- March 14, 2024
- Catagory Data Protection
Protect Your Backups from Ransomware Infections
Your backups are not immune to ransomware – infected data can be replicated, so it’s important to configure your data protection so that mission critical information isn’t corrupted and clean copies can be easily restored.
Ransomware is sneaky, and it’s cross-platform. It can sit in in your backups – whether it’s an email, PDF, or Zip file, among many others – waiting to go off. And ransomware attacks don’t discriminate, either. Small and medium-sized organizations are just as viable a target for threat actors as large enterprises.
Ransomware starts with one computer, encrypting some or all its valuable data, but it can easily spread across the network, making all users susceptible and all systems potentially unusable. If ransomware corrupts a critical database, it can cripple your organization, which is why you must protect all your backups.
Preventing dangerous duplicates
If your backups are infected by ransomware, they are no more useful than your primary data – your restoration will just ignite a reinfection.
Protecting your backups from ransomware always starts by preventing users from downloading dangerous files that are riddle with malware, viruses, and ransomware. If a nefarious file does get through due to clever phishing and human error, you must make sure infections can’t be transmitted across your network through file sharing and syncing.
Most of all, you must prevent ransomware from accessing your backups at all costs. Although it’s impossible to fully protect your backups from threats, including ransomware, applying the right rules and leveraging smart software can minimize the likelihood of your backups getting infected.
Follow tried-and-true backup rules
The well-established 3-2-1 rule for backups continues be a good strategy for preventing ransomware infection of replicated files – you should have your original copy of a file, a duplicate that is stored on-site on a different medium, and a copy that is stored off-site. It is recommended that your on-site copy be stored on removeable media, such as tape.
Each of your backups requires a different approach – if you use tape, you should do a full backup rather than a differential or incremental backup. Your onsite tapes should be stored in a secure, fireproof location.
Using versioning for your backups can also prevent ransomware from infected all copies of your data – it saves a new version of the file as backup rather than wiping out the previous backup so you can return to an uninfected iteration, allowing you to easily roll back to a clean copy.
Roll backs are where software tools can help prevent your backups from being infected with ransomware as they can help manage versioning. However, your strategy is just as important as the tools. If you do a complete backup to on-site tape daily outside of office hours, you can back up the most current version. Even if ransomware hits the next day when users are likely to trigger it, you only lose that day.
Once the full backup is restored, you can review the offsite incremental backups done throughout the day to restore specific files with the latest and greatest versions.
Another strategy is to distribute your backups – by having separate backup systems for different types of data you can reduce the likelihood of ransomware spreading between them.
User endpoints are ransomware’s first target
No matter your backup strategy, protecting your endpoints is always your first line of defence when combatting ransomware. Endpoint data protection combined with employee cybersecurity awareness and training will contain ransomware within the first infected machine, reducing the likelihood of it infecting your backups.
- February 15, 2024
- Catagory Security
Are you ready to respond to an inevitable security breach?
Prevention is worth a pound of cure, but when a security breach is inevitable, preparation is just as valuable. A thorough assessment guides your deployment of data protection tools and sets up you up for an effective response that mitigates any impact to your business.
Threat actors are now trying to break down your proverbial door on a regular basis – an attempted security breach is not no longer an unusual, occasional occurrence. Rather than solely focusing on preventing a breach completely, your security strategy should also look at how you can minimize the impact of an incident quickly and effectively.
If you want to bolster your security and build resilience against today’s bad actors, you need a three-pronged approach that assesses, protects, and responds.
Assess your strengths and weaknesses
If you want to thwart any attack you must start where you are. With the help of a managed services provider, you should scan your network, conduct penetration testing, and establish clear IT policies. These essential steps will help you form the foundation of your security strategy so you can protect data and respond to the inevitable attack.
Protect your critical assets
Your assessment will help you prioritize what data needs to be protected – not everything you store is mission critical – and allow you to strike a balance between protection and productivity to ward against viruses, malware, ransomware, insider threats and human error.
