Why Run Regular Vulnerability Assessments?

Why run regular security tests?

As we probably all know, information security is a broad subject and for many of us understanding the different layers that can help within this spectrum can be at times difficult. In this blog we will look at the risk and what you as a business could do about it!
Over the years when advising various organisations on the importance of regular vulnerability scanning, conversations would typically suggest that most would adopt some form of security measure including the likes of conducting a yearly manual penetration test, having a web application firewall in place (WAF) or conducting ASV PCI scanning if not a combination of the three, just to highlight a few.

What is the actual risk to your business?

The Verizon report suggests that more than 75% of attacks are actually from external sources rather than your internal disenfranchised employees. “While this goes against InfoSec folklore, the story the data consistently tells is that, when it comes to data disclosure, the attacker is not coming from inside the house. And let’s face it, no matter how big your house may be there are more folks outside it than there are inside it.” – Verizon Data Breach Investigations Report
Verizon Data Breach Investigation Report: 40% of Breaches from Web App Attacks, 5,334 total incidents (through web apps,)
908 with confirmed data disclosure. If you look at the stats they all point to the fact that external and web applications specifically is a highly likely route for a hacker to exploit.

Three common misconceptions

1) Performing a manual penetration test is important for most organisations, although this is not always easily accessible on a regular basis for various factors. An in-depth penetration test will certainly give you a thorough snapshot of your current vulnerabilities at that moment in time and allow you to make remediations before a hacker can breach any vulnerability that was discovered. However, in between your next penetration test how can you confirm that you do not have a major vulnerability within one of your websites?

2) Many organisations feel they are protected by their firewall or other forms of external ‘wrapper like’ defence. The fact is that no matter what defences you have in place you will not be un-hackable (the Dark Web Specialist Darkbeam believes that more than 98% of business have already been hacked-they just aren’t aware of it yet). And the landscape is changing every day making it impossible to be ahead of the game, to say that having a firewall will protect you unfortunately just isn’t the case. Blue chip companies will spend millions on firewalls but still have data breaches.

3) Now it must be mentioned that conducting your ASV PCI scanning is a crucial part of your compliance, however it is an important point to highlight the difference between PCI scanning and vulnerability scanning. If you were to swap your compliance hat with your security hat for just a moment it is fair to point out that passing your ASV PCI scan may give you a false sense of security. Your PCI scan will limit your vulnerability discovery to only find the vulnerabilities within PCI standards which may lead to exploitable vulnerabilities that would not fall within the PCI remit.

I am sure for many the above points will sound familiar, however, a key question to ask yourself, should you incorporate regular vulnerability scanning into this equation? Is it worth the extra costs? The areas highlighted can certainly raise potential security gaps but the simple answer is that without having regular checks you do not have consistent visibility on your vulnerability landscape and are potentially one step behind a hacker. If you would like more information on how Netshield can assist you please email info@netshield.net or call 0333 200 1636.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

e

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

ld

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

are helping businesses across the UK run regular vulnerability assessments please get in touch with ourselves

Advertisements

Combat Phishing With Netshield.

Phishing attacks are becoming all too common and frequent. These attacks are used by fraudsters to get personal information, spread viruses or gain economic benefit for themselves.

Data Security

Email phishing is very common and it can be difficult to detect. This means that your business could be under threat from sophisticated online Email based fraudsters. These people are capable of posing as business directors and owners and asking for money to be transferred into an account as an emergency payment, they can also send viruses through attachments which can subsequently damage data on your PC and invade and collect personal information.

Here at Netshield we have a counter for this, our brilliant NetMail package. NetMail is a fantastic way to reduce the spam that enters your inbox as well as eliminate any phishing attacks.

We realise that the constant worry and panic of phishing is alive and well in today’s world of IT. That is why this fantastic package is set up to give peace of mind and reassurance that your data is safe and sound, and the scams will not be able to reach your inbox.

 

Netmail offers;

100% virus protection, ensuring that personal information and details are kept safe as is the well being of your PC.

99.92% spam detection, No bulk, sales, phishing or any other general junk Emails are able to reach your inbox.

