Maximising Data Availability

DATA AVAILABILITY has become paramount to the success of an organisation. Reliability as well as performance and manageability are critical to ensuring as much data up-time as possible.

The first step in maximising your data availability is to have a good backup in place that takes into account your whole infrastructure, Recovery Point Objective (RPO) and Recovery Time Objective (RTO). Think you’re protected with just one backup however?

Legacy approaches to data backup and recovery are simply outdated and ineffective. Gone are the days where a single on-premise backup would tick any compliance boxes. To ensure the security and availability of data, backing up to an offsite location as well as the first on-premise should be considered. This can be achieved through a replication job. This has two major benefits:

a) Helps work towards a disaster recovery scenario. Should the initial site be affected by a hardware failure, or complete site failure, the backup offsite will not be affected and could be restored to another location ensuring business continuity.

b) Should data be compromised (accidentally or maliciously, the offsite backup copy would ensure some security and not be affected. A restore could occur, giving peace of mind that a second unaffected copy is available to fall back on.

 

Veeam® Backup & Replication™

Veeam® Backup & Replication™ is straight forward, cost effective and increases service recovery SLA’s with Recovery Time Objectives (RTO) in seconds and minutes rather than outdated hours/days. High speed recovery allows instant file recovery and can fully recover a failed virtual machine in under 15 minutes, minimising the amount of working time lost.

Advanced replication can be used, with replication able to be set to occur as little as every 15 minutes. Essential if you cannot afford for your business to lose even an hour of work. Secure end-to-end encryption achieves security and confidentiality. Pretty straight forward!

 

Recover faster than ever, improve data protection and save money with the Veeam Backup and Replication product. To discuss your requirements or find out more information, please contact us today

Advertisements

Vulnerability Assessments vs Penetration Testing

Vulnerability scanning and penetration testing are important tools to secure and protect your IT infrastructure. Often, they get confused with each other but both play very different roles in overall network security.

So, what’s the difference and which should your business be using?

 

Vulnerability Assessments

Vulnerability assessments are automated reports that search for known vulnerabilities within software, such as missing patches and outdated configuration, protocols, certificates and services. The output of this report would show any known vulnerability that exist within the network. Reports can be lengthy as the assessments take quite a comprehensive look at the network and applications.

The assessments can be ran on any number of devices throughout a network and is wide in scope. The results can then be used to remove potential risks before they could be exploited.

It is recommended to perform scans quarterly and every new device once configured, or if a major configuration change has taken place.

 

Penetration Tests

In comparison, penetration testing actively exploits weaknesses within the environment. An experienced person would carry out the testing, acting as an attacker by exploiting weaknesses within the network or applications otherwise known as ‘ethical hacking’. As a tester is needed, this testing cannot be automated.

The main aim of penetration testing is to identify insecure and weak security settings and configuration that a business outsider would be able to use to access the data held behind the defences such as un-encrypted passwords. The tester would probe an open port and see how far it can be exploited. Large networks can take anywhere from days to weeks to complete a full test. It is therefore best practice to have the testing performed by a fully qualified 3rd party; this also ensures a fully unbiased, objective report being developed.

Penetration testing doesn’t need to be performed as regularly as vulnerability assessments, instead only once a year or if internet facing equipment has a large change made.

 

What Should My Business Use?

In summary, a vulnerability assessment is used to detect when an unlocked door could let a burglar enter your business. A penetration test would role play as the burglar and see how far he’s able to get before a locked door stops him in his tracks.

Both tools should be used in conjunction and work together to provide the best outcome. Vulnerability assessments are designed to act as a detective tool; penetration testing is built to be a preventative measure.

Penetration testing is a lot more costly compared to vulnerability by itself, but this is due to the in-depth nature of the scanning as the tester may discover a new vulnerability or a security flaw that is not very well known.

 

IT’s important to know the difference between each test as each are important in their own way. To find out if Netshield can be of assistance, please contact us here

The Rise of Email Compromise

THE TERM PHISHING is certainly becoming more prevalent in today’s cyber-security obsessed world. Cyber criminals pose as a CEO, finance director or other senior members of staff in a company and send fraudulent emails containing details of payments ‘that must be made immediately’ with bank details attached. The catch is usually the address that the email has been sent from; it will resemble very closely the email of the senior management figure, with this spoofing often duping unsuspecting employees into making the payments or disclosing financial/personal information as requested.

According to the Verizon Data Breach Investigations Report, phishing tactics were used in more than 90% of all security incidents and breaches in 2017. So why has there been such a rise in business email being targeted?

 

How does it work?

Phishing emails are very simple; target multiple users or one individual, in a company, convince them that the sender is a high ranking senior management member, extract sensitive information. The email will usually be labelled with high importance, eliciting a sense of urgency in the user (who wants to upset their CEO by delaying a task in an urgent email?) who then provides login credentials, credit card details or actually make the requested payment.

