Month: May 2017

How to reduce data loss in Office 365

For businesses, the security of sensitive data is critical. If this information is lost or stolen, it could lead to crippling financial losses, legal disputes, and more importantly, loss of customer trust. And while those of you with Microsoft Office 365 installed have some security and compliance tools, there are still some data protection best practices you need to consider. Here are seven of them:

Take advantage of policy alerts
Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices.

Secure mobile devices
With the growing trend of using personal smartphones and tablets to access work email, calendar, contacts, and documents, securing mobile devices is now a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access rules, and remotely wipe sensitive data from mobile devices if they’re lost or stolen.

Use multi-factor authentication
Because of the growing sophistication of today’s cyberattacks, a single password shouldn’t be the only safeguard for Office 365 accounts. To reduce account hijacking instances, you must enable Office 365 multi-factor authentication. This feature makes it more difficult for hackers to access your account since they not only have to guess user passwords but also provide a second authentication factor like a temporary SMS code.

Apply session timeouts
Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to compromise sensitive data. But by applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from simply opening company workstations and accessing private information.

Avoid public calendar sharing
Office 365 calendar sharing features allows employees to share and sync their schedules with their colleagues. However, publicly sharing this schedule is a bad idea. Enabling public calendar sharing helps attackers understand how your company works, determine who’s away, and identify your most vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash a slew of malware attacks to corrupt your data before your business can respond.

Employ role-based access controls
Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks.

Encrypt emails
Encrypting classified information is your last line of defense to secure your data. Should hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis.

While Office 365 offers users the ability to share data and collaborate flexibly, you must be aware of the potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. And if you need help securing your Office 365, we can help with that too! Simply contact us today.

Published with permission from TechAdvisory.org. Source.

Windows 10 updates for Fall 2017

Windows 10’s Fall Creators Update is the next major update that Microsoft will roll out in September. Besides reusing the same “Creators Update” name and focusing on bringing the Windows experience to iOS and Android devices, here are some noteworthy features users can expect.

Timeline
It’s designed to grant Windows 10 users freedom to switch between multiple devices, including iOS and Android phones. Timeline lets you pick up from where you left off if you’re switching between multiple Windows 10 devices. With the Cortana integration, this will even extend to some Microsoft apps on iOS and Android. This useful new feature will be accessible via Window 10’s Task View.

OneDrive Files on Demand
This feature allows you to access all your cloud-based files without having to download them in order to optimize your device’s storage space. What’s more, you won’t have to change the way you work, because all your files — even those online — can be seen in File Explorer, and they work just like every other file on your device.

Cloud clipboard
The Windows 10 Fall Creators Update brings a cloud-powered clipboard that lets you copy information from one Windows 10 device and paste it onto another. And this isn’t limited to text alone either. On top of that, it supports Android and iOS devices if you use Microsoft’s SwiftKey virtual keyboard.

Pick up where you left off
As the name suggests, it basically allows you to start working on your PC and continue working on your phone when you are away from your PC (and vice-versa). Currently, the feature works only between Windows 10 PCs in the Windows 10 Creators Update — but with the upcoming Fall Creators Update for Windows 10, Microsoft will be integrating this capability into your phones as well.

My People
It was originally announced as a key feature in the April’s Creator Update, but will be launched in the coming Fall Creators Update. This feature lets you pin a number of connections to your taskbar — three, in the current Insider preview — and stay in constant touch with them. It defaults to Skype, but you can choose an alternative if you’d like.

These are just a handful of the nifty features users can expect from Windows 10 Fall Creators Update. For more information, don’t hesitate to contact us. We’re more than happy to help.

We’ll keep you updated on the latest developments.

Published with permission from TechAdvisory.org. Source.

WannaCry: A historic cyberattack

No one can escape the news of WannaCry. The IT industry has been covering this type of malware for years, but never has one campaign spread so far or infected so many computers. Read on to gain a greater understanding of what happened and how to prepare yourself for the inevitable copy cats.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.

Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.

Published with permission from TechAdvisory.org. Source.

Mac HandBreak downloads infected by Trojan

macOS version of HandBrake, an open-source video transcoding software that converts multimedia files into various formats, was recently infected with a Trojan. According to HandBreak’s announcement, if you downloaded the app between May 2 (14:30 UTC) and May 6 (11:00 UTC), there’s a 50% chance that your system got infected. Read on to find out more.

