Posts

SMBs Benefit from Tech and Policy Mashup

Westborough, MA – Faced with increasing regulations and a changing technology landscape, small and midsize businesses (SMBs) struggle to ensure compliance and maintain data privacy. With the sophistication of rasonmware attacks and advanced persistent threats, employee awareness and behavior is more important than ever. Cloud technology makes it easier to share, even when sharing is not appropriate.

To help SMBs tackle these challenges, Cumulus Global (www.cumulusglobal.com) and Privacy Ref (www.privacyref.com) announced a unique partnership designed to help SMBs assess their needs and risks, plan and implement sound privacy practices, and respond to threats and potential breaches.

“Smaller businesses face the same regulations and requirements of large corporations,” noted Bob Siegel, Founder and President of Privacy Ref. “SMBs generally do not have the internal resources and expertise to create and manage a privacy program. This partnership gives SMBs a place to turn for guidance, expertise, and results.”

In addition to privacy assessments and policy updates, the Privacy Education Programs provides SMBs with the awareness education and training needed to ensure employees understand the risks and their role in preventing attacks and breaches.

“Our role is to ensure businesses can avoid and prevent malware attacks and data breaches,” noted Allen Falcon, CEO and Pragmatic Evangelist at Cumulus Global. “We ensure that the protecting technology, policies and procedures, and people are working together for the greatest level of protection.”

Through the partnership, SMBs also gain access to a range of data protection and recovery services and tools. These tools help prevent attacks and breaches and facilitate response and recovery if needed.

Study Confirms: Education Faces Highest Risk of Ransomware

As reported in EducationDIVE and Information Week, a recent study of 20,000 organizations by security firm BitSight found educational institutions suffered ransomware attacks at rates 2 to 10 times higher than other sectors of our economy. 10% of educational institutions have been attacked, compared with 6% of government entities, 3.5% of healthcare organizations, and 1.5% of financial institutions.

Ransomware by Sector (Source: BitSight)

Ransomware by Sector (Source: BitSight)

With the rate of ransomware attacks continuing to rise, schools and districts need to enhance their protections. Beyond traditional endpoint protection, user education and communication, web filtering, protection for advanced persistent threats (APTs), and tools/processes for recovery need to be in place.


Our Business Guide to Ransomware eBook provides valuable information covering the types of threats, protections, and recovery systems you should consider.


 

 

Rethinking Risks and Responses

Malware, Ransomware, Natural Disasters and More Keep Hitting SMBs Hard

Never have we had a greater ability to work together to get things done than we do right now. As our cloud and hybrid environments expand, the ease-of-use encourages us to share ideas and information and to collaborate in new and exciting ways.

Never have we been under attack from so many directions. Changing weather patterns and aging infrastructure leave businesses without power for days instead of hours. Fading employee loyalty means more chances for information to walk out the door. The same features that let us easily share information also let us accidentally share information we shouldn’t. Malware and viruses have evolved from a nuisance to potentially existential threats with the increase in ransomware and advanced persistent threats.

Our Businesses, Employees, and Customers Need and Expect Protection

With the risks and impacts on the rise, we as small and midsize business owners and technologists should rethink how we both prepare and respond. Since the dawn of business computing, large enterprises have built expensive solutions to ensure that their businesses keep running “no matter what”.  Now that we are in the cloud, and solutions are incredibly affordable, we need to adopt the same approach.

Business continuity is no longer just being able to keep your business running after a disaster.

Business continuity means that you are able to prevent business disruptions and distractions, regardless of the cause. Business continuity means …

  • You actively work to minimize the chance of a ransomware attack, and that you can respond and recover quickly should it happen.
  • You have systems and procedures in place to prevent data loss and privacy breaches, and that you can detect and mitigate issues quickly and effectively.
  • You and your team are no longer tethered to the hardware, Internet access, and electricity in your offices.

For SMBs, now is the time to consider the tangible and intangible costs of business interruptions of all types and to see the value in solutions to prevent and recovery. Understand the value proposition of that goes beyond dollars and cents to include the customer relationship impact and the toll that business disruption has on your team.

Food for Thought:

Ransomware is Front Page News (Again)

Over the past several weeks, we have been aggressively communicating with our customers and others about the sharp rise in ransomware hitting small and midsize enterprises.  We have blogged about the need for preparation against attacks and for recovery just in case, as well as the full cost of ransomware attacks. While some organizations are taking action, others still see the threat as a low risk.

