance that there might be a loophole in the system which may include an inside job. That is why the process of securing data also includes a backup plan. The backup will ensure that although the information may be stolen, you can always restore it.
By now, you might be inclined to start securing your data; but why is it important to do so?
Someone could be accessing your information without your knowledge
In this internet technology-driven world, anything is possible. Industrial espionage is no longer a term that is relegated to spy films and large corporations; the threat of it happening to you is very real. Someone, probably a competitor, could be keeping track of your undertakings. This information could give them an edge. You might be playing clean, but that doesn’t mean that someone else does.
A trillion cyber-attacks were attempted during the past year
Dell reported that they helped prevent over 1 trillion hacks during the previous year. This figure is mind-boggling. You cannot possibly want to put your business at risk knowing that you could get attacked at any time.
The financial implications of a data breach
The costs of cleaning up and recovering your data after an attack are very high. The cost of setting up a data security system pales in comparison with that of picking up the pieces after being subjected to cyber-crime.
Credit to the Business Blog Hub for sharing great information on cyber security.
NOW IN THE WILD: Super Ransomware can survive almost anything
Backup your data, this one’s nasty
This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs and built one of these motherboard-killers of their own, apparently weaponizing the existing LoJack commercial code to speed up the job.
This rootkit survives a reformat and OS reinstall—and even a hard-disk swap—because it lives in the system’s flash RAM. The only way to get rid of this infection means going in and over-writing the machine’s flash storage, not something for the faint of heart, provided you can even get hold of the right code. Imagine this monster being propagated with a 0-day worm like WannaCry. It gives you the shivers, right on time for Halloween.
What the Heck Is UEFI?
Remember BIOS? It got replaced with UEFI, which stands for Unified Extensible Firmware Interface. UEFI is a specification for the interface between a computer’s firmware and its operating system. The interface controls booting the operating system and runs pre-boot apps.
This rootkit attack compromises the machine’s UEFI. By re-writing it, the malware can persist inside the computer’s flash memory, and that is why it survives “Nuke From Orbit” (that clip never gets old) and even hard disk swaps.
The last few years, the hardware community has introduced measures that do make it very hard for someone to make unauthorized changes at the firmware level. One example is Secure Boot, a mechanism that ensures only securely signed firmware and software can be booted up and run on a system.
Controls like Secure Boot are why InfoSec pros up to now generally considered UEFI rootkits as something more hypothetical, and that only state-sponsored actors are able to develop and use.
However, now that this spectre is out of the bottle, you can expect more UEFI rootkits rearing their ugly heads, possibly having advanced features like signature verification bypass.
Who Discovered This?
Security Firm ESET blogged about it a few days ago. They said: “UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyber attacks. No UEFI rootkit has ever been detected in the wild – until we discovered a campaign by that successfully deployed a malicious UEFI module on a victim’s system.”
ESET’s analysis shows that Fancy Bear used a kernel driver bundled with a legitimate and freely available utility called RWEverything to install the UEFI rootkit. The driver can be used to access a computer’s UEFI/BIOS settings and gather information on almost all low-level settings on it.
Here Are Two Things to Do About It
- Alexis Dorais-Joncas, security intelligence team lead at ESET said: “Organizations should review the Secure Boot configuration on [all] their hardware and make sure they are configured properly to prevent unauthorized access to the firmware memory. They also need to think about controls for detecting malware at the UEFI/BIOS level.” You can say that again. They have a PDF that explains the problem in detail, and note that only modern chipsets support Secure Boot. The infection was running on an older chipset.
- The black hats behind this are known for their recent headlines about major, high profile attacks. For instance, the US Department of Justice named the group as being responsible for the Democratic National Committee (DNC) hack just before the US 2016 elections. So, these guys are not leaving Russia anytime soon, they probably have the indictment framed on their wall as a reminder.
That leaves spear phishing as their go-to strategy to penetrate targets. So, this is another excellent reason to step your users through new-school security awareness training, because social engineering is how these bad guys get into your network. Here is the updated KnowBe4 Blog post with all the links. Oh, and tell your friends:
Information provided by our partners at KnowBe4.
KnowBe4 provides security awareness training and information on how to best avoid ransomware attacks.
Email us at email@example.com for, you know, information on how this can help protect your business
FIX THAT PASSWORD ISSUE. ONCE AND FOR ALL
IT’S TIME TO ADD TWO FACTOR AUTHENTICATION
Small to medium-sized businesses often struggle with identity management because they lack the resources of big companies to implement enterprise solutions, but something as simple as two-factor authentication can help keep your company secure.
Two-factor authentication simply means that after entering your password, you need to do something else like enter a code that gets texted or emailed to you, or confirm the change with an authentication service.
Of course, you want the individual’s identity to be secure, but at the same time you don’t want to be overly complex. I’ve worked for a large organization that signs me out every couple of weeks, then forces me through a burdensome process that starts with sending a code to my phone.
After I enter the code, I need to come up with a new 20-character password, which can’t be like any of my previous passwords. Then, I have to enter the password twice and make them match. Once I’m able to make that work, which usually takes a couple of shots at least because getting 20-character passwords to match takes some doing, I need to approve the change on my smartphone.
If that sounds like a bit of an ordeal, I can tell that it absolutely is, and it’s probably a cycle you want to avoid putting your employees through.
The password conundrum
Complex passwords are good, but often force silly work-arounds like writing them down. If you have your passwords written on post-it notes in your drawer (or worse, attached to your monitor), this isn’t the most secure approach, is it?
On the other hand, people can be amazingly simplistic, when it comes to creating passwords. The worst password lists have 12345 and password (yes, the word password) topping the lists every year. You don’t have to be a hacker genius to figure that one out, do you?
Many people end up using the same passwords over and over across the internet for simplicity’s sake, and with each breach, those passwords get leaked. It means your regular password is probably floating around the internet somewhere, just waiting for someone with nefarious intent to pick it up and enter your company network using the stolen credentials.
By bringing in that second factor, you can limit the harm done by stolen credentials. If you are using an approve/disapprove service, you should train your employees to change passwords immediately if someone is trying to make a change that’s not them. You could even have a protocol to force this to happen.
Two-factor isn’t foolproof of course, but it does offer you a simple way to protect against stolen (or guessed) credentials without putting an undue burden on your users.
TWO-FACTOR AUTHENTICATION SIMPLY MEANS THAT AFTER ENTERING YOUR PASSWORD, YOU NEED TO DO SOMETHING ELSE LIKE ENTER A CODE THAT GETS TEXTED OR EMAILED TO YOU, OR CONFIRM THE CHANGE WITH AN AUTHENTICATION SERVICE.