Dark Web Threat Alerts

When Your Identity is on the Dark Web

Dark Web Threat AlertsAs a courtesy to our existing clients and prospective clients, we have been running complementary Dark Web Summary Scans of their domains. These summary scans let us know how many email addresses from each domain currently appear on dark web and identity theft websites. We can then perform a more detailed scan and analysis to identify the specific user identities.

The results are fascinating.

Of 200 domains recently scanned:

  • 87.4% had at least one potential identity compromised
  • The average number of potentially compromised identities is 41%
  • 16% of the companies had more exposed identities than users, indicating breaches occurred from multiple sources

What does this mean?

Just because employee@yourcompany.com appears on a dark web or identity theft site does not mean that the user account on your system has been breached.

It does mean, however, that a breach is likely. And, the more exposed identities for your domain, the greater the risk.

How does it work?

Chances are, your employees are using their work email address, employee@yourcompany.com, as their login identity for other systems.  These other systems are often work related services like Uber, Dropbox, online banking, credit cards used for business expenses, etc. Studies show that about 80% of people use the same or substantially similar passwords across systems.

If there is a data leak or breach at one of these third party services, hackers will test the identity on other systems.  If you have an employee whose email and password were leaked in one of the Dropbox incidents, for example, cyber criminals will test that email address and password, along with similar passwords, across common services like G Suite, Office 365, Facebook, LinkedIn, Instagram, and others.

A compromised identity on a third party service can easily lead to a breach of your systems.

What to do:

  • Get the Details:
    Get a detailed scan on your domain to clearly identify which user identities are exposed and at risk.
  • Mitigate Your Risk:
    Work directly with identified staff to reset passwords. Run additional scans on their systems for malware.
  • Communicate:
    Educate, train, and guide users on the risk of identity breach and how to avoid becoming a victim. Provide guidance, coaching, and policies around the use of company email addresses on other systems and best practices for password selection and management.
  • Challenge:
    Periodically test your employees using “honeypot” and “sandbox” methods to determine who is following best practices and who remains susceptible to attack.
  • Monitor:
    Monitor your domain, and personal accounts of key executives, for future issues and respond accordingly.

Next Steps

Your best next step is to contact us (email or web) to

  1. Request a detailed Dark Web Scan
  2. Discuss security education and testing services
  3. Setup on-going monitoring for your domain

 

 

Email Encryption

EFail Flaw: Encryption Alone Does Not Protect Your Email

Email EncryptionAs reported last week by eWeek and others, researched found two flaws that allow hackers with access to email accounts to read emails encrypted with OpenPGP and S/MIME.  This is significant for two reasons:

  1. These standards are available for us in almost every email client
  2. Budget-conscious users often relay on public-domain or free tools to use OpenPGP or S/MIME for email encryption

As noted in the eWeek article, 23 of 35 email clients tested as of the publication date were vulnerable.  While the actual risk from EFail is currently moderately low — hackers need access to the encrypted emails before they can exploit EFail, the rate of identity compromise is on the rise. Secondary threats, such as EFail, will become a more prominent form of attack in the future.

Free Encryption Solutions Often Lack Sufficient Protection

Robust email security and encryption services include features, such as validation of digital signatures, that ensure the integrity of encrypted email messages.

Furthermore, solutions, like ZixEncrypt, control both ends of the encryption process, so any messages (with or without S/MIME encrypted attachments) with an invalid or missing digital signature get bounced. Integrity checks prevent the delivery of compromised messages, thereby preventing exposure.

As you face an increasing need to secure email communications, the robust features in services like ZixEncrypt create a value proposition most businesses cannot and should not ignore.


Contact us for more information about email security, encryption, and compliance.


