Ransomeware

Blog, Cloud, Cloud Hosting, IT Solutions, Security, Technology, Uncategorized

How to Prevent Cloud Security Threats


No Comments

The end of winter is always a little grim, especially around the UK. The trees are bare, it gets dark way too early, the two-minute dash to the car threatens a soaking and the prospect of sitting outside with a cold beer/cocktail after a long day of work is surprisingly not tempting at all. I hate to be the harbinger of bad news, but it could get worse. Imagine coming in one morning, wind-swept and dripping, to the news that overnight your cloud was victim to a cyber-crime? At that point a cold beer in the snow seems like the best remedy for the situation. Despite everything, the internet isn’t as safe as you’d think, with devious no-gooders lurking around every corner, eager to take advantage of any vulnerability to make a quick buck. It’s especially important when your organisation is connected to the cloud, where your data is internet-facing instead of nicely locked up in an on-prem data centre. It doesn’t mean you should go out and raid Curry’s PC World for enough data storage to build a makeshift data closet though. Here are a few tips to keep your cloud secure, while enabling the innovation, data access and flexibility that you wanted in the first place.

We’re all in this together
The beauty of the network is that it’s all inter-linked. That’s how you can collaborate so easily, and throw your data and apps onto the cloud to access them whenever, wherever. Just remember, every ‘point of entry’ can be the weakest link, so it’s important to educate everyone in your organisation on how to protect themselves to protect the wider network community. It’s important to involve your entire organisation, making them aware that cyber security is just as much their responsibility as it is yours. Unfortunately, the biggest percentage of criminal infiltration comes down to users accidentally letting the cyber criminal in, usually through phishing or malware attempts. Phishing is a bigger threat to your organisation than ransomware is, and it all comes through malicious emails that get acted on. In this super quick blog post, I’ve already covered how to reduce the risk of getting on the phisherman’s hook. Also, it’s important to set up a (non-judgemental) plan for any user who feels that they might have been compromised, without them having to resort to throwing their laptop out of the window. Then you can be sure that they won’t be throwing out hardware willy-nilly, or sweeping incidents under the rug that could cause you harm in the long run.

Secure your data backup plan (just in case)
Data loss is a serious worry, always. Thankfully, in the case of cloud, this worry is slightly less. By storing your data in the cloud, it’s super simple to link your network to a backup storage solution to make sure that whatever happens you’ll be secure. We think that backups are so important that we’ve created a whole extra branch to Cetus; the Continuum Service. I’ve already touched on the 21st century’s answer to tape backup (it’s replication, by the way), and that’s what we offer with Continuum. It’s a full infrastructure recovery, and not just your data- making sure that your underlying server and desktop infrastructure is a-ok to get your business back on its feet in record time. It’s testing, on a regular basis, automatically verifying the integrity of each virtual backup server on its way to cloud, so that you know if something happens there’ll be minimal disruption. It’s a fully-managed service that allows your peace of mind knowing that we have a whole team on the situation, 24 hours a day. It’s a holistic backup and recovery solution that provides local file and VM restoration.

Who has access?
You can build the strongest walls around your building, adopt the most up-to-date firewall and screen every little thing that enters your network, but sometimes it’s important to be weary of the trojan horse plodding through your hallways every day. And by trojan horse, I mean an employee that could be stealing, irresponsibly sharing, or compromising your data. As an IT department, it’s important to assess who has access to what. There is absolutely no reason for Sharon in HR to be able to view or edit financial records, and what on earth could she be doing popping in twice a week at 3am? Establish access controls so that you can manage risk, tying user identities- even external ones- to back-end directories.

It’s important to put security measures in place that will ensure that your data and apps are protected. Why not embrace the latest technologies and adopt a smartphone access control system that will allow you to manage users and assign door access from anywhere?

Encryption and passwords are key
Your cloud can be quite vulnerable. Sitting up there, without the safety of your watchful eye, anything could be happening. It’s a bit like a spaceman floating in the big black expanse that is space, tethered to the International Space Station. He is protected by nothing more than his spacesuit, which shields him from the general elements, but there’s only so much you can do if he gets hit by a meteor. What he needs is an extra layer of bubble wrap and diamond outer shell. In the case of your cloud, this would look less rigidly cosy and more like good passwords and encryption.

In this example, we’re going to look at your spaceman’s bubble wrap; your password. Files in your cloud are zipped and protected with passwords, so it’s important that you choose a strong one. Having a unique password for your cloud is a must- if a hacker gains entry, they would have access to a huge amount of your data so it’s crucial that you keep it as safe as possible. Look into multi-factor authentication (which I’ve already discussed in detail in this post), adding an extra level of protection that you can control with fingerprint and retina biometrics.

