IT Voice

Author: seth

  • Poison Attacks: A quick overview

    Poison Attacks: A quick overview

    Smart technology is everywhere. Not just in our offices, but even in our day-to-day lives with tools like Google Home and Alexa becoming a commonplace. With technology becoming smarter every minute, the risks are increasing by the minute as well. Cybercriminals are finding new ways to corrupt our IT networks to disrupt our businesses, hold our data hostage and even clear our personal bank accounts. Some of the more overt, commonly known acts of cybercrime include hacking, phishing, and ransomware attacks. This blog discusses a lesser-known cybercrime–Poison attacks.

    What are Poison attacks
    Poison attacks are attacks on the ability of the system to make smart decisions. Think about this. How do systems make intelligent decisions? Based on the training or data they receive. This data is used to hone the artificial intelligence of the system to help make smart decisions. Poison attacks mess the very base–the training data set. Poison attacks basically skew the system’s data model in such a way that the output is no longer as intended. They create a new normal for everything. Poison attacks are primarily backdoor attacks. In a backdoor poison attack, the attacker creates a loophole in the core data rule and trains the system to adhere to that rule so it can be exploited at a later time. For example, let’s say, the access control for a particular file is set such that it will allow only those beyond the VP level to view the data. If someone changes the main parameter to include manager level in there, the core data set is violated and the system will not detect an intrusion by someone at the manager level, even if they log in with their credentials.

    Unlike Ransomware, poison attacks don’t make much noise but cause far more damage as they can go undetected for a longer time. Follow our blog next week as we discuss the 3 common types of poison attacks

    Watch out for these poison attacks!
    Poison hamper the ability of the system to make smart decisions by disturbing the very core data set that is used to make a decision. Poison attack methodologies typically fall into one of the following 3 categories.

    • Logic corruption
    • Data manipulation
    • Data injection
    Logic corruption
    In logic corruption, the attacker changes the basic logic used to make the system arrive at the output. It essentially changes the way the system learns, applies new rules and corrupts the system to do whatever the attacker wants.

    Data manipulation
    In data manipulation, as the name suggests, the attacker manipulates the data to extend data boundaries that result in backdoor entries that can be exploited later. Unlike logic corruption, the attacker doesn’t have access to the logic, so they work with the existing rule and push data boundaries further with a view to accommodate them later.

    Data injection
    In data injection, the attacker inserts fake data into the actual data set to skew the data model and ultimately weaken the outcome. The weakened outcome then serves as an easy entryway for the attacker into the victim’s system.

  • Why Small Businesses Shouldn’t Avoid Making Disaster Recovery Plans.

     
     
    Why Small Businesses Shouldn’t Avoid Making Disaster Recovery Plans.
     
    Entrepreneurs and small businesses, especially ones that are fairly new, often don’t think about making plans to recover in case of a disaster. However, it is the smallest business that most likely has the fewest resources to fall back on in case of disaster.
     
    Why does this happen?
    1. It isn’t on an entrepreneur’s radar – The challenge and hurdles of starting out are what drive small business owners. The excitement that comes with getting a new client or releasing a new product are what motivates them. To be honest, things like disaster recovery plans are a little dull and aren’t part of the exciting day-to-day hustle of running a company. As a result, these issues get put on the back burner.
    2. Planning tools can seem too complex – Ideas like “risk assessment” and “business impact analysis” can be intimidating. Many SMBs may just feel the whole area is overwhelming and leave it to another day.
    3. It is perceived to be unaffordable – Many owners may believe that putting disaster recovery plans into place involves a lot of additional spending on consultants, backup hardware and more software. That isn’t true. With cloud technology and the use of a managed service provider, disaster recovery doesn’t need to be an intimidating or expensive proposition.


  • IT Defense In Depth Part I



    In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can’t map every possible avenue for attack.

    What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software.

    Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net.

    Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For example, if a hacker can get an employee to click on a compromised email or website, or “brute force guess” a weak password, all the antivirus software in the world won’t help you.

