Category ArchiveSecurity Management

Daniel GottillaByDaniel Gottilla

Anti-Virus Software and Going Beyond the Norm

anti-virus softwareAnti-virus software is one important component of a safe network, but it’s not enough. It does a great job of finding known viruses and removing their threats, but there’s a huge gap in the protection anti-virus software offers if you don’t understand how it works. Your employees must also take measures to prevent viruses from hitting your system at all.

Suppose you open an email attachment and it contains a virus that has been floating through cyberspace for the past few weeks. Your anti-virus software will likely catch the virus and quarantine or delete it, protecting your system and your business. But what happens if it’s a new virus? If it’s so new that your software doesn’t identify it as a threat, it could wreak havoc across your system. Viruses can delete vital information, send information to outside parties, or even install Trojan horse programs to allow hackers access to your data and resources.

There are some simple practices you can implement to go beyond your anti-virus software.  Even when it is regularly updated to obtain definition files.

With Anti-Virus Software the following steps are still important.

  • The first step is to make sure you are regularly updating all of your other software. Viruses are specialized to exploit loopholes in your operating system and the other programs you run. Updates are provided for download when these loopholes are discovered, making it much harder for viruses to attack your network.
  • Another method to decrease your vulnerability to viruses is to restrict employee access to the Internet. Some sites that are truly inappropriate for the workplace are the most likely to contain viruses, but sometimes mainstream sites an employee may visit on break could contain a virus. Depending on the level of protection you want, you can restrict all non-business related Internet use to reduce the risk of contagion.
  • Yet another route viruses take to infect your system is when employees open attachments that are either unexpected or are from unknown sources. They should be trained to ask the sender if an attachment comes unannounced before it is opened to make sure that it is indeed legitimate. Even known attachments can still be scanned to make sure that there is no hidden infection.

No matter how vigilant your employees are, it is likely that a virus will make it into your network at some point. Your employees should be trained to immediately contact the System Administrator for help in minimizing the damage. They should also contact everyone in their email address book, as a virus is likely to replicate by sending itself back out via email. Even if your system is infected, you can help your business associates and colleagues keep safe.

Going beyond anti-virus software is a must to protect your network and your business. Just a small amount of maintenance and some smart training can really make a difference in your level of vulnerability to this threat.

Daniel GottillaByDaniel Gottilla

Social Engineering and How Hackers Use it to Get Inside

Social EngineeringEnsuring that you have adequate network protection is vital, but protecting your system from hackers who use social engineering to get inside should also be a priority. Even the best employee may create system vulnerabilities if they aren’t aware of the threat, and companies often overlook this hacking angle.

Hackers can be smooth operators. They may call looking for advice, offering flattery in the attempt to gain your employees trust. They use this connection to talk their way into getting information about the security your company has in place and the programs you run. They may also prey on your employee’s confidence in the network in order to gain specific details and shortcomings about your system operations. By using social engineering to obtain even small amounts of information about how your system operates and what programs you use, the hackers can run software on their end that will not only give them greater detail on your system, it can show them how to get inside.

Suavely manipulating an individual isn’t the only social engineering method hackers use. Some hackers are far more direct. It’s hard to believe, but they may directly call a business and impersonate an authority in the company. Employees can be easily swayed by a person issuing a direct request in an authoritative tone. Employees have been known to do what the hacker says because they believe they are being asked on behalf of the company. They may change passwords or issue new ones, allowing the hacker access to your system. The hacker may start small and simply ask for access to their email account, which is generally that of a system administrator. Once they have access to this account, they can issue credible commands to gain further access to and control over your business systems.

No one wants to think that getting access to their company’s system could be so easy, but it can and does happen. Using these tricks to gain access to business networks is actually quite common. The key to limiting this risk is comprehensive training for your employees so they learn to see through the hackers ploys.

Social Engineering and How can you help limit the risk of these threats compromising your security?

