When Your Identity is on the Dark Web

Dark Web Threat AlertsAs a courtesy to our existing clients and prospective clients, we have been running complementary Dark Web Summary Scans of their domains. These summary scans let us know how many email addresses from each domain currently appear on dark web and identity theft websites. We can then perform a more detailed scan and analysis to identify the specific user identities.

The results are fascinating.

Of 200 domains recently scanned:

  • 87.4% had at least one potential identity compromised
  • The average number of potentially compromised identities is 41%
  • 16% of the companies had more exposed identities than users, indicating breaches occurred from multiple sources

What does this mean?

Just because employee@yourcompany.com appears on a dark web or identity theft site does not mean that the user account on your system has been breached.

It does mean, however, that a breach is likely. And, the more exposed identities for your domain, the greater the risk.

How does it work?

Chances are, your employees are using their work email address, employee@yourcompany.com, as their login identity for other systems.  These other systems are often work related services like Uber, Dropbox, online banking, credit cards used for business expenses, etc. Studies show that about 80% of people use the same or substantially similar passwords across systems.

If there is a data leak or breach at one of these third party services, hackers will test the identity on other systems.  If you have an employee whose email and password were leaked in one of the Dropbox incidents, for example, cyber criminals will test that email address and password, along with similar passwords, across common services like G Suite, Office 365, Facebook, LinkedIn, Instagram, and others.

A compromised identity on a third party service can easily lead to a breach of your systems.

What to do:

  • Get the Details:
    Get a detailed scan on your domain to clearly identify which user identities are exposed and at risk.
  • Mitigate Your Risk:
    Work directly with identified staff to reset passwords. Run additional scans on their systems for malware.
  • Communicate:
    Educate, train, and guide users on the risk of identity breach and how to avoid becoming a victim. Provide guidance, coaching, and policies around the use of company email addresses on other systems and best practices for password selection and management.
  • Challenge:
    Periodically test your employees using “honeypot” and “sandbox” methods to determine who is following best practices and who remains susceptible to attack.
  • Monitor:
    Monitor your domain, and personal accounts of key executives, for future issues and respond accordingly.

Next Steps

Your best next step is to contact us (email or web) to

  1. Request a detailed Dark Web Scan
  2. Discuss security education and testing services
  3. Setup on-going monitoring for your domain

 

 

EFail Flaw: Encryption Alone Does Not Protect Your Email

Email EncryptionAs reported last week by eWeek and others, researched found two flaws that allow hackers with access to email accounts to read emails encrypted with OpenPGP and S/MIME.  This is significant for two reasons:

  1. These standards are available for us in almost every email client
  2. Budget-conscious users often relay on public-domain or free tools to use OpenPGP or S/MIME for email encryption

As noted in the eWeek article, 23 of 35 email clients tested as of the publication date were vulnerable.  While the actual risk from EFail is currently moderately low — hackers need access to the encrypted emails before they can exploit EFail, the rate of identity compromise is on the rise. Secondary threats, such as EFail, will become a more prominent form of attack in the future.

Free Encryption Solutions Often Lack Sufficient Protection

Robust email security and encryption services include features, such as validation of digital signatures, that ensure the integrity of encrypted email messages.

Furthermore, solutions, like ZixEncrypt, control both ends of the encryption process, so any messages (with or without S/MIME encrypted attachments) with an invalid or missing digital signature get bounced. Integrity checks prevent the delivery of compromised messages, thereby preventing exposure.

As you face an increasing need to secure email communications, the robust features in services like ZixEncrypt create a value proposition most businesses cannot and should not ignore.


Contact us for more information about email security, encryption, and compliance.


 

What is Slowing Down Your Internet? 5 Things Hurting Your Connection Speed

what could be slowing down your internet speed

Bad WiFi service frustrates employees, hurts productivity, and can send customers to your competitors. Even if you use your wireless access point (AP) vendor’s management tool, there are still things that may be hurting your WiFi service quality or slowing down your internet speed without your knowledge. Read on below to learn about network connectivity, and the top five issues we usually see slowing down your internet speed.