How to know if your device was infected

HandBrake can be downloaded from its official website and via mirror sites, or sites that provide the same content as the primary site. Infected downloads came from the mirror site, download.handbrake.fr, where the installer file (HandBrake-1.0.7.dmg) was swapped with a Trojan file, OSX.PROTON. This malicious file managed to trick Apple’s security approval system into deeming it as safe and legitimate.

One way to find out whether you’ve downloaded the Trojan is to look for an “activity_agent” process in the macOS by accessing the Activity Monitor application. Another way is by checking whether the installer file’s checksums match HandBreak’s public codes. You can do this by comparing your downloaded file’s codes with the ones found on HandBreak’s checksums page. If they don’t match, that means you’ve downloaded an infected installer file. This all might sound like a lot of tech gobbledygook, but these checks are essential to knowing whether or not your system has been infected.

The damage

The OSX.PROTON is considered one of the nastiest Trojans today because it can spy on computers from a remote location. It can monitor your activities, upload malicious files on your computer, steal your password and confidential information by detecting keystrokes or taking screenshots, and take over your entire system by hacking your admin settings.

Downloading an innocuous video transcoding application is not typically considered dangerous. However, downloading apps from unofficial sources definitely poses considerable risks. In such a scenario, a backed up data can save your malware-infected computer.

Precautionary measures

Fortunately, Apple has taken steps to block further infections by releasing an update. If your system has been infected, however, it’s not too late. Follow HandBreak’s suggested steps in removing infected files to mitigate any damage. You should also take additional security measures such as changing passwords from a different device. Better yet, get professional help from IT security experts.

Every time you download an app from an unauthorized source, know that there are risks. If you’re a Mac user, download apps only from the Apple Store; and for Android users, only from the Google Play Store. And to gauge the safety of the apps you want to download, it always helps to read their reviews beforehand.

The HandBreak macOS malware is just one of many that are attacking vulnerable systems. With the help of our network security experts, you can thwart cyber attackers’ attempts to steal your sensitive data, hold your files for ransom, or spy on your online activities. Call us now so we can recommend suitable protections.

Published with permission from TechAdvisory.org. Source.

How to defend against WannaCry

Both businesses and individuals across dozens of countries are scrambling to fix their computer systems after a ransomware, named WannaCry, caused major disruptions earlier this month. Like most ransomware, WannaCry encrypts files and demands a Bitcoin payment for their release. What’s worse, more WannaCry variants will likely be developed in the near future, according to security researchers. Fortunately, there are some common strategies you can use to mitigate the damage of the ransomware.

Update your software
The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run security programs
Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.

Use data backup and recovery tools
If WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.

External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.

Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.

After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.

Stay informed
Finally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.

For more ransomware prevention tips and services, call us today. We’ll make sure hackers don’t hold your business hostage.

Published with permission from TechAdvisory.org. Source.

4 Tips for better server management

With so much technology moving to the cloud, onsite servers aren’t getting as much attention as they used to. Optimizing this critical piece of business technology is no small task, but there are a few simple things you can do to ensure the success of your in-house servers.

Mount your servers properly

Small businesses are usually forced to prioritize the here and now over long-term planning. Not for lack of caring, it’s just a fact of working on tight budgets and with small teams. This is especially evident when it comes to server planning. When your business first sets up shop, it’s tempting to plug in a server right next to your workstations — but doing so puts your hardware in harm’s way.

Mounting servers in a rack protects them from the accidents commonly associated with highly trafficked areas: spills, crumbs and tripping hazards. Server racks keep your most essential hardware safe by organizing everything in a space that is more accessible for cleaning and management but less exposed to the day-to-day wear and tear of your office.

Server planning is all about leaving room for the future. When choosing your rack mount, make sure to leave room for the hardware you will need to expand in the future. Unless office space is a serious concern, it’s better to have a half-empty server rack than to be forced to tear the whole thing down and redesign it the moment you need to expand.

Keep servers separate from the main area

Depending on what type of servers you are running, they can create quite a bit of noise. This coupled with the fact that they are comprised of valuable hardware means that you should do everything in your power to keep your servers physically separate from your working space. If you don’t have room for a server room, consider investing a little extra in a secure rack mount with built-in sound reduction.