  • Educate your employees about how hackers utilize social engineering in order to obtain access to a system. Your employees cannot fight this problem if they don’t know it exists.
  • Decide what information about your system is too risky to make public, and train your employees not to release this data.
  • Formalize procedures for obtaining and changing passwords and access to email accounts. If you can ensure that no outside party is gaining passwords, you’ve thwarted one major hacker tool.

Your company cannot fight this problem if it isn’t aware of it, but once your employees understand the risks they will be in a better position to fight it. Training your employees is a small step that will net large results in limiting your business vulnerability.

Daniel GottillaByDaniel Gottilla

IT Vulnerability Threat Concerns and the Steps you Need to Follow to minimize any damage

IT vulnerability threat concernsThere are a variety of IT vulnerability threat concerns that businesses are forced to contend with, but by understanding what these risks are and forming a preventative plan of action to mitigate the damage, you can put your company in good stead to fend off and recover from an attack.

Regardless of how it happens, the net effect of an attack or disaster is time and money lost, and possibly your clients trust, as well. An attack or disaster could cause your system to crash or your data to be deleted. If your operation comes to a standstill, you will be losing money as you try to get your network and systems running again. Lost sales and lost work hours all affect your bottom line.

If your data is stolen, the thieves may gain access to your proprietary information. This could mean loss of market share on your part. IT vulnerability threat concerns are more than just your personal data, however. The data stolen could also be personal information such as client and customer addresses, social security numbers, and other confidential data. Having to track down where this went will take time and resources, and will inevitably cause a loss of trust in you on the part of your clients.

If an attacker gains access to your system, they may destroy, copy, or share your data. Worse yet, they may use your hardware as a jumping off point to attack other companies. This could put your reputation on the line, and with your reputation goes your customers and clients.

IT vulnerability threat concerns and what can you do to mitigate the damage in the event of an attack or a disaster?

  • Create a comprehensive disaster recovery plan to utilize in the event of a loss. It should outline the most important systems and software, and plan for getting your business operating again as quickly as possible.
  • Back up your data on a regular basis. This way you have a starting point for recovering any additional data lost without having to start from scratch. Store your data off of your network to keep it safe from hackers.
  • Regularly review your security procedures and make sure they are being properly implemented. Your risks and concerns will change over time, so a thorough review of your procedures is key. The procedures do not work if they are not being used, and proper use of these procedures will lower your IT vulnerability threat concerns.

Addressing your IT vulnerability threat concerns is necessary to ensure the smooth operation of your business. The threats may come from many sources, but by using proper security measures, backing up your data, and having a plan of action you can reduce the risk of damage in the event of a disaster or an attack.

Daniel GottillaByDaniel Gottilla

Understanding the Different Vulnerability Methods of Attack

vulnerability methods of attackYour business faces a variety of security risks, but there are ways of defining the different vulnerability methods of attack. By analyzing the three major categories of risk, you can make better plans about how to combat the attacks and keep your company secure.

One vulnerability method of attack is the inside view. This risk comes from people inside your company who have access to your network and data. Sometimes it is as simple as looking up another employee’s personnel record. Other times it’s taking data to sell to outside parties or to use to attract your clients to a separate business. Occasionally disgruntled, recently-fired employees try to take vengeance on their way out. This method of attack comes from all levels of employees, but there are a few ways to protect your business. First, run background checks on all employees to help determine their risk. Up to one-third of inside hackers have criminal records, so this very important. Be sure to change passwords often on a company-wide basis, and to remove network access from a terminated employee immediately.

Another method is user view vulnerability. This vulnerability method of attack relies on an outside party getting into your system and manipulating it as if they were an authorized user. This can happen if an employee gives out their login information or if they bring a virus into the system. The hacker may be on-site or at a remote location, but the damage they can do with access is the same.

The final method is outside view vulnerability, which is what most people think of when they worry about their network security. The person attempting the attack initially only has access to what anyone in the public would see. They may try to make it through your firewall and into your network through software loopholes, social engineering, or trial and error. The attacker may not have an inside connection, but is likely to be pretty sophisticated in their methods.