Business Continuity,

90 archiving,

Data leak prevention,

AND SO MUCH MORE…

 

Why not set your mind at rest and get in touch with us to see what we can do for you? Our team of top quality professionals will be able to cater for your businesses needs.

Contact us via,

Phone – 0333 200 1636

Email – jack.finlan@netshield.net

 

We look forward to hearing from you!

 

How to encrypt your data for free!

Last month, the Talk Talk cyber-attack resulted in the theft of a substantial amount of sensitive customer data, in the region of:

28,000 credit card/debit card details

15,656 bank account details and sort codes

15,000 dates of birth

1.2 million Email addresses, names and phone numbers

This was Talk Talk’s third attack of this kind in the last 12 months, putting the company firmly on the ever-growing list of multinationals to have suffered a major cyber-attack. The question is, if large corporates such as, Sony, EBay, Carphone Warehouse and Talk Talk (with their expert IT departments and security specialists), can’t prevent hackers from infiltrating their networks, what chance do smaller companies and home users have?

Talk Talk’s CEO, Dido Harding couldn’t confirm whether the data of around 4 million customers had been encrypted or not and when asked why, she didn’t know and responded stating that it wasn’t a ‘legal’ requirement to do so. Ok, so it isn’t required by law but surely any company, regardless of size has a duty of care over their customers’ private data?

The fact is, encryption isn’t a hard thing to implement. It won’t guarantee total prevention of a data leak but together with other security tools, like firewalls, email filtering, intrusion prevention systems, patching and anti-virus, it adds another important layer of protection.

Together with our partner Kaspersky, we’ve outlined the top 5 benefits of encryption:

  1. Full protection of data – Securely encrypted data is completely protected, even if it is stolen. Why? If, for example, a file is encrypted with 256-bit AES, it would take a hacker more than a lifetime to crack the code using the brute-force method.
  2. Security across your devices – Many companies are currently struggling with the boom in smartphones and tablets. Whether administrators like it or not, data is pouring out of companies and being distributed among the most diverse of devices. Encryption removes the stress from this situation, as it ensures that data remains secure, regardless of the device on which it is stored.
  3. Safe transmission of data – Users sending files via email or distributing them via a cloud server can use encryption to ensure that no unauthorised user can view them.
  4. Retain data integrity – Targeted data theft is one thing, but another way to misuse data is through manipulation. Even though a hacker may have absolutely no interest in the information in question, he or she can manipulate specific data to disrupt corporate communications. If encrypted data is used, the recipient will definitely notice that it has been tampered with.
  5. Ensure compliance – IT departments often have to comply with legal or contractual regulations on data protection. These may involve archiving banking data or providing special protection for customer information. In many cases, encrypting the data involved is the easiest way to comply with these rules.

If you are a home user or a small company looking to encrypt your data, lifehacker.com recently published their poll to establish the most popular ways of using encryption for free, with these desktop tools:

  • Veracrypt (Windows/ OS X/Linux) – MOST POPULAR – 40% of the vote
  • 7- Zip (Windows/OS x/Linux) – RUNNER UP – 20 % of the vote

Netshield’s IT security specialists have a wealth of experience and can offer expert advice. If you are a company and not sure where to go next with your IT security, we can arrange a full security health check across your network starting at just £295 (+VAT). Your data is your business – let us help you keep it secure.

Call us on 0333 200 1636 or email info@netshield.net for more details.

Backup and Recovery…The types you need to know about

What is Back-up and Recovery?

A good back up is crucial in a business environment, a back-up strategy is the most effective and efficient way to protect your vital data. It provides a safeguard against unexpected data loss and application errors; should you lose your original data, you can use the backup to make it available again.

With the rise in cybercrime and malicious viruses and malware plus, the potential of accidental data loss, backing up and storing your data has never been more important. A company should always have a disaster recovery plan to deal with potential disasters, a plan to ensure the continuation of regular functions. By backing-up the effects of a disaster will be minimised and the organisation will be able to either maintain or quickly resume mission-critical functions.

The Different Types of Data Back-ups

Full backup

It is a method of backup where all the files and folders selected will be backed up. When consequent backups are ran, the integrated list of files and will all be backed up. The advantage is data restores are fast and easy to manage as the full list of files and folders are in one backup set. It is also easy to maintain and can be restore in various forms.

