In reviewing compliance documentation, we found it necessary to talk about Virtual Private Network (VPN) technology for both privacy and secure remote access. A VPN is a connection to a private network over the internet through an encrypted tunnel – think smuggling information across a secret passageway between two places.
Why use VPN?
Privacy: There has been a huge buzz lately about using VPN technology to help mask you browsing habits from the likes of the NSA or Google. VPN services offer connections that regularly change your external IP address so that a profile (marketing or otherwise) is harder to build. It also makes hacking of your information harder when these services providers offer anti-virus and anti-spam filtering as part of the VPN service.
What are the trade-offs? These VPN service providers will now be the sole owner of your browsing habits – they can sell targeted profiles to marketing companies – so read those terms of service. There will also be a performance hit to your internet speed, so if you are working from a slow network already this may not be an option. Then there is the added cost of an extra $5 to $15 per month for these services on top of your internet bill each month.
Secure Remote Access: This was the original intent of VPN technology and where it really shines. Either from remote workers using coffee shop wifi or remote offices connecting to the main office, VPN tunnels are used to securely access data, servers, and other network resources. This technology is required by all major compliance agencies so that all data transmitted is encrypted during transport. In the past servers would open ports to the internet to allow access, but it was found that this practice allowed hackers the same opportunity to gain access. With VPN tunnels there is another layer of protection from unexpected access. There is also the benefit that no outside provider gets access to your browsing habits.
What are the trade-offs? This will require a router at the main office that is business grade and capable of handling the traffic. It will then require setup of remote workers laptops or remote offices with similar business grade routers.
If your company is concerned about privacy on the internet or secure remote access, then contact us for assistance.
NIST is the National Institute of Standards and Technology. It acts as the defacto baseline that all other security and compliance organizations use to construct their standards. Reading their publications is like reading any other government document – extremely long and not interesting. Farmhouse Networking recently became aware of one such document called NISTIR 7621 aka Small Business Information Security: The Fundamentals. We took the time to distill out the main points here:
The Fundamentals aka Best Practices
Identify: Who has access to the network, who has access to the data, and what do they have access to. This includes background checking employees during the hiring process, taking an inventory of data to see who needs access to what, requiring that each user have their own login, and company policy creation.
Protect: Protection starts with separating data into shares then giving access only to those who really need it. It also includes protecting hardware with uninterruptible power supplies (UPS) and protecting software with regular updates. Protecting the network includes setting up a proper firewall, separate wireless for guest access, and VPN only access for remote users. Web filtering, SPAM filtering, file encryption, proper disposal of old equipment, and employee training are also mentioned.
Detect: Having a centrally managed antivirus software on each workstation is a must. This includes the ability to look back in time via log files or monitoring system to find the root of the security breach.
Respond: Have a disaster recovery plan and security incident response plan in place.
Recover: Need full backups of all important business data, invest in cyber insurance, and regularly access your technology to find timely improvements.
If your company does not meet these fundamentals, then contact us for assistance.
“In a new stunning example of the scale and sophistication of online cybercrime, just before the holidays, DOJ charged two hackers with stealing hundreds of gigabytes of data—including sensitive intellectual property, confidential business data, and personal information from companies and government agencies around the world—as part of a multi-year cyber-espionage campaign that targeted managed service providers (MSPs) directly, bypassing the protections of client systems. This indictment is the latest example of the U.S. government’s use of the criminal justice system to crack down on state-sponsored economic espionage.
As alleged in the indictment, the hackers belong to what is believed to be an elite, Chinese government-sponsored group known within the cyber-security community as Advanced Persistent Threat 10 (APT10). The targets of the hacking campaign included companies in the aerospace, health care, biotechnology, finance, manufacturing, and oil and gas industries, as well as U.S. government agencies, such as NASA and the U.S. Department of Energy.”
The indictment alleges that APT10’s MSP Theft Campaign began in 2014 and involved three stages.
The hackers gained unauthorized access into the MSPs’ computers and installed malware allowing APT10 to remotely monitor the computers and steal login credentials.
The group then used these stolen credentials to move laterally into each MSP’s network and the networks of their clients, further spreading the malware infection.
APT10 identified data of interest on these compromised computers and created packages for exfiltration using encrypted archives, allowing the hackers to move the data from one system to another before ultimately transferring it to APT10’s computers.
This sort of breach calls into question the operating procedures of MSPs everywhere, their security practices, and moral compass. If IT support staff are not trained in best practice and cannot keep from being infected via websites or emails, then what business do they have managing larger network systems with sensitive data.
If you are unsure of your MSPs practices and would prefer a company with transparency, then contact us for assistance.
Phase 1: Break-In: Hackers are still using phishing emails, bad passwords, social media links, and poorly patched systems to make their way in with the initial infection. Employee training is the first step towards preventing breaches for 9 out of 10 companies now (and it is included in the price for all our monthly clients).