Protecting your sensitive data from threat actors who want to sell it or cripple your business operations requires cloud-based Next-Generation Antivirus technology that combines behavioral detection, artificial intelligence, and machine learning algorithms to anticipate and prevents threats. Your firewall provides an essential layer of protection for your network and your endpoints.
Your data protection strategy also provides redundancy – because it’s not a matter of if you but when you experience a data breach or disruption to your operations. Having redundancy, including cloud backups, enables you to quickly restore mission critical data and applications in the event of any incident.
Automate, respond, and mitigate
Your security team can’t keep up with every alert – you need to automate your security if you are to proactively protect your network infrastructure across every endpoint.
Technology such as extended detection and response (XDR) collects threat data from your data protection to provide you with actionable, enriched threat intelligence to help your security teams prioritize, hunt, and eliminate threats quickly and efficiently. A vulnerability management platform, meanwhile, provides complete visibility and automatically discovers your assets as they come online.
Your security response to constant attacks by bad actors is made possible by your initial assessment and the data protection tools you put in place – they set you to effectively respond to any attack, quickly and decisively.
- January 30, 2024
- Catagory privacy
Are you Ready for Major Privacy Legislation Changes?
The Canadian federal government is getting close to passing updated privacy legislation that will impact how you govern the personal information you are storing as well as address the impacts of artificial intelligence (AI).
These changes began more than a year ago and are expected to pass this year or in early 2025, including new privacy legislation that will make significant changes to the Personal Information Protection and Electronic Documents Act (PIPEDA).
Three Key Acts
Bill C-27 lays out a new statutory framework governing personal information practices in the private sector, and includes three new statutes:
Consumer Privacy Protection Act (CPPA): If Bill C-27 passes, this act would repeal and replace the private sector personal information protection framework in PIPEDA. This new privacy legislation would essentially replace PIPEDA with new requirements governing the protection of personal information.
Personal Information and Data Protection Tribunal Act: Under this act, an administrative tribunal would be established to review certain decisions made by the Privacy Commissioner of Canada and impose penalties for contraventions of the CPPA, which is a substantially enhanced enforcement regime when compared with that of PIPEDA.
Artificial Intelligence and Data Act (AIDA): This act would create a risk-based approach to regulating trade and commerce in AI systems.
CPPA would require that organizations implement a privacy management program that includes policies, practices, and procedures to ensure compliance. The act reinforces express consent for the organization to process personal information, although it does outline exceptions under certain circumstances.
Severe Penalties for Non-Compliance
The fines for not complying with CPPA are hefty – as much as $25 million and the amount corresponding to 5% of gross global revenue for the preceding fiscal year. Law firm Osler advises that organizations could also be subjected to administrative monetary penalties of up to the greater of $10 million and the amount corresponding to 3% of gross global revenue for the preceding fiscal year.
Regional Legislation is Also a Factor
If you’re doing business in Quebec, you must also comply with the Quebec Privacy Act, recently reformed by Bill 64, that includes an enforcement regime with potentially severe financial penalties for contraventions that are similar to CPPA.
Quebec’s legislation also requires organizations to create an internal policy suite to address the lifecycle of personal information they store and process.
Navigating data privacy legislation has become another cost of doing business – organizations are responsible for understanding which rules apply to them when operating across Canada and globally.
The many compliance obligations required by government privacy legislation can seem overwhelming, but a managed services provider can help you maintain the necessary IT infrastructure and best practices to secure and protect customer data.
Artificial intelligence (AI) and geopolitical instability will continue to disrupt businesses in 2024 and put pressure on their cybersecurity strategies to keep pace.
AI is an enemy and an ally
The bad news is that threat actors will continue to use AI, including generative AI, to try to steal your data and compromise your IT infrastructure through smarter social engineering. But even as AI-assisted attacks are expected to increase in 2024, security providers are going to leverage AI to improve cybersecurity tools.
More compliance obligations
You can expect the internet to get more regulated which means you will have more obligations as part of your efforts to secure your data. The UK recently passed its Online Safety Law, and Canada is working on similar legislation. This past year the European Union and the Federal Communications Commission both recommended additional data breach reporting requirements to be introduced in 2024.