    There several vulnerabilities a hacker can target: the physical layer, the human layer, the network layer, and the mobile layer. You need a defense plan that will allow you to quickly notice and respond to breaches at each level.

    The physical layer refers to the computers and devices that you have in your office. This is the easiest layer to defend, but is exploited surprisingly often.

    Here are a few examples:
    1. Last year 60% of California businesses reported a stolen smartphone and 43% reported losing a tablet with sensitive information.
    2. The breaches perpetrated by Chelsea Manning and Edward Snowden occurred because they were able to access devices with sensitive information.
    3. For example, Comptia left 200 USB devices in front of various public spaces across the country to see if people would pick a strange device and insert into their work or personal computers. 17% fell for it.
    For the physical layer, you need to:
    1. Keep all computers and devices under the supervision of an employee or locked away at all times.
    2. Only let authorized employees use your devices
    3. Do not plug in any unknown USB devices.
    4. Destroy obsolete hard drives before throwing them out
    Next time in Part II, we will talk about the human and network layers of security.

  • Keeping your data safe: Access Control

    Keeping your data safe: Access Control

    Cyberattacks are a commonplace today. Malwares such as viruses, worms and more recently ransomwares not only corrupt your data or hold it hostage, but also inflict irreversible damage on your brand and business. As a norm, most businesses these days do invest in anti-virus/cybersecurity systems. But, is that really enough? The answer is–NO. Because, they often overlook one important aspect–access. Ask yourself, how easy is your data to access? How can you strengthen the walls that keep your data safe? Read this blog to find out.

    Role-based access

    Always follow a role-based access permission model–meaning people in your organization have access to ONLY the data they REALLY need. Generally, the higher the designation, the deeper the data access permission and stronger the rights. For example, someone at the executive level may not be able to edit your MIS spreadsheet, but a manager should be able to.

    Formal password controls

    No matter how good your cybersecurity, you need to ensure the protocols are followed at the ground level. Enforce policies regarding passwords strictly and hold violators accountable. Examples include-
    • Password combinations – Ensure your staff follows the recommended best practices when selecting passwords so there are no ‘easy-to-crack’ passwords
    • Password sharing – Thoroughly discourage password sharing across your organization. No matter who asks for it, passwords shouldn’t be disclosed unless authorized as per the protocols.

    Don’t ignore physical security

    Virtual security is a must, but so is physical security. Though there is only so much physical access controls can do in keeping your data safe in the BYOD era of today, don’t overlook this aspect. Installation of CCTV cameras on-floor, biometrics/card based access to your workspace/server rooms, etc. also have a role to play in data safety from the access perspective. 

    Training & reinforcement

    Finally, train…train…train. You need to train your employees on the protocols for data security and access so they don’t mess up accidentally. Conduct mock drills, refresher trainings, follow up with quarterly audits, and use positive and negative reinforcements to ensure everyone takes it seriously. Because, at the end of the day, no cybersecurity software is good enough, if the best practices related to data access are ignored.

  • Cyber insurance: What’s the cost and what does it cover

    Cyber insurance: What’s the cost and what does it cover

    Cyber insurance covers a range of elements, the most basic being the legal expenses incurred as a result of falling victim to cybercrime. This includes legal fees, expenses, and even any fines that you may have to pay or financial settlements that have to make with your customers or third parties who have been affected as a result of the incident. Apart from this, depending on the coverage you opt for, your cyber insurance may cover the following.

    Notification costs

    In the event of a data breach, the business is required to inform all affected parties of the breach. This involves reaching out to them individually and also through the press. Cyber insurance may cover the costs related to this process.

    Restoration costs

    After a cybercriminal attacks your IT infrastructure, you will have to spend money restoring it. There will be considerable expense in terms of recovering the lost data and repairing or replacing affected IT systems.

    Analysis costs

    In the event of a data breach, you will have to conduct a forensic analysis to identify the root cause of the breach and figure out how to prevent further occurrences. Cyber insurance may cover the costs of such an investigation.

