Month: April 2019

Categories
Blog

Ransomware Hits Popular Cable TV Network

Weather Channel Ransonmware

For several years now, sporadic attacks that interrupt major networks’ daily programming have been occurring around the world as hackers try to break in and succeed at their digital violence.

In April 2019, the victim was The Weather Channel. The network found itself having to broadcast pre-recorded material while an internal plan to regain channel access was quickly developed and put into place. Because this happened during some peak air morning air time—between 6 A.M. and 7:40 A.M. EDT—a significant number of viewers were affected. Aside from money the network needed to spend on emergency tech measures to get their channel back and rebuild it to a more secure form for the future, this event must have cost them reputation points as it likely didn’t sit well with advertisers.

While the network publicly announced that malware was at play in the attack, there has been speculation about whether this was the result of ransomware. With ransomware, the disruptive effects of malicious software persist until a specified amount of money has been paid. And although the malware attack itself may seem senseless, this stands as a good opportunity for your business to take some precautions to protect itself.

  1. Back-up your machines and networks. Having multiple layers of back-ups in place—both locally as well as in the cloud—can help easily restore your systems should a ransomware attack strike. Part of this also includes making sure you set back-ups to happen regularly; this ensures that you have fixed and reasonably recent recovery points to draw upon in the event of an emergency.
  2. Break up network access by different machines and user groups. Odds are that very few users if any need to have access to everything in the business; why leave full access open to anyone? They’d be a source of major vulnerability since, should a hacker gain access to their account, everything would be up-for-grabs. Leveraging the limited access of specific user groups or permissions helps contain an attack should one arise, and prevent damage from spreading business-wide. You and anyone on your team might be the exception to this in that you all need total access to be possible somehow. Fortunately, you can always construct a solution, such as several different administrative users with limited permissions, to give you the tools you need for your job while still maintaining high security.
  3. Train employees and enforce best practices. Make sure that everyone working at your business understands what steps they can take to protect their computers from hackers as well as how some of the most common types of threats work. Empower your people to set up strong passwords and to know when to trust an attachment or link. Make sure they follow through on some of these precautions by requiring them to take measures such as setting up multi-factor authentication on their accounts. Don’t let weak security be a possibility!
  4. Install software to secure your machines and scan for attacks—and make sure you keep it up-to-date. First off, you want to try to make sure your machines and networks are fortified against attacks. Use a well-constructed firewall as a central part of your protection plan. But don’t rely entirely on a strong structure to protect your business, particularly given how rapidly tech evolves. Make sure you have systems in place that anticipate vulnerabilities and keep an eye out for attacks. Some businesses even opt for honeypots, which are like dummy vulnerabilities to bait potential attackers and keep a digital weathervane in place to tell if hackers are likely to try something. Regularly update these scanning tools to ensure they are up-to-speed with the latest hacker trends and potential aggressors.

Malware attacks cost businesses large amounts of money, accounting for as much as about one-third of global cyber attack costs in recent years. In fact, cybercrime in the United States is estimated to cost enterprise companies an average of $27.4 million per year, a number that is only continuing to climb over time. If you’ve been fortunate enough to not experience any recent spikes in malware attack attempts, don’t let that lull your business into a false sense of security. After all, 85% of companies polled had experienced a social engineering or phishing attack in the past year, while 75% had at least one web-based attack. Regardless of your company’s size, remaining vigilant for possible threats and attacks is important to ensure that daily business operations can continue to flow as usual, uninterrupted and uncompromised.

Categories
Blog

Hiring Tech: 2019 CEOs Tech Hiring Guide

CEO Hiring Managed Services

As your business operations evolve and expand, you’ll likely reach a critical point in your company’s growth where the tasks required will outnumber the staff you have available. Deciding to outsource work might be a difficult decision, partly because of budgeting and partly because onboarding new parties to your business’ processes is daunting—especially if you’re already stretched too thin. But as CEOs recently interviewed by McKinsey pointed out, “If you don’t [prioritize], you’ll sit in your office all day, read lots of reports, and end up being completely confused.”

In such situations, many CEOs choose to work with a managed service provider (MSP). Particularly for IT services, a managed provider can be a highly sensible solution.

What is a managed service provider?

A managed service provider, or MSP, is a company that remotely handles a specific set of processes for another company. At the center of this working relationship is the contract set between the two companies, which tends to be very strictly enforced to map out exactly what services the MSP will provide.

