What to do About Microsoft Ending Support for Your Software

 

Microsoft has announced that it will no longer be supporting a long list of its software. On that list could be many programs you might have been depending on for years, which leaves you wondering what you should do about Microsoft ending support for your software. For example, which software will no longer be supported? Why does it matter if the software isn’t supported, so long as it still works? Isn’t this just an attempt by Microsoft to get me to spend more money with them? What happens if I don’t upgrade? And if I do upgrade, how do I do it? Well, let’s get started answering these questions for you.

Which software will no longer be supported?

A link to the complete list of software is below, but among the most commonly used of those programs for which Microsoft is ending support are these:

• Exchange Server 2010
• Windows Server 2008
• Windows 7

Yes, that’s right...Windows 7 is heading to the scrap heap. For a long while, it was “the Best Windows Ever,” bringing reliability, speed and a whole new look to your desktop, especially after Service Pack 1 was released. It may be hard to believe, but Windows 7 has been around since summer 2009 -- 10 years ago. And even though it still works well, it’s time to say goodbye.

Why does it matter if the software isn’t supported, so long as it still works?

Few things change faster than technology. When the hardware evolves, the software needs to evolve with it, as does how humans interact with them both. So in order to take advantage of the new features and uses of your computers, network and other devices, the software needs to change, too.

But old software not only lacks modern features, but it also opens up security holes. That’s because the old software was never tested in the new environment -- working on newer hardware or connecting to other software or operating on certain new kinds of data -- which causes new openings for breaches and hacks.

That is why Cyber Security Insurance Policies generally require that your software be properly licensed and supported by the publisher. They know that old software just can’t be relied upon to remain secure. And they also know that there won’t be anyone able to properly fix such software.

Isn’t this just an attempt by Microsoft to get me to spend more money with them?

Microsoft, like any technology company, is constantly innovating and working hard to stay ahead of its competitors. If they stop innovating, they lose customers...probably even you. Think for a moment what you would do if your technology were stuck in 2009...or 1999.

And it would be unreasonable to expect Microsoft to invest significantly to maintain old technology that they sold 10 years ago as much as they are investing in new technology that they are selling today or will be selling tomorrow. Why is Microsoft ending support for older software? Because it’s expensive for them to continue to maintain it. And it’s expensive for you to maintain it, too.

What happens if I don’t upgrade?

As mentioned before, old software is vulnerable to breaches and hacks. The short answer is that you are more likely to become a victim of breaches and hacks. It’s also very likely that your Cyber Security Insurance Policy will no longer cover you if they learn you are using unsupported software. And even if they don’t know you’re using old software, once you are breached or hacked, they will see what you are using and very likely refuse to cover you.

It’s not a risk you’ll want to take.

And on top of all of that, you’ll likely spend more money supporting your older software than you will on your more reliable, new software.

If I do upgrade, how do I do it?

How you upgrade your software greatly depends on the software itself. Upgrading desktop software is substantially less complex than upgrading server software.

Upgrading Windows 7 To Windows 10

With Windows 7, you will want to make sure your applications are compatible with Windows 10. If the version you are using is not, then a newer version probably is. You then need to find out if your computer is capable of running Windows 10. Certain slower processors, memory, and graphics cards might not be supported. Assuming that they are, you might be able to upgrade to Windows 10 in a day or two.

If you’re going to do this, try one machine as a pilot test. If that goes well, then upgrade the rest.

It should go without saying -- but I’ll say it anyway -- that before you do something as drastic as upgrading your operating system, make sure you have a good and tested backup of the machine first.

And you might recall that Microsoft used to offer a free upgrade to Windows 10. Well, it might still be possible for you to do that. Talk to us, and we’ll explain how.

Upgrading Windows Server 2008

Generally speaking, it’s not wise to upgrade a machine to a drastically newer server operating system. You run the risk of being out of business while the server is upgrading, and there is always a risk of something going wrong, leaving you unable to recover quickly and inexpensively.

We recommend installing new hardware that will last 5 years or more. Combine that with the latest software, and then migrate your resources, your data, your users, and other assets to the new server. A lot of the work can be done while your old server is up and running, making the move very quick with a minimum of downtime.

Upgrading Microsoft Exchange

Exchange Server 2010 has to be upgraded to keep up with modern security standards. There is limited security, no Multi-Factor Authentication, and other limitations that make leaving Exchange 2010 a wise choice. However, upgrading an in-house Exchange server is generally not advisable. Instead, upgrade your Exchange server to the cloud. It’s not economically viable for a small business to host its own email anymore. It takes too much skill and time to keep it running safely and securely.

So instead, we advise that you migrate to Exchange Online.

What To Do Next

Of course, now that Microsoft is ending support for your software, you likely have other software that needs to be upgraded as well. No matter what it is, we can help. Upgrading any software that is critical to your business takes care, patience and expertise. We’ve been successfully upgrading our users away from these programs for years, and can do the same for you. And we do it with a minimum of downtime or inconvenience to you and your business. Call us today at 213-398-8771 or contact us online, and let’s talk about keeping your business safe and running well.

Should You Use a Password Manager?

 Password managers are pieces of software that store and recall passwords so you don’t have to remember them yourself. They’ve been around a long time, and are becoming more common and popular than ever. But should you use a password manager?

It used to be that password managers were considered reckless toys for lazy people that made your passwords -- and therefore your company’s cyber security -- more vulnerable. But now, password managers are considered a valuable and important tool for personal and corporate cybersecurity.

How Password Managers Work

Password managers work by allowing you to set and store passwords in a digital version of a locked file cabinet. The “lock” is protected by a key -- what is often referred to as a Master Password. When you boot up or wake your computer from sleep, your password manager will ask you to enter your Master Password to have access to all your other passwords.

Then, logging into a website is as simple as searching for or typing in the name you assigned to the Login info (such as “My Bank” or “Amazon” or “Fantasy Football League”), and clicking “log in”. The password manager will navigate to the website’s login page and enter your username and password. If you are already at the login page, your password manager will usually find it for you, so all you need to do is click a button to log into the site.

Most password managers do even more, by storing common information you often enter into forms, such as your home address, work address, and so on. Some also store credit card information to make paying online easier.

And if you have lots of logins stored, you can usually make folders within the password manager (for specific projects, individual clients, personal v.s. work passwords, etc) and store your logins in the folders.

All good password managers encrypt your login files with strong encryption algorithms. Some password managers only store your collection of logins locally on your computer, while others also store your logins in the cloud so that they can be accessible on a home computer, office computer, cell phone, tablet or via the web. Entering your Master Password on any of these devices will give you access to your logins anywhere you go.

Should You Use A Password Manager?

There are certainly arguments against using a password manager (see below), but say that you should use one for a number of reasons.

• Stronger Passwords -- Without a password manager, you tend to make your passwords too simple and easy to remember and type. Or if you use complex passwords that are too hard to remember, you might be storing them in an Excel or Word document. Worse yet, you might be writing down your complex passwords. But all of those approaches leave your passwords vulnerable to good guessing or discovery. Whether or not you decide to use a password manager, you should use strong passwords (see below) for all your logins. Password managers allow you to store and use strong passwords easily.
• Time Savings -- Among the biggest advantages of password managers is that they save you time, allowing you to log into a site in a couple of seconds. And if you find yourself logging into a couple of dozen sites in a day...or more...then a password manager can save you a LOT of time. Compared to looking up dozens of passwords a day in an Excel sheet, Word doc or a piece of paper, password managers are lightning fast.
• Easily Organize Thousands of Passwords -- A business associate of mine builds websites for clients and has dozens of passwords for each client’s sites and resources. In total, he has over 2000 passwords. If he didn’t use a password manager, all sorted and organized in folders, then managing and using them would be nearly impossible.
• Share Logins Without Sharing Passwords -- Many password managers have the ability to share logins with other users without having to actually reveal the passwords themselves. The passwords get entered but remain invisible to the user. This, combined with “temporary” or “revokable” rights to these logins, means that you can safely share logins to company resources on an as-needed basis. It also means that you don’t need to worry about changing dozens or hundreds of passwords when employees leave the company.
• Business-Level Password Management -- Many password managers have “Business” versions that allow you to share passwords with individuals, among teams, or across an entire organization. Your IT department can control who gets access to what, keeping all your passwords and company resources secure. Plus, since each person has a unique login to the Password Manager, your IT department can actually see who logs into which resources, run reports, and detect illicit activity.