This weekend, the Wall Street Journal emphasized the critical nature of the threat with a front page article reinforcing the severity and scope of the problem. The article reiterates the rapid growth of Ransomware, the increasing ransoms, and the ease by which computers become infected.

To help organizations better understand the risks, strategies for prevention, and preparation for recovery “just in case”, we recently published our Business Guide to Ransomware.  Written for the non-techie, it is a must read for any small or midsize enterprise with an Internet connection.


Want help with your Ransomware strategy, contact us for a free consultation.


 

The Cost of Ransomware

The cyber criminals behind ransomware see their efforts as a volume business.  Charge too much, and victims will not pay. Targeting businesses and organizations in wealthier countries and in cities where people and businesses are most likely able to pay, the typical ransom is often about $500.  More recently, we have heard of ransoms between 1 and 2 bitcoin (about US$600 to US$1300).

The Ransom Payment is Only Part of the Cost

The cost of ransomware can vary significantly depending on several factors, including the size and type of the targeted organization, the extent of the attack, the data that is compromised, and the specific ransom demands. It is challenging to determine a typical cost as each incident is unique. However, the costs associated with a ransomware attack can include:

  1. Ransom Payment: The primary cost is often the ransom amount demanded by the attackers, which can range from a few hundred to millions of dollars.
  2. Recovery and Remediation: Organizations affected by ransomware must invest in forensic investigation, data recovery, system restoration, and strengthening their security infrastructure. These costs can include IT services, incident response teams, and cybersecurity consultants.
  3. Downtime and Productivity Loss: Ransomware attacks can result in significant disruption to business operations, leading to lost productivity, missed opportunities, and potential reputational damage.
  4. Legal and Regulatory Consequences: Organizations may incur legal fees and potential fines if the attack involves compromised customer data or violates data protection regulations.
  5. Reputational Damage: Ransomware attacks can erode customer trust and damage a company’s reputation, potentially leading to long-term financial consequences.

Every victim loses productivity from the start of the attack until it is fully resolved. Whether or not you pay, you still need to conduct a full sweep of all of your systems to ensure the ransomware has been removed. Otherwise, you risk reinfection.

Organization Who Pay the Ransomware Cost

For organizations respond and pay the ransom, they still suffer the time and cost of decrypting and validating files, a process that can consume days or weeks of IT resources. If you choose not to pay, you have the cost of recovering data from before the attacks and re-creating lost information across all of your servers, systems, and applications. We recently spoke with a company that lost less than 6 months of data. After three months, they are still working to recreate lost files and transactions as they have no way of knowing if they have missed any.

A ransomware attack can cost tens of thousands of dollars to clean up. Attacks may also damage valuable customer and vendor relationships and result in higher bookkeeping, accounting, and legal fees.

The Cost to Prevent a Ransomware Attack

The costs associated with cyber protection and prevention and the ability to recover quickly (should an attack breach your defenses) is relatively minor. The value of prevention and preparation is well worth the cost.

Organizations should invest in proactive cybersecurity measures to mitigate the risk and potential cost associated with ransomware attacks.

Learn more

You can protect your business against ransomware attacks. In our new eBook, a Business Guide to Ransomware, you will learn how malware spreads, the different types of ransomware proliferating today, and what you can do to avoid or recover from an attack. Hiding your head in the sand does not work, because today’s ransom seekers play dirty. Make sure your organization is prepared.


For a 1:1 consultation and assessment of your risk, contact us today.


Be Ready for Ransomware

Ransomware continues to emerge as a major threat to individuals and businesses alike. Ransomware, a type of malware that encrypts data on infected systems, has become a lucrative option for cyber extortionists. When the malware runs, it locks victims’ files. The cyber criminals demand payment in return for the decryption key needed to release the files.  

You are probably well aware that ransomware is a hot topic in the news these days as attacks target all types and sizes of organizations. Small businesses are particularly vulnerable to attacks as ransomware is on the rise. Researchers identified more than 4 million samples of ransomware in Q2 of 2015, including 1.2 million new samples. That compares with fewer than 1.5 million total samples in Q3 of 2013 (400,000 new).

The rate of attacks is also on the rise. While Q1 2015 had a 165% increase in ransomware attacks from the prior quarter, the number of ransomware attacks in Q1 2016 was 300% greater than Q4 2015.

Cyber criminals distribute ransomware in a variety of ways. Protection is difficult because, just like the flu virus, ransomware constantly evolves. Between 14% and 17% of attacks in Q1 2016 were new variants, indicating that cyber criminals continue to be creative in finding new ways to do harm.