Why should my business hire a managed service provider?

Hiring an MSP translates into having a specialized agency handling your networks and users, in a way that not only aligns with your company’s processes but also optimizes security, efficiency, and industry best practices. As part of this, there are four key benefits to hiring an MSP as opposed to hiring employees to manage these tasks:

  • A managed service provider can do a better quality job. An MSP is dedicated to handling the processes it offers. It carries out its specialized offerings repeatedly and consistently for its clients. Its people are well-trained, highly skilled, and experienced at delivering the specific services outlined in its contracts because those tasks are at the core of its operation. An MSP has to invest in the best tools and processes in order to remain competitive, and so it is intrinsically driven to streamline its efforts in order to protect its bottom line. With such a strong focus and so many reasons to push for excellence, an MSP can sustainably deliver its services, stay on top of industry trends, and build sharp solutions that anticipate any potential issues and get ahead of them, all as part of its ongoing services—without requiring any additional input or cost from you.
  • A managed service provider guarantees their work. If an employee’s work is inadequate—so, for example, if your IT person fails to deliver a secure solution and your network is compromised—your main form of recourse is to fire them. That doesn’t bring you closer to completing the work you need, and it doesn’t account for any of the resources you lost as a result; any next steps you take will involve spending more in order to address the problem, and then to prevent it from reoccurring in the future. Given IT’s security implications, it’s also critical that whoever is handling it for you minimizes risks and addresses vulnerabilities long before anything can go wrong. As CEO of McAfee, Chris Young reminds us: “… From the earliest stages of product design to selecting vendor partners to write job descriptions — security needs to be top of mind for every critical decision, every new process, every rule.”In some industries such as health, legal, and finance, there are additional considerations such as confidentiality and government regulations for which your business is ultimately liable. Not only are managed service providers up-to-date on emerging threats and the latest regulation, but they guarantee their services. This delivers higher quality results to you and also protects your investment—and your business—when purchasing their services.
  • A managed service provider can save your business money. The typical MSP pricing structure involves an upfront fee and then an ongoing monthly retainer for recurring tasks. Here’s what you don’t have to pay for: recruiting and onboarding costs to hire dedicated personnel; technology and tools for these new employees; training and continuing education to make sure they stay up-to-date on industry developments; overtime costs that result from these employees having to juggle their regular duties with troubleshooting; and more. It’s not just money that you’re saving. Your team already doesn’t have the time to address the concerns for which you’re trying to hire or outsource; don’t replace one problem (managing IT) with another (managing those who manage your IT).
  • A managed service provider is always there. What happens if the employee you hired calls in sick, or if your internal IT team finds itself short-staffed for any measure of time? Something will have to get dropped as your people scramble to fill the gaps and keep critical processes going. Contrast this situation with having an MSP, which is built to accommodate fluctuations of internal team availability. The staffing at MSPs is built to overlap capabilities, and both internal documentation and communications protocols are constructed for maximum flexibility and accountability. This keeps your IT processes flowing, uninterrupted.

This is a high-level survey of ways in which MSPs commonly help businesses. Your specific industry, niche, and offering will likely benefit in additional ways that are not addressed here, and that are also affected by the specific options you choose from your MSP.

Categories
Blog

Microsoft Accounts Targeted For Months, Hackers Serve A Security Reminder

Microsoft Outlook Security Breach

Microsoft began notifying Outlook.com users of a 2019 security breach that occurred between January 1st and March 28th. Hackers were unintentionally given unauthorized access to some accounts, where they were then able to view subject lines, email addresses, and folder names. While no login details—including passwords—were directly accessed as part of this breach, Microsoft did warn users to reset their passwords.

Although the hackers could not view the actual content in the bodies of emails nor download attachments, this incident still represents a major—and disturbing—security incident. This breach serves as a reminder to every business to tighten up its security measures and protect its assets.

Use multi-factor authentication.

Do not leave this as an optional measure for your employees; require it. Multi-factor authentication uses more than one form of identity confirmation—this is the “multi-factor”—to prove the identity of the person attempting to access a particular platform—this is the “authentication.”

Depending on where in the product the Microsoft breach happened, multi-factor authentication could even have possibly prevented or limited the breach. In general, this authentication process adds a strong layer of security. Hackers don’t usually have both the password and the PIN, secret questions, or other ability to verify their identity.