Use Password Managers for Better Cyber Security

The primary reason for using a password manager in your company is better cybersecurity, which is our primary focus here at Digital Uppercut. When you have the ability to give access to company resources only to those who need it, then there is a lower risk of the passwords getting into the hands of people who shouldn’t have them. Should you use a password manager? We say "yes," but we often need to overcome one main fear about them.

The Main Argument Against Using a Password Manager

All of these features sound like great time-savers, but when we talk with some clients about using password managers, there is one argument against using them that we hear most often: “If all of the passwords are protected by a Master Password, then if someone gets this one password, they will have all of my passwords.”

While true to some degree, the biggest self-inflicted problem most people have with passwords in general is that they try to make them easy to remember. That means they make passwords that are too common and too simple, or simply use the same password over and over again. So if you choose a simple password like sequential numbers or letters, words with common number substitutions (“P@ssw0rd”), or any pattern on your keyboard (like “qwerty123”) as your Master Password, then you’re likely to have your passwords guessed or stolen.

All of your passwords should be strong, which means they should be…

• Long -- More than 8 characters. The longer the better.
• Complex -- Use numbers, lower case letters, upper case letters, and punctuation
• Random -- No repeating characters, no words or sequences or common substitutions.

If you follow those rules with your Master Password, hide your keystrokes from prying eyes, and don’t leave the master password written down or stored in some unsecured place, then all your passwords will be secure.

Which Password Manager Is Best?

After answering the question “Should you use a password manager?”, the next question is, “Which one?” While there are many high-quality password managers, here at Digital Uppercut, we use and recommend LastPass. It has all the features we described above, plus many more, that help us manage our clients' passwords for their resources, and allow our clients to safely store, manage, and control their own passwords.

As with any piece of software, proper implementation and best practices are keys to success. That is why our clients ask us to install LastPass for them. Implementation includes discussions with management and IT about who needs access to which resources, so we can create a strategy that works best for your company.

Improve Your Company’s Cyber Security With A Password Manager

Let us help you get past the question of whether you should use a password manager. In short, if you’re not yet using a password manager for your business, consider doing that now. Contact us online or call us at 213-398-8771 to talk about how we can help you and your company improve your cybersecurity with a password manager and other strategies. Cyber attacks on businesses are increasing every week. Social engineering, brute force attacks, Trojans, ransomware, and malware are all on the rise. If your company isn’t already protecting itself -- and also planning for disaster in case one of these attacks is successful -- then you need to start now. Let’s talk.

Simplify and Separate Your Network

 

These days, more and more businesses are doing more and more things on the internet. Phones, video surveillance cameras, and other devices have become almost as popular as the computers sitting on every employee’s desk. But if you have all of these devices all sharing the same internal network, you might be endangering your ability to conduct business, your online security and the physical security of your entire facility.

Network Monitoring

There are many reasons for this, one of which is related to how we’ll be able to monitor the network effectively. Each of the additional devices on the network creates its own traffic over the network. Security cameras create a particularly large amount of data, given their need to always be on and send data for storage. Similarly, VOIP phone systems create a tremendous amount of traffic because there are often so many devices, each with phone calls starting and stopping continually throughout the day. And the same is true for mobile devices and any other web-enabled devices on your network.

As a result, if there is an issue such as a breach, a virus, Trojans, or other behavior on the network that jeopardizes your business, finding and analyzing that traffic is even more difficult. Think “needles in very large haystacks.” Our tools will still help us to find the offending traffic, but the more traffic over a network, the smaller that needle seems to be.

Insecure Devices

An additional threat of network-enabled devices is that many of them “phone home,” looking for software or firmware updates, and then automatically install them. If that device installs software that is infected with malware, it could infect your whole network. Similarly, if the device was manufactured by a less-than-reputable manufacturer, it could be sharing information about your network or data with people who have no business knowing it.

Insecure Installations

When video cameras, phones, medical equipment and other devices are added to your network, often the vendor will do the installation. Unfortunately, most vendors are more concerned about making their equipment work in the quickest and easiest way possible than they are about your overall business welfare. As a result, they often change firewall and other security settings -- specifically by opening more ports and protocols than are truly necessary -- in order to allow their device’s traffic in and out of the network, without regard for leaving open ports and other opportunities for breaches.

If this new equipment is on the same network as your primary business workstations and servers, they have increased the chance you will be breached.

Wireless Users

The popularity of WiFi causes many companies to provide it as a service to both employees and visitors to their offices. As a result, many IT individuals, departments and outsourced providers will add WiFi access points to office computer networks, increasing traffic and decreasing the security on the network.

Employees ' WiFi devices are often allowed onto these networks without the same level of security that IT providers would install on desktops and laptops. As a result, WiFi users (including guests) may join the network after already having their devices infected by a virus or Trojan, essentially creating an open door for malware to infect your business.

The Solution: Separate Networks For Separate Tasks

Whenever we begin working with a new client, we analyze the network for exactly these issues and many others that can lead to security problems. Our primary goal is to isolate and protect the primary business computing resources -- workstations and servers -- from all of the other traffic that might be present on the network. Here is how we do that:

• Primary Business Network -- We start by creating separate virtual networks on the company’s firewalls, and then connect the primary business resources to this first virtual network. We lock down this network, only opening the necessary ports and protocols for this network.
• WiFi Networks -- We then separate out the WiFi networks -- one for employees and a separate one for guests -- in much the same way. Guests are denied access to the primary business resources, while employees may be granted access, limited to the role of the employee or device.
• Other Devices -- Similarly, we put VOIP phones and IP Cameras, as well as other specialized devices (such as medical equipment), on their own virtual networks as well. And because the needs of these devices are each unique and specific, we can lock down ports and protocols extremely tightly.

Increased Security

These Virtual Network configurations prevent a wide variety of hacks, such as a breach of a company laptop through ports opened up for the security cameras, or hacks of your VOIP phones through a virus brought in through a visiting wireless device.

And these configurations also greatly simplify the detection, analysis and prevention of hacks on any of the virtual networks because there will be far less traffic on any one of the networks. The haystacks become smaller, and the needles become far easier to find and remove.

Worried About Your Own Network Security?

If you do not know for certain that your own network is configured with separate virtual networks for all your devices, there’s a very good chance it wasn’t set up this way. And if that’s the case, your business may be exposed to more threats than you had imagined. It’s better to know than not know, so let’s find out for sure. Digital Uppercut’s team of Cyber Security Experts can visit your office, create a preliminary network security analysis, and give you the easy-to-understand results. Contact us online or call us today at 213-398-8771 to set a time to visit.

Should You Move to the Cloud?

 Is your business growing? That’s great news! But often, business growth comes with its own set of challenges. You might need bigger offices, new desks and…new technology. But if you think back to when you last bought servers for your business (and everything that went with it), you might remember that it was a very expensive investment. Is it possible to delay...or better yet...totally avoid that big investment? In other words, should you move to “The Cloud?

That’s an excellent question to ask, but before we answer it, let’s talk about what “The Cloud” is and how it can help you.

What Is “The Cloud?”

The first thing to know about “The Cloud” is that there isn’t just one cloud. The term “cloud” is just a nickname for decentralized online storage of data and applications. Microsoft has clouds. Google has clouds. Amazon has clouds. These days, it seems everyone has clouds, and they all do different things with different advantages and disadvantages.