Phase 2: The Inside Man: Once inside the hacker will scan the network for further vulnerable systems, employees with more access rights than they need, and systems that allow access into other parts of the network. Having systems in place that detect strange or malicious activity are key to stopping an infection in its tracks.
Phase 3: Spread Out: This is where the hacker has all the access they need and start to find the data that is worth selling. Hackers will usually start moving data to places it doesn’t belong on the network then downloading it to their computers for resell. This is where strong access policies that are clearly defined and enforced make the greatest impact to protect sensitive data.
Phase 4: The Long Con: Once a hacker has taken all they need for the short term payout, they will setup remote access back doors to allow for future access whenever they want to. It almost pays to assume that a breach has already occurred and continually scan the network for these kinds of activity to catch the hackers in the act.
Take the time to read this article, it is a wake-up call on security.
If you would like to learn more about creating an effective cyber defense strategy and mitigating risk, then contact us for assistance.
Give your business freedom from hardware constraints with the agility and functionality of cloud computing.
Cloud requires no upfront costs, which makes it an operating expense rather than a capital expense. Your business will benefit from predictable monthly payments that cover software licenses, updates, support and daily backups. Cloud technologies provide greater flexibility as your business only pays for what it uses and can easily scale up and down to meet demand.
Moving to the cloud enables your business to no longer pay to power on-premises servers or to maintain the environment. This significantly reduces energy bills.
Finally, for those concerned with security, cloud data centers employ security measures far beyond what most SMBs can afford. Your company data is much safer in the cloud than on a server in their office.
Move your business to the cloud ahead of Office 2010 and Windows 7 End of Support!
If your company is looking to make the move to cloud, then contact us for assistance.
When it comes to security threats, it’s not “if” disaster will strike, it’s “when.” So, how will your organization respond? Do you have the proper infrastructure in place to thwart a potential data disaster and if disaster does strike, is your organization poised to recover quickly?
While 100% prevention of a data disaster is impossible, there are several ways you can position your organization to get your systems back up and running with as little disruptions to day-to-day operations as possible:
File Level Backup:
A good file sync and share tool is more than just a way for your team to collaborate on the go, it’s a vital component to your organization’s security strategy. With file level backup, you can ensure that even in the event of a site wide disaster, your team can maintain anytime access to their critical files.
Backup and Disaster Recovery:
Your last line of defense in a site wide disaster, backup and disaster recovery solutions allow you to recover at the systems level. An absolutely necessary piece of your organizational infrastructure, backup and disaster recovery delivers peace of mind that your systems will always be recoverable, even when disaster strikes.
Cloud-to-cloud backup fills in the gaps left by some of the most commonly used SaaS applications, such as Office 365. Many of these cloud applications fall short in the way of cloud-retention and a good cloud-to-cloud backup solution can help you protect critical business data while providing enhanced features to maximize your user experience and more importantly, security.
It’s an unfortunate reality but our workforce can often times be our worst enemies, often creating vulnerabilities and leaving our systems open to hackers, viruses, data breaches and data loss. More often than not, we do this through completely harmless, everyday activities like opening compromised emails and links.
As a leader in your organization it’s your role to monitor your team and arm them with the knowledge of good security practices. Without implementing a company-wide security training program, you leave your systems vulnerable to a host of attacks.
Another crucial step in preventing system attacks, is to configure a firewall to monitor user activity and website visits throughout your organization. An Acceptable Use Policy is helpful in establishing what your organization will and will not allow from its employees.
Curious how we can help you establish a more secure company infrastructure?
We’ve got a bit of bad news. Ransomware attacks are on the rise. Don’t think so? In 2017 alone, ransomware attacks rose a whopping 250%, with those attacks hitting the U.S. the hardest
Below are just a few of the attacks that led to such a staggering spike in malicious activity as well as several new trends.
In May 2017, the WannaCry ransomware attack affected computers worldwide running the Microsoft Windows OS. This ransomware cryptoworm worked by encrypting data and demanding ransom payments by made in Bitcoin. The attack was estimated to have impacted 200,000+ computers in 150 countries, with damages exceeding hundreds of millions of dollars.
The NotPetya virus was similar to its 2016 predecessor, Petya in that it encrypts the master file table and demands a Bitcoin ransom to restore access to the files. The reason NotPetya was so damaging and different from Petya is that NotPetya spread on its own and did not require human intervention in order to spread.
RANSOMWARE TRENDS TO KNOW
• Ransomware as a Service (RaaS):
RaaS refers to the practice that allows attackers to rent ransomware infrastructure in lieu of developing it themselves. It’s widely believed that this practice will continue to grow in popularity.
• Boutique Ransomware:
Boutique ransomware is ransomware that typically affects the attacked for a shorter duration and is sent to hundreds of thousands of potential victims instead millions or more at a time. This trend is likely to continue in 2018, as developers of malware try and continue to add ransomware to new methods of attacks.