When vetting which type of authentication to implement—if you have this option—consider using the one that is easiest for employees to have on hand, but hardest for others to get a hold of. Trying to make this relatively convenient for your employees will make it easier for them to comply, which will keep your business more secure. Multi-factor authentication is a measure that should go hand-in-hand with training your employees to use strong passwords.

Account for all devices—including mobile—in your security processes.

Very few companies still limit employee access to business assets strictly to desktops at work. There is a growing trend of employees being able to work remotely, even if it is not full-time. A recent study showed that as many as 70% of employees work remotely at least once a week. Whether working from home, a rented office space, or on-the-road, they are using their devices to log in from a distance, well beyond the secured confines of your office. This figure was accounting for full-time employees; contractors only increase the number of remote workers further.

The security processes implemented at your company needs to account for how all of your employees are accessing company resources. Email access on mobile devices is one of the most common ways in which employees take their work on-the-go, and so it’s a strong starting point for building out these protocols. Because confidential company information is being accessed on these devices via networks over which companies have no control, it is critical that both the email servers as well as the devices being used have robust security systems in place.

While new improvements continue to roll out to tackle these issues, solutions that work across all devices are the norm. Security software, as well as encryption tools, can help protect data regardless of the device, particularly when combined with encouraging employees to log-in via secure VPN networks. Cloud options for data storage are offered by providers with a menu of security options; it’s worth walking through your needs and investing in top-quality solutions.

Document your security processes.

With all of the work that goes into developing security processes, even more needs to be carried out to maintain their implementation and ensure that they remain up-to-date with new tech trends and emerging risks.

This is a vast and complex undertaking. All existing assets must be brought onto any updated infrastructure. Employees must be set-up for and onboarded to the security procedures, and checkpoints must be established so that their compliance may be monitored. Systems must be monitored for any breaches, as well as smoothly updated across all users and data to accommodate any new vulnerabilities that arose since the previous update. Different components, whether hardware (including different devices, such as mobile) or software, may experience issues with any updates. New members of the internal information technology must be introduced to the systems while existing members must stay abreast of any new developments; even team members working simultaneously on the same project must address potential communications issues.

Thorough documentation of processes helps achieve this by providing an objective record of the systems in place. This can be used for onboarding; for internal audits; for evaluating alternatives or potential improvements; and even for reviewing the source of vulnerabilities and providing accountability should an issue arise. This sort of record-keeping is an essential component of transparency in company policy and helps enforce quality control on internal processes. Of course, it must also be protected with the highest measure of security since it arguably contains “the keys to the castle.” Decentralizing its storage and scattering protected, encrypted components of it across multiple storage solutions can help protect company assets from the sort of large-scale breach that could otherwise bring your data assets to their knees.

And so, the large-scale Microsoft breach serves as a reminder that active vigilance must always be maintained over internet security, without relying entirely on one single individual, provider, or service. No single entity can be trusted to be entirely safe when major players like Microsoft are clearly vulnerable, despite the teams of brilliant engineers hired to implement safeguards and the millions of dollars invested in diverse preventive measures. Every business needs to be proactive in protecting itself through rigorous internal standards, ranging from staff training through the implementation of mandatory security precautions, to minimize the risk of vulnerabilities being exposed and exploited. Factoring in every employees’ data paths and employing multiple layers of overlapping security efforts at every step of the way—and documenting these processes for easy internal accountability and refinement—are critical for business informational security in this highly connected digital age.

Categories
Blog

Foreign Hacker Steals Nearly Half a Million From City of Tallahassee

Tallahassee Cyberattack

The Tallahassee Democrat reported on April 5th that a large sum of money had been stolen from the city of Tallahassee’s employee payroll. The perpetrator is suspected to be a foreign hacker.

What was stolen in the hack?

The breach diverted approximately $498,000 from the city payroll account. Still, all city employees have received their earned paychecks. This hack was the second time in less than a month that a breach of city security had occurred.

How did the attack occur?

The city of Tallahassee employs an out-of-state third-party vendor to host their payroll services. Their employees should be paid regularly through direct deposit. However, a foreign hacker apparently targeted this third-party vendor, effectively redirecting the direct deposits to their own accounts.

The city of Tallahassee found out about the breach when their bank alerted them. Of course, employees found out simultaneously when they awoke to realize they had not been paid on payday.

Is there any way to get the money back?