Quantum encryption is coming
While it’s several years away, quantum computing will likely be able to thwart today’s encryption, so efforts are already underway to counter the threat through hardware-based protection that will require a transformation of existing IT infrastructure.
Beware nations, not just thieves
Nation states will invest in new technology such as AI and quantum computing to create and distribute malicious tools to not only achieve more scale, but also increase deniability. Expect “ransomware-as-a-service” to be expanded to more attack surfaces. The amount of investment necessary exploit these technologies will also see governments look to assist small and medium-sized businesses with their security investments in 2024 – Australia and the U.S. have already begun.
Get ready to fight on the mobile front
Security strategies in 2024 are poised to be mobile-first as mobile apps have become so dominant. Even with Runtime Application Self Protection (RASP), it’s still easy for threat actors to turn mobile apps into weapons to attack backend systems and APIs. The year ahead will require increased adoption of mobile security.
These aren’t the only things organizations need to worry about going into 2024, so tapping into the expertise of a managed service provider with a focus on security should be your top resolution of the new year.
- November 29, 2023
- Catagory Data Protection
How AI and Machine Learning Will Impact Your Cybersecurity in 2024
There are many ways artificial intelligence (AI) and machine learning already impact cybersecurity. You can expect that trend to continue in 2024 – both as tools for data protection as well as a threat.
Even as you implement AI and machine learning into your cybersecurity strategy through the adoption of tools like Security Orchestration, Automation, and Response (SOAR), Security Information and Event Management (SIEM) and Managed Detection and Response (MDR), so are threat actors. They will continue to update and evolve their own methodologies and tools to compromise their targets by applying AI and machine learning to how they use ransomware, malware and deepfakes.
With small and medium-sized businesses just much at risk as their large enterprise counterparts, SMBs must take advantage of AI and machine learning as mush possible. AI-directed attacks are expected to rise in 2024 in the form of deepfake technologies that make phishing and impersonation more effective, as well as evolving ransomware and malware.
Deepfake technologies that leverage AI are especially worrisome, as they can create fake content that spurs employees and organizations to work against their best interests. Hackers can use deepfakes to create massive changes with serious financial consequences, including altering stock prices.
Deepfake social engineering techniques will only improve with the use of AI, increasing the likelihood of data breaches through unauthorized access to systems and more authentic looking phishing messages that are more personalized, and hence, more effective.
If hackers are keen on leveraging AI and machine learning to defeat your cybersecurity, you must be ready to combat them in equal measure – just as AI and machine learning will create new challenges in 2024, they can also help you bolster your cybersecurity. While regulations are being developed to foster ethical use of AI, threat actors are not likely to follow them.
AI will also affect your cyber insurance as your providers will use it to assess your resilience against cyberattacks and adjust your premium payments accordingly. AI presents an opportunity for you to improve your cybersecurity to keep those insurance costs under control.
There’s a lot of doom being predicted around the growing use of AI and machine learning. And while it does pose a risk to your organization and its sensitive data, you can use it to bolster your cybersecurity even as threat actors leverage AI to up the ante. A managed service provider with a focus on security can help you use AI and machine learning to protect your organization as we head into 2024.
- October 26, 2023
- Catagory Data Protection
Artificial Intelligence Will Bolster Data Security in the Long Term
Artificial intelligence (AI) is a threat to your organization’s data security, but it also a critical tool for defending it.
Just as business intelligence has become embedded in software tools and enables you to ride the ups and downs of your industry, AI is getting embedded in cybersecurity solutions to combat increasingly sophisticated threat actors.
This sophistication combined with evolution of connected organizations, including remote work, means attack surfaces are getting larger. Hybrid environments where people are working from home and office via different networks are appetizing targets for hackers. When there are so many devices operating on your network, there’s bound to be some that go unmanaged, and hence are unsecured.
Generative AI is making phishing scams harder to detect, and most data breaches are already due to employees not recognizing fake emails. Even though AI helps threat actors be more deceptive than ever, it can help to automate security so that you can more quickly respond, mitigate, and recover from a data breach.
