Be Ready for Ransomware

Ransomware continues to emerge as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware runs, it locks victims’ files. The cyber criminals demand payment in return for the decryption key needed to release the files.  

You are probably well aware that ransomware is a hot topic in the news these days as attacks target all types and sizes of organizations. Small businesses are particularly vulnerable to attacks as ransomware is on the rise. Researchers identified more than 4 million samples of ransomware in Q2 of 2015, including 1.2 million new samples. That compares with fewer than 1.5 million total samples in Q3 of 2013 (400,000 new).

The rate of attacks is also on the rise. While Q1 2015 had a 165% increase in ransomware attacks from the prior quarter, the number of ransomware attacks in Q1 2016 was 300% greater than Q4 2015.

Cyber criminals distribute ransomware in a variety of ways. Protection is difficult because, just like the flu virus, ransomware constantly evolves. Between 14% and 17% of attacks in Q1 2016 were new variants, indicating that cyber criminals continue to be creative in finding new ways to do harm.

Over $325 Million was paid by businesses to recover their data in 2015. This number is expected to exceed $1.2 Billion in 2016. The real cost might be 3 times or 4 times these figures when the labor and lost productivity is added up.

You can protect your business against ransomware attacks. In our new eBook, a Business Guide to Ransomware, you will learn how malware spreads, the different types of ransomware proliferating today, and what you can do to avoid or recover from an attack. Hiding your head in the sand does not work, because today’s ransom seekers play dirty. Make sure your organization is prepared.


For a 1:1 consultation and assessment of your risk, contact us today.


 

3 Email Encryption Options for Google Apps

Security KeyIn the Google Apps ecosystem, we see three primary players with integrated email encryption services.

  • ZixMail
    • A comprehensive message encryption service that includes user tagging of messages for encryption and heuristics and business rules to auto-encrypt. ZixMail also includes the ZixGateway of other ZixMail users, enabling automated end-to-end secure communications.
  • Google Apps Message Encryption (GAME)
    • A private-label of Zixmail run in Google’s data center. GAME uses the ZixMail encryption engine and services, matched to the email rules capability of Gmail.

 

  • Virtru
    • An encryption-in-place service that integrates with Google Apps which runs in the Chrome Browser, Outlook on Windows desktops, and on mobile devices. Virtru includes features such as forwarding blocks and email expirations. Data loss prevention rules for HIPAA compliance are available at an additional cost.

To learn more about these solutions in depth, read our new eBook: Email Encryption in Google Apps.

Email Encryption is Not Compliance

Security Key
While providing a reasonable level of protection from inappropriate access to your data, the built-in encryption is not sufficient to meet information privacy regulations. Laws such as the Health Information Portability and Accountability Act (“HIPAA”), and industry regulations including the Personal Card Information (“PCI”) standards require more than data encryption.

Privacy laws and regulations typically include three components:

  1. Policies and procedures that, when followed, provide appropriate data protections
  2. A means to monitor compliance, with the ability to detect and mitigate potential violations of the policies and procedures
  3. A defined response and resolution procedure in the event of a breach

As explained in our eBook, Email Encryption in Google Apps, Technology can support the implementation of these three components, but does not offer a full solution on its own.


Contact us to assess your email encryption needs and to define an affordable solution.


 

Beyond Restore: Use Cases for Google Apps Backup

Backup Man

As we have noted several times in prior posts and webcasts, Google’s internal backup systems are designed to protect you should Google have hardware or software issues. You, however, are responsible for protecting your data in Google Apps from user deletions, user overwrites, malware, hackers, and other risks.

We have identified several use cases for backup/recovery in Google Apps that you cannot do from the Admin console.

A good Google Apps backup solution does more than restore

Preserve Data From Past Employees

  • If you want to preserve data from past employees, and need more than emails, your only option is to continue paying for the suspended Google Apps accounts.
  • With the ability to restore data to others, you can keep the backup as an archive and delete the Google Apps accounts.
  • An added benefit: the cost is less than 1/2 of a Google Apps for Work license and less than 1/4 of a Google Apps Unlimited license.