 

WiFi Performance

5 Things You Don’t Know Are Killing Your WiFi

WiFi Performance

Bad WiFi service frustrates employees, hurts productivity, and can send customers to your competitors.  Even if you use your wireless access point (AP) vendor’s management tool, here are five (5) things that may be hurting your WiFi service quality without your knowledge:

  1. Network traffic actually transmitted over the air:
    APs know that they attempted to transmit  data to a client, but cannot detect if a malfunction prevented transmissions.  APs cannot detect their own transmission problems, such as dropped packets, chatter, and jitter.
  2. Clients consuming channel bandwidth that are not connected to your infrastructure:
    Not every device using channel bandwidth connects to your network. These devices often interfere with connected traffic, hurting performance for others.
  3. Misconfiguration within your infrastructure:
    APs cannot self-detect if they are configured improperly or if neighboring APs are creating interference. APs are not clients on the network, so they can only see what they transmit and what they receive.
  4. Clients connected to APs not managed by your AP controller:
    While your AP management tool may identify unmanaged or unauthorized APs on your network, they cannot detect or analyze clients connected to those APs and/or the impact these unmanaged devices have on your WiFi performance.
  5. Interference from devices and networks outside of your control:
    Vendor AP management tools are built to manage the vendor’s APs. These tools do not identify or analyze neighboring networks that interfere with yours. Bandwidth and channel conflicts go undetected and unresolved.

Your vendor AP manager misses these issues because your APs are not WiFi clients.

The best way to monitor and manage WiFi performance and reliability is to place a passive sensor client in your environment.  Unlike expensive WiFi assessments of the past, done by on-site technicians lugging around specially equipped computers and meters, innovative services like the Wyebot Wireless Intelligence Platform™ (WIP) give you a plug-and-go solution for about 1/10th the cost.  WIP is a vendor agnostic tool that can see and monitor your entire WiFi environment, analyze and prioritize issues with alerts, make knowledge-driven solution recommendations, and provide remote network testing tools.

Tools like Wyebot help you ensure your WiFi network best serves your business.


Please download our eBook, Understanding WiFi Quality, for more information, or contact us to arrange an initial WiFi Assessment.


 

WiFi Quality

WiFi Quality is About the User Experience

WiFi QualityAn ever increasing number of businesses are learning that WiFi is more than a convenient network connection.

  • Restaurants, bars, and coffee shops that want patrons to linger and spend more lose business when customers can’t check the score, answer an email, or scan their social apps.
  • When your mobile app doesn’t work in your establishment because of poor WiFi service quality, your patrons go elsewhere.
  • WiFi quality influences which conference rooms get booked, where teams choose to huddle, where individuals choose to sit and work, and where people choose to socialize.

WiFi service quality is becoming a competitive factor that can help or hurt your business.

Most network managers rely on vendor management tools to monitor and control their wireless Access Points (APs). These tools provide basic statistics on traffic volume and patterns.  The more sophisticated solutions provide cool looking color-coded heat mats that overlay WiFi signal strength onto blueprints of your business. Some tools even use APs to triangulate users’ locations within their business.

What vendor AP management tools do not show you, however, is the client experience. You can have great WiFi signal coverage, but applications time-out if client devices experience too much interference. Your network may be setup to support a high density of users, but if clients end AP-hopping for signal strength, management overhead can cripple performance.

To understand WiFi quality: Understand the user experience.

By definition, your Access Points are not and cannot be clients on your WiFi network. The data your APs gather represents only what goes in and out of (or is simulated by) each Access Point. WiFi clients will see your network performance and reliability differently than your APs.

Think of it this way.  A chef creates a new signature dish. The chef knows that she’s used the best, freshest ingredients. The chef has sampled dozens of variations to get the taste just right.  The chef believes that this her best new meal ever. Even so, a few, many, most, or all customers may not like the taste, texture, or presentation of the meal. Fortunately, WiFi quality and reliability is not subject to personal taste and preferences; WiFi service quality is determined by the client experience.

The only way to understand, monitor, and manage WiFi service quality is to monitor your network from a client.

Historically, this has meant expensive service engagements in which technicians bring in monitoring and analysis systems for a “point in time” assessment. These assessments, which can cost thousands of dollars and only capture one point in time, are beyond the budget of most small and midsize businesses and schools.

New solutions, however, provide vendor-agnostic analyses of your WiFi network using passive sensor WiFi clients, prioritize identification of service issues, and offer knowledge-driven recommended solutions.  With the Wyebot Wireless Intelligence Platform™ (WIP), for example, in most instances we can provide periodic WiFi Assessments for less than 1/10th the cost of a traditional assessments. Ongoing monitoring becomes affordable for nearly all businesses and schools, the the added value of historical data analysis, real-time alerts, and remote network testing.

