Vulnerability Assessments vs Penetration Testing

Vulnerability scanning and penetration testing are important tools to secure and protect your IT infrastructure. Often, they get confused with each other but both play very different roles in overall network security.

So, what’s the difference and which should your business be using?

 

Vulnerability Assessments

Vulnerability assessments are automated reports that search for known vulnerabilities within software, such as missing patches and outdated configuration, protocols, certificates and services. The output of this report would show any known vulnerability that exist within the network. Reports can be lengthy as the assessments take quite a comprehensive look at the network and applications.

The assessments can be ran on any number of devices throughout a network and is wide in scope. The results can then be used to remove potential risks before they could be exploited.

It is recommended to perform scans quarterly and every new device once configured, or if a major configuration change has taken place.

 

Penetration Tests

In comparison, penetration testing actively exploits weaknesses within the environment. An experienced person would carry out the testing, acting as an attacker by exploiting weaknesses within the network or applications otherwise known as ‘ethical hacking’. As a tester is needed, this testing cannot be automated.

The main aim of penetration testing is to identify insecure and weak security settings and configuration that a business outsider would be able to use to access the data held behind the defences such as un-encrypted passwords. The tester would probe an open port and see how far it can be exploited. Large networks can take anywhere from days to weeks to complete a full test. It is therefore best practice to have the testing performed by a fully qualified 3rd party; this also ensures a fully unbiased, objective report being developed.

Penetration testing doesn’t need to be performed as regularly as vulnerability assessments, instead only once a year or if internet facing equipment has a large change made.

 

What Should My Business Use?

In summary, a vulnerability assessment is used to detect when an unlocked door could let a burglar enter your business. A penetration test would role play as the burglar and see how far he’s able to get before a locked door stops him in his tracks.

Both tools should be used in conjunction and work together to provide the best outcome. Vulnerability assessments are designed to act as a detective tool; penetration testing is built to be a preventative measure.

Penetration testing is a lot more costly compared to vulnerability by itself, but this is due to the in-depth nature of the scanning as the tester may discover a new vulnerability or a security flaw that is not very well known.

 

IT’s important to know the difference between each test as each are important in their own way. To find out if Netshield can be of assistance, please contact us here

Advertisements

The Rise of Email Compromise

THE TERM PHISHING is certainly becoming more prevalent in today’s cyber-security obsessed world. Cyber criminals pose as a CEO, finance director or other senior members of staff in a company and send fraudulent emails containing details of payments ‘that must be made immediately’ with bank details attached. The catch is usually the address that the email has been sent from; it will resemble very closely the email of the senior management figure, with this spoofing often duping unsuspecting employees into making the payments or disclosing financial/personal information as requested.

According to the Verizon Data Breach Investigations Report, phishing tactics were used in more than 90% of all security incidents and breaches in 2017. So why has there been such a rise in business email being targeted?

 

How does it work?

Phishing emails are very simple; target multiple users or one individual, in a company, convince them that the sender is a high ranking senior management member, extract sensitive information. The email will usually be labelled with high importance, eliciting a sense of urgency in the user (who wants to upset their CEO by delaying a task in an urgent email?) who then provides login credentials, credit card details or actually make the requested payment.

Some will contain a malicious attachment, so if users don’t fall for the money transfer requests they may still infect their PC and later the network with malware.

Links to sign-in forms (such as the Gmail scam that occurred at the start of 2017, affecting over 1 billion users) can also be included. The URL’s resemble the official one, so a glance at the address bar won’t raise any alarm bells unless you look closely, so even the most tech-savvy users can fall victim. Once credentials have been entered the attackers have full access to that account. This could obviously be disastrous if business banking credentials have been entered.

 

Believing your business is safe from an attack as ‘it hasn’t happened to us yet’ is not the way to be thinking anymore. So what can be done? 

  1. Improving User Awareness 

Training employees on how to spot phishing attempts, what to do if they are in receipt of one and how to defend against attacks.

According to the Verizon Data Breach Investigations Report:

30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link.

It’s also important to encourage employees to report possible incidents or breaches as soon as they are discovered.  Clear and readable security policies should be implemented and distributed to all users regularly so employees are aware of their roles and responsibilities during such an incident.

Ongoing security awareness training should be considered for all IT team members on a regular basis to keep their knowledge of evolving scams up to date.

2. Management Involvement 

Assigning key responsibilities for cyber security at management level ensures all employees are aware that is is being taken seriously, and provides a great example for them to follow. Of course everyone within a company has a part to play in keeping the infrastructure secure, but it does need to start at senior management level to show the importance.

A tech-savvy staff member should be allowed time to keep informed about the latest phishing techniques, preferably a senior member of the IT team. By being aware of latest scams as early as possible, the management board can be informed and discuss the best way to prevent the business being affected.