So when we talk about “The Cloud,” we’re really talking about the idea of using Internet-connected computers that are owned, serviced and maintained by someone else for your company’s software and data storage, instead of a machine in some air-conditioned back room in your own office.

The Old Days

Back in “The Old Days,” when you needed new servers, you had to decide how much power and storage you would need. You’d be buying CPUs, memory, RAID drives, backup systems, UPSs, monitors, server software, applications software, network monitoring software, security software...and the list goes on.

The tough part is that you aren’t just buying for today. You need to predict what you’ll need over the next 3 to 5 years or longer. And that’s a difficult guessing game to play.

And then you need to write a check to pay for it all...or write a lot of smaller checks on a lease.

Cloud Computing For Your Office

Today, you have the option of satisfying your server needs with a cloud-based solution. When you move to the cloud, you’re buying storage, bandwidth, and applications from your cloud vendor. But because it is all easily expandable, you’re not paying today for something you’ll only use several years from now. You’re just buying what you need today.

And you are also avoiding the up-front cost and lease obligation of on-premises servers (and all that comes with them).

Among the other advantages of cloud computing are:

• Because you aren’t installing hardware, you have no up-front hardware installation costs
• Similarly, you have no hardware-related maintenance fees
• You have no physical security requirements, rack space, wiring expense, or cooling requirements
• You can upgrade or downgrade at any time

But it’s not all good news. There are some disadvantages to cloud computing:

• Eventually, the monthly fees overcome the cost of purchasing the equipment
• The speed and bandwidth of your internet connection can limit your server speed
• A loss of your internet connection separates you from your data
• You don’t have full control over your data

And whether you move to the cloud or not, you still need to think about and install rock-solid security to protect your data, and you still need to back up your data and plan your disaster recovery solutions. And if you store any personal health information, financial information or any kind of personally identifiable information, you also need to plan for regulatory compliance.

So Should You Move To The Cloud?

We have a more detailed article on our website about our cloud computing services here. The problem is that too many people think that “The Cloud” is a cure-all for whatever IT problems a company has, but that’s not the case. For us, each time a client of ours grows, shrinks or just needs to upgrade to newer technology, we talk to them about the cloud. We do a thorough analysis of their situation, their growth, their financial requirements, their computing needs, their use cases, the software they require, and much more. And then we discuss the advantages and the disadvantages, but much more specifically to their situation.

Sometimes the answer to “Should we move to the cloud?” is an emphatic YES. Sometimes it’s an emphatic NO, but usually it’s somewhere in between.

If you find that your company is facing some IT or business challenges and is considering moving some resources to the cloud, or if you have not considered the cloud at all, call us. Our team of cloud computing experts can conduct an analysis of your situation and help you make the right choice. Reach us by phone at 213-398-8771 or contact us online. Let’s talk today about what’s best for your business.

Is IT Maintenance Worth the Cost?

 "Is computer maintenance worth it? Can’t you just run over to Costco or call Dell every couple of years and get the latest/greatest new computer with all the newest bells and whistles?" I get this question now and then when I meet new people and tell them what I do for a living. It’s surprising to hear how many small businesses take this approach to their IT. They buy new computers and then never bother to maintain them properly. But is this a good strategy? Can it actually pay to NOT maintain your computers? Put another way: Is IT Maintenance Worth the Cost?

As you might expect, we’re a bit biased about our answer. But rather than just answering "Yes" and going on with servicing our other clients, we thought a more detailed answer would be helpful to you.

Your company relies on your computers and could not operate without them. If your work actually happens on a computer -- such as for CPAs, Attorneys, and graphic artists -- then that’s obvious. But even if your company digs ditches, you still need to invoice your clients, pay your bills, and file your taxes...and all of that happens on a computer.

Seven Reasons for Properly Maintaining Your IT

So, given that you couldn’t run your company without your computers, let’s answer the question, "Is IT maintenance worth the cost?" Here are the seven great reasons for properly maintaining your IT:

1. Software upgrades: Nothing stands still, least of all technology. Every day, the software that you use to run your business is being upgraded, either to add new features or to plug security holes that were created in prior versions. Microsoft updates Windows every month, and sometimes far more frequently, in response to bug reports and security threats. Apple updates its OS almost as often, and if you don’t keep all your software up to date -- whether it’s accounting, database, statistical, scientific, medical, or otherwise -- your software will become out of date very quickly.
2. Hackers and Viruses: Those security problems in your software are holes that grow larger by the day if they are not plugged. When a vulnerability in software is detected, hackers can roll out dozens, hundreds or thousands of viruses and Trojan programs to exploit the vulnerability. This malicious software travels from computer to computer, network to network, looking for new victims. The more victims there are, the more likely that your out-of-date software will be attacked, too. If you’re not regularly patching security holes, you are leaving your company open to disaster. It’s only a matter of time.
3. Productivity Decreases: Out-of-date software and virus attacks have a tendency to slow down computers and networks. Not only does the technology run slower, but the slowdowns and crashes actually suck the profit out of your company. A small slowdown in your computer network of just 10 percent can cause more than a 10 percent decrease in your employees’ productivity. Studies show that when someone at a computer has to wait for their computer -- especially for an unknown amount of time -- their attention wanders. Once the computer responds again, they need to remember what they were doing and regain their focus. The effects can be huge...potentially as bad as getting 30 minutes of productivity from your staff for every hour they work.
4. Requirements Changes: Your business changes over time, and if your technology doesn’t change with it, you could be needlessly creating workarounds for tasks that could be simpler and faster with new technology or software. For example, you might have installed your computer network when you had 4 people in your office, and it’s grown to 7 and you’re adding an 8th. Someone needs to set this up, but you also need to make sure that your network, routers, firewalls and other infrastructure can handle the increased load. Of course, you need someone to manage those changes when they are needed, and if you don’t have someone doing that for you -- someone whose other tasks don’t need to be set aside to get the IT tasks done -- they won’t get done.
5. Backups & Disaster Recovery: Yes, of course, you have a backup strategy for your network. (You do, don’t you?) But when was the last time you tested your backup strategy? Have you tried to restore data from your backups recently? Have you figured out what you’ll do in the event of a fire in your building, or a natural disaster in your city? What about a regional power outage? If you’re not prepared for disaster, you’ll suffer even more -- potentially with the loss of your entire business. And if your part-time IT Guy/Shipping Clerk doesn’t have time to get all the packages out, he likely won’t have time to properly configure and test your backups, either.
6. Delaying New IT Investments: Good IT maintenance can extend the life of your computers, servers and other network equipment. Where an average desktop PC may last a year at peak performance, 2 years at reduced performance, and 3 years at poor performance, a properly maintained PC may last 3-5 years at peak performance, helping you delay upgrades and new equipment costs.
7. Smart Upgrades: Of course, sometimes upgrades are not only required but extremely helpful. When you need to upgrade, you need to upgrade wisely. We recently had a client with 6 servers, all of which he had under a maintenance contract with his former IT provider. We showed him how he could consolidate and eliminate two of his servers with a strategic new purchase. Not only did the new servers run faster than the old ones, but his IT maintenance costs were reduced substantially, too. Other clients of ours eliminate their servers altogether and instead move their server functions to the cloud.

Of course, there are far more than just these seven reasons to properly maintain your IT. And once you’ve realized how worthwhile proper IT maintenance is, the next question is who should do the maintenance.

Who Should Maintain Your Business IT?

Some of our clients come to us after having someone in their office do the work for them as an add-on to their current tasks. The problem there is that the IT tasks often get delayed or neglected because of the employees’ primary responsibilities.

Some of our clients have a full-time person or a small staff of people maintaining their equipment. What we find in these cases is that while these individuals are often well-intentioned, they usually do not keep up with the latest information, trends and techniques in our industry. And when you add on the cost of carrying an employee on your payroll -- including salary, benefits, office space, and all of the related costs of having employees -- the costs skyrocket.