In the majority of large-scale hacks, stolen funds or data is difficult or impossible to retrieve. Still, with help from their bank, the city of Tallahassee has managed to recoup approximately a quarter of the stolen money.

They continue to pursue criminal charges against the hackers with the aid of law enforcement and their insurance provider as well.

How do cyber attacks like these occur?

Successful cyberattacks usually start with some form of email hack. This is usually achieved through phishing.

In fact, before the most recent hack of the city of Tallahassee, an email had been sent out that appeared to be from the City Manager. It was actually from an outside hacker who had included a virus disguised as a Dropbox link in the email.

While it is not suspected that this email was related to the stolen payroll funds hack, this does happen. “Phishing” emails can help hackers procure useful information about accessing in-network files and accounts.

How can you prevent hackers from attacking your business?

Large municipalities such as Tallahassee City are increasingly being targeted in cyber attack thefts. But the truth is, any business — or individual, for that matter — can fall prey to a cyber attack.

Unfortunately, the retrieval rate on hacking thefts is not high, meaning that prevention is key. The best way to prevent a hack is to prevent phishing, as this is how most hackers access your systems and accounts.

Make sure that everyone on your staff is keenly aware of what to look for in terms of phishing emails. When in doubt, suspicious emails should be left unopened. Or, at the very least, links should not be clicked, and personal or account information should never be handed over unless it’s sure the request is legitimate.

It’s also important for businesses to employ the services of a reputable and experienced IT services provider. Look for one who specializes in cybersecurity and has experience dealing with hacking prevention.

Categories
Blog Mailchimp

Outsourcing Your IT? Ask About This, Too

If you’re going to pay a company to look after your technology, the least you should be able to expect is that you won’t need to micromanage each project to make sure it gets done. And you definitely shouldn’t have to stress over the possibility that the bill for said project will end up way higher than what you were told it would be. Luckily, gauging the professionalism of an IT provider only takes a few key questions.

Check out this week’s Tech Tip for the fourth and final part of our look at what you need to ask before outsourcing your IT support.

If you have questions, give me a call at (469) 635-5500 or email me at datamagic@datamagicinc.com.

Categories
Blog

Are You Using Old Technology That’s Not Up To Today’s Standards?

The Effects Of Using Outdated Technology

We get a lot of calls from businesses in Dallas/ Ft. Worth that are having difficulties with their old technology. For example, one company called saying that their SBS 2008 server kept shutting down, and they constantly had to reboot it. The server problem was affecting their ability to operate because it went down for 30 to 45 minutes every day.

Can Outdated Technology Cost Us Money?

Outdated technology can cause downtime as we mentioned above. Not only is this frustrating but can result in a real drain on your staff’s productivity and potentially your revenue. Even 30 minutes a day of downtime is costly. In fact, depending on the size of a business, Gartner estimates downtime can cost upwards of $5,600 for every minute lost!

What’s The Effect Of Downtime?

Consider what only 30 minutes of downtime each day adds up to:

  • 30 minutes of downtime per day,
  • 2.5 hours of downtime per week,
  • 10 hours of downtime per month,
  • 120 hours of downtime per year.

Even if this were just downtime on a single faulty desktop, that would mean the user loses three full work weeks to downtime every year! – But in if a server goes down, this causes downtime for your entire staff. Your costs are multiplied by each person depending on your technology.

This quickly adds up to hundreds of hours of downtime every year companywide, during which time staff members are being paid but can’t access customer information, can’t calculate quotes on the spot, can’t send email confirmations, or anything else that requires using their computers.

When your network is down, your employees can’t get their work done. Production slows, your salespeople can’t connect with prospects, and, ultimately, your customers might leave for the competition.

Could Outdated Technology Impact Our Data Security?

No network is entirely safe from the talented hackers out there today. So how do you minimize the chance that your network gets breached? Without up-to-date and a properly configured network infrastructure, your business will be vulnerable.

The older your server, computers, wireless, software, operating systems and other technology, the easier they can be hacked. If they aren’t constantly updated to combat the latest cyber threats, your data is at risk. Data losses affect your reputation and can result in litigation and penalties which will cost you so much more than keeping your technology up to date.

Can Old Technology Affect Our Ability To Grow Our Business?

Your network performance and connectivity will be lacking as you add employees. Old and outdated systems can’t meet today’s increasing and expanding needs. Unless you add new equipment, the traffic will get bogged down. This means it can’t meet your basic needs. And when this happens, your competition will be able to take over your market share,

Can Outdated Wireless Technology Affect The Performance Of Mobile Devices?

