• December 15, 2022
  • Catagory cybersecurity

How Cybersecurity is Shaping Up for 2023

By : Justin Folkerts

Remote work during the pandemic and the current dynamic of hybrid workplaces has had a strong impact on how you must manage cybersecurity. Remote work isn’t going away, while other longstanding trends as well as new realities will affect cybersecurity in 2023.

Ransomware remains a major threat

Expect ransomware attacks to continue to be a factor in your cybersecurity planning, as threat actors move from encrypting files to targeting third-party cloud providers while continuing to use aggressive, high-pressure tactics to extort victims, including data-encrypting malware and more novel infiltration approaches.

Global geopolitics will affect your business

The ongoing conflict in Europe will mean some of those ransomware threats will come from Russia. Overall, 2023 is going to begin with a great deal of uncertainly and tension, with more state-sponsored threat actors looking to destabilize global economies and specific industry sectors such as logistics and shipping, energy, semiconductors, and financial services.

Zero Trust adoption will grow

With more workloads being moved to the cloud, a Zero Trust approach to security will become more compelling and necessary in 2023, transforming how you secure your infrastructure, including network penetration testing.

Automation will increase, too

It’s near impossible for organizations of any size regardless of budget to keep up with the volume of threats, which means 2023 will see even more automated cybersecurity, enabled by artificial intelligence (AI) and machine learning. The downside is the bad guys can leverage automation and AI, too, which means organizations will need to take a more active approach to cybersecurity.

Watch out for bots

Speaking of automated bad guys, be prepared for more bot activity in 2023, which can automate and expand attacks as perpetrators rent out IP addresses to make it difficult to track them.

Your own IT is a threat

Between shadow IT and the proliferation of endpoints either due to remote work or internet of things (IoT), there’s no shortage of attack surfaces for threat actors in 2023. If your endpoints aren’t properly configured and you’re not keeping a handle on shadow IT, your cybersecurity posture will be drastically weakened.

You people can still be a problem

Even with all the right technology in place, the biggest threat cybersecurity in 2023 will continue to be your own people, whether it’s by accident or due to insider threats from unhappy or former employees. Training combined with a Zero Trust approach will mitigate risk to your business.

What won’t change in 2023 is that cybersecurity isn’t something most organizations can handle on their own, so if you haven’t already, make it the year you see how a managed service provider can help evaluate and shore up your security posture.

  • November 16, 2022
  • Catagory Data Protection

What is SIEM and Why Do You Need It?

By : Justin Folkerts

The cybersecurity landscape is replete with acronyms, and it can be hard to figure out which ones matter to your business. SIEM stands for Security Information and Event Management, and it’s something you should be leveraging to keep your organization safe.

Pronounced “sim,” SIEM is a software-based cybersecurity technology that gives you a single, streamlined view of your data along with your operational capabilities and security at activities to you can better detect, investigate, and mitigate threats. SIEM bolsters your security posture by providing this visibility in real-time and encompasses your entire environment, no matter how distributed – and it likely is in this era of increased remote and hybrid work.

If you’re worried that SIEM is yet another massive software deployment, there’s good news: it can be cloud-based and configured to monitor your on-premises, hybrid and cloud infrastructure while tapping into a broad array of security tools and technologies.

How SIEM works

SIEM thrives on having a lot of data sources to monitor. It ingests as much data as possible on the hunt for unusual activity that represents a threat actor trying to gain access to your systems or making trouble once they’re already in. Combined with its ability to give you a real-time snapshot of your IT infrastructure and keep logs to support your compliance obligations, SIEM gives you the ability analyze data from network applications and hardware, and cloud and software-as-a-service (SaaS) solutions — all in real time so you can stay top of threats, whether they’re internal or external.

SIEM monitors network devices such as wireless access points, routers, and switches, bridges, as well as the software running on them. It also pulls data from security devices such as firewalls, antivirus software, and intrusion detection appliances, as well as devices and activity related to remote work. Users, event types, IP addresses, memory, and processes are all monitored for signs of exceptional activity – everything from potential malware to a failed login so that any deviations are flagged for security analysts to investigate.