Over $325 Million was paid by businesses to recover their data in 2015. This number is expected to exceed $1.2 Billion in 2016. The real cost might be 3 times or 4 times these figures when the labor and lost productivity is added up.

You can protect your business against ransomware attacks. In our new eBook, a Business Guide to Ransomware, you will learn how malware spreads, the different types of ransomware proliferating today, and what you can do to avoid or recover from an attack. Hiding your head in the sand does not work, because today’s ransom seekers play dirty. Make sure your organization is prepared.


For a 1:1 consultation and assessment of your risk, contact us today.


 

Be Able to Recover

Backup Man
Accidents will happen. And while accidents that damage or destroy data are more common, malicious attacks will happen as well.  The rate of ransomware is on the rise and large companies are not the only targets. Whether by phishing attack, advanced persistent threat, or other means your company is seen as having data valuable enough to extort a ransom, you are a target.

In short, if you are reading this, you are a potential target.

While improving your endpoint protection and educating users can greatly minimize your risk, no malware solution can provide you with a guarantee against ransomware. So, if you are hit, you need to be able to recover.

For your on-premise systems, you most likely have a backup/recovery solution. In the event of ransomware, you can delete the encrypted files and restore from a point in time prior to the attack. Yes, you lose data, but a solid backup plan can minimize the loss and the impact.

Your cloud data needs the same protection. You want the same recovery process.  

Traditional and cloud backup services can be installed and connected to cloud servers in much the same way as they work for on-premise servers. For cloud file services, like Google Drive and Microsoft OneDrive, traditional backup solutions will not work as they cannot connect to the service. The same holds true for data in SaaS applications like Salesforce.com.  You need a specialized solution.

Our Recommendation

For most of our Google Apps and Microsoft Office 365 clients, we recommend Backupify as our preferred solution for several reasons:

  • Multiple backups per day for some or all users
  • Unlimited backup space
  • Unlimited backup retention
  • Multiple admin accounts with delegation
  • Powerful search
  • Fast restores
  • The ability to archive data for past users (Google Apps)

Our Offer

Try Backupify for free for 21 days. If you like what you see, we can save you money on license and support.  If not, we discontinue the service.

Interested? Let us know.

How to Upgrade Your Endpoint Protection

endpoint protection upgrade Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content. This poses the need for an endpoint protection upgrade to ensure proper protections are in place.

Symantec Endpoint Protection Upgrade

Upgrading Symantec Endpoint Protection is an important step to ensure that your endpoint security solution remains effective against evolving threats. It’s important to note that specific upgrade processes may vary depending on your environment and the version of Symantec Endpoint Protection you are currently using. Here are some steps you can consider when upgrading Symantec Endpoint Protection:

  1. Review the System Requirements: Before upgrading, ensure that your systems meet the minimum requirements for the new version of Symantec Endpoint Protection. Check the product documentation or contact Symantec support for the specific requirements.
  2. Backup Configuration and Data: Prior to upgrading, create a backup of your existing Symantec Endpoint Protection configuration settings, policies, and any important data. This will allow you to restore settings in case of any issues during or after the upgrade.
  3. Check for Compatibility: Verify the compatibility of any third-party software or integrations with the new version of Symantec Endpoint Protection. Ensure that they will continue to function properly after the upgrade.
  4. Plan the Upgrade Strategy: Develop an upgrade plan based on your organization’s requirements. Consider factors such as the number of endpoints, network bandwidth, maintenance windows, and any potential impact on users or critical systems.
  5. Test in a Lab Environment: If feasible, set up a test or lab environment to perform a trial upgrade. This allows you to identify and address any potential issues before rolling out the upgrade to your production environment.
  6. Communicate with Stakeholders: Notify relevant stakeholders, such as IT teams, end-users, and management, about the upcoming upgrade. Provide information about the benefits, timeline, and any potential impact on their workflows.
  7. Obtain the Latest Version: Obtain the latest version of Symantec Endpoint Protection from the official Symantec website or through your authorized Symantec partner. Ensure that you download the correct version for your operating system, and don’t let outdated technology slow your business down.
  8. Read the Upgrade Documentation: Carefully review the upgrade documentation provided by Symantec. Follow the step-by-step instructions and pay attention to any specific considerations or prerequisites mentioned.
  9. Perform the Upgrade: Execute the upgrade process on a test system or a small group of endpoints first, ensuring that everything functions as expected. If successful, proceed with upgrading the remaining endpoints according to your plan.
  10. Post-Upgrade Testing and Validation: After the upgrade, perform thorough testing to validate the functionality of Symantec Endpoint Protection. Test key features, policies, and ensure that endpoints are adequately protected.
  11. Monitor and Troubleshoot: Monitor the upgraded environment closely for any issues or unexpected behavior. Address any problems promptly and seek assistance from Symantec support if necessary.