If your business relies on WiFi, you can now afford to make sure your WiFi network is reliable and performs well.


For more information, download our eBook, Understanding WiFi Quality, or contact us about arranging an initial WiFi Assessment.


 

Echo of Non-Compliance

Everyday, we hear about new ways we can use our smart speakers. Retailers, radio stations, product companies, and others remind us that we can use our Amazon Echo or Google Home to buy, listen, or learn. The term “smart speaker”, however, is misleading.  These are microphones and they are always listening. They are also likely recording everything they hear.

If you are covered by HIPAA or other privacy regulations, do not talk about protected information within earshot of Alexa.

This warning stems from a 2015 murder case in Arkansas. Believing that the Amazon Echo may have “heard” a murder, the District Attorney subpoenaed any recordings that Amazon may keep from the device. Amazon fought the decision on First Amendment and privacy rights, not by claiming that it was not recording. Amazon did not deny having recordings.

The issue for data privacy compliance is that your smart speaker may be listening to and recording conversations you have about protected information.  Allowing this is a violation of HIPAA and other regulations protecting personal identifying information (PII).

When is your Amazon Echo recording?

The short answer is: we are not sure, but maybe always.

Looking at the Alexa Terms of Use, Amazon tells us “Alexa streams audio to the cloud when you interact with Alexa” and “Alexa uses recordings of your voice to create an acoustic profile of your voice characteristics.” Alexa use is also covered by the Amazon Privacy Notice, which states, “We receive and store any information you enter on our Web site or give us in any other way.”

While Amazon tells us they are recording your “Hey, Alexa” commands, the Terms of Use and Privacy Notice are a bit more ambiguous. Neither document tells us that Amazon records only when listing and processing commands. Nor do the policies limit Amazon’s recording to those commands. We do not know, for sure, when Amazon is not recording what it hears on your Echo.

Better Safe Than Sorry

When speaking about sensitive or protected information, stay away from your “smart speaker” or manually mute the device.


One more thought:  Ever notice how after certain conversations, you see ads on Facebook related to the topic discussed?  Unless you turn off microphone access, Facebook is using your phone to listen to your conversations, analyze what you say, and profile you. Letting Facebook listen is another potential HIPAA and PII breach.


 

Newtons Cradle

Inertia: The Science of Business Continuity

Newtons CradleTo paraphrase Newton’s Laws of Motion (with credit to Galileo) …

Absent an unbalanced force, an object in motion will stay in motion and an object at rest will stay at rest.

While this holds true for objects in a friction-less environment, it holds true for our businesses as well. Our businesses are in motion, working each day to service our customers with rhythms and cycles throughout each day, week, month, and year.

Our business cycles continue, until we meet an unbalanced force.

Some forces we expect, like changes in the economy that occur over a period of weeks or months.  Others forces are event-driven, such as storms, cyber attacks, and key employee departures. The sudden nature of event-driven forces can catch us by surprise, cripple our businesses in the short-term, and disrupt our normal cycles for the long-term.

A Case in Point

A company here in the northeast manufactures and distributes a customized product that customers generally replace or re-order every 2 to 3 years.  80% of the firm’s business is repeat, creating a strong and stable business. The company was hit by ransomware twice in a 3 month period.  The first attack, scrambled their files and their servers, but left their financial system in place.  They lost a day’s worth of data.  The immediate recovery took 3 days; the full recovery took nearly two weeks.  After three days of cleaning systems and restoring data, the company’s systems were up and running. They then had to enter the initial day lost data and all of the business activity for the 3 days their systems were down.  They allocated 1/3 of everybody’s time to recover the data, reducing productivity by 33% and impacting their responsiveness to customers. To enter the 4 days of missing data took over 10 days with the team working part time.

Inertia Takes Hold

This initial event changed the cycles and motions of the company. Whenever dealing with any business activity during the outage and recovery periods, they need to double check to make sure the information entered was complete and correct. And since some activities, like shipping and invoices related to prior activities, they need to double-check these connections.  Long after the two week recovery period, productivity is still down as the company’s daily motion now includes double-checking information that they are not sure they can trust.