Essentially, your SIEM is a security command center that pulls together all event data into a single location but adds useful context for analysts so they can prioritize what to respond to and investigate. Everything is presented on dashboards, including an overview of notable events with details, risk analysis, and a workbook of all open notifications. Intelligence from users, threats, protocols, and the web are all brought together.

How SIEM helps

SIEM offers many benefits for organizations looking to improve their security posture.

It provides a high level of visibility to help your security teams see everything across your IT infrastructure, including remote endpoints. The right SIEM solution also reduces the number of false alerts, so your IT teams aren’t spinning their wheels and are able to focus on detecting and investigating actual threats. SIEM is also flexible so you can integrate it into your environment with all its unique characteristics that are driven by your industry, including any compliance obligations.

Most of all, SIEM is something your managed service provider can help you with, so you’re not faced with another onerous software deployment. They can help you select, deploy, and even manage the right SIEM solution so you can get the visibility you need to improve your security posture.

  • October 13, 2022
  • Catagory cloud backup

5 To Dos for Your Cloud Backup and Recovery Checklist

By : Sanjeev Spolia

If it’s not a matter of if disaster strikes, it’s when. You need a comprehensive checklist for your cloud backup and data recovery procedure if you want to avoid a disruption to your business and your customers.

This checklist isn’t a one and done, either. You’ll want to revisit it regularly to tweak your processes and the cloud backup and data recovery tools you have in place. Here are five key things every checklist should have:

  • Write it down: Document your cloud backup and data recovery procedure and be sure to have a hard copy. It should be a living document that you revisit regularly and outline all mission-critical applications and interdependencies – you can group them together and ensure all connected applications and their data safeguarded equally. Your plan should also detail the roles and responsibilities for everyone involved in executing it, so they know what needs to be done to restore primary systems from a cloud backup.
  • Set your objectives: When you lose data, applications become unavailable. A recovery time objective (RTO) gives you a deadline as to how long you can go without an application and decides how much time it will take to recover after the disaster strikes. A recovery point objective (RPO) directs you were to focus your efforts so you prioritize the data you restore from cloud backup – an RPO defines how much data you can afford to lose in an outage scenario and can guide you on how frequently application data must be backed up.
  • Add redundancy: Complexity should always be avoided, but don’t streamline your storage as far as to put all your eggs in one basket – be sure your cloud backup service provider has adequate redundancy and consider having data storage options that aren’t on your network to protect it from ransomware.
  • Bolster your network: You need a secure and robust network to support your cloud backup and data recovery. Employing deduplication will help you reduce the pressure on your networking and storage resources because you’re only moving data you need to. Meanwhile, make sure data is encrypted when in transit and at a rest.
  • Never stop testing: You must test your cloud backup and data recovery procedures by running regular fire drills. This will provide peace of mind that you can completely recover all data and applications as determined by your RPOs and RTOs. Be sure to monitor and verify that cloud backup and replication processes are taking place, that your destination storage media is operating, and that you can easily restore mission critical data with ease.

An ounce of prevention is worth a pound of cure. By having a checklist in place for your cloud backup and data recovery procedure, you can bounce back from a disruption with minimal impact on your business and to your customers.

  • August 31, 2022
  • Catagory cybersecurity

Insurance not a substitute for good cybersecurity

By : Justin Folkerts

You don’t use auto insurance as an excuse to drive recklessly, so why would you cut corners on cybersecurity because you have ransomware insurance?

With ransomware attacks doubling in 2021 compared to the previous year – due in large part to the massive shift to remote work – the average cost of a data breach grew to record levels by more than 10% in 2021 as threat actors took advantage of a broader attack surface that resulted from a hybrid work environment.

Much of the costs of these breaches were covered by insurance, including ransom payments, but cybersecurity insurance providers are becoming more selective with their coverage as payouts have increased – qualification processes are more rigorous and the threshold for a payout is getting higher.