However, backups can take some time as each file is backed up repeatedly each time it is ran which can consume a considerable amount of network resources. This method absorbs the most storage capacity compared to incremental and differential backups. The exact same files are stored repeatedly which results in inefficient use of storage.

Mirror Backup

As the name states a mirror of the source being backed up. With this backup a file in the source is deleted and that file is eventually deleted in the mirror backup. This technique is clean and ensures the backup does not contain old and out-of-date files. But, there is a chance that files in the source are deleted accidentally, by distribution or through a virus.

Incremental backup

This is when once the initial full backup is completed consecutive incremental backups runs – it will just save the data that has been changed since the last backup, making it much faster backup than a full backup. The incremental technique is quicker and consumes less network resources. It also provides adequate use of storage space as files are not duplicated unlike the full backup method but, restores can be slower and more complicated.

Cloud Backup –

This is also known as Online Backup and Remote Backup – it is when data is backed up to a service or storage facility connected over the Internet. A form of offsite backup so, if anything happens to the premise like a fire or a natural disaster, the data is safe in a different location. The data is also replicated across different storage devices, usually serviced by multiple internet connections so the system is not at the point of failure and it provides easy backup accessibility with an internet connection. If the service is provided by a good commercial data center, the data will be managed and protected. The downside is it can be more expensive than local backups and the backup and restore times can be dependant on the availability of network bandwidth. Also depending on the service provider the owner of the data may not always be in full control of your files i.e. determine which datacenter the data is stored in or there may be security risks involved such as other people viewing your files especially if it’s not encrypted.

Offsite Backup

This is any backup where the backup storage medium is kept at a different geographic location from the origin is known as an offsite backup. For example, an administrator storing the data onto a tape drive and then take it to another location. Cloud backup is also a form of Offsite backup. It gives a company a peace of mind because if a disaster was to strike at the office like theft, fire, flood, earthquakes, hurricanes and more, there is a backup offsite to recover from. However, it may cost more because usually rotation between several storage devices is required. Another disadvantage is storage devices are not always reliable and often needs to be replaced because the more frequent handling of storage devices, the risk of damaging the delicate hard disk is greater.

For more information on the different types of backup and a discussion of our services please feel free to call us on 0845 603 5552.

Anti-Virus – Do we still need it or is it doomed?

With the advancements in technology the threat landscape is evolving too.

Malicious software is becoming harder to detect and remove – it is also starting to affect a wider range of devices because of the ‘Internet of Things’. There has been some cases that advance malicious software can even bypass the anti-virus software by changing its code!

In some ways there is truth behind what Brian Dye, senior vice president of Symantec famously said a few months ago ‘Antivirus is dead’ and it is ‘doomed to failure’ because Anti-Virus relies on a signature database to block out malicious behaviours so, if a particular piece of malicious code has never been seen before – you will probably be a victim to it.

However AV is not completely doomed as Eugene Kaspersky quite rightly said, it is still ‘very much alive and kicking’ because as threats evolved so has the traditional AV. It is about choosing a product that has a database that is continuously updated and have a good feature set.

Many vendors are now reinventing AV and changing it to ‘Endpoint Security’ which offers a wider range of features from your standard things like Anti-Virus, Anti-Spyware and Anti-Malware but, include features like application control, mobile device security, encryption and rule-based system behaviour blocking.

However security has become more complex and just because AV or ‘Endpoint Security’ has more features, we cannot just relying on it to be the sole system defences, it is not viable anymore. It will not provide an adequate level of protection for a modern day complex network.

Networks have developed into complex environments with multiple layers and a range of devices connected so, a layered approach to network security is key because it helps protect the different level within the infrastructure.

AV should just be seen as the first line of defence only, its aim is to protect users from things like spam emails, malicious attachments and websites. Occasionally some will get through but this approach is more secure and safer. Always keep in mind there is no 100% defence against the malicious cyber-attacks because the variables are always changing. Continuously network monitoring is also key to catching any abnormal behaviour.

For more information on network security please feel free to contact us on 0845 603 5552 or info@netshield.eu