Recovering from any of these attacks, however, requires a plan. While the individual attacks will vary case by case, having a plan of action ready in the event of an attack is vital. Make sure your systems are backed up and that you have tested your recovery preparations to make sure you can get back to business as quickly as possible in the event of an attack.
Knowing what threats are out there and planning for them is necessary in the business world. Now that you understand the different vulnerability methods of attack, you can work to successfully combat them.

Daniel GottillaByDaniel Gottilla

Managing your Information Security Team

Properly managing your information security team is a crucial step in maintaining the integrity and security of your network and applications. By definition, this team is highly specialized and has tremendous access to your data and resources. All the same, they should not be an autonomous unit. By utilizing some basic management techniques, you can respect their knowledge and skills and still ensure that they are properly handling the security of your system.

Information Security Team Tips

  • When you hired your employees, they were on the cutting edge of IT knowledge. Part of managing your information security team is making sure they stay that way. It takes a relatively small amount of time and money to make sure your professionals are getting advanced training and maintaining their certifications. Not only will continued education keep your team happy, but your business will also reap the benefits of updated ideas and practices that increase the security of your system.
  • Another important thing to remember is that IT professionals have skills that not many people in the workforce have. Part of managing your information security team is allowing them to work independently while still maintaining oversight of their operations. The problem with having such a specialized set of skills, however, is that individuals on the team may become overconfident in their abilities, putting your network at risk. While you may only have broad input at meetings if you are not security savvy yourself, you should still make sure that you meet regularly with your team. You can stay informed on their plans and practices, and make sure they, too, are meeting to discuss ideas and options about how to maintain and increase network security.
  • Even if your team is operating beautifully, don’t be afraid to get outside IT consultation from time to time. No matter how well-educated and trained your team is, consulting with an outside expert can provide them with new perspectives and ideas. A consultant gains continual experience with a variety of businesses and systems, and by having your team work with an outside party, your entire business can reap the benefits.

Managing your information security team doesn’t have to be daunting. They provide your company with an invaluable service and need the space to creatively address your needs. All the same, they need training and oversight to properly do this, and by utilizing the ideas above you can help them stay productive while you help keep your business secure.

Daniel GottillaByDaniel Gottilla

Outsourcing Your Information Security Team Needs

Outsourcing your information security team needs may not be something you’ve considered, but it can be a smart business move. Outsourcing can save you the time and cost involved in finding and hiring permanent employees, while still allowing you to keep the cream of the IT crop on-call and ready to address your business needs. Consultants are pre-screened and only charge for the services they provide which is almost always much less than what you can expect to pay for permanent IT staff. Not only is outsourcing cost-effective, but these professionals are current on the newest research, IT methods, and software and that’s a business advantage that’s hard to overlook.

One of the largest costs to any business is finding, training, and keeping employees. Even when you find qualified staff, it’s hard to know what training and qualifications they should be pursuing in order to stay up-to-date. These employees could easily leave if another company offers them a better deal, forcing you to start the cycle all over again. One way to avoid these problems and expenses is to outsource your information security team needs. With consultants, you only pay for the time and resources you actually use, and they use their skills and resources to find security loopholes and minimize or eliminate them. They can also work with you to develop a plan of action in the event of an IT disaster, saving you valuable time and resources as you get back up and running.

It’s likely that you already have a system administrator, and if so, this person is probably handling your security needs. A system administrator, however, is not a security professional. Sure, they can find and install patches, but they are an expert in keeping your system running smoothly, not in keeping it safe. When you outsource your information security team, you have access to people who can find your vulnerabilities, address them, and keep current on new vulnerabilities far better than any system administrator could. Security is a consultant’s sole business, and they do it best; a good consultant can mean the difference between eliminating a vulnerability and simply hoping it isn’t exploited.

Outsourcing your information security team needs is not only cost-effective, but it’s actually a better way to implement the most up-to-date security practices for your business. You can have the best in security and vulnerability assessment without having to fund a permanent employee or even train them. The IT consultant has the training and experience you need to show up, get started, and take your security to the next level.