Some will contain a malicious attachment, so if users don’t fall for the money transfer requests they may still infect their PC and later the network with malware.

Links to sign-in forms (such as the Gmail scam that occurred at the start of 2017, affecting over 1 billion users) can also be included. The URL’s resemble the official one, so a glance at the address bar won’t raise any alarm bells unless you look closely, so even the most tech-savvy users can fall victim. Once credentials have been entered the attackers have full access to that account. This could obviously be disastrous if business banking credentials have been entered.

 

Believing your business is safe from an attack as ‘it hasn’t happened to us yet’ is not the way to be thinking anymore. So what can be done? 

  1. Improving User Awareness 

Training employees on how to spot phishing attempts, what to do if they are in receipt of one and how to defend against attacks.

According to the Verizon Data Breach Investigations Report:

30% of phishing messages get opened by targeted users and 12% of those users click on the malicious attachment or link.

It’s also important to encourage employees to report possible incidents or breaches as soon as they are discovered.  Clear and readable security policies should be implemented and distributed to all users regularly so employees are aware of their roles and responsibilities during such an incident.

Ongoing security awareness training should be considered for all IT team members on a regular basis to keep their knowledge of evolving scams up to date.

2. Management Involvement 

Assigning key responsibilities for cyber security at management level ensures all employees are aware that is is being taken seriously, and provides a great example for them to follow. Of course everyone within a company has a part to play in keeping the infrastructure secure, but it does need to start at senior management level to show the importance.

A tech-savvy staff member should be allowed time to keep informed about the latest phishing techniques, preferably a senior member of the IT team. By being aware of latest scams as early as possible, the management board can be informed and discuss the best way to prevent the business being affected.

3. Build your Battle Plan

Ensuring your IT infrastructure is as robust as possible must be a priority at all times. Although very important, gone are the days we could just rely on heavy duty firewalls to prevent malicious traffic reaching its target.

  • Two factor authentication can be used over a variety of applications and software, either built in or as an ‘add on’. With most people only having one layer of security (their password) to protect accounts, two-factor authentication adds a security code that must be entered on top of this. This can be directed towards your mobile or a security key. With 2FA enabled, should the bad guys gain control of passwords they still won’t be able to access what is behind without the users phone or security key.
  • Updates are released in response to loopholes that phishers can take advantage of. Ensuring all IT systems are up to date is often forgotten about. We’ve previously posted about how patching can help prevent major security vulnerabilities (read more here), this also reaches out to anti-virus and anti-malware. Should the worst happen, this is your first line of defense. Browsers should also be updated as soon as one is available. A good patch management schedule will ensure this is carried out regularly.
  • A quick check to verify site security of a site is not time consuming but does help give you peace of mind. Make sure the URL begins with ‘https’, and that a small, closed padlock icon is visible near the address bar.
  • Anti-virus should be installed across all devices, including remotely used ones. New security definitions are added all the time, which makes ensuring the software is up to date even more important. AV helps prevent damage to systems by scanning every file coming through the internet to your PC.
  • Scrutinize an email address or URL if you’re a little bit unsure. Sender of an email joe.bloggs@exampl3.com rather than the usual @example.com? Don’t trust it. It doesn’t hurt to reach out and double check with who you believe the email is from separately to check.

 

Unfortunately there is no fool-proof way to prevent attacks occurring; promoting a company culture of staying vigilant and being on guard is one of the best defenses you can have.

 

For information about how Netshield can assist with your anti-phishing policies and defenses, please feel free to contact us here.

 

 

Why do we overlook the importance of patching?

The importance of patching is often forgotten about, with IT teams finding the time to keep user, network and security devices up to date often impossible!

The overall security of an infrastructure should be top priority, and one of the most effective preventive measures against potential threats is patching. Patching is the process of repairing system vulnerabilities which have been discovered applying to operating systems, servers, desktops, software applications, firewalls, mobile devices, the list goes on!

Unpatched systems are an easy target; with new vulnerabilities being discovered constantly, it is common for cyber criminals to exploit, target and gain entry to networks. We only have to look at the fallout from the WannaCry and NotPetya attacks to understand how effective using vulnerabilities on unpatched systems can be. A report from the Online Trust Alliance stated:

There were over 160,000 security incidents impacting businesses in 2017 – almost double the amount reported in 2016!

This is due to cyber criminals becoming more tech savvy in exploiting vulnerbilities, and perhaps businesses becoming too busy to focus on their network security.

Of course, proactively preventing such vulnerabilities causing problems is preferred to reactively attempting to mop up after a security incident. This is where patch management comes into play.