Transfer Data to New Owners

  • While you can transfer document ownership though the Admin Console and ownership of Sites data through APIs, these transfers are “all or nothing” and are destructive (they remove the data from the original account).
  • With the ability to restore data selectively and to others, you can transfer specific files, folders, sites data, emails, etc. to different people as needed.
  • An added benefit: You can transfer data between employees as they change positions and responsibilities.

Archive Documents (and other data)

  • While Google Apps Vault has eDiscovery searches for Gmail and Drive, Vault only archives Gmail.
  • A third party backup solution can preserve and archive documents, as well as email, calendars, contacts, and sites data in support of your document retention policies or regulations.
  • While a user can still delete a document and empty it from Trash before the backup, most users are unaware of the steps to take. With multiple backups per day, you are protected from losses other than those of a determined malicious actor.

Escape Hatch

  • As a “best-practice”, backups should not be stored in the systems being backed up without altering the format or content.
  • The right backup solution keeps your data in a separate location/service and restores data in its original format.
  • An added benefit: With an export feature, your backups become an easier way to extract data from Google Apps.

 

We offer multiple backup solutions for Google Apps, click here to learn more about our preferred solution.


 

Be Able to Recover

Backup Man
Accidents will happen. And while accidents that damage or destroy data are more common, malicious attacks will happen as well.  The rate of ransomware is on the rise and large companies are not the only targets. Whether by phishing attack, advanced persistent threat, or other means your company is seen as having data valuable enough to extort a ransom, you are a target.

In short, if you are reading this, you are a potential target.

While improving your endpoint protection and educating users can greatly minimize your risk, no malware solution can provide you with a guarantee against ransomware. So, if you are hit, you need to be able to recover.

For your on-premise systems, you most likely have a backup/recovery solution. In the event of ransomware, you can delete the encrypted files and restore from a point in time prior to the attack. Yes, you lose data, but a solid backup plan can minimize the loss and the impact.

Your cloud data needs the same protection. You want the same recovery process.  

Traditional and cloud backup services can be installed and connected to cloud servers in much the same way as they work for on-premise servers. For cloud file services, like Google Drive and Microsoft OneDrive, traditional backup solutions will not work as they cannot connect to the service. The same holds true for data in SaaS applications like Salesforce.com.  You need a specialized solution.

Our Recommendation

For most of our Google Apps and Microsoft Office 365 clients, we recommend Backupify as our preferred solution for several reasons:

  • Multiple backups per day for some or all users
  • Unlimited backup space
  • Unlimited backup retention
  • Multiple admin accounts with delegation
  • Powerful search
  • Fast restores
  • The ability to archive data for past users (Google Apps)

Our Offer

Try Backupify for free for 21 days. If you like what you see, we can save you money on license and support.  If not, we discontinue the service.

Interested? Let us know.

Third Party Apps: The Overlooked Data Risk

risks of third-party apps It is easy to overlook the risks of third-party apps. You see a cool app and install it on your phone. You see the prompt asking you for permissions. It is not clear what the app wants to access or why, but you want the app. You click “Grant” or “Allow” and away you go. Some third party now has access to your contacts, you schedule, and maybe even your files. Whether mobile apps, browser extensions, or freemium apps, your user community is installing apps and tools and granting access to your data. And while most apps are harmless and well-behaved, one rogue app can be a disaster.

The Hidden Dangers of Third-Party Apps

Not every app, and not every app provider, is trustworthy.  And since most apps need access to some of your data in order to function, permissions should not be granted without some forethought. Preventing individual users from installing apps and granting permissions, however, is nearly impossible. Most small and midsize organizations have neither the money or resources to micromanage browsers and mobile devices — especially in our BYOD world.