Noted business expert, writer and lecturer Peter Drucker used to say, “Do what you do best, and outsource the rest.” This is our perspective as well. If your company’s business is not IT maintenance, you are better off leaving those IT maintenance tasks to an outside company whose primary focus is on IT maintenance.

That is why so many small and medium-sized businesses like yours hire us to make sure that their business IT runs well all the time. Whether it’s standard IT, network security, disaster recovery, regulatory compliance, or anything related to all of this, our clients rely on us to handle the things that they just cannot do as well. They have asked themselves, "Is IT maintenance worth the cost?" and have answered with a loud YES.

We think you will do the same. If you would like to talk with us about outsourcing your IT to a company that is passionate about making sure your company can always do what it does best, call us now at 213-398-8771 or contact us here.

How to Properly Prepare Your Digital Equipment for Disposal

 

Equipment manufacturers are using technology more than ever to add functionality, flexibility, and reliability to their products. Today, nearly every piece of hardware in your offices has some form of non-volatile memory, whether a hard disk drive, solid-state drive, or flash memory. You must properly prepare your digital equipment for disposal to eliminate the chance of sensitive data ending up in the wrong hands.

Hazards of Multi-Function Printers Not Prepared For Disposal

Most organizations have one or more multi-function printers (MFPs) that allow staff to scan, print, copy, and fax documents. Connected to the company network, several workers can use the same machine, lowering equipment costs and improving efficiency and print quality. Some MFPs also act as collaboration tools,  streamlining workflows by digitizing and sharing documents. To provide all this capability, the MFP stores the digitized data.

One way organizations face the danger of an accidental data leak is by not preparing leased digital equipment for disposal. Many MFP manufacturers sell their products as a managed print service or lease the gear to a company. At the end of the contract, it’s common for the manufacturer to replace the MFPs with newer models. The manufacturer can then refurbish the older equipment and resell or re-lease it to another company.

Here’s where the danger comes into play: if the storage of the refurbished equipment isn’t cleared of data, the new user may be able to access it. However inadvertent the access is, your data is exposed to unauthorized people.

How to Properly Prepare Your Digital Equipment for Disposal

The moral of the MFP story is to prepare your digital equipment for disposal, principally by ensuring the memory of each piece of equipment is cleansed of your corporate data before turning it over to the manufacturer or leasing company. The same goes for PCs, servers, phone systems, and more. So, let’s look at ways to securely and permanently remove sensitive information.

Physical Destruction

Using a sledgehammer to destroy a hard drive physically is a pretty reliable way of making it impossible to retrieve data. Drilling holes in the drives or melting them are two more means of destroying the data. However, physical destruction is not viable when you have many devices or equipment to clean.

Full Drive Formatting

Simply deleting files from a drive isn’t very secure. There are many applications designed to recover accidentally deleted data. Full Formatting is better than deleting data, as it electronically erases and rebuilds the drive, providing a clean slate. However, if you lease the equipment, the manufacturer may not allow you to remove their proprietary software. While effective, full formatting is less secure than specialized data erasure tools.

Data Erasure Apps

These applications are the best at wholly and securely erasing data from both HDD and SSD devices. Following different government standards like NIST SP 800-88 Rev 1 or DoD 5220.22-M/ECE, these software tools overwrite your data with random patterns multiple times using either the 3-pass or 7-pass method, thus fully erasing the data on the device.

Let Us Properly Prepare Your Digital Equipment for Disposal

As much fun as it may be to take a sledgehammer to a hard drive, your time is better spent focused on your business. With that in mind, Digital Uppercut can lighten the load and help properly prepare your digital equipment for disposal. Call us at 213-398-8771 or contact us online today.

What is a Security Audit and How Do You Prepare for One?

 

Security audits have become increasingly important for businesses of all sizes. They can help protect your company from cyber threats, protect your data, and ensure compliance with industry regulations. But what is a security audit, and how do you prepare for one?

What is a Security Audit?

A security audit is an assessment of an information system's security posture to identify vulnerabilities and risks in order to make recommendations for remediation. In the case of a security audit, this includes assessing what types of security technologies are in place and what weaknesses or risks exist. It also includes performing tests to identify potential areas of improvement and providing a summary report that outlines recommendations on how to improve security. The goal of a security audit is to ensure that an organization's systems are secure and conform to established security standards.

It typically involves analyzing the system's hardware, software, and networks, as well as its policies and procedures. A security audit is an essential component of any cybersecurity strategy, and its purpose is to identify weaknesses or areas of risk in the system. It is done through a combination of manual examination and the use of automated tools to inspect the system's configurations, code, and data flow. This helps to assess vulnerability levels and detect any malicious activity. By conducting a security audit, organizations can better understand what needs to be done to protect their assets from potential threats.

Security audits are an important part of maintaining a secure environment, as they help organizations remain compliant with regulations and industry standards. Thereafter, what is a marketable security audit risk? It is simply any potential vulnerabilities or threats that could be exploited by malicious actors. Security audits are an important tool to identify, assess, and remediate any risks present in an organization’s system. A successful security audit should include the assessment of policies, procedures and technical controls to ensure compliance with regulations and industry standards. Regular security audits further ensure that organizations can maintain reliable data security, protect their customers’ data, and remain secure against cyber threats.

Benefits of a Security Audit

A security audit helps identify potential vulnerabilities in your system’s security infrastructure before they can be exploited by malicious attackers. What is a security audit? A security audit is an in-depth analysis of the existing security state of an organization's infrastructure. It evaluates the security policies, infrastructure configuration, implementation, documentation, and effectiveness of an organization’s cyber defense. It also checks for compliance with applicable industry standards and regulations. The goal of a security audit is to identify areas where the organization’s security posture needs to be improved and what steps are needed to achieve this improvement.

Conducting regular security audits allows you to stay ahead of the latest threats, mitigating risks for your organization. A security audit log is a record of what has happened in your system and what was attempted to happen. It can help you detect malicious activities on your network, identify what compromises have occurred, and what access levels different users have on the network. By analyzing these audit logs, you can implement appropriate security measures that are tailored to your organization’s needs and address any security issues before they become a problem. Regular security audits are essential for keeping your system secure and protecting sensitive information.

Security audits can provide valuable insights into how your organization can better protect its critical data and systems from external threats. Also, what is a marketable security audit risk? Auditing is the process of assessing an organization's security posture, including what regulatory requirements must be met and what policy requirements should be implemented. It can help identify systemic risks that potentially put the organization's data at risk. A security audit can provide valuable insights into how your organization can better protect its critical data and systems from external threats by identifying what risks must be addressed and what steps must be taken to mitigate them.

Advice to Help You Plan for Your Security Audit

It is essential to have a clear understanding of your IT environment before starting the security audit process. A security audit looks at what is in place to protect your organization's IT systems, such as what protocols and tools are being used, what personnel have access to the system, what data is stored and processed on the system, and what other security measures are in place. By conducting a thorough audit of the environment, you can identify any vulnerabilities that could be targeted by malicious actors. This will help you take the necessary steps to protect your networks and data from future attacks.

You should also create a timeline for the audit and plan ahead for any potential security vulnerabilities. Knowing what cybersecurity measures to take can help protect your business and mitigate the risk of a data breach. Establishing a regular schedule for monitoring, auditing, and updating your system can be essential for a secure infrastructure. It's also important to train all employees on what constitutes safe online behavior and what malicious activity looks like. In addition, you should create an incident response plan that details what actions need to be taken if a security incident does occur. By implementing these cybersecurity measures, businesses can be better prepared for any potential cyber attack.

Lastly, make sure to have robust policies and procedures in place so that your team is prepared to respond quickly and effectively to any security threats. Moreover, what is a security audit log? This is a record of activity on a system or network that allows security administrators and auditors to quickly identify any suspicious activity. Having a robust and up-to-date security audit log is an important part of any cybersecurity strategy, and can help in the event of a security breach. It's important to have reliable policies and procedures in place so that you and your team can respond quickly and effectively to address any security concerns or threats.