Lesson NOT Learned

With so much focus on getting the business back into its normal rhythm, and the additional cost involved, the company did not act on recommendations that could help prevent a future attack and better ensure their ability to recover should a future attack occur. Whether the second attack was a different attack or they had failed to fully clean their systems does not matter.  The second attack was not caught until after the company’s backup server was hit, rendering their backups useless.  The company lost three years of data.

Inertia Creates a New Cycle

To recover from this attack took more than balancing data entry and on-going business. It was not feasible to manually recreate three years of data. While entering about 6 months of data for the fiscal year, they settled for a solution that created new methods and rhythms with long-term effects. They recalled all of their paper records from storage into an expanded warehouse space.  When a customer calls to re-order product they ordered 2 or 3 years ago, they search and retrieve the physical paperwork so they can create the new order. Every returning customer creates a scramble to find the paperwork in short order. Actions required in an emergency become part of the new normal. Inertia.

What You Can Do

You can be prepared with solutions that balance external forces beyond your control.

  • An educated and aware workforce balances the human manipulation that enables cyber attacks
  • Advanced threat, DNS, and web protections balance the forces of cyber attacks hitting us daily.
  • A robust backup/recovery and continuity system balances the forceful impact of disruptive events, giving you the ability to be up and running in hours not days.

If the company in our case study had implemented the recommended solutions after the first attack, they second attack would have disrupted the business for less than half a day — and may not have happened at all. The investment in communication, prevention, and recovery, while not trivial, was minor compared to the short term recovery and long term impact on the business.

If you are not ready or willing to have your business’ inertia redirected by forces beyond your control, now is the time to act.


Contact us for a free, no obligation, Cloud Advisor Session to discuss your business recovery and continuity needs and plans.


 

Pending Storm; Pending Doom

A quick scan of the weather headlines late on Thursday afternoon: a “Nor’easter” storm going through rapid escalation, know as “Bombogenisis”, looks ready to hit New England tomorrow with rain, snow and hurricane force wind gusts. Now it is Sunday, and many small and midsize businesses along the northeastern coast are wondering when, or if, they will be able to reopen. The impact of disasters is increasing. We can argue about climate change versus weather. We can discuss our aging infrastructure. We can debate whether to plan for disaster causes or effects. If we do not, however, make our businesses more resilient, the quantity and severity of disruptions will continue to grow.

The coming storm should not foretell coming doom.

By taking advantage of proven cloud services, most small and midsize businesses can protect themselves from disruption. Many businesses in coastal areas of New England may be without power and other utilities for 2 to 4 days. Businesses with no continuity plan are down and out. Given that about 50% of businesses shut down for a week will fail within six months, “down and out” can be fatal. If you rely on VPN or remote desktop to on-premise systems, you are still at risk — no power means no on-premise networks or servers.

Businesses with key systems in the cloud, however, can be up and running if employees have power and Internet access.

So what are your next steps?

First, measure the impact on your business of a disruption lasting one day, three days, and five days?  As you do, consider the full cost of recovery, including post-disaster productivity loss as your work to recover lost data and time while keeping things moving forward.

Second, consider the value of keeping your business running rather than having to recover and regroup. Beyond the dollars and cents, understand the value to your customers, to your reputation.

Third, contact us for a complimentary Cloud Advisor Session to discuss your cloud and continuity strategies.

Quickbooks

The QuickBooks Hosting Challenge

QuickbooksQuickBooks is the leading accounting package for small business. And yet, many businesses cannot run QuickBooks Online, the Software-as-a-Service (SaaS) version. Whether the online versions lack industry-specific features you need, or you have integrated third party tools/add-ons, staying with an on-premise version of QuickBooks remains the best solution for your business.

As you move to the cloud, hosting your QuickBooks Pro, Premier, or Enterprise system makes sense. You keep the version of QuickBooks you need and improve accessibility, reliability, security, and resiliency from system failures and disasters.

In general, we find two levels of common QuickBooks hosting options. Looking at these services more closely, we find these services often fail to meet basic needs without expensive upgrades.  Fortunately, we have a third option designed to deliver the business value you need and want.