Here are five thing that are likely slowing down your internet speed

  1. Network traffic actually transmitted over the air:
    APs know that they attempted to transmit data to a client, but cannot detect if a malfunction prevented transmissions.  Wireless access points cannot detect their own transmission problems, such as dropped packets, chatter, and jitter.
  2. Clients consuming channel bandwidth that are not connected to your infrastructure:
    Not every device using channel bandwidth connects to your network. These devices often interfere with connected traffic, hurting performance for others.
  3. Misconfiguration within your infrastructure:
    APs cannot self-detect if they are configured improperly or if neighboring APs are creating interference. APs are not clients on the network, so they can only see what they transmit and what they receive.
  4. Clients connected to APs not managed by your AP controller:
    While your AP management tool may identify unmanaged or unauthorized APs on your network, they cannot detect or analyze clients connected to those APs and/or the impact these unmanaged devices have on your WiFi performance.
  5. Interference from devices and networks outside of your control:
    Vendor AP management tools are built to manage the vendor’s APs. These tools do not identify or analyze neighboring networks that interfere with yours. Bandwidth and channel conflicts go undetected and unresolved.

Your vendor AP manager misses these issues because your APs are not WiFi clients.

How to Fix Slow WiFi Speed

The best way to monitor and manage WiFi performance and reliability is to place a passive sensor client in your environment.  Unlike expensive WiFi assessments of the past, done by on-site technicians lugging around specially equipped computers and meters, innovative services like the Wyebot Wireless Intelligence Platform™ (WIP) give you a plug-and-go solution for about 1/10th the cost.  WIP is a vendor agnostic tool that can see and monitor your entire WiFi environment, analyze and prioritize issues with alerts, make knowledge-driven solution recommendations, and provide remote network testing tools.

Tools like Wyebot help you ensure your WiFi network best serves your business.


Please download our eBook, Understanding WiFi Quality, for more information, or contact us to arrange an initial WiFi Assessment.


 

WiFi Quality is About the User Experience

WiFi QualityAn ever increasing number of businesses are learning that WiFi is more than a convenient network connection.

  • Restaurants, bars, and coffee shops that want patrons to linger and spend more lose business when customers can’t check the score, answer an email, or scan their social apps.
  • When your mobile app doesn’t work in your establishment because of poor WiFi service quality, your patrons go elsewhere.
  • WiFi quality influences which conference rooms get booked, where teams choose to huddle, where individuals choose to sit and work, and where people choose to socialize.

WiFi service quality is becoming a competitive factor that can help or hurt your business.

Most network managers rely on vendor management tools to monitor and control their wireless Access Points (APs). These tools provide basic statistics on traffic volume and patterns.  The more sophisticated solutions provide cool looking color-coded heat mats that overlay WiFi signal strength onto blueprints of your business. Some tools even use APs to triangulate users’ locations within their business.

What vendor AP management tools do not show you, however, is the client experience. You can have great WiFi signal coverage, but applications time-out if client devices experience too much interference. Your network may be setup to support a high density of users, but if clients end AP-hopping for signal strength, management overhead can cripple performance.

To understand WiFi quality: Understand the user experience.

By definition, your Access Points are not and cannot be clients on your WiFi network. The data your APs gather represents only what goes in and out of (or is simulated by) each Access Point. WiFi clients will see your network performance and reliability differently than your APs.

Think of it this way.  A chef creates a new signature dish. The chef knows that she’s used the best, freshest ingredients. The chef has sampled dozens of variations to get the taste just right.  The chef believes that this her best new meal ever. Even so, a few, many, most, or all customers may not like the taste, texture, or presentation of the meal. Fortunately, WiFi quality and reliability is not subject to personal taste and preferences; WiFi service quality is determined by the client experience.

The only way to understand, monitor, and manage WiFi service quality is to monitor your network from a client.

Historically, this has meant expensive service engagements in which technicians bring in monitoring and analysis systems for a “point in time” assessment. These assessments, which can cost thousands of dollars and only capture one point in time, are beyond the budget of most small and midsize businesses and schools.

New solutions, however, provide vendor-agnostic analyses of your WiFi network using passive sensor WiFi clients, prioritize identification of service issues, and offer knowledge-driven recommended solutions.  With the Wyebot Wireless Intelligence Platform™ (WIP), for example, in most instances we can provide periodic WiFi Assessments for less than 1/10th the cost of a traditional assessments. Ongoing monitoring becomes affordable for nearly all businesses and schools, the the added value of historical data analysis, real-time alerts, and remote network testing.

If your business relies on WiFi, you can now afford to make sure your WiFi network is reliable and performs well.


For more information, download our eBook, Understanding WiFi Quality, or contact us about arranging an initial WiFi Assessment.


 

Echo of Non-Compliance

Everyday, we hear about new ways we can use our smart speakers. Retailers, radio stations, product companies, and others remind us that we can use our Amazon Echo or Google Home to buy, listen, or learn. The term “smart speaker”, however, is misleading.  These are microphones and they are always listening. They are also likely recording everything they hear.

If you are covered by HIPAA or other privacy regulations, do not talk about protected information within earshot of Alexa.