Daniel GottillaByDaniel Gottilla

Understanding Denial of Service Attacks

While there are many security issues that could lead to a network crash, understanding denial of service attacks is critical in order to implement procedures and security to keep them from happening. Having your system fail due to an accident or disaster is bad enough, but what about when it’s an actual attack causing the damage? A denial of service attack is when a system is deliberately attacked with the intent to disrupt or end service to it. Usually the system attacked is an Internet site or web page. If a business site goes down, they lose both potential customers as well as their reputation for reliability. Preventing both losses is important to running a successful business.

What Denial of Service Looks Like

Denial of service attacks can come in many forms. One common method is to make so many demands on the site that it either slows to a crawl or is entirely stopped. Using up your bandwidth or disk space will make it so that legitimate users cannot access your system, effectively shutting down your site. If your processor can’t handle the demands, your system crashes. Another method is to flood your email with spam messages, filling it up and overwhelming your email account. If you receive enough messages to fill the quota you are allowed to have, you cannot receive any other emails and legitimate messages will be unable to reach you.

In order to understand denial of service attacks, you should also understand distributed denial of service attacks. In a distributed attack, your computer is attacked and is used as the weapon to flood a third party’s email account or site with information requests, thereby shutting them down. Your system is being used to attack the third party, which extends the problem past your company and hurts another business as well.

How can you know if a denial of service attack is happening to your company?

– Is your network unusually slow, increasing the time it takes to open files or websites?
– Are you receiving a dramatic increase in spam emails?
– Are you unable to access any other websites?

While these symptoms don’t mean that you are definitely under attack, they should be immediately reported to your system administrator or security provider. The administrator can investigate what is causing the issue and to help minimize the damage if there is indeed a denial of service attack underway.

Daniel GottillaByDaniel Gottilla

What is User View Vulnerability and How Can You Prevent It?

One way your system faces a security risk is through user view vulnerability. This is when someone is attacking your network after having obtained user access to your system. In this type of scenario, it isn’t an employee, but an outside party who has gained access to your network and is likely working remotely to break in. Regardless of what their intentions are, you need to know how this sort of attack works in order to be able to stop it.

There are many ways an attacker can gain access to your system. Sending a virus that will install Trojan horse software is one method. With this software installed, the attackers can access your system and change, delete, or copy data for themselves. This is a huge security issue not just for your proprietary information, but also for the confidential data your clients and customers trust you with. Training your employees to be vigilant about how they open attachments can help minimize the risk of falling prey to this ploy.

If an attacker manages to gain access to your system, they may be doing so by impersonating someone with legitimate network access. Whether they hacked the login or the employee was lax about protecting it, they can still do tremendous damage. Training employees to keep all passwords confidential and to change them regularly to hard-to-crack alphanumeric codes is one way to minimize the risk of an attacker exploiting user view vulnerability. If there is a password or data request, having procedures in place to verify the true identity of the person making the request is also very important. Regularly changing all passwords on a company-wide basis can also help reduce the chance that an attacker will come across a valid login to your network.

Internet usage could also lead to viral attacks. Most websites are safe, but you never know when accessing a site will also download a virus into your system. Not only could it cause tremendous damage, but it could allow an attacker access into your system. A good firewall will help prevent this, as will updated anti-virus software, but minimizing non-business usage of the Internet will also substantially lower the risk of this form of user view vulnerability. Why take the risk of having a page your employee visits be the source of a Trojan horse?

No one wants to think that someone is illicitly accessing their network posing as a legitimate user, but it’s a common method attackers use to get inside. Having up-to-date security protocols that are regularly reviewed and well-implemented, however, can make a huge difference in the amount of the risk to your business.

Daniel GottillaByDaniel Gottilla

What is Inside View Vulnerability and How Can You Prevent It?

Inside view vulnerability is the risk your company faces from an employee or an insider to the company attacking your system. Businesses tend to trust their employees implicitly, and while most of them deserve this trust, there are a few things you can do to help reduce your risk of an inside attack.