Implementing the Security Audit Results

Auditing the security systems and processes in place is important to ensure that any potential risks are identified and addressed. Cybersecurity is an ever-evolving field, so regularly assessing what is in place can help protect individuals and businesses from the risk of large-scale data breaches or cyberattacks. By understanding what systems and processes are being used, what threats they are facing and what gaps might exist, organizations can work to ensure that their cybersecurity is properly managed. Additionally, having a strategy in place to detect any suspicious activity can also be beneficial, as it allows organizations to take appropriate action quickly should any issues arise.

Once the security audit is complete, it is essential to implement the recommendations made in order to strengthen the organization’s cybersecurity posture. A marketable security audit risk is a risk or vulnerability that could potentially be exploited by a malicious entity once they gain access to the organization's systems, networks, and data. It is crucial to identify what these security audit risks are and be able to accurately assess the organization’s current cybersecurity status in order to protect against cyber threats. The audit will help identify what cybersecurity measures should be implemented in order to mitigate and manage any potential risks.

This will involve implementing new technologies, training staff on security protocols, and regularly monitoring for any changes in the digital landscape. Also, a cybersecurity audit is essential for any organization that wants to ensure it has the most effective defenses against cyber threats. This will include evaluating what technologies are in place, training staff on best practices, and monitoring the system for any changes in the digital landscape. By carrying out such an audit, businesses can ensure they have a secure foundation in place to protect their confidential data.

Following Up on Results and Updates

It is important to regularly check the results of security audit tests in order to identify any potential vulnerabilities. A cybersecurity audit is a comprehensive review of the technologies, processes, and operations that an organization utilizes to protect its sensitive information from cyberattacks. This type of audit helps organizations identify any weak points in their security infrastructure and proactively address them before attackers can take advantage of them. By conducting regular cybersecurity audits, organizations can ensure that their systems are secure and up-to-date with the latest measures.

While it may seem tedious, updating systems and applications with the latest security patches is essential for keeping data safe. Security audits serve as a way of testing what is currently in place and what could be improved. In order to have an effective security audit, it is important to have the right measures, such as an assessment of the latest technology, applications, and system security. What is the purpose of a security audit? It helps detect any weaknesses that may exist within the system or applications and advises what can be done to fix them. It also helps identify existing threats that could pose risks to the system and provides solutions to prevent these potential attacks. By carrying out regular security audits, organizations can be sure their systems are kept safe from potential intrusions.

Additionally, following up with customers on any new safety protocols should be a priority in order to ensure maximum protection. Next, it is important for companies to conduct what is known as a security audit, which is a thorough examination of the security measures in place. This audit should be conducted regularly to make sure all customers are secure. Additionally, following up with customers on any new safety protocols should be a priority in order to ensure maximum protection.

Benefits of Ongoing Security Auditing

Regular security auditing helps organizations identify any potential weaknesses or vulnerabilities in their systems. A security audit is a thorough examination of an organization's network to identify any potential vulnerabilities or risks that could be exploited. It is important for organizations to regularly conduct security audits to ensure their networks are secure, reliable and compliant with industry standards. The audit assesses what technologies and tools are in place, what processes are currently in use and what access controls are being implemented. It is a necessary step in maintaining the security of an organization's cyber infrastructure and can help prevent cyber threats from becoming larger problems down the line.

It also allows organizations to stay ahead of the latest cyber threats and make sure their systems are up to date with the latest security measures. Cybersecurity is an important consideration in today's world, as more and more of our business and personal lives are becoming digitized. By investing in cybersecurity, companies can ensure their data is secure from malicious actors, including hackers, viruses, and other forms of attack. Furthermore, cybersecurity provides the necessary protection for organizations to remain compliant with laws and regulations concerning online data. With comprehensive cybersecurity measures in place, organizations can rest assured that their digital assets remain safe.

Ongoing auditing can also help organizations ensure their data is protected and that they are compliant with all applicable laws and regulations. In conclusion, organizations should develop and implement a comprehensive cybersecurity plan that includes frequent auditing. This ongoing auditing helps ensure that their data is secure and fully compliant with legal requirements. Regular auditing is the best way to stay informed of the latest cybersecurity threats and techniques to protect data from being compromised.

So, What is a Security Audit, and How Do You Prepare for One?

In conclusion, it is important to remember that security audits are key components to keeping your business safe from cyber threats and ensuring compliance with industry regulations. It is essential to have an understanding of what a security audit entails before undergoing one so that you know what to expect and can adequately prepare. Knowing the right questions to ask, having an understanding of the key components of a successful assessment, and working with a qualified auditor are all important steps in the auditing process. Call us at 213-398-8771, or use our online contact form to learn more. 

Cybersecurity Undone by Insider Threats

What does a dishonest FBI employee have to do with your company’s cybersecurity? More than you think. Kendra Kingsbury, a 48-year-old FBI intelligence analyst, was indicted on May 18, 2021, for “having unauthorized possession of documents relating to the national defense.” According to the FBI’s special agent in charge of this case, “Every FBI employee swears to support and defend the Constitution of the United States,” and Ms. Kingsbury allegedly violated that promise for reasons not yet publicly apparent.

Now, let’s think about all the people who work in and for your company, including employees, contractors, vendors and service providers. They may not have made a promise as important to national security as those made by FBI agents, but they could be just as likely (if not more likely) to be an insider threat, to betray your trust and do great harm to your business.

What Are Insider Threats?

We often write about modern threats against organizations, including Ransomware, Data Exfiltration, Data Breaches, Zero-Day attacks, Hacks, Viruses, and other malware and cybercrimes. But the assumed context of all of those attacks is that they’re initiated by business outsiders, often Eastern European hackers, Rogue nation-states, or just plain old-fashioned individual cyber criminals writing viruses in their basements.

Over the last two years, we’ve reported on just one story about a potential insider threat, and that was to a company we’ve all heard about, Tesla. A cyber criminal attempted to bribe a Tesla employee with $1 million to place a ransomware-filled thumb drive into his desktop PC. But the employee was trustworthy and reported the bribe to his supervisors, who, in turn, involved the FBI. The cybercriminal and one of his associates were caught because the honesty and integrity of a Tesla employee neutralized the threat before the attack could occur.

Would your employees and your third-party vendors do the same for you and your business? All business owners and managers hope the answer is yes, but most also know it’s unlikely.

So what are insider threats? Those are any of the incidents mentioned above (Ransomware, Data Exfiltration, Data Breaches, Zero-Day attacks, Hacks, Viruses and other malware and cyber crimes) perpetrated by someone who works in the company or a trusted vendor.

Are All Insider Threats Malicious?

Interestingly, not all insider threats are malicious, where the actor intends to do harm to the company. According to Verizon’s Insider Threat Report, insiders are often motivated by these malicious motives:

• Financial Gain -- But not necessarily to do harm to the organization
• Espionage -- For the benefit of themselves or another organization
• Grudge -- Potentially against the business, but also potentially against specific employees
• Ideology -- The insider may be opposed to an action or philosophy of the organization

But insiders could also be motivated by these less-malicious reasons:

• Fun -- Can this be done?
• Convenience -- the desire to work around cumbersome security procedures.
• Fear -- perhaps fear of an impending financial catastrophe, or fear of being fired.

Supporting those statistics is Verizon’s assessment of who the insiders are. Three of their actor-types are malicious:

• The Inside Agent -- An employee motivated to act for the benefit of some other bad actor.
• Disgruntled Employees -- Potentially those passed over for raises and promotions, or who feel they were otherwise wronged by their employers, who are just out to harm the organization or other specific employees.
• Malicious Insider -- Those who steal data, usually for personal gain.