The same happens with your wireless system goes down regularly. When it can’t keep up with new devices, you may fall behind in orders, shipments and other logistics. This hits you in the bank account when angry customers move on to your competition. If this happens, you need a wireless expert who can diagnose the cause, whether it’s due to dead spots, hardware failures or access points that need updating.

If you have signal weaknesses now, things will get worse as you add newer wireless devices in the future. Your wireless expert will test scenarios to identify challenges with your slow-running wireless infrastructure. Wireless engineers are continually updated about today’s devices and the right wireless hardware to support them. They will also help you find the right combination of hardware based on your organization’s environment.

Can Outdated Technology Cause Safety Issues?

If you use outdated technology in an industrial or construction setting, you could be faced with safety issues from downtime. You probably don’t even realize how dependent you are on your technology until it goes down.

Network and wireless failures run from the production floor level all the way up to your leadership, creating issues that negatively affect performance, safety and your bottom line.

Just consider the human resources you’ll need to invest in remedying everything that goes down when your technology does. If you had the right equipment in the first place, you wouldn’t be dealing with these problems.

Your IT provider can identify what’s causing your productivity issues. It may be faulty wireless hardware or the need for you to scale up with additional equipment to improve signal strength. You may need a new server, computer, operating system or software. But, one thing is for sure, if you do nothing about downtime and interruptions, your business will lose productivity and revenue, and in an industrial or construction setting, cause safety issues..

Will Outdated Technology Affect Our ROI?

As with any emerging technology, it’s more cost-effective to replace equipment every few years than it is to struggle with outdated equipment. The gains you’ll experience from upgrading your hardware will outweigh the cost of replacement. The increased speed alone will justify the cost of upgrading. You might not realize this because you’ve become accustomed to slow computing or wireless speeds. Once you upgrade, you’ll be glad that you did when you see how much more efficient your new system is.

What Happens When Support For Windows 7 Ends?

This means that you won’t get bug fixes or security updates from Microsoft. Over time, the security and reliability of Windows 7 will make your computers vulnerable to security threats. Your computers could be infected by malware, your antivirus won’t be updated, your online banking transaction protection may expire, and your financial data could be exposed to theft.

Does This Mean Technology Won’t Be Reliable?

Yes – your applications may not be updated, your other software could be incompatible, utilities won’t be supported, and new devices may not connect to your system.

Plus, computer manufacturers will no longer support Windows 7. This means things like printers, desktops, laptops and more won’t be guaranteed to work as they should. Your security programs and third-party browsers won’t support Windows 7. And, when you or your employees browse the Web, you could be exposed to cyber threats. All of this will take place over time.

What Does Windows 2008 Server End of Life Mean?

Windows Server 2008 end of life means that Microsoft will no longer update this product unless a warranty compels them to do so. January 14, 2020 marks the End of Support for Servers 2008 and 2008R2.

Unfortunately, many businesses in Dallas/Fort Worth are still not ready. The reasons vary, but many company owners stay busy running their day-to-day operations. They just don’t have time for issues like this. And yet, this is a crucial server EOL that could cause many disruptions to your business if not dealt with promptly.

Upgrade Now & Get Ahead Of These Problems

You may think you’re saving money by not upgrading, but in the end, you aren’t getting the return on investment that you should with slow speeds, interruptions and downtime. Forward-thinking companies know how much more effective their employees are with more capable technology.

Assessing the viability of technology takes knowledge and experience. It’s always best to find a reliable IT provider in Dallas/Fort Worth to do this. They will also determine your specific requirements and help you upgrade cost-effectively.

If you found this article helpful, be sure to check out our Blog.

Is Your Tech Firm Conducting Quarterly Technology Reviews?

Microsoft Ending Support For Windows 7 (What You Need To Know)

Categories
Blog Mailchimp

Is Your Outsourced IT Provider Worth The Investment?

Some things about an outsourced IT provider are a little tough to gauge until you’ve actually worked with them. That being said, any honest, client-oriented provider will be able to tell you exactly what you can expect from both the company and their technicians.

Check out this week’s Tech Tip for part three of our look at what you need to ask before outsourcing your IT support.

If you have questions, give me a call at (469) 635-5500 or email me at datamagic@datamagicinc.com.