Using third-party apps can come with certain risks, and it’s important to be aware of them before installing and using such applications. Here are some common risks associated with third-party apps:

  1. Security and Malware: Third-party apps may pose security risks as they are not subject to the same level of scrutiny and oversight as apps available on official app stores. Some third-party apps may contain malware, spyware, or other malicious code that can compromise your device’s security and steal personal information.
  2. Data Privacy: Third-party apps may collect and misuse your personal data without your knowledge or consent. These apps may access sensitive information stored on your device, track your online activities, or share your data with third parties for targeted advertising or other purposes. This makes a good case for implementing proper data protection and security measures.
  3. Compatibility and Reliability: Third-party apps may not be as reliable or compatible with your device as apps provided by trusted sources. They may crash frequently, have compatibility issues with your operating system or other apps, or cause other technical problems.
  4. Lack of Updates and Support: Third-party apps may not receive regular updates or support from developers. This can lead to compatibility issues with new operating system versions or security vulnerabilities that go unpatched, leaving your device exposed to potential threats due to outdated technology.
  5. Inadequate User Reviews and Ratings: Unlike official app stores that have stricter review processes, third-party app sources often lack reliable user reviews and ratings. This makes it challenging to assess the quality, safety, and overall user experience of these apps.
  6. Legal and Copyright Issues: Some third-party apps may infringe upon intellectual property rights, such as copyrighted content or trademarks. Installing and using such apps could potentially lead to legal repercussions.

To minimize the risks associated with third-party apps, consider the following precautions

The Best Ways to Safeguard Your Device and Data from Third-Party Risks

Fortunately, for those of us running Google Apps and other cloud services, we have affordable solutions for monitoring and managing third party app access to your data.

Our Recommendation to Shield Your Device from Potential Harm

If you are running Google Apps, we generally recommend BetterCloud Enterprise as our preferred solution for several reasons:

  • The Domain Health and Insight Center provides you with activity reports, alerts, and advanced reporting
  • Bettercloud includes a robust suite of Google Apps admin tools that are not available in the Google Apps Admin Console, including bulk actions, dynamic groups, and a user deprovisioning wizard
  • BetterCloud monitors and lets you manage third party app access to any data within Google Apps, and provides a trust rating to help you determine which applications pose a risk
  • BetterCloud monitors activity in Drive against business rules to ensure compliance with data privacy policies and regulations. BetterCloud will proactively modify permissions and send alerts to prevent accidental or intentional violations.

Additional Ways to Guard Against the Pitfalls of Third-Party Apps

  • Only download apps from trusted sources, such as official app stores or reputable websites.
  • Read reviews and ratings from other users before installing an app.
  • Check the permissions requested by the app and ensure they are necessary for its functionality.
  • Keep your device’s operating system and security software up to date.
  • Use reputable antivirus software to scan apps before installation.
  • Be cautious when granting excessive permissions or sharing sensitive information with apps.
  • Regularly review and remove any unused or suspicious apps from your device.

How Cumulus Can Help Protect You From Third-Party App Risks

While there is a minimum fee for BetterCloud Enterprise, you can try BetterCloud for free for up to 30 days.  If you like what you see, we will waive the setup fees.  If not, you can keep running the Domain Health and Insight Center for free.

 

How to Upgrade Your Endpoint Protection

endpoint protection upgrade Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content. This poses the need for an endpoint protection upgrade to ensure proper protections are in place.

Symantec Endpoint Protection Upgrade

Upgrading Symantec Endpoint Protection is an important step to ensure that your endpoint security solution remains effective against evolving threats. It’s important to note that specific upgrade processes may vary depending on your environment and the version of Symantec Endpoint Protection you are currently using. Here are some steps you can consider when upgrading Symantec Endpoint Protection:

  1. Review the System Requirements: Before upgrading, ensure that your systems meet the minimum requirements for the new version of Symantec Endpoint Protection. Check the product documentation or contact Symantec support for the specific requirements.
  2. Backup Configuration and Data: Prior to upgrading, create a backup of your existing Symantec Endpoint Protection configuration settings, policies, and any important data. This will allow you to restore settings in case of any issues during or after the upgrade.
  3. Check for Compatibility: Verify the compatibility of any third-party software or integrations with the new version of Symantec Endpoint Protection. Ensure that they will continue to function properly after the upgrade.
  4. Plan the Upgrade Strategy: Develop an upgrade plan based on your organization’s requirements. Consider factors such as the number of endpoints, network bandwidth, maintenance windows, and any potential impact on users or critical systems.
  5. Test in a Lab Environment: If feasible, set up a test or lab environment to perform a trial upgrade. This allows you to identify and address any potential issues before rolling out the upgrade to your production environment.
  6. Communicate with Stakeholders: Notify relevant stakeholders, such as IT teams, end-users, and management, about the upcoming upgrade. Provide information about the benefits, timeline, and any potential impact on their workflows.
  7. Obtain the Latest Version: Obtain the latest version of Symantec Endpoint Protection from the official Symantec website or through your authorized Symantec partner. Ensure that you download the correct version for your operating system, and don’t let outdated technology slow your business down.
  8. Read the Upgrade Documentation: Carefully review the upgrade documentation provided by Symantec. Follow the step-by-step instructions and pay attention to any specific considerations or prerequisites mentioned.
  9. Perform the Upgrade: Execute the upgrade process on a test system or a small group of endpoints first, ensuring that everything functions as expected. If successful, proceed with upgrading the remaining endpoints according to your plan.
  10. Post-Upgrade Testing and Validation: After the upgrade, perform thorough testing to validate the functionality of Symantec Endpoint Protection. Test key features, policies, and ensure that endpoints are adequately protected.
  11. Monitor and Troubleshoot: Monitor the upgraded environment closely for any issues or unexpected behavior. Address any problems promptly and seek assistance from Symantec support if necessary.

Remember to consult the official Symantec documentation and support resources for detailed guidance tailored to your specific version and environment.

Cloud-based Alternatives offer Better Endpoint Protection Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

Other Best Practices for Endpoint Protection

mplementing best practices for endpoint protection is crucial to safeguarding your devices and data from security threats. Here are some key practices to consider:

  1. Use a Robust Endpoint Protection Solution: Deploy a comprehensive endpoint protection solution that includes antivirus/anti-malware, firewall, intrusion prevention, and other security features. Regularly update the solution with the latest security patches and definitions.
  2. Keep Operating Systems and Software Up to Date: Ensure that all endpoints have up-to-date operating systems and software applications. Enable automatic updates to receive the latest security patches and bug fixes, reducing the risk of vulnerabilities being exploited.
  3. Employ Multi-Factor Authentication (MFA): Implement MFA for accessing critical systems and sensitive data. MFA adds an extra layer of security by requiring users to provide additional verification factors, such as a password and a temporary code sent to their mobile device.
  4. Enforce Strong Password Policies: Enforce the use of strong, unique passwords across all endpoints. Encourage the use of password managers to facilitate the creation and management of complex passwords. Consider implementing password expiration and complexity requirements.
  5. Educate Users about Security Awareness: Conduct regular training sessions to educate users on common security threats, such as phishing, social engineering, and malicious attachments. Teach them to recognize and report suspicious activities to help prevent breaches.
  6. Implement Least Privilege Principle: Assign users the least privileges necessary to perform their tasks effectively. Limit administrative access to only those who require it. Regularly review and revoke unnecessary privileges to minimize the risk of unauthorized access.
  7. Enable Endpoint Encryption: Encrypt data on endpoints, especially laptops and mobile devices. Full disk encryption helps protect sensitive information in case of theft or loss. Additionally, consider encrypting data during transmission using secure protocols (e.g., HTTPS).
  8. Regularly Back Up Endpoint Data: Perform regular backups of critical data on endpoints. Use both local and off-site backups to ensure data availability and quick recovery in the event of data loss or ransomware attacks. You may also consider evaluating SaaS backup solutions.
  9. Implement Network Segmentation: Segment your network to limit the lateral movement of threats. Divide your network into logical zones with restricted access controls and monitor traffic between segments for potential threats.
  10. Monitor and Analyze Endpoint Activity: Implement endpoint detection and response (EDR) solutions to monitor and analyze endpoint activities in real-time. This helps identify and respond to suspicious behavior, malware, or breaches promptly.
  11. Regularly Conduct Vulnerability Assessments and Penetration Testing: Perform regular vulnerability assessments and penetration testing to identify and address potential weaknesses in your endpoint security infrastructure. This helps proactively identify and remediate vulnerabilities before they are exploited.
  12. Establish an Incident Response Plan: Develop and document an incident or breach response plan outlining the steps to be taken in case of a security incident. Regularly review and update the plan to ensure its effectiveness and alignment with emerging threats.