Did you know that malware accounts for 20% of all security incidents?
And that’s just one threat! Your data, no matter how proactive you are from a security standpoint, is constantly vulnerable to a multitude of security threats, the list of which is constantly growing. From ransomware, worms and phishing attacks to human error, your data needs to have a multi-layer defense in place to not only prevent downtime but recover quickly in the event that disaster strikes.
The following are just a few staggering facts about just how vulnerable our systems are to attacks and outages:
• According to Microsoft, the potential cost of cyber-crime to the global community is a $500 billion, and a data breach will cost the average company about $3.8 million!1
• A whopping 1 in 131 emails contain malware2
• 230,000 new malware samples are produced every day, and that number is projected to continue growing3
• It will take the average business about 197 days to detect a breach on their network4
It is official – the month of September marks three years in business for Farmhouse Networking. We have been truly blessed by God to have been able to serve the Grants Pass and surrounding business communities by providing exceptional IT managed services. We look forward to many more years of giving you the highest level of support possible so that you can focus on getting business done. With this anniversary we plan on rolling out some enhancements to our monthly service offerings:
Enhanced Monthly Maintenance
Standard Maintenance: For those who are not current managed clients, these basics have always been a part of our service offering:
5-year Technology Plan & Budget
Full Network Inventory
Hard Disk Checkups (Bi-Monthly)
Hard Disk Defragmentation (Monthly)
Temporary File Cleaning (Weekly)
Anti-Virus Software (Constant Monitoring)
Operating System Updates (Weekly)
Error Log Monitoring (Constant Monitoring)
Power Settings Management (Constant Monitoring)
Windows Services (Constant Monitoring)
Continued Improvements: Over the past 3 years we have also added the following features to our service at no additional costs:
Ticketing System Portal
Email Support to Create Tickets
Security Incident Response Plan
Vendor Information Tracking
Third-Party Software Updates (Monthly on Firefox, Chrome, Acrobat Reader, ….)
Email Blacklist Checking (Daily)
Warranty Checking (Monthly on All Major Brands)
Operating System Intrusion Detection (Constant Monitoring)
Support for MacOS & Linux (Constant Monitoring)
Server Applications (Constant Monitoring)
Hardware Events (Constant Monitoring)
Enhancements to Come: In September, we will be adding these new exciting features to our service:
DNS filtering – this will further protect your network from external threats by stopping accidental surfing to malicious sites. It also can increase productivity and network speeds by limiting wasteful frivolous surfing during company time.
Dark Web Scan – Each monthly client will have the “Dark Web” scanned to see if any email addresses connected to the company have been involved in a previous password breach.
Weekly Security Newsletter – Farmhouse Networking is partnering with a national security non-profit to deliver up-to-date news and information about how to stay safe online. These weekly newsletters will be packed with valuable information and delivered to everyone in your organization.
As our service offering has expanded, we have deepened our ability to monitor our customers networks to proactively respond to alerts before they become problems. We have continued to add levels of protection to make sure that our clients systems are safe from the ever-expanding list of threats. All this has been done at no additional cost, despite inflation, up to this point. To continue offering this high level of service, Farmhouse Networking is making a couple small changes to its prices that will be effective September 1st, 2018.
Monthly Maintenance Clients – our services are based on a per device basis and the cost per workstation will be $25 per month for remote maintenance and $50 per month for full service maintenance. All other prices will remain the same for every other device on the network. This will only effect clients whose contracts are renewing after September 1st, 2018 – any renewed before that will keep their prices the same for the next 12-month term.
Small Business Clients – those who do not have a server and have less than 5 workstations, our hourly rate will be $80 per hour for on-site service and $40 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
Standard to Medium Clients – those with a server or more than 5 workstations, our hourly rate will be $120 per hour for on-site service and $60 per hour for remote service (billed in 15-minute increments). That is only $10 more for on-site support and $5 more for remote support.
Tier-3 Clients – those technology companies that utilize our advanced expertise to better serve their clients, our hourly rate will be $40 per hour for remote service (billed in 15-minute increments). That is only $5 more for remote support.
Charity Clients – those non-profits that pay for support, our hourly rate will remain at $70 per hour for on-site service and $35 per hour for remote service (billed in 15-minute increments).
For all our monthly maintenance clients, we will be calling to schedule our semi-annual meeting to check-in with you during the month of September. At that time we will be performing another network inventory to insure that all network assets are covered properly under your current contract. We cannot thank all our clients enough for your continued use of our IT services. We look forward to continuing to serve you.
Know the state of your flocks, and put your heart into caring for your herds, for riches don’t last forever, and the crown might not be passed to the next generation. After the hay is harvested and the new crop appears and the mountain grasses are gathered in, your sheep will provide wool for clothing, and your goats will provide the price of a field. And you will have enough goats’ milk for yourself, your family, and your servant girls.