Categories
Blog

Tech Education: What Is Microsoft Office 365?

What is Microsoft Office 365?

 

The ability to work anywhere used to be limited to freelancers and writers, but today’s professionals need the flexibility to be productive regardless of their physical location. Microsoft Office 365 provides the full-featured suite of services that businesses need to scale quickly and focus on core growth. While Office 365 may call to mind basic programs such as Word, Excel, PowerPoint and Outlook, there are far more software apps available that allow you to create custom solutions by department and quickly add or reduce your licenses as needed. See why Microsoft Office 365 is the choice of millions of businesses throughout the world.

Integrated Apps: Superior Experience

Designed to help you grow your business, Microsoft Office 365 provides your teams with simple collaboration internally as well as with customer and external vendor partners. This is ideal for organizations with multiple locations that need the ability to share calendars or documents in real time. Chat functionality is built in, as well as version control that works across mobile and desktop applications. What’s better — users are able to install the apps on up to five devices, making it easy to always stay in sync.

 

 

Apps included in Office 365 include:

  • Word
  • Excel
  • PowerPoint
  • Outlook
  • OneNote
  • Teams
  • SharePoint
  • Exchange Online Protection
  • Access (PC only)
  • Publisher (PC only)

Each application is fully managed and supported by Microsoft, with 24/7 phone and online support as well as their uptime guarantee of 99.9 percent so your software is always available for use by your team.

Cloud-based Storage You Can Trust

Each Office 365 subscription level also includes 1TB of storage in Microsoft OneDrive, an extremely secure solution for cloud-based business data storage. OneDrive allows you to send links to files in a secure location instead of attaching the files directly to your emails, and your devices will always be up-to-date with the most recent versions of documents — allowing for quick edits on the road. Patches are applied on a regular basis

Easy Access to Tools for Building Your Business

Your time is important, which is why Microsoft has created this integrated approach to business productivity and operations. From chatting with remote staff members to collaborating across devices with customers in other parts of the country, you’ll find all the key services that you need to build your business without the overhead of internally managing the licenses or support. From mileage tracking and protection against unauthorized access to your company’s confidential information, Microsoft Office 365 has you covered.

When you’re able to focus on the key tasks associated with business growth and are spending less time on administrative background work, you may be surprised at the high level of value you are able to deliver back to your company on a weekly basis.

Categories
Blog

Microsoft Data Breach Highlights Need for MSP Collaboration and Security

Microsoft Outlook Data Breach

A recently announced a data security breach of Microsoft’s Outlook.com product has many wondering how to work with MSP customers to understand the scope and impact.

What Happened to Outlook.com Data?

It appears that the breach occurred when a support agent’s access credentials were compromised. Support agents are customer service representatives that handle technical issues and complaints. That led to unauthorized access to a portion of the accounts on Microsoft’s web email service from January 1 to March 29, 2019.

The hack apparently affected Hotmail and MSN users in addition to Outlook account holders. In an email to users, Microsoft noted that “This unauthorized access could have allowed unauthorized parties to access and/or view information related to your email account (such as your e-mail address, folder names, the subject lines of e-mails, and the names of other e-mail addresses you communicate with), but not the content of any e-mails or attachments,”

Microsoft also said that the hackers were able to access content on about 6 percent of users.

Is That the Complete Scope of the Breach?

Not necessarily.

“At this time the impact of this particular breach is still under investigation,” noted Swinburne Charles of Checksum Systems, a Toronto IT services company. “However, overall it would not surprise any security expert that far more users were affected. The mere fact that the Microsoft support engineer’s credentials were affected so long would imply that the perpetrators had unfettered access to millions of email addresses and could have simply ‘botted’ their way around those mailboxes, scraping information such as name, email address, mail subject, and message body.”

Phil Cardone of Radius Executive IT, a Boston-area IT company, pointed out that Microsoft support technicians do not have access to end-user-protected data. “This breach could have been much worse if the hackers had destructive intent and compromised the integrity of the Microsoft Office 365 environment,” Cardone said.

“The impact of this attack shows how vulnerable we all are to hacking,” added Anthony Buonaspina of Long Island, New York-based IT support company LI Tech Advisors. “Even through no fault of our own, our information can be compromised by a lapse in security by some individual at a company that maintains our information. It’s scary that these types of hacks can happen without our knowledge and we may or may not even get notified for months after an attack.”