Basic

Basic QuickBooks hosting services run between $27 and $30 per user per month, with you purchasing and providing the QuickBooks license key. These services start with 1 GB of storage with fees for added storage that add-up quickly. Adding storage you need for reports, exports, etc., can easily increase the cost to the $75-$90 per user per month range. More importantly, your instance of QuickBooks is running on shared servers and on a shared network. As such, you have greater risk for performance issues, security breaches, and outages. In this type of multi-tenant environment, the actions of other can impact your business. These services offer backup, usually once per day with a fixed retention period of 7, 14, 30, or 90 days, depending on the service.

Better

The better QuickBooks hosting services cost between $49 and $60 per user per month, with you purchasing and providing the QuickBooks license key.  These services also start with 1 GB of storage with fees that add up when you need more space. Typical fees quickly creep up to the $95 to $120 per user per month range.  The main difference is that these services generally run your version of QuickBooks on a dedicated server, but still run on a shared network. While this does reduce the chance of interference from other tenants, this model still has your service running in the same security envelope as other companies. You still have a risk. Like the basic services, you have a once per day backup with a fixed retention period that varies with each service provider.

Best

The best solution for hosting QuickBooks will use your license of QuickBooks in the following environment:

  • Dedicated server
  • Private network
  • A usable amount of storage included (100 GB or more)
  • Flexible backup schedules and retention plans
  • Easy access from desktops, laptops, tablets, and smartphones
  • Access to Excel (MS Office) in the hosted environment

We this type of setup, you are more secure, will have better performance, and greater reliability.

The good news is that we can build you this type of environment at a cost comparable to other services, and we can integrate your QuickBooks environment with your Office 365 or G Suite service.


If you are interested in learning more about QuickBooks hosting options, please contact us for a free Cloud Advisor session.


 

G Suite

G Suite Business Upgrade Incentives

G SuiteThrough June 30, 2018, you can upgrade from G Suite Basic to G Suite Business and save up to 33%.

To qualify, you must:

  • Running G Suite Basic with at least 1 user (no minimum user limit)
  • Upgrade before June 3o, 2018
  • If you are on an annual commitment plan, you can upgrade during your renewal
  • If you are on the monthly flex plan, you can upgrade at anytime
  • Contact us and let us know you want the savings

Why G Suite Business?

  • Unlimited Gmail and Drive Storage
  • Team Drives for central ownership and management of files
  • Email Archiving, eDiscovery, DLP for simple legal compliance
  • Advanced reports and admin alerts for better usage visibility
  • “Org” unit controls to adjust access and sharing rights by department
  • THE platform for new features, such as AppMaker and AI/machine learning enabled services

For more information, contact us, or see what our clients say about G Suite Business.


 

G Suite

Driving G Suite Upgrades

G SuiteG Suite Business is the recommended G Suite subscription for most small and midsize businesses. Many of our clients have upgraded already, so we asked them what is driving them to make the move. In no particular order, our clients tell us that with G Suite Business, you get:

Better File Services

  • Team Drives gives you central ownership and management of files.
  • Combined with Drive File Stream, you can create a file service that looks and feels more like a file server and benefit from easier integration with desktop applications. (We blogged about this in Oct ’17)
  • Unlimited storage gives you the ability to move files from servers and workstations without worry.
  • You can offload inactive files from past projects, prior years, etc., into online, secure, searchable archives. This can save you from upgrading or replacing on-premise servers and storage.

Help with Compliance

  • The Vault service included with G Suite Business is a critical component for your information security and compliance requirements, including HIPAA, PCI, Sarbanes/Oxley, SEC, and FINRA.
  • Vault archives and provides compliant e-discovery for email, files in Drive, and Hangout chats.

Cost Savings

  • You can retire servers in remote offices with Drive and Team Drive, eliminating the need for on-premise server upgrades and replacements, backup, and support.
  • You can reduce or eliminate NAS, SAN, file servers, and local storage, all of which require local/offsite backup, maintenance, and support.
  • If you have multiple sites, you can replace point-to-point networks, MPLS, and VPNs with direct Internet access service, at considerable savings.
  • You can replace Active Directory with a cloud-based identity manager or SSO solution; you can retire your AD domain controllers.

New Features

  • With G Suite Business, you get new features, like Team Drives and AppMaker, that are not available in G Suite Basic.

If you are interested in how G Suite Business can help you and your team, please let us know.  We have special incentives in place through June 30, 2017.