Detecting patterns has always been a core capability of security solutions, and AI makes this capability more robust so that it can be more preventative – it will advise you of potential breaches, as well as help you set policy and automate tasks to lessen the burden for your IT staff, including the onboarding of new employees and managing their access. AI can even help you set policy as to how your employees are allowed to use AI, including ChatGPT.
If you’re nervous about AI and how will affect your business, including its data security, there’s good news in that it can be a net positive thanks to the many productivity gains. Already it’s become clear that security analysts can’t keep up with every alert and every security threat, so AI and automation are necessary to handle them at scale.
In the longer term, AI is going to be an essential tool for discerning between legitimate activity and security threats. As generative AI becomes more sophisticated and bad actors exploit it to fool unsuspecting users, AI is also going to be able to detect these attempts and allow for immediate, decisive action to prevent data breaches before they happen.
Organizations will also need to deploy fewer security tools as AI capabilities will be consolidated into interoperable security platforms that will reduce the number of vendors and policies that must be managed.
Even as AI streamlines and fortifies your security, it’s still not going to be your core business. A managed service provider can help you navigate the dynamic changes ahead so you can effectively leverage AI to bolster your data security.
- August 17, 2023
- Catagory Identity Management
Implement These Key Technologies to Improve Your Cybersecurity
As attack surfaces flourish and put identities and endpoints under increasing threat, there are several key cybersecurity technologies you can’t do without.
The good news is that even though managing security can seem overwhelming in today’s dynamic digital landscape, many of these cybersecurity technologies are being integrated and consolidated to improve management and overall visibility.
Manage and protect your endpoints
With the maturation of the internet of things (IoT) and a hybrid workforce, you must make protecting endpoints a priority. Endpoint detection and response (EDR) enables you to detect and respond to advanced threats by using behavioral analysis to detect attacks in real time. It allowes security analysts to proactively detect and respond to ransomware and other attacks that signature-based antivirus applications tend to miss.
Endpoint protection platforms (EPPs), meanwhile, enable you to integrate your technology stacks so that you can scale and cover your ever-growing number of endpoints, as well as handle newer types of threats, including the latest malware. EEPs are leveraging artificial intelligence and machine learning to anticipate threats before they can gain a foothold within your network.
Unified endpoint security (UES) pulls together various endpoint security tools into a single platform so you can better protect all your endpoints, including servers, PCs, and mobile devices. The unification provided by UES improves overall visibility.
One of the most common endpoints today are mobile devices, which be protected with mobile threat defense (MTD) to thwart real-time zero-day threats, phishing, and other attack techniques that look to steal identities and gain privileged access.
Secure the edge
Because most organizations have seen a proliferation of endpoints, they are likely grappling with the ramifications of edge computing, including the cybersecurity challenges it raises. Coupled with the increase in cloud computing, it’s important to implement a secure access service edge (SASE) framework, which combines software-defined wide area networking (SD-WAN) and Zero Trust security solutions into a unified cloud-based platform.
SASE securely connects users by giving them access based on their identity and devices, securing them no matter where they work. SASE is cloud-native, delivering both infrastructure and security solutions via the cloud, protecting all edges whether it is physical, digital, and logical.
A secure service edge (SSE) protects Software-as-a-Service (SaaS), web, and private applications by integrating a secure web gateway (SWG), cloud access security broker (CASB) and zero-trust network access (ZTNA) into a single cloud platform. SSE is another example of platform that unifies different tools to simplify management, as well as better support remote users.
Confirm identities
Authorized user access must be robust, which is why micro-segmentation is a critical cybersecurity practice. It limits lateral movement during a breach by segmenting workloads by identity, so that even if a threat actor obtains access through compromised credentials, there’s only so many places they can go, thereby mitigating the impact of the attack.
Because critical identity systems are increasingly vulnerable, it’s also critical to implement identity threat detection and response (ITDR) to safeguard your identity infrastructure from sophisticated attacks.
The cybersecurity stack is getting more complex and must scale with the rest of your IT infrastructure and cloud deployments. A managed service provider with a focus on security can help evaluate your immediately requirements for bolstering your cybersecurity as well as implement a long-term strategy that aligns with your business goals.
If you don’t feel you’ve put enough effort in cloud security, you’re not alone.