    Downtime costs

    When your business operations shut down, even temporarily, due to IT issues, you lose revenue. You could get a cyber insurance policy to cover such downtime costs.

    Extortion money

    In some cases of data theft like a ransomware attack, cybercriminals usually demand a certain amount of money as ransom or extortion to let you access it again. Considering how rampant ransomware attacks are these days, it may make sense to opt for a policy that covers this angle as well.

    How much does cyber insurance typically cost

    Depending on the coverage and risk, annual cyber insurance costs range anywhere from $1000 a month to about a million dollars. But, what you need to ask yourself is, how much can it cost you if you ignored cyber insurance? The answer is, it could cost you your business, your customers and your brand reputation. With cybercrimes rising at alarming rates, cyber insurance is not a luxury that only the big players should invest in. It is the need of the hour for any business, irrespective of its industry or size.

  • Social media security

    Social media security

    Social media is a great tool for SMBs to get the word out about their products and services, build their brand, and connect with prospective customers. It also offers paid marketing avenues as well, such as PPCs, marketplaces, etc., But are your social media accounts secure? Typically what happens in a business account on social media is that multiple people may have access to the account. Access could stretch across different departments such as marketing, sales, PR, HR or it could be multiple people from a single team with access rights–usually marketing. If you outsource your social media management to marketing agencies, their staff also end up having access to your social media accounts. All of these situations make your social media accounts very vulnerable. Here are a few tips to keep your social media accounts secure.

    Always be aware of who has access to your social media accounts. This may seem obvious, but you may be surprised to know that many SMBs are not sure who all have access to their company social media accounts. They know the marketing department or sales team or PR have the access, but which members in the team actually do, is often a security detail that’s overlooked.

    Think about who you want to give access to. Do you want everyone in marketing to have access to your company LinkedIn account? Perhaps it is not a great idea to let that new marketing intern you have known for only 3 days to get access to it. Even within a team, you need to decide who can be trusted with the keys to your social brand.

    If you have outsourced your social media management, find out what are the vendor’s policies and SOPs regarding account access. If you are managing your social media in-house, make sure you have a social media policy in place. This policy should cover every detail, right from who will act as the administrator(s) for your social accounts, how often the posts are to be made, to what kind of content is acceptable and unacceptable.

    Pay special attention to the administrator(s) of your social accounts. Educate them on social media best practices and password hygiene. Help them understand the importance of good password hygiene practices and ensure they are mindful of their role as your social media administrator because chances are, hackers can get access to your social media accounts via theirs.

    Apart from training and educating your staff and implementing social media policies you should also invest in mechanisms such as password managers, multi-factor authentication tools, social media monitoring systems, etc., that make it easy for you to identify and prevent social media mishaps. You cannot afford to take your social media presence lightly. Social media is a powerful brand building platform that can make or break your brand and market mindshare. Your customers are out there on social media platforms judging you, your business values, and your brand personality depending on what you put up on your Facebook, Twitter and LinkedIn accounts. So, it’s important to take social media security seriously and make sure it is covered in your cybersecurity processes.

  • Cyber insurance 101

    Cyber insurance 101

    What is cyber insurance

    With cybercrime becoming a major threat to businesses across the world, irrespective of their size, cyber insurance is fast becoming a necessity more of a necessity than a choice. However, the concept of cyber insurance is still fairly new and not many SMBs are aware of its benefits. Cyber insurance is an insurance that covers your liability in the event of your business becoming a victim of cybercrime. For example, a data breach puts you at risk of lawsuits, makes you liable to your customers/other parties whose data has been compromised because of/via your organization. Cyber insurance covers the financial aspect of such liabilities, making it easier for you to deal with them.

    Why do you need cyber insurance

    Many organizations think of cyber insurance as an added cost. They believe they don’t need it for various reasons.

    Bigger organizations think their IT security measures are watertight and they won’t fall victim to cybercrime, and they also tend to believe that even if they are affected in a one-off case of cybercrime, they are solid enough to discharge their liabilities and come out of the incident with their brand value intact.