The Benefits

Manually checking for and applying updates is a mammoth task; the sheer number of available updates can be overwhelming especially for some SMB’s who may not have their own onsite technical team. To remove this time consuming job, patch management will automatically control the update process. This can also include devices in remote locations, especially helpful for remote workers that use company phones or laptops. Those devices and applications that are easy to forget about can also be included, removing any surprises later on.

Patch management enables the scheduling of a time and date for patches to be deployed, which is especially useful for devices located across different time zones. Setting updates to install out of hours or outside times of high employee productivity minimises the amount of business disruption faced whilst still maintaining the level of security needed.

Removing the need for IT teams to analyse updates, patch management also helps to free up time allowing other productive tasks to be looked at, or dedicate more time to looking after existing systems.

Effective Patch Management 

What does an effective patch management programme look like? The methods used will obviously vary for each company; there’s no ‘one size fits all’ configuration as each need is different. Typically, an automated patch management system is implemented. This requires the install of an agent which allows the control and management of patches from a web-based interface. Companies with a smaller network may wish to outsource this management to perform the deployments from a remote location.

So, you have the programme in place. A less obvious part of the whole management is a policy. This would dictate how often patches are performed, how quickly they need to be scheduled (especially critical updates) and a plan for rollbacks.

 

In summary, in order to keep your infrastructure safe and secure, regularly applying patches to all software should be prioritised. Cyber security needs to be taken seriously by all to stay ahead of the criminals.

 

Netshield can assist with the automation and management of the patch process, from your entire infrastructure to just a select few network devices. If you’d like further information, please don’t hesitate to get in touch.

 

 

 

 

 

 

 

Technology and Education: What’s the Impact?

Technology has made a huge impact in every sector over the last ten years; this is especially true for the education sector. 

Universities and colleges are offering online courses to make studying more accessible across the world, challenging the ‘traditional’ picture of education. But could there be more of an impact?

Remote Working

In the era of many businesses now using a wide range of remote desktop services to allow employees to work from home or remotely when needed, will schools soon be following suit?

During the poor weather at the start of 2018 which led to schools, colleges and universities being closed, some for weeks on end due to heating issues, could the impact on students learning be lessened with virtual classes being available? This would minimise the amount of learning lost during adverse weather conditions, and long term illness. Virtual lessons would also help connect students and teachers in different locations, removing any geographical barriers.

However, does remote learning lead to an issue: how do tutors and teachers ensure students are remaining productive when they’re not working in a classroom? There aren’t many surveys that have been conducted to this end, but according to a survey performed with teleworkers by TINYpulse,  91% of remote workers believe they “get more work done when working remotely”. This is of course a self assessment performed by the workers and may not offer a true reflection of how productive they actually are! It does however show an insight into how the freedom of remote working could actually improve the productivity of students.

Digital Portfolios

Gone are the days of scrambling around for the USB long forgotten about at the bottom of a school bag; the embarrassment of submitting work and realising it hadn’t been saved; sharing external storage devices during a group project. Digital portfolios are becoming more common, allowing students to share notes and collaborate during projects in one place, usually an online portal or application. Tutors are also able to mark work and submit it back straight away, removing the need for 100’s bits of paper being printed and handed back.

The use of digital portfolios helps keep all submissions stored securely, often making use of Cloud services which has the additional benefits of scalable storage and backups for extra security and continuity.

From an environmental view, digitising assignments submissions would of course minimise the amount of paper being used, and also drive down the cost of printing, inks and toners.

Taking Control of Learning

Students in college and university often have to juggle their coursework, lectures and lessons with work schedules. Virtual classes provide the freedom for students to learn at their own pace in bite-sized chunks, and work around their often busy work rotas.

Making the choice between a late shift at work vs being on time the next morning for a lecture would be eradicated with the student able to access a lesson if it had been pre-recorded and distributed virtually.

E-books are also becoming more commonplace, with teachers able to prepare students before a class with the lesson content or distribute afterwards to give everyone a chance to recap.

Digital vs Traditional

As with everything, there are of course negatives to such advances being made within the education sector.

Does digitising as much as possible take away traditional writing skills, leaving students so used to typing away unexposed to the usual pen and paper concept? The introduction of E-books also raises the question of what can be done with the sheer amount of paper-based books left sitting unused in libraries and classrooms.

The Verdict?

Of course there’s a long way to go before every school, college and university can offer remote desktop services to all students. The work (and cost!) of implementing such solutions can look scary on paper. However, staggered rollouts or making just certain departments accessible through this medium could help to combat this.

The question of controlling students access during the ‘school day’ can also be harder to answer if allowing them to work on their own time unsupervised through mobile devices. This is where good management of anti-virus and patching is important, with a good, stable and secure back-end infrastructure still needed.

 

With technology changing the face of all sector in some way, education is no different. The next ten – twenty years could make it almost unrecognisable.