3. Build your Battle Plan

Ensuring your IT infrastructure is as robust as possible must be a priority at all times. Although very important, gone are the days we could just rely on heavy duty firewalls to prevent malicious traffic reaching its target.

  • Two factor authentication can be used over a variety of applications and software, either built in or as an ‘add on’. With most people only having one layer of security (their password) to protect accounts, two-factor authentication adds a security code that must be entered on top of this. This can be directed towards your mobile or a security key. With 2FA enabled, should the bad guys gain control of passwords they still won’t be able to access what is behind without the users phone or security key.
  • Updates are released in response to loopholes that phishers can take advantage of. Ensuring all IT systems are up to date is often forgotten about. We’ve previously posted about how patching can help prevent major security vulnerabilities (read more here), this also reaches out to anti-virus and anti-malware. Should the worst happen, this is your first line of defense. Browsers should also be updated as soon as one is available. A good patch management schedule will ensure this is carried out regularly.
  • A quick check to verify site security of a site is not time consuming but does help give you peace of mind. Make sure the URL begins with ‘https’, and that a small, closed padlock icon is visible near the address bar.
  • Anti-virus should be installed across all devices, including remotely used ones. New security definitions are added all the time, which makes ensuring the software is up to date even more important. AV helps prevent damage to systems by scanning every file coming through the internet to your PC.
  • Scrutinize an email address or URL if you’re a little bit unsure. Sender of an email joe.bloggs@exampl3.com rather than the usual @example.com? Don’t trust it. It doesn’t hurt to reach out and double check with who you believe the email is from separately to check.

 

Unfortunately there is no fool-proof way to prevent attacks occurring; promoting a company culture of staying vigilant and being on guard is one of the best defenses you can have.

 

For information about how Netshield can assist with your anti-phishing policies and defenses, please feel free to contact us here.

 

 

Technology and Education: What’s the Impact?

Technology has made a huge impact in every sector over the last ten years; this is especially true for the education sector. 

Universities and colleges are offering online courses to make studying more accessible across the world, challenging the ‘traditional’ picture of education. But could there be more of an impact?

Remote Working

In the era of many businesses now using a wide range of remote desktop services to allow employees to work from home or remotely when needed, will schools soon be following suit?

During the poor weather at the start of 2018 which led to schools, colleges and universities being closed, some for weeks on end due to heating issues, could the impact on students learning be lessened with virtual classes being available? This would minimise the amount of learning lost during adverse weather conditions, and long term illness. Virtual lessons would also help connect students and teachers in different locations, removing any geographical barriers.

However, does remote learning lead to an issue: how do tutors and teachers ensure students are remaining productive when they’re not working in a classroom? There aren’t many surveys that have been conducted to this end, but according to a survey performed with teleworkers by TINYpulse,  91% of remote workers believe they “get more work done when working remotely”. This is of course a self assessment performed by the workers and may not offer a true reflection of how productive they actually are! It does however show an insight into how the freedom of remote working could actually improve the productivity of students.

Digital Portfolios

Gone are the days of scrambling around for the USB long forgotten about at the bottom of a school bag; the embarrassment of submitting work and realising it hadn’t been saved; sharing external storage devices during a group project. Digital portfolios are becoming more common, allowing students to share notes and collaborate during projects in one place, usually an online portal or application. Tutors are also able to mark work and submit it back straight away, removing the need for 100’s bits of paper being printed and handed back.

The use of digital portfolios helps keep all submissions stored securely, often making use of Cloud services which has the additional benefits of scalable storage and backups for extra security and continuity.

From an environmental view, digitising assignments submissions would of course minimise the amount of paper being used, and also drive down the cost of printing, inks and toners.

Taking Control of Learning

Students in college and university often have to juggle their coursework, lectures and lessons with work schedules. Virtual classes provide the freedom for students to learn at their own pace in bite-sized chunks, and work around their often busy work rotas.

Making the choice between a late shift at work vs being on time the next morning for a lecture would be eradicated with the student able to access a lesson if it had been pre-recorded and distributed virtually.

E-books are also becoming more commonplace, with teachers able to prepare students before a class with the lesson content or distribute afterwards to give everyone a chance to recap.

Digital vs Traditional

As with everything, there are of course negatives to such advances being made within the education sector.

Does digitising as much as possible take away traditional writing skills, leaving students so used to typing away unexposed to the usual pen and paper concept? The introduction of E-books also raises the question of what can be done with the sheer amount of paper-based books left sitting unused in libraries and classrooms.

The Verdict?

Of course there’s a long way to go before every school, college and university can offer remote desktop services to all students. The work (and cost!) of implementing such solutions can look scary on paper. However, staggered rollouts or making just certain departments accessible through this medium could help to combat this.