    SMBs, on the other hand, think cybercriminals are most likely to target the bigger players and they don’t need cyber insurance. But, in reality, it is the smaller businesses that are at a greater threat–primarily, because

    1. They lack the resources to strengthen their IT infrastructure and their staff is less likely to be trained in identifying cyber threats, making them more vulnerable
    2. They are less likely to recover from the damage to their financial and brand health as a result of falling victim to cybercrime
    The bottom line is, every organization–big or small, needs cyber insurance today. Cyber insurance, however, is not a replacement for cybersecurity. Having cyber insurance doesn’t mean you can be lax about cybersecurity. It is meant as a buffer, to help.your business survive when something slips through the cracks. An MSP can help you tighten your cybersecurity and prevent data breaches and other untoward incidents. Also, being well versed with the IT industry, your MSP can help you understand the IT risks that you need to get covered for. They can also help you pick out the right cyber insurance policies, in some cases, some of them even being insurance advisors or agents.

  • Dark web monitoring: What you need to know

    Dark web monitoring: What you need to know

    The dark web is essentially a marketplace for cyber criminals. If your data has been compromised, the dark web is the place where it is traded. It could be sold by miscreants, to miscreants, who can later hack into your system or extort money from you to prevent a data leak and so on.

    What can be the implications for your organization if you are on the dark web?

    If your data is on the dark web, it puts your business and your customers at risk. For example, as a business, you possess a lot of the Personally Identifiable Information (PII) of your customers, which, if leaked can even shut down your business by

    • Attracting lawsuits that require you to shell out large sums of money in the form of fines or settlements
    • Causing serious damage to your brand
    • Resulting in the loss of customers and new business

    What are dark web monitoring services?

    One way to mitigate the risks of the dark web is by signing up for dark web monitoring services.

    As a part of the dark web monitoring service, a company may keep an eye out for any information you specify or that is related to you that may be present or traded on the dark web. There are various avenues where such information may be made available on the dark web. Examples include

    1. Chat forums
    2. Blogs
    3. Social media platforms
    4. Online marketplaces (Dark web’s equivalent of eBay or Craigslist)
    Another service offered as a part of dark web monitoring includes vulnerability alerts. On the dark web, there will be entities who will be willing to give away information about vulnerabilities in certain systems/software for a price. A company that offers dark web monitoring will keep an eye out for such information and alert its customers of such threats.

    Companies offering dark web monitoring services may also be able to offer you industry insights, trends, and benchmarks that can help you proactively tighten your cybersecurity.

    What you can do: Safeguarding your data against the dark web

    With dark web monitoring services, you will know if there has been a data breach. Let’s say you come to know your e-commerce website’s user IDs and passwords have been stolen, or your customer’s credit card data has been leaked via your database, you can take the necessary steps to mitigate a possible ransomware attack or data leak before it happens. But, that’s reactive. That’s damage control after the damage has been done. While dark web monitoring services can warn you if your data has been compromised, here are a few things that you can do to keep your data safe in the first place.

    Password hygiene

    Follow good password hygiene and industry best practices. Establish clear password policies and rules and regulations regarding password sharing. For example, discourage the use of the same passwords for multiple accounts or use of passwords that are too simple or obvious such as user’s name, date of birth/date of joining organization or numbers in sequence, etc, establish policies regarding password update at regular intervals.

    Train your staff

    Train your staff to identify spam, phishing, and other malware traps. Conduct tests and mock drills and re-train those who don’t pass them. Provide updates when there’s a new threat in cyberspace that may affect you.

    BYOD policies

    If you allow your employees to bring their own devices to work, establish a clear BYOD framework that will help you manage the risks associated with this setup.

    Access permissions and roles

    Establish different user roles for your staff and give them role-based data editing, copying or sharing permissions, so that each employee only has as much access to information as they really need.

    Being exposed in the dark web can be exhausting, scary and life-threatening to a small or medium-sized business. Teaming up with an MSP who specializes in cybersecurity or offers dark web monitoring services can help keep you safe.