Remember to consult the official Symantec documentation and support resources for detailed guidance tailored to your specific version and environment.

Cloud-based Alternatives offer Better Endpoint Protection Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

Other Best Practices for Endpoint Protection

mplementing best practices for endpoint protection is crucial to safeguarding your devices and data from security threats. Here are some key practices to consider:

  1. Use a Robust Endpoint Protection Solution: Deploy a comprehensive endpoint protection solution that includes antivirus/anti-malware, firewall, intrusion prevention, and other security features. Regularly update the solution with the latest security patches and definitions.
  2. Keep Operating Systems and Software Up to Date: Ensure that all endpoints have up-to-date operating systems and software applications. Enable automatic updates to receive the latest security patches and bug fixes, reducing the risk of vulnerabilities being exploited.
  3. Employ Multi-Factor Authentication (MFA): Implement MFA for accessing critical systems and sensitive data. MFA adds an extra layer of security by requiring users to provide additional verification factors, such as a password and a temporary code sent to their mobile device.
  4. Enforce Strong Password Policies: Enforce the use of strong, unique passwords across all endpoints. Encourage the use of password managers to facilitate the creation and management of complex passwords. Consider implementing password expiration and complexity requirements.
  5. Educate Users about Security Awareness: Conduct regular training sessions to educate users on common security threats, such as phishing, social engineering, and malicious attachments. Teach them to recognize and report suspicious activities to help prevent breaches.
  6. Implement Least Privilege Principle: Assign users the least privileges necessary to perform their tasks effectively. Limit administrative access to only those who require it. Regularly review and revoke unnecessary privileges to minimize the risk of unauthorized access.
  7. Enable Endpoint Encryption: Encrypt data on endpoints, especially laptops and mobile devices. Full disk encryption helps protect sensitive information in case of theft or loss. Additionally, consider encrypting data during transmission using secure protocols (e.g., HTTPS).
  8. Regularly Back Up Endpoint Data: Perform regular backups of critical data on endpoints. Use both local and off-site backups to ensure data availability and quick recovery in the event of data loss or ransomware attacks. You may also consider evaluating SaaS backup solutions.
  9. Implement Network Segmentation: Segment your network to limit the lateral movement of threats. Divide your network into logical zones with restricted access controls and monitor traffic between segments for potential threats.
  10. Monitor and Analyze Endpoint Activity: Implement endpoint detection and response (EDR) solutions to monitor and analyze endpoint activities in real-time. This helps identify and respond to suspicious behavior, malware, or breaches promptly.
  11. Regularly Conduct Vulnerability Assessments and Penetration Testing: Perform regular vulnerability assessments and penetration testing to identify and address potential weaknesses in your endpoint security infrastructure. This helps proactively identify and remediate vulnerabilities before they are exploited.
  12. Establish an Incident Response Plan: Develop and document an incident or breach response plan outlining the steps to be taken in case of a security incident. Regularly review and update the plan to ensure its effectiveness and alignment with emerging threats.

Upgrade Your Endpoint Protection Today

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service. Get in touch today to see how we can help with endpoint protection and other data protection and security needs.

Ransomware Still Crippling “Protected” Networks

cyrptovirus
The rate of infections from crypto-viruses and other ransom-ware continues to rise. Even networks with traditionally strong malware protection are getting caught.

And while with good backups in place, it is possible to recover without paying the ransom, the process time consuming, frustrating, and expensive.

We outline the reasons for the broad failure of anti-virus/malware protection software in this prior blog post, providing 5 failings of most antivirus solutions.

Now, we are offering a risk-free way to assess if your malware protection is up to par.

The Offer

We will install Webroot Secure Anywhere Endpoint Protection, a cloud-based malware protection service that avoids the 5 failings of other solutions, at no cost for 30 days. Based in the cloud, Webroot will not interfere with your current protections.

At the end of the 30 days, you will see what malware, if any, was caught by Webroot that your existing solution has missed.

If your existing solution is not up to par, and you want better protection, we can activate a full subscription to Webroot for you $18 per year per device or less (more than 25% off).

Simply contact us if you are willing to see if your protection is enough, or if you would like more information.