Never skimp on cooling

Even when your business first opens its doors, server cooling is a crucial consideration. These computers are designed to work at peak capacity and need optimal conditions to do so efficiently. Even if your equipment seems to be performing just fine, too much heat can drastically reduce its lifespan.

Make sure that your cooling solution operates outside the confines of your building’s infrastructure. If the central air gets shut off at night, or if your office experiences power outages, you need a cooling solution that switches over to backup power with your servers.

Keep wiring neatly arranged

For anyone without hands-on experience with server hardware, the number of wires going into and out of your setup is shocking. Getting the whole mess organized isn’t just about cleanliness, it also affects the performance of your current setup and the viability of installing future upgrades. Any time you are installing, removing, or rearranging your server cables, check that everything is neatly labeled and safely grouped together.

Managing any type of hardware comes with dozens of important considerations, and that goes doubly so for servers. The best way to guarantee your IT investments are getting the care they require is by partnering with a managed IT services provider. To learn more about our services, give us a call today.

Published with permission from TechAdvisory.org. Source.

More security features for Office 365

Microsoft has commercially released new products and upgrades that will secure company information. The threat intelligence and data governance features are designed for businesses that adhere to strict regulatory guidelines and need an extra layer of protection against cyberattacks. Here’s a detailed look at what these additions can do for your business.

Threat Intelligence
Threat Intelligence for Office 365 gathers data from Microsoft security databases, Office clients, email, and other recorded security incidents to detect various cyberattacks. This feature gives users in-depth knowledge about prevalent malware strains and real-time breach information to analyze the severity of certain attacks.

What’s more, Threat Intelligence comes with customizable threat alert notifications and easy-to-use remediation options for dealing with suspicious content.

Advanced Threat Protection (ATP) upgrades
In addition to Threat Intelligence, Office 365’s ATP service now has a revamped reporting dashboard that displays security insights across a company. This includes a security summary of what types of malware and spam were sent to your organization, and which ones were blocked. According to Microsoft, these reports will help you assess the effectiveness of your current security infrastructure.

ATP also has a new capability called “Safe Links” which defends against potentially malicious links in emails and embedded in Excel, Word, and PowerPoint files. If suspicious links are discovered, the user will be redirected to a warning page to avoid an infection.

Advanced Data Governance
The newly released Advanced Data Governance feature is also a much needed enhancement for highly-regulated companies. It classifies files based on user interaction, age, and type, and recommends general data retention and deletion policy recommendations. If, for example, your business has retained credit card data for longer than necessary, Advanced Data Governance will alert you of the possible data governance risks.

Data loss prevention enhancements
Last but not least, the Office 365 Security & Compliance Center is also receiving data loss prevention upgrades. With it, you can easily access and customize app permissions and control device and content security policies. So if someone in your company attempts to leak sensitive customer information, Office 365 will notify your administrators immediately.

Although all these features are available only for Office 365 Enterprise E5 subscribers, security- and compliance-conscious companies definitely need these upgrades. Get the right Office 365 subscription by contacting us today.

Published with permission from TechAdvisory.org. Source.

Predictability coming to Windows 10 updates

Updates to the Windows operating system have a controversial reputation. On the one hand, Microsoft issues them frequently to combat cybersecurity risks and introduce new features. On the other hand, the update frequency and requirements leave some users feeling like it’s impossible to keep up. The most recent announcement from Microsoft is working to address these inconsistencies.

Windows 10 updates in 2017

In the summer of 2016, Microsoft announced that Windows would receive two large-scale feature updates in 2017. The first of these was released in April and is referred to as the Creators Update. Although many of the new features are far too advanced for the average user, the Creators Update included huge boosts to data security, user administration, and mobile device management integrations.

The next big update is due in September, and is rumored to come with several consumer-level features such as the People integration that was originally slated for the Creators Update. People would allow you to pin contact icons to your start bar to consolidate shared cloud storage, messaging platforms and calendars for individuals in one convenient location.

The future of Windows OS updates

From 2017 onward, Microsoft has committed to sticking to this “predictable twice-per-year” schedule. Along with more reliable releases, the Windows team is also committing to a more reliable support lifecycle. As long as you are running a version of Windows 10 that has been released sometime within the last 18 months, you can be sure that Microsoft engineers are keeping it current and secure.