If you were depending on cybersecurity insurance without a data protection strategy, you need to seriously rethink how you implement security in your organization.

As ransomware attacks rise, so do premiums

For starters, the number of ransomware attacks is only going to get higher as more and more threat actors with a wide array of experience and expertise look to make money off data breaches – cybersecurity insurance is not going to be enough to save your business.

It’s not that you should cancel your insurance – you should be prepared to pay more – but you must also have people, processes, and technology in place to secure your business and sensitive customer data. Making an insurance claim should be a last resort – no matter how much you pay for it, it won’t bring your data back if you fall victim to a successful attack.

You really don’t want to be paying the ransom, even though many companies go that route – that only emboldens the bad guys to keep at it. Some insurance companies are no longer even covering ransomware payouts. If cybersecurity insurance premiums are going up and not covering what they used to, it’s time to implement better security practices – prevention is much more affordable in the long run.

Your MSP can help you up your security game

Cybersecurity awareness should be something that touches everyone in your organization, including the understanding that a data breach costs the business money – and your insurance provider expects you to raise your game to take a more proactive stance with security.

Even if you’ve put the effort into your cybersecurity, keeping it current and staying on top of all the threats can be daunting. With so many systems, endpoints and users, visibility is you biggest challenge, and understanding the threats, attack surfaces and vulnerabilities requires a great deal of time and resources, including skilled people.

That’s why you should turn to your managed service provider for guidance – they’ve got to contend with rising insurance premiums too and know that prevention is better than getting the cost of a ransomware attack covered. They already have visibility into your infrastructure and can help you put all the people, processes, and technology in place so you can qualify for cybersecurity insurance but hopefully never have to use it.

  • June 16, 2022
  • Catagory cloud backup

Complexity is the enemy of effective data protection

By : Justin Folkerts

If you want to effectively protection your data, it’s best to keep things simple – complexity is your enemy.

While it’s important to have redundancy for your mission critical applications and data, the more tools and systems implemented to safeguard data, the bigger the likelihood of something going wrong and the greater potential for data loss. Simplifying your data protection systems will make it easier to get back to business in the event of a disruption due to data breach, malware and ransomware, natural disaster or human error.

Less is better

It’s easy to fall into the trap of setting up a complex solution for data protection because your business information systems tend to be complex. But even when you have a wide variety of applications and data to back up, complexity makes your data protection less effective.

The problem is that when lines of business incrementally add Software-as-a-Service (Saas) applications such as Microsoft Office 365 and Salesforce, they often assume data is automatically backed up by the vendor. However, they are just adding to the mix of systems that must be backed up by IT, including multiple endpoints including servers, workstations and laptops, and remote workers and satellite offices. Every time a new software solution, endpoint or physical office is add, incremental data protection is added to keep up with infrastructure sprawl. Complexity is an unintentional side effect because when data protection is put into place, it tends to be done in a silo, not holistically with all other applications and data in mind.

In the same way having more endpoints, network access, and applications creates more attack surfaces for threat actors, having more data protection systems increases the number of potential points of failure in your organization.

More complexity means risk

It may seem daunting to simplify data protection when your data is distributed across different applications and endpoints, especially with rise of remote work and the emergence of the hybrid workplace. Having multiple backup system in place to protect all this information increases complexity and risk of a data breach that can disrupt your operations, cost you customers, and even lead to a breach of regulatory compliance.  

And as much as data protection is necessary, you don’t want to create any more work than necessary for your IT teams. Data protection systems must be configured, maintained, and updated, and backups must be verified – double checking backups takes time and people. Each tool you implement requires expertise and training and represents a software license you must pay for and manage.

Overprovisioning your data protection capabilities is an unnecessary expense and doesn’t improve your overall security posture. Running multiple backup solutions with overlapping features and even backing up the same data to different locations, is costing you time and money.