This warning stems from a 2015 murder case in Arkansas. Believing that the Amazon Echo may have “heard” a murder, the District Attorney subpoenaed any recordings that Amazon may keep from the device. Amazon fought the decision on First Amendment and privacy rights, not by claiming that it was not recording. Amazon did not deny having recordings.

The issue for data privacy compliance is that your smart speaker may be listening to and recording conversations you have about protected information.  Allowing this is a violation of HIPAA and other regulations protecting personal identifying information (PII).

When is your Amazon Echo recording?

The short answer is: we are not sure, but maybe always.

Looking at the Alexa Terms of Use, Amazon tells us “Alexa streams audio to the cloud when you interact with Alexa” and “Alexa uses recordings of your voice to create an acoustic profile of your voice characteristics.” Alexa use is also covered by the Amazon Privacy Notice, which states, “We receive and store any information you enter on our Web site or give us in any other way.”

While Amazon tells us they are recording your “Hey, Alexa” commands, the Terms of Use and Privacy Notice are a bit more ambiguous. Neither document tells us that Amazon records only when listing and processing commands. Nor do the policies limit Amazon’s recording to those commands. We do not know, for sure, when Amazon is not recording what it hears on your Echo.

Better Safe Than Sorry

When speaking about sensitive or protected information, stay away from your “smart speaker” or manually mute the device.


One more thought:  Ever notice how after certain conversations, you see ads on Facebook related to the topic discussed?  Unless you turn off microphone access, Facebook is using your phone to listen to your conversations, analyze what you say, and profile you. Letting Facebook listen is another potential HIPAA and PII breach.


 

Team Drives Launches for G Suite Business, Enterprise, & Education

Google DriveMost file storage solutions weren’t built to handle the explosion of files that are now created and shared in the cloud — because they were initially designed for individuals, not teams. With this amount of shared data, admins need more controls to keep their data safe and teams need to feel confident working together. Team Drives deliver the security, structure and ease-of-use enterprises need by making it easy to:

  • Add new team members. You can manage team members individually or with Google Groups and give them instant access to relevant Team Drives.
  • Keep track of your files if a team member leaves. Team Drives are jointly owned by the team, which means that anything added to Team Drives stays there no matter who comes or goes. Whirlpool Corporation, for example, uses Team Drives to manage file access. Says Troy McKim, Collaboration Principle at Whirlpool Corporation, “If you place files for a project in Team Drives, you don’t have to worry about losing them or moving them when files are re-owned.”
  • Understand and manage sharing permissions. Team members automatically see the same files regardless of who adds or reorganizes them. You can also manage share permissions by defining the restrictions for editing, commenting, reorganizing or deleting files.
  • Manage and view Team Drives as an admin. Admins can see Team Drives for a user and add new members if necessary: “Team Drives also ease the speed at which a team member can onboard and become effective in their new role,” says McKim.

Team Drives are now generally available to all of our G Suite Business, Education, and Enterprise customers.

3 More Reasons You Are an Easy Cybercrime Target

Cyber AttackLast week, we gave you three reasons why you, as a small or midsize business, are a viable and desirable target for cyber criminals.

If those reasons don’t give you enough reason to act, here are three (3) more reasons SMBs, and you, a target for cyber criminals…

SMB data is increasingly networked

  • All of your systems — databases, email, documents, marketing, point-of-sale, and more — are likely running on a single network.
  • Access to one of your systems can lead to access to others. Target’s POS system was hacked using a security flow in the HVAC monitoring system running on the same network.
  • Moving data and systems into secure cloud solutions, and segregating network traffic minimizes the cross-over risk.

SMBs are using consumer products for business data

  • Consumer grade services are often more affordable, but often lack the security and data protection features of the higher-priced, business versions.
  • Separate work and home and use solutions designed for business, and, make sure to configure the security and privacy setting accordingly.

SMBs are often lax when it comes to security

  • Many small businesses operate in an environment of trust; people know and trust one another. This trust can be exploited by a disgruntled employee or an outsider.
  • Keep user identity management and passwords private and secure; Manage administrator and “super user” passwords so that they are unique, complex, and secure.
  • Keep servers and systems with sensitive data/access secure; enforce screen locking and passwords.
  • Educate your staff on security risks and behaviors.

 

Taking cyber security seriously is the first and best step in protecting your business, employees, and customers. Protection need not be overly complex; nor must reasonable protection be a budget busting expense. Reasonable measures balance cost and security.


Interested in ensuring you are protected, contact us for a free Cloud Advisor Session, or learn about our data protection solutions and our privacy solutions.