This is great news for businesses that struggle to keep their servers and workstations updated. Out-of-date operating systems are one of the biggest risks to data security for small businesses, and promising this level of reliability makes it much easier for IT teams to plan ahead.

As trivial as it may seem, keeping all your software and hardware updated is a huge benefit of outsourced IT management. From productivity improvements to security patches, most businesses are missing out on vital features in a number of their services and platforms. To ensure that every solution you’ve invested in is working at its peak, call us today.

Published with permission from TechAdvisory.org. Source.

The most advanced Gmail phishing scam yet

As the technology that recognizes and thwarts malware becomes more advanced, hackers are finding it much easier to trick overly trusting humans to do their dirty work for them. Known as social engineering, it’s a dangerous trend that is becoming increasingly prevalent. Read on to educate yourself on how to avoid the most recent scam and those that came before it.

Broadly defined, “phishing” is any form of fraud in which an attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

These messages prey on users who click links, images and buttons without thoroughly investigating where they lead to. Sometimes the scam is as simple as an image with a government emblem on it that links to a website containing malware. Just hovering your mouse over the image would be enough to see through it. But some phishing schemes are far more difficult to recognize.

The Google Defender scam

Recently, an email spread to millions of Gmail accounts that almost perfectly imitated a message from Google. The text read:

“Our security system detected several unexpected sign-in attempts on your account. To improve your account safety use our new official application “Google Defender”.

Below that was a button to “Install Google Defender”. What made this scheme so hard to detect is that the button actually links to a totally legitimate site…within Google’s own framework. When third-party app developers create Gmail integrations, Google directs users to an in-house security page that essentially says, “By clicking this you are giving Google Defender access to your entire inbox. Are you sure you want to do this?”

Even to wary users, the original message looks like it came from Google. And the link took them to a legitimate Google security page — anyone could have fallen for it. The Gmail team immediately began assuring users that they were aware of the scam and working on eradicating it and any potential copycats.

There’s no happy ending to this story. Although vendors and cybersecurity experts were able to respond to the crisis on the same day it was released, millions of accounts were still affected. The best way to prepare your business is with thorough employee training and disaster recovery plans that are prepared to respond to a breach. To find out how we can protect your business, call today.

Published with permission from TechAdvisory.org. Source.

New malware threats on Mac computers

No computer is safe from malware, not even Macs. Even though incidences of viruses and malware are rare for Apple computers, they can still occur with disastrous consequences. Based on one security software firm’s report, MacOS malware grew by 744% in 2016, but the number of attacks were still fewer than attacks on Windows computers. So even though they’re safer, you still need to know how your Mac is vulnerable to a growing number of malware threats.

How the new malware attacks Macs

The new strain of malware targeted at Macs is called OSX/Dok, which was first discovered in April 2017. OSX/Dok infiltrates Macs through phishing attacks, whereby users receive a suspicious email with a zip file attachment. Like all phishing attacks, it contains a message that tricks the recipient into opening the attachment purportedly about tax returns.

Mayhem ensues once the malware is in the system, gains administrator privileges, takes over encrypted communications, changes network settings, and performs other system tweaks that put the users at its mercy.

What the malware does

The malware targets mostly European networks, but it’s expected to spread into other regions. Even more alarming is its ability to bypass Gatekeeper, a security feature in the MacOS designed to fend off malware. This is because its developers were able to obtain a valid Apple developer certificate, which makes the attachment appear totally legitimate. Although Apple has addressed the issue by revoking the developer’s certificate of the earliest versions of the malware, the attackers remain persistent and now use a new developer ID.

How to avoid the mayhem

The Mac-targeted OSX/Dok malware is easy to avoid if you keep your wits about you when receiving zip files from unknown senders — these files should be treated as high-risk and be reported to your IT team, quarantined, or junked. Whether you’re using a Mac or a Windows computer, clicking on suspicious ads can download and install apps from third-party sources that put your system at risk.

Mac users are not completely safe, and complacency with security could only result in compromised and irreparable systems, ruined reputation, and lost profits for businesses. For this particular malware, a simple act of vigilance may be all it takes to avoid having your Apple computer bitten by bugs. If you want to double the layer of protection for your business’s Mac computers, call us for robust security solutions.

Published with permission from TechAdvisory.org. Source.