But two of them are not:

• The Careless Worker -- Employees who incorrectly address emails, install unpermitted software, inadvertently expose sensitive data, and work around security measures.
• The Feckless Third Party -- Business partners who do not support the same high security measures as the organizations they serve.

(Note: In the above list, the labels were from Verizon’s report, and the descriptions were our own.)

Reducing The Damage of Insider Threats

So your company has done all that it was supposed to do in order to protect itself from cyber attacks: you installed the latest firewalls and reinforced those with the best cybersecurity software. You’ve got endpoint protection, VPNs, multi-factor authentication, secure password policies, SIEM analysis of your device log files, a Security Operations Center monitoring your network 24/7...so you sleep well at night.

Despite doing all the right things, insider threats can undo several layers of cybersecurity in moments.

What can you do to help reduce the Damage of Insider Threats?

Cybersecurity Awareness Training

Cybersecurity Awareness Training helps to train your employees to look out for signs of Phishing, Business Email Compromise, and other signs of attempted attacks. But it can also train employees how to notice when other employees are doing things they shouldn’t be doing -- insider threats that may potentially harm your company.

Employee Background Checks

But Awareness Training depends on whether your employees actually want to protect the company. How can you ensure that they do? Trustworthy employees begin with the hiring process, and in particular, by running background checks on your employees.

Robert Glucroft, of BackgroundRunner.com, a Los Angeles-based background check company, says, “When you’re interviewing a prospective employee, they will often say whatever they need to say to get you to hire them...and not all of it is going to be true.” Glucroft continues, “You could be hiring people who have long histories of embezzling from their companies, or people who are in severe financial trouble or have substance abuse issues, all of which make them much more likely to betray your company for the right price or reason.”

But background checks are not only for potential new employees. Background checks should also be conducted on an annual basis on existing employees. “Situations change for employees just as they do for the general public. Sharp increases in debt, signs of substance abuse, and even a lengthening criminal record can indicate that an employee is under stress and may potentially harm the company,” says Glucroft.

Vendor Management and Review

We’ve been brought into companies with the goal of either reviewing or improving their current cybersecurity practices and those of their vendors and suppliers. We’ve discovered instances where our clients had the foundations and policies of a solid cybersecurity strategy, but all their efforts were undone by outside vendors.

• We’ve seen the aftermath of VOIP vendors and Video Security installers leave huge holes in previously-secured company firewalls in order to simplify the configuration of their own equipment.
• Software publishers have had their own software hacked and then installed their software onto the networks of other businesses, immediately adding backdoor access to your business and all its data.
• Even an improperly configured QuickBooks system can allow hackers to steal your data.
• Vendors for proprietary equipment, such as specialized medical equipment, have sometimes left security holes in their own products that will allow access to your office network in much the same way as smart light bulbs can give hackers access to your wifi network.
• Vendors can even install their own software via thumb drives without knowing that those drives contain malware.

Businesses often let vendors into their company without questioning their cybersecurity policies and procedures, it often leads to a disaster for the company. The only solution to this problem is to manage and review your vendors’ cybersecurity policies.

Conclusion

Business IT networks are getting more complex every day, and that means your cybersecurity strategy needs to adapt in order to be effective. But a huge, often overlooked part of your cybersecurity strategy includes the people who work in and with your organization. If you don’t know how to protect yourself from these dangers, let Digital Uppercut help. Use our online contact form or call us at 213-398-8771.

Cybersecurity Insurance Costs Are Increasing

 

The likelihood of your business suffering a cybersecurity attack increases daily. Cyber criminals are getting smarter, innovating faster, and attacking more viciously. A cyberattack could result in your data being held ransom, stolen, resold over and over, or even posted publicly...all with a goal towards getting you to pay a steep ransom. Even worse, paying the ransom (which the FBI recommends against) does not guarantee that the attackers will not return for a repeat attack. And on top of all that, an attack could subject you to huge fines and even criminal penalties. To protect yourself, you not only need to install proper cybersecurity hardware, software, policies and staff, but you also need a good -- actually a GREAT -- cybersecurity insurance policy. But the costs of getting covered are increasing, the qualifications for a cybersecurity insurance policy are becoming more strict, and the benefits and payouts of policies are decreasing.

What is Cybersecurity Insurance

A Cybersecurity Insurance Policy, also called a CyberInsurance Policy, is a specialized type of business liability insurance that provides coverage to an organization in the event of data breaches, hacks, ransomware and other cyberattacks. These attacks and events can damage your business in many ways, including…

• Data Exfiltration -- copying or moving your data off of your network and to other systems, where it will likely be used to create further crimes. For example, customer data can be stolen and then used for massive identity theft crimes.
• Data Theft -- including intellectual property.
• Ransomware -- a type of malware that causes your data and/or your software to become encrypted in such a way that it becomes unusable. The criminals will hold your data hostage and sell you a decryption key, which is supposed to allow you to recover your data. Unfortunately, sometimes decryption keys are not sent or do not work.
• Phishing -- Phishing is a method of delivering ransomware and other types of malware, as well as a method of stealing login credentials for valuable company resources, including HR systems, bank accounts, email accounts, email servers, workstations, network servers and more.
• Remote Control -- Software can be installed on your computers to give outsiders complete control over individual computers or entire networks.

What Does Cybersecurity Insurance Cover?

Cybersecurity insurance can cover some or all of the damage caused by these and similar attacks, depending on the policy and the circumstances, possibly including items such as:

• Repairing damaged networks or computer systems.
• Restoring or rebuilding lost data.
• Notifying those affected by breaches.
• Helping to protect the identities and credit of third parties whose information was breached or compromised.
• Credit Monitoring and Identity Restoration for affected parties.
• Liability to the affected third parties.
• Public relations expertise for reputation management.
• In some cases, cybersecurity insurance may also cover the ransom required to recover data.

“Not all policies are created equal,” says Santa Clarita business insurance broker Jon Gardner. “I would recommend that anyone purchasing cybersecurity insurance look beyond the price and review each line of coverage with their broker and their cybersecurity professional to determine what is and what is not covered. The lowest cost policy may not provide all the coverage that is needed.”

Is Cybersecurity Insurance Only Available To Large Companies?

Many people assume that cybersecurity insurance policies are only available for medium and large companies. However, small businesses are also targets of cybercrime, especially since they often do not have the level of security needed to prevent such an attack. According to Verizon's 2020 Data Breach Investigations Report, 43% of cyberattacks targeted small businesses.

That means small businesses need coverage, too. It’s part of any good cybersecurity plan.

Does My General Business Liability Policy Cover Cybersecurity Issues?

You may be wondering whether your general business liability insurance covers these things, and the answer is generally no. Since these are new and unique risks that businesses face, they are generally specifically excluded as covered items from general business insurance.

But Cybersecurity insurance doesn’t cover all expenses related to cyber attacks. These policies are unlikely to cover the following:

• Downtime that results from an attack
• Business interruption
• Hardware and software upgrades
• Lost reputation
• Government Fines and Penalties
• Indirect costs, such as losses that result from the theft of company secrets
• Business Email Compromise (BEC)

That last item -- Business Email Compromise -- may be a surprise to you. BEC is when fraudulent emails are sent to colleagues, asking for access to certain resources, including online resources and financial accounts. The result can be loss of data, copying of proprietary company information, or wire transfers to offshore accounts. Despite the severity and high costs of these attacks, they are usually not covered by cybersecurity insurance policies.

Cybersecurity Insurance in 2021

According to CSOonline.com, cybersecurity insurance is getting more expensive, harder to get, and it’s covering less and less. That’s because of several trends, including the rise in the incidence of cyberthreats, the severity of cyberthreats, and the availability of methods to prevent attacks from being successful.