A recent survey released by Telus found that Canadian organizations only set aside 34 per cent of their cybersecurity budgets for cloud security, while nearly all admit that if they had to do it all again, they would have spent more time security when they began their migration to the cloud, especially on threat and risk.
Respondents would have also spent more time on monitoring and detection, as well as threat prevention controls.
All this regret around cloud security may explain why the 511 cybersecurity professionals surveyed by Telus are planning to increase spending by 22 per cent in 2023. Conducted with IDC Canada, the survey spans a wide range of Canadian industries and organizations, with more than half identifying as very knowledgeable about cybersecurity, with the remainder identifying as knowledgeable.
While security knowledge ranks well among respondents, only 37 per cent of the organizations surveyed report having dedicated cloud security professionals, while nearly as many – 33 per cent – are finding that staffing for cloud security skillsets is the most difficult of all cloud specialties to find.
Not many – 14 per cent – are storing their most valuable data in the cloud, which aligns with the confidence in cloud security, as 57 per cent of organizations believe their cloud environments are very or completely secure, but only 38 per cent of respondents said their organizations uses multi-factor authentication (MFA) to secure their cloud environment.
Approximately one third of respondents cited a lack of tools to monitor, detect, and respond to cyber threats was a major gap in their cloud environments, while a whopping 89 per cent said their organization had experienced a cloud security incident. (An incident is defined as an event with the potential to compromise confidentiality, availability, and/or integrity of computer networks, systems, or data.)
On average, the Telus survey found that organizations had experienced four to five cloud security incidents a year, with nearly half of the most damaging incidents spreading to on-premises environments. These incidents could be attributed to misconfigurations, human error, and known vulnerabilities.
Not surprisingly, respondents are using more than one cloud service provider – the average was up to 8.5, with infrastructure-as-a-service providers such as Amazon AWS, Google Cloud Platform and Microsoft Azure being the most used.
The Telus report makes several recommendations for those responsible for security in their organization. Chief among them is to not underestimate the value of frameworks like NIST, ISO/IEC 27001 or others. Others include:
- Provide IT / security staff with comprehensive cloud security awareness training
- Enable and configure any included security controls offered by your cloud service provider
- Conduct regular security audits and assessments
- Deploy MFA
Given all the cloud providers organizations use as well as the challenges in finding security specialists, you might consider seeking out a managed service provider who can help you bolster your cloud security, improve your overall posture and help you adhere to the Telus survey recommendations.
- June 15, 2023
- Catagory Data Protection
Why You should Have Magnetic Tape in Your Data Backup Mix
If you think magnetic tape storage for backup and archives is old school, think again – even the big hyperscale data centers see the benefit due to its low cost.
Hyperscalers are some of the biggest users of magnetic tape because it enables them to store massive amounts of “cold” data cost effectively – a on a cost-per-bit basis, tape storage is cheaper than hard drives, and it makes no sense to store seldomly-accessed information on ultra-fast flash-based SSDs.
Magnetic tape can also play a role in a comprehensive security strategy. By backing up to tape, you can create what is known as an “air gap.” You can back up sensitive data to magnetic tape to protect it from a malware attack since data that is instantaneously replicated to the cloud can be corrupted just as quickly at the backup destination. By backing up to tape periodically and otherwise keeping it off the network, you have a clean version that can be restored in the event of a malware or ransomware attack.
In the meantime, the capacity of magnetic tape is growing fast while the amount of data grows exponentially. Not only is tape the lowest cost for bit compared with other storage media options, but the overall capacity per tape now has a native capacity of 18 terabytes with 500 terabytes on the horizon.
While it may take longer to restore from tape, the media itself has a long shelf life as well – a magnetic tape cartridge stored in the right environmental conditions can last for several decades. If you’re required by government legislation or other regulatory bodies to retain data for years after it’s collected, tape is a great option for archives and backup. Small and medium-sized companies must often comply with the same legal and regulatory requirements as large enterprises, such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and Europe’s General Data Protection Regulation (GDPR).
The financial services and health sectors have data retention requirements, with the latter being required to retain patient records including tests like X-rays for many years.