If passwords are your spaceman’s bubble wrap, then encryption is his diamond shell, and it’s crucial. Cloud encryption allows your data and apps to be transformed by encryption, shooting up to the cloud securely before being stored. Encrypt at your network’s edge, ensuring that the data gets protected before it even leaves your network. But make sure to keep the encryption and deciphering keys stored away from where you store your data!

So, before you cobble together a makeshift data centre in a panic to protect your information, take a look at the level of security your cloud solution allows. The integrity of your cloud is vital for the health of your business; protecting your data and the access to it should be a priority for IT teams. Contact our Cetus experts to see how we can provide the ultimate protection for your cloud environment.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.

 

Blog, Cetus Solutions, Check Point, Cloud, IT Solutions, Security, Technology, Uncategorized

Cyber Criminals are at Gen-V; Are You?


No Comments

Since the dawn of the internet, we’ve learned that keeping our sensitive information under lock and key is important. Even more so nowadays, with the explosion of ecommerce asking for everything short of your National Insurance number. And nine times out of ten you can choose to save your card details for the next time you’re feeling too lazy to get out of bed to grab your wallet. If you really think about it, that’s probably not the best thing to do. But while putting our bank accounts at risk, you’d expect big corporations who have entire qualified, skilled and experienced IT teams to have a handle on their security, right?

Oh boy, could you be any more wrong. In a recent CheckPoint survey, 97% of the organisations that were assessed were not prepared for a Gen-V cyber attack. The thing is, cyber-attacks and security protections have evolved significantly in the last 30 years, but not at equal levels. Currently, organisations are at Gen-III. We fell into Gen-III in the early 2000s, when attackers learned to leverage vulnerabilities in the components of an IT infrastructure. This includes operating systems, hardware and applications. A fantastic example was the SQLSlammer worm. Since then, Gen-IV has emerged in 2010 as cyber criminals became more sophisticated, targeting the world of finance, where sandboxing and anti-bot were the main protections.

Back in 2017, the dreaded Gen-V cyber attack made a roaring entrance with the world-shattering WannaCry ransomware attack. We’re looking at large-scale, multi-vector attacks, using uber-sophisticated attack tools. It’s safe to say that we’re not in Kansas anymore. These attacks are major, generally using ‘state-sponsored’ technologies that can target networks across countries, companies and even continents. Cyber criminals are getting their hands on these technologies from simple leaks or as a result of reverse engineering, and cause major reputational damage for the organisations affected.

So what can be done? The risk of a security threat is omnipresent. No matter what you do, your organisation will be exposed in one way or another (unless you favour the slate-and-chalk method of working).

Check Point’s Infinity is one of the best ways to handle the stress of cyber security. Focusing on prevention instead of detection, it’s a hyper-aware platform that provides consolidated security across networks, cloud and mobile. Combining a single security platform, pre-emptive threat protection capabilities and a unified system for management. With the release of R80.10, it features plenty of clever capabilities and enhancements which include unique policy layers, security multi-zones and boosted performance, to ensure security management. With the move to cloud earmarked for most organisations, the integrated Check Point vSEC Cloud Security’s comprehensive portfolio integrates with both private and public cloud platforms, so you’re covered regardless of your cloud preferences.

Infinity also boasts an impressive threat prevention in the form of anti-ransomware technology that enables businesses to remain protected against even the most sophisticated ransomware and cyber extortion. If your organisation is big into mobile (whose isn’t?), SandBlast mobile has the intelligence to detect both known and unknown malware, effectively blocking it before it becomes a problem. You’ll never have to worry about poisoned wi-fi networks, ‘man-in-the-middle’ attacks or SMS phishing. There are so many nifty features of Infinity that make it a clever investment for an organisation, no matter its size. Centre stage, it has centralised management and role-based administration that allows it to apply to all organisation use cases.

Gen-V will certainly not be the last upgrade in cyber security. As technology improves, expanding and intruding into more and more of our lives, the sophistication of cyber criminals will progress just as fast. It won’t be long until I’m writing about a major Gen-VI cyber-attack and its implications affecting another group of international organisations. So now is the time to start getting ahead of the hackers. We work hand-in-hand with Check Point to ensure that your infrastructure is at the highest level of cyber security so you don’t need to worry about that.

Speak to an expert

Directors-9619Missy Beaudelot – Digital Marketing Executive
With a background in journalism and an interest in all things tech, Missy keeps our social media in check while monitoring our websites and developing our digital presence.