Upgrade Your Endpoint Protection Today

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service. Get in touch today to see how we can help with endpoint protection and other data protection and security needs.

Spring Cleaning Past Employee Accounts

Cover.eBook.Guide to Google Apps License Management
It may be the second day of Spring here in New England, but the kids are home from school and the plows were out early. Nothing like a post-winter snow to trigger the spring cleaning bug in us all. For those that work in the cloud, the start of Spring is a great time to review our licenses and our needs and to make sure we are cleaned up and ready for new growth. If you are using Google Apps For Work (GAFW) or Google Apps Unlimited (GAU), now is a great time to clean out accounts for past employees.

Easier Said Than Done

Google Apps has a simple licensing model.  Pay $50 or $120 per user per year, respectively, and users have access to everything Google Apps has to offer.  The challenge comes in when employees leave. If you want to preserve their data, your options within Google Apps are limited, and can become costly. Specifically, you can expect to pay:

  • $50 per user per year to keep a past employee’s GAFW account
  • $100 per user per year if you also have Vault
  • $120 per user per year to keep a suspended GAU account

You Do Have Options

As noted in our recent eBook, A Guide to Google Apps License Management, we discuss several strategies, including: using an “archive” account, sync & store, and cloud backup.  Both the “archive” and “sync & store” approaches are inexpensive, they are not very cost effective. If you are keeping past employees’ data, you want the information to be easy to find an usable.  These solutions can make finding and retrieving information difficult and can alter the format and formatting of documents.

Our recommended solution uses cloud backup. Backup past users to a 3rd party service that lets you restore the data to any active user if and when you need it.  It is easy to keep calendar entries, contacts, files, and emails. File formats and formatting are preserved. Finding information is easy with robust search tools.

And, the cost is affordable. Backupify for Google Apps lets your create and keep an employee archive for $24 (or less!) per account per year. This is half the cost of protecting active users, and 50% to 80% less than keeping the Google Apps accounts active.  And, you avoid the risk of damaging or losing data while shuffling information to other users or into “archive” accounts.

Contact Us

To learn more about our proven solution, along with current special offers, please contact us.

Cumulus Global Study Shows Technology Professional Development for K-12 Educators is Often Ineffective

Cumulus Global Publishes Survey Results on the State of Technology Professional Development in K-12 Education

Cover.State of Tech PDOur January 2016 survey finds that 48% of K-12 classroom educators feel that technology professional development (“Tech PD”) is not timely for use in the classroom nearly 60% of educators feel they need more professional development focused on integrating devices, apps, and online content into lesson plans and delivery. The study also found that while most districts are offering more technology professional development, the timeliness, focus, delivery methods, and overall effectiveness of these programs is not meeting the needs of many K-12 classroom educators.

As the use of technology in K-12 classrooms continues to expand, educators face new challenges. More than devices, educators are using new applications, tools, and online content. Teachers need to be capable and comfortable managing all of this tech in the classroom, as well as integrate these resources into their lesson plans.

In our white paper, The State of Technology Professional Development in K-12 Education, we publish the preliminary analysis of survey results from nearly 300 K-12 classroom educators participating in the 2016 Future of Education Technology Conference held in Orlando, Florida in January. The initial analysis of survey results indicates a need for more balance in the focus of Tech PD programs, as 68% want more training on using applications and tools for lesson planning, collaboration with peers, and other activities. The survey also indicates that some of the most common formats for Tech PD are not the most effective.

Classroom educators are on the forefront of the educational technology revolution. By understanding how well, or poorly, our current Tech PD efforts are helping educators, we can design and delivery better training and support services.

Click here to view and download The State of Technology Professional Development in K-12 Education.