Magnetic tape is also sustainable because it consumes the least amount of energy compared with other data storage options. And if you’ve embarked on an Environmental, Social and Governance (ESG) strategy, tape is more compelling because its overall footprint starting with the raw materials to ultimate disposal is quite low.
All these characteristics make magnetic tape a popular option for many industries – capacity per cartridge, low cost per bit, and low power consumption have made it a preferred option for the oil and gas sector, particularly for seismic data, while the entertainment industry uses tapes like they are big USB drives to move media from one stage of production to another.
And while artificial intelligence (AI) and machine learning processes do require fast memory and storage, the vast amounts of information it needs to learn from have to be stored somewhere. If you collect a lot of data via internet of things (IoT) devices, you may want archive it for future use. The capacity of tape is ideal for large data sets.
While there is an upfront cost to investing in magnetic tape for backup and storage, the total cost of ownership is appealing if you’re a small or medium-sized company that’s mindful of its energy bills – you’ll recoup your initial outlay thanks to a low cost of ownership (TCO).
Better still, like most data storage and backup options like the cloud, you don’t necessarily need to set up your own tape storage on-site. There are many service providers who can help exploit benefits of magnetic tape and manage it for you.
- April 11, 2023
- Catagory Compliance
Why Multi-Factor Authentication Is Table Stakes for Effective Security
The move to remote work and hybrid workplaces has demonstrated that multi-factor authentication is now a must-have for effective security and employee data protection.
Gone are the days of just making sure staff have complex and unique passwords for everything they access. In addition to a username and password to log into an application, it’s a critical that you have a second layer of authentication – two-factor authentication or multi-factor authentication (MFA). This means that in addition to a password entered in the primary device, there’s an additional step to log in – multi-factor authentication either requires that another code be sent to a secondary device such as smartphone or a biometric step in the form of a fingerprint or voice identification system.
Your employees have already experienced multi-factor authentication in their daily lives. Major banks now use biometrics for mobile banking, and they will also need to authenticate through that device when logging onto their bank’s web site from a desktop computer.
And while you might think that multi-factor authentication is an advanced feature that’s only necessary for major financial organizations, there are plenty of reasons why you should add another layer of authentication for all employees accessing critical applications and customer data.
- Weak and stolen passwords: As much as employees are encouraged to use unique and complex passwords for each and every digital system they access, it means they must remember each and every one or rely on a password manager to keep track of them. These password managers can also be circumvented by threat actors .Password theft has become cleverer through methods such as keylogging, phishing, and pharming, which is when malicious code is injected onto a device that redirects employees to a phony website where they enter sensitive information, including authentication information.
- Remote access: For many organizations, the hybrid workplace is here to stay. Multi-factor authentication is essential if you’re to provide fully secure remote access without impairing employee productivity. It can even make logging in easier as single sign-on software combined with multi-factor authentication can help to avoid “login fatigue,” since it requires an initial login to access multiple applications.
- Compliance: Depending on your industry, your organization may be required to implement multi-factor authentication to bolster protection of sensitive financial or health data, as well as other personally identifiable information (PII) in accordance with regional, national, or international privacy legislation or regulatory frameworks.
Implementing multi-factor authentication ensures that you can get the most of your cybersecurity investments. Other technologies such as advanced firewalls and anti-virus software can only do so much to protect critical applications and sensitive data – without robust authentication and digital identity management, threat actors still have plenty of avenues to exploit to gain access to your systems.
Multi-factor authentication not only controls employee access, but it also acts as an alert mechanism when an unauthorized access attempt is made – if an employee gets a request for secondary authentication that they didn’t request, they can report it to the IT department, so they know that there’s active threat.
If you’ve not considered implementing multi-factor authentication, remote and hybrid working should be the tipping point, since your employees are likely using less secure internet connections to access your network and may even be using a personal device. Multi-factor authentication reduces the risk that comes with securing remote workers’ WiFi connections and personal devices.
No matter your industry or the size of your business, multi-factor authentication should now be considered table stakes when it comes to effectively securing your organization.
Latest Blogs
FAQ