The question of controlling students access during the ‘school day’ can also be harder to answer if allowing them to work on their own time unsupervised through mobile devices. This is where good management of anti-virus and patching is important, with a good, stable and secure back-end infrastructure still needed.

 

With technology changing the face of all sector in some way, education is no different. The next ten – twenty years could make it almost unrecognisable. 

 

 

VoIP, Voice over Internet Protocol – What? How? Why?

VoIP NetshieldVoice over Internet Protocol (VoIP) also known as Internet Telephony, IP Telephony, Voice over broadband and Voice over Network; it is a technology that allows calls to be made over the internet or a computer network.

VoIP is not a brand new technology but it is gaining more popularity due to the general movement towards cloud technology, improvements in the speed and reliability of internet connectivity and the trend of workforce mobility.

How VoIP works

Traditional landline phones operate through a Public Switched Telephone Network (PSTN) and you can gain access to it through the telephone sockets. These networks use circuit switching – when a call is made, these circuits change within the exchange in order to connect the caller and the receiver.

Whereas, VoIP calls are made over the internet and use the method of packet switching – when making a call the data is broken up into data packets, transported across the network and reassembled when it reaches the receiver.

Why VoIP? The Benefits

With the vast improvements of internet connectivity and the decrease in prices since 10 years ago, VoIP is becoming a feasible option for businesses today.

To deploy a traditional telephone system a high capital outlay is needed because of the number of components required i.e. buying a phone system, business line rental, maintenance contracts, hardware costs and pay for software upgrades.

Whereas, VoIP systems compared to traditional telephone systems has minimal capital expense i.e. the purchase of IP enabled phones and internet connection. But, it is also simple to administer and user friendly because it uses the power of the cloud technology.

A VoIP system can provide businesses with an integration of both office and mobile devices, allowing employees to have an office phone that can ‘go anywhere’, making it ideal for those who work remotely and for companies that have hot desking. This flexibility can help increase efficiencies and productivity as users can easily manage and receive calls. It can also be scaled up and down when required, offering future proofing capabilities.

For more information on VoIP or advice whether to switch contact us today.

Upgrading your Business Broadband? But which one?

Connectivity is becoming a necessity for organisations with many needing faster and more reliable service to ensure business continuity. For commercial broadband buyers there are many to choose from and each will have their advantages and disadvantages.

ADSL 2+

Popular choice, as it uses the same infrastructure as standard ADSL connections but, it can provide up to 3 times greater connection speeds. However, the actual speeds you’ll get depends on the distance between the premise and the exchange.

Fibre to the Premise (FTTP)

Is considered as one of the fastest options because it involves running a cable from a nearby exchange straight to your business premises. Installation costs are subject to survey, as the ISP need to assess how much digging will be involved to connect the premise to the exchange. It takes on average 3 months to install and it is not available everywhere.

Fibre to the Cabinet (FTTC)

Similar to FTTP this is where a cable is running from a nearby cabinet to the premise and it is not available everywhere. It is considered to be a solution that is a cross between copper broadband and Ethernet First Mile.

Fibre on Demand

Also known as FTTP On Demand enable customers to access speeds up to 330Mbps by extending a fibre-optic broadband connection from the nearest cabinet to the premise.

Ethernet First Mile (EFM)

One of the lower-cost lease line options. Instead of using fibre, it uses existing copper lines to connect the business premise to the local exchange – making it more cost-efficient and faster to install. It is a contented service but, you will receive the same upload and download speeds unlike ADSL.

Microwave

Is a way of transmitting information by using electromagnetic waves and it is widely used for point-to-point communication. It has a small wavelength, with high frequency and the antennas are pointed directly at the receiving antenna. Due to the high frequency it has a large capacity to carry data but, this technology is limited when there are hills and mountains in the line of sight because the waves cannot pass through.

Leased Line – Ethernet

It is a private line that permanently connects two locations; either Internet Leased Line a connection between a service provider and a customer or a ‘Point-to-Point Leased Line’ which is a connection between two customer sites. It is an uncontended connection, offering the same upload and download speeds, making it a reliable and stable connection. Dedicated Ethernet leased lines also comes with a Service Level Agreement.

To help improve connections for businesses and support economic growth the UK Government is currently running a Connection Voucher scheme across the UK. The scheme offers ‘connection vouchers’ worth up to £3000 to help SMEs, Charities and Social Enterprises towards improving or upgrading their current broadband connectivity.

By upgrading broadband connections companies can benefit from improve reliability, increase productivity, enhanced communication with stakeholders and better service speeds. For more help on choosing your business broadband please feel free to contact Netshield today.