Cyber Threats Increase

As we have reported many times in this column, the incidence and risk of cyber attacks are increasing continually. The FBI reported that cybercrime was up in 2020. The rise included a 5% increase in Business Email Compromise (up to 1.8 billion dollars in damage), a 20% increase in Ransomware attacks, and a doubling of Phishing attacks -- with California leading the country in both the number of Cybersecurity incidents and the total amount of damages.

Severity of Cyber Attacks Increasing

The CSOonline article goes on to say that the potential damage caused by breaches can increase. “These notably manifested in the growth of multi-extortion attacks, whereby cybercriminals not only encrypt an organization’s data and hold it for ransom, but also copy and threaten to release (the data) to the public, thus raising the stakes.”

The severity of the attacks has the effect of increasing the ransom demanded by the attackers.

Cyber Attacks Are (mostly) Preventable

The irony is that organizations don’t do all they can to protect themselves. As we wrote in April 2021, Cybersecurity is not taken as seriously as it should be. While no one can absolutely guarantee that an organization won’t suffer a cyber attack (as evidenced by recent hacks of branches of the US Treasury Department and the United Nations), many organizations think that installing off-the-shelf antivirus software will keep their businesses safe.

It won’t.

So while doing nothing can be expensive, doing a great deal more doesn’t cost as much as you might think. In our article about how much should good cybersecurity costs, we wrote about how cybersecurity can cost anywhere from 4% of total revenue down to a small fraction of a percent of revenue for larger companies.

Applying for Cybersecurity Insurance Gets Tougher

Insurance companies are cracking down on qualifications to secure coverage. Gone are the days when nothing more than a cleared check is all that’s needed to qualify for a multi-million dollar policy. Insurance companies are now surveying (in detail) their prospective clients about their cybersecurity configurations, policies and technologies -- a technical third degree.

A recent cybersecurity application sent to us by a client seeking new cybersecurity insurance coverage included such questions as:

• Have you implemented any of the following to protect against phishing messages: SPF, DKIM, DMARC
• Do you enforce Multi-Factor Authentication (MFA) for email?
• Do you use MFA for cloud provider services (AWS, Azure, Google Cloud)
• Do you use Endpoint Detection and Response Tools?
• Do you actively monitor all administrator access for unusual behavior patterns? If “Yes”, what is the name of your Monitoring Tool?
• How frequently do you install critical and high-severity patches across your enterprise?
• Do you use endpoint application isolation and containment technology on all endpoints?
• Do you use a Security Operations Center (SOC)?
• Do you use a Security Information and Event Management (SIEM) System?

The list goes on. And if you are a regular reader of this column, all of the technologies mentioned involve technologies that Digital Uppercut has been writing about for the last 3 years, and recommending to our clients for far longer.

How We Help Clients Apply For Cybersecurity Insurance

Applying for cybersecurity insurance can be difficult, if not confusing and frustrating. That’s why one of the services we provide to our clients is to fill out cybersecurity surveys like the one referenced above. We’ll explain the questions on the application, answer the questions as appropriate, and make recommendations to their cybersecurity team to make the application more likely to be accepted.

And since the cybersecurity insurance companies are looking to reduce their risk when they issue you a policy, that means that your risk of becoming a victim of a cyberattack can be reduced as well.

Call Digital Uppercut

If you don’t have cybersecurity insurance yet, it’s time to get it NOW, before something bad happens. If you have a policy now and would like to keep premiums down, let us help by examining and improving your current cybersecurity configuration. And if all you have are questions, that’s OK, too. Just use the online contact form or call us at 213-398-8771.

 

New cryptocurrency coins are created by solving complex mathematical problems, a process called “mining.” Those who mine cryptocurrency do so by building farms of extremely powerful computers designed specifically for these mining operations. Not only are the computers expensive, but so is the maintenance, networking and electrical power required to keep them running, sometimes making the effort unprofitable. But now cybercriminals have designed malware that seeks to avoid all of that expense by infecting millions of computers with code that will do the mining for them...on YOUR computers.

The malware, named Prometheus (after the Greek god of fire) and “Prometai” in Russian, exploits two vulnerabilities in Microsoft Exchange, collectively known as “ProxyLogon,” to help it spread to users of the Exchange server. But the threat doesn’t stop there.

How The Prometai Malware Works

According to a report on Cybereason.com, the attack begins with a hack of unpatched Microsoft Exchange servers that exploit the two ProxyLogon vulnerabilities. From there, it infects other PCs on the network.

Threatpost says that “ProxyLogon consists of four flaws that can be chained together to create a pre-authentication remote code execution (RCE) exploit – meaning that attackers can take over servers without knowing any valid account credentials.” That means that no matter how complex your passwords may be, your Exchange Servers may still be at risk.

The malware's main payload is to run a cryptocurrency-mining application. Miners do well when the costs of the machines, maintenance and network infrastructure are lower than the value of the coins generated by the application. And the venture becomes even more profitable when those costs are born by others.

Which Cryptocurrency is Mined by Prometai?

Most of us are familiar with Bitcoin, the most popular cryptocurrency, but this malware mines Monero, a lesser-known cryptocurrency. Why Monero? According to Genesis Mining, Bitcoin is optimized to run on specialized hardware that uses ASIC chips, and most office computers do not have high-performance ASIC chips. On the other hand, Monero is “designed in such a way that ASIC computers do not have much of an advantage over ordinary computers. As a result, ordinary people can use a simple CPU and start mining right away.”

That makes mining Monero ideal for the untargeted distribution of this malware, because any computer it infects can be used for mining the coins.

Why is the Prometai Malware Dangerous?

The damage to the owners of these computers occurs on many levels.

• The users of infected computers suffer from poor performance from their PCs, as processing power is diverted to the mining operation.
• Computers use additional electricity for the additional processor power required to run the mining software.
• The malware can affect the stability of the infected computers.
• It spreads to other workstations by using brute force techniques to guess user credentials, trying hundreds of common passwords
• It spreads to Microsoft SQL Servers and PostgreSQL servers

But the real danger of the malware is that it provides a backdoor for loading other software that could do even more damage to your computers and your company. The backdoor could be used for:

• Stealing Credentials
• Stealing Intellectual Property
• Installing Ransomware
• Allowing Remote Control and Takeover of the computers

How To Protect Your Company From Prometai

The first and best thing you and your company can do to protect yourselves from this and similar malware infections is to keep your software up to date. The entry point for Prometai is two vulnerabilities in Microsoft Exchange that Microsoft has already fixed. However, if your IT team has not installed the patches, your company remains vulnerable.

Systems that detect and prevent unauthorized installation of software on servers and workstations are another line of defense, as they could prevent the installation of the malware or detect its presence early enough to minimize the damage.

SIEM systems, which view and analyze your entire IT infrastructure as a whole (rather than as separate components), can help to detect unusual activity across your network.

If you run a business, from a single laptop up to large enterprises, your business is vulnerable to this or similar malware, and there is no way to protect your business except to take an active role in defending yourself. Digital Uppercut offers all of these services and more as part of our Business Protection Toolkit, which contains 10 separate business protection tools and is growing.

Call Digital Uppercut

The Business Protection Toolkit allows Digital Uppercut to provide big business protection on a small business budget. If your business isn’t protected, or you aren’t sure if your current IT team is protecting your business well enough, call Digital Uppercut for a free consultation and a discussion of your situation. Make an appointment using our online contact form, or call us at 213-398-8771.

Is Cloud Computing Safe?

 "The Cloud" is as mysterious to most people as brain surgery or rocket science...we know it exists, we know some people understand it, and we know that we aren’t those people. But just as we make assumptions about everything else we don’t fully understand, we make assumptions about cloud computing. For example, is cloud computing safe? A lot of people believe that cloud services are inherently secure services, substantially more secure than on-premise services. But that couldn’t be further from the truth. While many cloud services claim they are secure and come with a variety of security features, it’s just not the case that they are secure by default. Each of those options and systems must be configured specifically for your situation, and these configurations are far from simple.