Given the complexity of production systems, it’s not realistic to have a single data protection system for everything, but it’s essential your streamline as much as possible. Settle on a small number of backup tools that will encompass all your system so that your IT team isn’t overwhelmed by their data protection duties. Otherwise, you can end up with misconfigurations that defeat the purpose and result in a data breach.

Most of all, remember that data protection may be essential, it’s not a strategic IT activity, so consider looking at how a managed service provider can consolidate your data protection tools to reduce complexity and ensure all your backups are effectively safeguarding your mission critical information.

  • May 26, 2022
  • Catagory Data Protection

Every data backup plan must be put through its paces

By : Sanjeev Spolia

A robust cybersecurity strategy is not the only way organizations protect sensitive information – having a data backup plan that’s tested regularly is essential to ensure complete protection.

While putting a disaster recovery plan in place can be daunting for small or medium-sized organization, it must be done because it’s only a matter of time before you face a major disruption that threatens your mission-critical business data. However, thanks to the cloud, its easier than ever to implement enterprise-class data backup with the help of an experienced managed service provider.

Your data backup plan should be part of a broader and comprehensive disaster recovery plan, which identifies all the activities, resources and procedures needed to carry out all processing requirements during interruptions to normal business operations. You may be tempted to back up all your data and applications, but ideally, you should focus on identifying the data and applications that are essential for running the business.

Even more important is to make sure your data backup is running properly. It’s easy to get complacent and take for granted that your backups are running on schedule and safeguarding the right data. But whether you maintain your own backup infrastructure or adopt a managed backup service from a outside provider, you must regularly test your backups.

It’s easy to get out of the habit of testing your data backup and assume you’re backing up essential data and applications when there are more pressing demands on your IT staff. However, none of the more strategic technology initiatives you’re pursuing will matter because your business can’t afford the downtime that comes with a disruption related to a data loss – it means lost revenue, productivity, and the loss of current and future customers due to a negative perception of your brand.

Whether it’s your broader disaster recovery plan or just your data backup process, you should be doing regular fire drills. Even if your data backup is still working, it may not be keeping up with changes to your business – your data and applications are not static. Applications and data evolve, and a dynamic environment requires regular monitoring. Whether you do your own backups or outsource it, you should always be testing, and any credible managed service provider will always be testing without you having to ask and part of your Service Level Agreement (SLA).

Knowing the right data is being backed up is not enough either. You should also have peace of mind that you can restore it and any applications quickly to minimize any interruptions in business operations. Your restoration process is a critical aspect of any data backup plan. Your fire drill should demonstrate the ability to mount the backup and access the relevant files quicky and that a virtualized backup copy is bootable. Remember that your storage used for backup is subject to defects, and files can be accidentally erased or overwritten. If your primary storage can fail, so can your secondary.

Even if you do have the capability to maintain a data backup plan in-house, it’s one more thing on the to do list of your IT staff and distracts them from more strategic initiatives, so you should consider engaging a managed service provider that can remotely monitor and manage your backup infrastructure, as well as send your backups to their hosted backup repository. This will reduce your capital expenditures and simplify your data backup.

Remember: It’s just a matter of when, not if, your organization will be faced with major data loss, so no matter how you decide to implement your data backup, regular testing not only minimizes disruptions to operations and your customers, but it also allows you to stay in business.

  • November 16, 2021
  • Catagory cloud backup

Keep your data protection simple by using cloud backup

By : Sanjeev Spolia

When it comes to data protection, simple is always better, even as remote work and hybrid offices makes things more complex.

Even as endpoints flourish, you should continue to streamline your systems by leveraging cloud backup and combat complexity—the more systems you have in place, the more likely something will go wrong. You must balance redundancy with simplicity.

Even before the pandemic and the massive proliferation of remote endpoints, there were already many different applications and systems needing backup as lines of businesses spun up their own Software-as-a-Service (Saas) applications such as Microsoft Office 365 and Salesforce. Even worse, they assumed data is automatically backed up by the vendor. But in addition to those applications, you need to keep track of your servers, physical and virtual machines, and multiple endpoints that include workstations and laptops, satellite offices, and of course, remote workstations, which may even be an employee’s personal device.