The most common culprit is the disgruntled employee. These inside jobs are usually not very sophisticated, and are often performed by employees who do not have system administrator status. They can still do plenty of damage, so it’s important to limit the amount of access any one employee has to ensure that they can only access data and resources that specifically apply to their job. Some of the more common ploys are stealing data to sell to outside parties, or the less harmful, but still unconscionable, peeking into employee records to look at their salaries. Your inside view vulnerability may also surface through unintentional risk-taking, such as taking work home. If the employee loses the files or laptop, it is your proprietary data out in the world, not to mention a huge security risk for the clients who have put their trust in you.

Terminated employees are another risk. They may be angry, and it’s important to minimize the amount of damage they can do on their way out. Be sure that all access for these employees is immediately terminated, and regularly change all passwords and logins company-wide. The employee’s access may have been removed, but if they know another employee’s login information, that’s another route into your system.

Sometimes the person attacking with insider knowledge is, or was, a system administrator. If you find that someone has uploaded spyware or is infiltrating your network illicitly, take that computer offline immediately. If you find even one piece of malware, it’s likely there are more. Back-up your data files and reinstall your system from the original disks and also change the root password. It’s a hassle, but it’s better to take action now than to worry about what could be coming next.

What can you do to reduce your inside view vulnerability?

  • Familiarize yourself with insider threat research.
  • Regularly revisit your security protocols to make sure that your security is up-to-date, and is also being properly implemented.
  • Run background checks on your employees. As many as one-third of inside hackers have criminal records!
  • Plan in advance how to mitigate the damage if there is an inside attack.
  • Educate your managers about the risks so they can be aware.

You can reduce the amount of inside view vulnerability you have. Taking the time to tighten security loopholes and to plan how to handle an attack can make the difference between a large loss and the ability to mitigate the damage and keep your company running smoothly.

Daniel GottillaByDaniel Gottilla

What is Outside View Vulnerability and How Can You Prevent It?

Outside view vulnerability is the risk coming from an outside party that scopes out your company though public sources. They may be looking at your website and trying to find ways into your network in order to obtain data, or to just wreak havoc. There are a few steps you can take, however, to lower your risk of being successfully infiltrated.

The first thing you need to do is secure the perimeter. This step makes sure your security is in good order and that you are unlikely to be put at risk from hackers or viruses attacking you via this route. The most basic security feature you should have is a firewall, and for good reason. A firewall will protect your network from incoming threats while simultaneously allowing you to send data out. It controls the flow of traffic between your system and other networks and can be tweaked to best fit your needs. Making sure that your firewall is up-to-date and that it specifically addresses your company’s needs is vital in lowering your outside view vulnerability.

Another important step is to make sure your anti-virus software is up-to-date and that your employees are using common sense when dealing with attachments. Your software will be able to neutralize most viruses sneaking their way into your system, but what about viruses it doesn’t recognize? If your software doesn’t have updated definitions or if the virus is so new the software can’t stop it, it could do a lot of damage. Train your employees to check with the sender before opening any attachments, and to scan the attachments before opening them even if they trust the sender. After all, many viruses aren’t sent purposefully, but they still do damage. If the virus is intentionally sent, it could contain spyware or other malware that would allow an outside party to access your system without you being aware of it.

Social engineering is another way that outside view vulnerability can compromise your business. Some hackers are bold and will try to gain your employee trust in order to garner information about your system. They may even call and ask for passwords, impersonating authority figures in your business! Believe it or not, this can work. Educating your employees about this risk and having procedures in place to limit how passwords are transferred and what data is available to outsiders is key in minimizing this form of outside view vulnerability.

By virtue of running a business, you have some significant outside view vulnerabilities. By understanding the risks and taking the time to plan for them, you can reduce the likelihood of an attack on your company. Educating your employees and maintaining a secure perimeter are two important means of preventing attacks from being successful and mitigating any damage that could occur.