The Rise of Cloud Computing

When we ask whether cloud computing is safe, we need to agree on what we mean by "cloud computing." Up until recently, office networks were centralized in air-conditioned server rooms behind locked doors. Securing those devices and the traffic that runs through them -- as well as the physical devices themselves -- could be a full-time task. But now most office networks are running either fully or partially in the cloud. In fact, running on-premise email servers is more of a rarity, giving way to cloud-based email like Office 365 or Google’s G Suite.

Similarly, file servers have been replaced by cloud-based storage from companies like Microsoft, Google, Amazon, Box, Dropbox, and many others. And we seldom see on-premise accounting systems running on on-premise hardware as much as we see cloud-based systems such as NetSuite, Sage, Macola, Microsoft Dynamics, and many others.

Is Cloud Computing Safe?

So when we talk about safe cloud computing, what we’re talking about is securing your data while it’s in any of three states: in motion, in use, and at rest.

Data at rest is data that is stored. For example, your files that are stored on any of the cloud-based storage companies listed above.

Data in use is data currently loaded in your accounting system, spreadsheets, HR applications, CRM systems and so on.

Data in motion is data that is moving across private networks, like your company's LAN or data that is moving across the internet. It could include data that is…

• Moving between on-premise equipment and cloud platforms
• Moving between mobile devices and cloud platforms
• Moving between cloud platforms

And despite what the cloud platforms might tell you about their security, they’re not telling you the whole story. Each of them has some level of security built into their systems, but just because they are there, it doesn’t mean they have been implemented or configured properly.

And it doesn’t mean that it’s effective.

For example, Microsoft 365 Business Standard doesn’t include Office Message Encryption or protection from phishing attacks. It doesn’t even protect against malicious attachments and doesn’t do a very good job of detecting and preventing ransomware. Microsoft 365 Premium has those features, but they are not the best in class.

Similarly, Amazon S3 by default allows a hacker who has gained access to your cloud service to list out the contents of your cloud. It’s also possible to configure Amazon’s cloud to expose private information by including public data "buckets" within them.

So when you are purchasing cloud services, you need to be sure you are purchasing the right product and service levels. Then each cloud application must be properly configured for your own environment and use cases.

So when you ask, “Is cloud computing safe?” the answer is “it can be.”

How To Secure Your Data In The Cloud

Digital Uppercut helps its clients secure their cloud data in several ways. The first is that we work with our clients to select the best cloud services for their applications. Box, Dropbox, Google Cloud and Microsoft OneDrive all have their own strengths and weaknesses. More importantly, they work better for some applications than others.

Regardless of which technology we choose, we properly configure it to make the most out of the built-in security services. We also use technology that seamlessly works within most top cloud service providers to provide additional security beyond what the tools’ native security allows.

For example, we can add best-in-class signature-based antivirus tools, sandboxing tools, endpoint protection tools, data leakage tools, encryption tools, and more to any cloud provider. And our systems will actually show you malware and dangerous files that will flow right through “Advanced” security tools from Microsoft or Google, or other cloud services, but that are caught by ours.

And that’s just the beginning.

We can detect when sensitive data is exposed to unauthorized users, when any file or folder is accessed by users, what the user did with that file, and much more. You can have full visibility into what happens with your data, when it happened, by whom, and how.

Making A Dangerous Cloud Safe

So, is cloud computing safe? Not really...not by itself. And especially not in our data-centric, compliance-oriented and litigious world. Protecting your data is critical to your company’s success and survival, and Digital Uppercut is here to help. If you’re contemplating moving services or resources to the cloud, talk with us to choose the right vendors and products. If you’re already computing in the cloud and would like an evaluation of your security, we can help there, too. Contact us online or call us at 213-398-8771.

How Much Should Good Cybersecurity Cost?

 

How Much Should Good Cybersecurity Cost? Business owners and CEOs are very familiar with the financial ratios they use to run and monitor their businesses. Good Inventory turnover often varies between 2 and 10, depending on the type of business. A 2-to-1 “Current Ratio” of assets over liabilities can indicate a healthy business.

Healthy Quick Ratios over 1.0 tell you how effectively the business can pay financial obligations...including emergency obligations, such as the hundreds of thousands or millions of dollars it takes to recover from a cybersecurity breach. So then what is the proper financial ratio for calculating how much you should spend on your company’s cybersecurity to prevent a breach? Like with other ratios, it depends on a number of factors.

How Much Should Good Cybersecurity Cost?

Good and bad assessments of the ratios mentioned above all depend on the type of business you’re running. Certainly, a wholesale business will have different ratios than a retail business. An online business will have different ratios than a brick-and-mortar business. And of course, service businesses will have different ratios than product businesses.

So how much should good cybersecurity cost? The problem with answering this question is that IT, in general, and cybersecurity, in particular, are generally considered cost centers rather than profit centers. So any number greater than Zero is going to be too much for some business managers.

Cybersecurity Economies of Scale

When asking what good cybersecurity costs, economies of scale hold part of the answer. As with most products and services, larger companies benefit from lower relative cost-per-user because their investment can be spread over more workstations and infrastructure. As a result, according to a report by InfoSecurity Magazine, which discussed the cost of cybersecurity as a percentage of revenue, large companies can often spend “anywhere from a fraction of a percent to a couple of percent on implementing and sustaining security.”

Larger companies enjoy lower per-user costs, such as software upgrades, security software, workstation purchases and upgrades, simply because they are buying larger quantities and can demand larger discounts. They can also spread high infrastructure costs, such as network servers, firewalls, backup systems, Security Information and Event Management (SIEM) and Security Operations Centers (SOC), among more users.

By contrast, small companies typically have fewer endpoints than larger companies, and cannot demand the same large discounts that their big brother companies can. And they need to spread their infrastructure costs over that smaller user count. The result is that, according to the same InfoSecurity Magazine article, small companies can spend 4% or more of their total revenue on Cybersecurity.

These percentages are not hard and fast rules. For both large and small companies, costs increase not only by the number of workstations and servers, but also by…

• The number of locations
• The number of remote workers has increased recently due to COVID-19
• The number and type of mobile devices
• The age of equipment and software
• The company’s efforts to update software and keep technology current
• The type of data being secured, especially as it relates to medical data
• The number and type of specialized devices, including medical devices, CAD/CAM equipment, manufacturing equipment and other diagnostic equipment

...and so much more. Whatever the circumstances, good security costs more for small businesses than for large companies.

How To Keep The Cost of Cybersecurity Down

Whatever size organization you have, there are ways to keep the cost of cybersecurity down.

Start when you’re small

It may sound counterintuitive, but starting your cybersecurity plan when you’re a small business allows you to grow cybersecurity incrementally, which can save the organization a lot of money.

Maintain The Cybersecurity You have

Creating a budget for cybersecurity and maintaining your technology diligently costs far less, both in time and money, than allowing your technology to age without updates and then replacing everything a few years down the road. Plans like this not only cause you to incur huge costs all at once, but they leave you vulnerable to attack as your cybersecurity technology ages.

Don’t Wait For An Attack

We often gain new clients after they’ve been attacked. They often tell us that they were just about to upgrade their cybersecurity. By then, of course, it’s too late. The costs of upgrading your technology after a cyber attack are many times higher than before the attack.

Big Business Cybersecurity for Small Businesses

What if your small or medium-sized business could get the same cybersecurity economies of scale that large businesses get every day? Digital Uppercut’s Business Protection Toolkit is designed to provide big business cybersecurity to small and medium-sized businesses like yours. And the good news is that you can decide how much good cybersecurity should cost, and we can customize the Toolkit to fit not only your business, but your budget, too. Together, we can choose big business cybersecurity technologies such as SIEM, SOC, Cloud-based firewalls, Awareness Training, Advanced Endpoint protection, and more. Contact us online or call us today at 213-398-8771 to talk about how Digital Uppercut can help protect you and your business.