  • Four ways unified communications can improve productivity Part I



    Four ways unified communications can improve productivity Part I

    Today’s blog will give a quick definition of unified communications and then explain reasons why this concept can lead to improved productivity in the workplace. So what is unified communications? First of all, it is more of a broad concept than any specific, concrete product or service that comes in a box. There are many different vendors that offer some form of unified communications technology and there are many flavors of it. In general, however, unified communications can be understood as the effort to unify the communications channels that we use singularly and/or in parallel and pull them together. For example, a unified communication system might create a unified mailbox whereby a user could access email, v-mail, voice, text and video using only one number. It works to eliminate the parallel structure of our communications channels. Unified communications may also be applied to begin to integrate our social media, where we normally have to maintain different accounts for Facebook, Twitter, LinkedIn and Instagram.

    So why is this useful? Let’s look first at productivity.
    • Businesses are becoming more virtual; Real estate, whether owned or leased, is not free. Increasingly, firms are fostering more full-time work-from-home initiatives. As a result, collaboration has to rely heavily on technological communication channels. In a cyclical pattern, as these technology channels improve and expand, our capacity to eliminate the constraints of physical workplace locations. Virtual offices can be more successful with integration.
    • Improve the usefulness of our communication channels – Just as five separate trips to the restaurant wasted time and energy, not using integrated collaboration and communication channels is inefficient and limits our capacity to effectively communicate together. This lack of integration hinders productivity. Multiple channels lacking integration can be clumsy, and at the very least, not optimized for efficiency.
     In our next blog we will continue the discussion of how unified communications can help improve productivity in additional ways.

  • 4 COMMUNICATION TECHNOLOGY TRENDS FOR 2017


    Over the course of 2016, a number of communication technologies have come forward and grown to encompass much of how we do business today. Communications companies have continued to improve upon their technologies and have made it possible to interact smoother and easier than ever before. Here are just a few of the trends we have seen over the course of 2016 that will continue to change the face of business communications.

    UNIFIED COMMUNICATIONS

    With an eye on collaboration and providing both internal and external communications solutions, unified communications is a hot topic. These systems often provide collaborative tools, screen sharing capabilities, chat functions and more. This allows your team to communicate better with customers, but also with one another in real time to solve problems. Instead of bouncing customers between multiple departments and forcing them to explain their situation over and over, now data can be passed along in an instant and all parties can be brought up to speed.

    MOBILE INTEGRATION

    Mobile communication technologies have been working their way into the business world for more than a decade. In their earliest stages, work-related functions were often clunky or offered only limited functionality. Today it is possible for employees to stay on the road full time and still have complete access to their network. User interfaces have improved drastically, and we have found more ways to increase security and functionality on the road, so you can make calls, answer emails and more from your mobile device.

    VIRTUALIZATION

    With each passing year, the cloud becomes more important to everyday operations. More and more companies are moving their communications systems to the cloud and eliminating bulky hardware on site. They are leaving maintenance to the hands of third party providers and focusing more of their energies on building their business instead of dealing with IT problems. Cloud-based solutions are also contributing to the versatility and mobilization of companies, allowing for more flexibility on the road and in the field.

    HOMEWARD BOUND

    For the last two decades, companies have relied heavily on overseas call centers to handle their customer service calls due to the high costs of operating a call center full time. However, now that virtualization and mobile technologies have become affordable and accessible, more companies are bringing their call centers back home. By using either a third-party call center, which serves multiple clients, allowing call center employees to work from home or placing them on pay scales based upon call volume rather than hourly wages, the U.S. is once again a competitive marketplace for call centers.

    These are just four of the biggest trends in communication technologies that have grown out of 2016. Going forward, we can expect to see ongoing developments in the mobilization and virtualization of communications. In addition, there will be plenty of new unified solutions introduced to offer complete communications systems to companies of all sizes, bringing enterprise level solutions down to the small and mid-size business tier.