The attack surface has expanded since the pandemic but having multiple data protection systems isn’t the answer. Instead, consider a single cloud backup service with built-in redundancy. As with any application, a data protection system has its own maintenance requirements and processes, so it’s best to have one that’s well-managed and reliable that makes verification simple. That way, you can be confident all your data, regardless of application, server or endpoint, is being consistently backed up. Having as single cloud backup service is also better for your IT budget.

However, depending on your environment, it may not be realistic to have a single cloud backup solution; your best approach is to implement a select few data protection systems to meet user requirements so that your IT team isn’t overwhelmed by too many backup tools as the resulting complexity will lead to misconfigurations and ultimately, a data breach that leads to a business disruption.

Having confidence in your cloud backup isn’t just important for your IT team. Data protection plays a strong role in maximizing business uptime, so you’re not only trying to keep senior IT management happy—the CEO has a stake in data protection, whether they realize it or not.

Like any application you implement to realize business goals, not all data protection and cloud backup systems are created equal. In addition, IT environments are more dynamic than ever thanks to digital transformation efforts, the emergence of the hybrid office, and the persistence of remote work. When selecting a cloud backup solution, be sure they meet all your data protection criteria including compliance, security, and restoration windows.  You might want to consider taking the opportunity to replace legacy systems that can be difficult to back up, rather than keeping them going because it will reduce maintenance costs, add data management capabilities, and improve your overall data protection effectiveness.

Remember that data is more portable than ever, too, especially when fewer people are working in the office behind the corporate firewall. If applications and data are spread cross multiple clouds, as well as endpoints and workstations, then your cloud back solutions must consider that your data is distributed across many platforms, as well as understand the built-in data protection of SaaS productivity applications—not just what they can do, but also what they don’t do.

A dramatic increase in the number of remote workers and the emergence of the hybrid office are great reminders that the need for robust data protection is never going to go away. As the year ends, take the opportunity to revisit the cloud backup solutions you have in place and implement a strategy to modernize it as needed to reflect the world of work with the help of an experienced managed services provider.

  • December 10, 2020
  • Catagory cybersecurity

Not all business information is sensitive data

By : Justin Folkerts

The trick to protecting sensitive data is understanding not all business information must be protected.

Even organizations that understand the need for robust information security spend heavily on software and hardware without measuring its return on investment (ROI), only to still fail at safeguarding the most sensitive information that’s the lifeblood of their business because they failed to define what it is before apply security controls.

If you want to adequately protect your most valuable data, you must understand which business information is most critical to your bottom line.

Not all data is equal

It’s seems counter-intuitive, but the reason information security often fails to protect sensitive data is the mistaken belief that all information must be protected equally. Even before the pandemic and remote work became the norm, distributed workers, branch offices, mobile devices, and the evolving Internet of Things (IoT) meant organizations have had to become smarter about how they secure sensitive data. Now it’s more important than ever to make the business case for information security.

The business case isn’t a request for a bigger information security or more technology. Rather, it’s about identifying sensitive data, understanding its value, and being clear about what’s necessary to protect it. You need to operationalize a change in mindset that delivers ROI and protects the sensitive data that powers your business.  However, it can be difficult for organizations to step back and understand what data is the most valuable when it’s growing exponentially.

One thing is for certain, however: Trying to protect every single bit of data equally isn’t cost effective.

Sensitive data must be defined to be protected

If organizations are to marshal their information security resources effectively, they must narrow their scope and define what constitutes sensitive information. While the definition can be guided by compliance and regulator obligations, it’s just as important to figure what data constitutes as a critical asset to the business.

Just as a fleet of trucks are critical assets for a transportation company, every business today has stored information that is critical to daily operations—that’s the sensitive data that must be protected. Otherwise, there are financial repercussions in the form of lost competitive advantage and fines for non-compliance, both of which lead to lost revenue, as do settlements from litigation and damaged reputations.