What Should I Do If I Have an MSN, Hotmail or Outlook Account?

In cases like this, it’s important to take precautionary steps, whether or not your account is affected.

“Users should continue to employ safe email practices, keeping an eye out for an increase in phishing emails designed to solicit a response,” said Sarah Ober of Washington, D.C.-based IT company Intelice. “Attackers gained access to email addresses of contacts and had visibility into subject lines of emails, which could be used in targeted attacks.”

Buonaspina, Cardone, and Charles all urged users to change their passwords immediately. Charles noted that companies “should not skimp” on deploying two-factor or multi-factor authorization for systems and applications. Cardone encouraged global account administrators to firm up security on Office 365 tenant accounts and use Office 365 Secure Score to assess and provide as many precautions as possible.

Is This Attack Like Other Ongoing Breaches or Is Something More Significant about This One?

“This attack is like many other ongoing breaches where soft passwords or internal security procedures are lax, allowing for security breaches as we see with Microsoft,” Buonaspina said. “What’s more significant about this one is that it undermines our trust in a major corporation. If they can’t get it right, how the hell are smaller, less security-minded companies supposed to keep their data and their client’s data safe?”

Ober noted the need for end-user vigilance. “One concerning part about this breach was that it involved compromised credentials of a Microsoft support technician, and lasted for multiple months before being remediated,” she said. “It highlights the importance for all support staff to be vigilant with their own chain of security, as it is only as strong as the weakest link.”

“This attack went after the back-end system infrastructure versus the actual end-user experience,” Cardone explained. “A typical breach may affect day-to-day interactions between people and organizations, whereas this attack could have affected the structural integrity of the Microsoft Office 365 system infrastructure. This could have been much worse than it was.”

Categories
Blog

Tech Education: What Is A Firewall?

What is a Firewall?

Firewalls were developed over thirty years ago and function as the first line of defense for many business networks. This piece of network equipment is a perimeter defense that determines whether packets can move into or out of the network. While the basic concept of a firewall is simple, the way that it performs this function and the features it offers continue to evolve based on current threats.

Types of Firewalls

Firewalls come in two major categories: hardware and software. The physical firewalls are network appliances that connect to the rest of the IT infrastructure so it’s able to monitor packets. There are several methods they can use to secure the network and assist with thwarting potential intruders.

Hardware Firewalls

Stateful

Stateful firewalls retain information about the connections being made. It offers good performance because this technology allows it to skip inspecting every single packet. Once it has inspected a connection, it allows it for subsequent packets.

Application-level

Application-level firewalls that are hardware based are designed to protect the application’s connections. They address common attack methods used on that type of application, such as stopping cross-site scripting for a web application.

Proxy

When someone thinks about a standard firewall, a proxy firewall is most likely what’s on their mind. It stands between a host device and the data source and inspects the packets that are sent between them. This type of firewall may not stand up to complex attacks due to its simplicity, but it masks a lot of the network information.

Circuit-level

This firewall is another basic one that focuses on checking the TCP handshake. It’s not resource intensive since it doesn’t look at the packet, but that does mean that it won’t protect against sophisticated attacks.

Next Generation

These firewalls have advanced features that give businesses more ways to stop malicious traffic from making it through the appliance. Some examples of these include deep packet inspection, checking attachments in sandboxes, and terminating encrypted traffic. Third-party data can be incorporated into the rules and filters of the firewall to improve protection against emerging threats. They can also incorporate technology that is found in other types of IT security hardware, such as intrusion detection. The drawback of this firewall type is that it can significantly slow down network traffic.

Software-based Firewalls

Virtual Appliance

This firewall is a software package that’s installed on the business network and does not rely on a hardware appliance for protecting traffic.

Application-level

Some applications have firewalls built into the software itself to act as a second layer of protection. Anything that gets through the physical firewall of the business network and reaches the application layer needs to go through another inspection. These firewalls focus on threats that are most common for that piece of software.

Cloud-based

A cloud-based firewall leverages cloud computing technology for the virtual appliance. Some advantages of a cloud firewall include the ability to scale quickly, high availability, and cost-efficiency. For organizations with limited IT budgets, using a cloud-based service can give them access to powerful features that they wouldn’t have access to without paying a substantial upfront hardware fee.

The right firewall for your organization depends on the typical threats that you face, the sensitivity of the information you’re protecting, and your performance requirements.

Skip to content