While compliance obligations and privacy legislation do dictate that some information be prioritized by information security strategies, they’re just the beginning. A healthcare organization that may have all their patient data effectively secured but not have all their research data protected—it’s just as valuable as it may support patent application or attract grant money, and has the potential to generate revenue. Personally Identifiable Information (PII) is always an obvious candidate for protection because compliance and regulatory frameworks deem it as sensitive, but intellectual property or data that’s essential to running your business is just as critical.

Treat sensitive data like a business asset

If you want get ROI from your information security spending, you need to think differently. You must understand your data on a deeper level so you can assign a value to it. There’s plenty of information residing in your organization that won’t cripple your organization if it’s lost. But your sensitive data must be assigned appropriate valuations that will be the of a business case for information security spending.

Getting an ROI on your information security spending is about anticipating incidents that haven’t happened yet, much like an insurance company considers the likelihood of natural disasters. To determine sensitive data and its value, you must weigh the cost of the protections you put in place with the financial impact of any breach and its likely frequency.

The simplest approach its to categorize data in three ways: data can be shared freely; sensitive data that can be shared with certain audiences in specific ways, and data that must remain confidential to the organization and never shared. The process of segmented and prioritizing data enables to apply the appropriate information security controls, so you understand the complete lifecycle of all data and adequately protect it based on the repercussions of losing it.

Treating sensitive data like a business asset enables you to make the case for information security so ROI can be effectively measured so can protect these valuable assets as you would any other important investment.

  • May 9, 2019
  • Catagory

Business Continuity Needs 4 Essential Ingredients

By : Justin Folkerts

When technology fails, businesses go under. And if you’re like most organizations today, your business continuity is dependent on communications and networking infrastructure that carries the lifeblood of your business—data.

Your employees can’t serve your customers without it, nor can your mission critical applications continue to run. And for many businesses, a few days of downtime can meet shutting the doors. It’s essential to ensure maximum uptime so even if you do encounter a disruption, your customers never notice.

For small and medium-sized businesses, putting the checks and balances in place to guarantee business continuity can be overwhelming, and partnering with a managed services provider can ease the burden. Regardless of whether you outsource or scale up your IT team internally, there are four key ingredients you will need.

Data Protection

It doesn’t matter whether it’s through malicious intent or natural disaster—losing mission-critical data means a business can grind to a halt. You need a protection plan that encompasses all applications, files and databases to protect data in the event of human error, systems failure or corruption. This should include offsite data backup and recovery with comprehensive business continuity planning.

Secure Networking

Safeguarding data not only means protecting where it’s used and stored, but also while it’s in transit. Even if you don’t take advantage of a managed service provider’s expertise, you likely have data moving in and out of your primary location to cloud-based services, field offices or remote users. Securing these connections safeguards mission-critical data and applications, maintains service and performance targets, and protects against malicious threats.

Predictive Care

Maintaining all devices and equipment, including Wi-Fi endpoints, can be a daunting task and can monopolize the time of your IT staff. Outsourcing to a managed services provider who employs a predicative care model means you don’t have to worry about asset tracking, paying for onsite labour for repairs and replacement, or tangling with multiple vendors to get things reconfigured or fixed.

24 X 7 Support and Monitoring

Predicative care for devices can be complemented with comprehensive support and monitoring by a managed service provider, enabling you to tap a team of skilled support people across multiple shifts to cover your business users and their applications. Proactive monitoring keeps a watchful eye on your environment to prevent any potential issues that could lead a disruption.

Ensuring business continuity requires a lot of proactive planning and IT resources, but it’s better to invest the time and energy into preventative measures than paying the high cost of not doing it. A managed IT services provider can help you keep your business running smoothly by avoiding common errors and providing around-the-clock coverage with properly skilled staff.

If you haven’t begun to think about disaster recovery planning or feel your plan needs an update, check out our Disaster Recovery Primer.