Posts

Cyber Protection Solutions for SMBs

Data protection iconAs our businesses become even more reliant on technology and cloud services, the frequency and sophistication of cyber attacks continue to accelerate. Your Cyber Protection 

Cyber Protection Needs

We need our businesses — and our people — to be aware, protected, and able to recover.

At Cumulus Global, our CPR model maps the necessary components of cyber security into three areas.

  • Communicate & Educate
    • Ensure you team understands the risk, educate them so they can avoid falling prey, create a culture of security and data privacy.
  • Protect & Prevent
    • Leverage advanced and “next gen” technologies to prevent attacks and to protect your networks, systems, data, and people from attacks.
  • Recover & Respond
    • No system is perfect; make sure you can recover your data and systems, return to normal operations, and respond to the technical, legal, and communication challenges.

Successful Cyber Protection relies on your policies and procedures, technologies, and people working in sync. Across more than a dozen focus areas, you need to balance the level or protection you need with the costs and with the risks of not doing enough. You need to balance external requirements, such as government and industry regulations, with internal priorities.

Your Cyber Protection Solution

To design and implement an affordable, integrated, and effective cyber protection solution for your business, start with a Cyber Protection Assessment (CPA).  A CPA will assess your needs, within the context of your business, and preferred solutions across 15 areas of focus:

  • Written Information Security Plan
  • Patches and Updates
  • Email Encryption
  • Data Destruction
  • Background Checks
  • Written Information Response Plan
  • Antivirus and Intrusion Detection
  • Email and Web Security
  • Account and Identity Management
  • Employee Training
  • Firewalls
  • Backup / Continuity / Disaster Recovery
  • File Encryption
  • Network Access Security
  • Responsible Parties

Using the results of the Cyber Protection Assessment, you can plan and implement your levels of protection in each area to create the balance that is best for your business.

Next Steps and Resources

Your best next step is to contact us and discuss your cyber protection status and needs with one of our Cloud Advisors. Consider using our Cyber Protection Assessment to understand your needs, current protections, gaps, and priorities.

Related Resources:

4 More Protections for Your Business

Data protection iconIn our last blog post, we identified 3 must-have protections for any business using Google Workspace or Microsoft 365.

  • Backup/Recovery
  • Advanced Threat Protection
  • Multi-Factor Authentication

In combination, these protections help prevent successful attacks and give you the ability to recover should an attack be successful.

Here are 4 more protections for your business

Putting these protections in place improves your ability to prevent attacks, and your ability to survive.

1 Next-Gen Endpoint Protection

Basic anti-virus protection is not enough. Scanning files for known or similar patterns will not protect you from modern malware or ransomware.

Next-Gen Endpoint Protection solutions use advanced heuristics, behavior analysis, and machine learning to assess threats in real-time.  These solutions identify attacks, prevent them from running, and roll-back damaging activity.

2 DNS and Web Protection

Cyber attacks are not all breaches. Attackers can use DNS to block your use of the Internet or to impersonate you and your business. Both types of attacks hurt your business and your reputation.

Between 15% and 20% of malware is downloaded without your knowledge from websites. This malware is often hidden in third party content on websites your trust.

DNS protection creates a protective barrier that prevents others using your DNS service against you. Web Protection blocks dangerous web sites and prevents malware downloads to your devices.

3 Employee Communication and Education

Ignorance is not bliss. Employees who know are less likely to make a mistake and trigger an attack or breach. You want your team to understand:

  • The danger of cyber attacks and how to avoid them
  • The likely damage form cyber attacks
  • What to look for
  • What not to do

Employee communication and education is key to creating an aware and resilient team. Combined with testing and guidance, a communication and education program reinforces positive behaviors with on-going guidance and support.

4 Business Continuity for On-Premise Systems

Most small and midsize businesses still have some on-premise systems. The connectivity and integration across systems creates an increased risk for damage and loss. Even with backup/recovery in place, restoring systems, databases, applications, and data can take days. You want, and need, to be back in business quickly — in minutes or hours.

Business Continuity/Disaster Recovery (BCDR) solutions enable you to resume operations within minutes using images of your systems running in cloud data centers. With BCDR in place, your business runs smoothly while you recover your on-premise systems.

Failing to protect your data and systems is a failure to protect your business.  Contact us for a free assessment of your data and business protection needs.

3 Must-Have Protections for Microsoft 365 and Google Workspace

Data protection iconMicrosoft 365 and Google Workspace protect your data using a shared responsibility model.  They provide redundancy and backup to ensure your service is performing, available, reliable, and secure.  You are responsible for controlling access, managing permission, and protecting your data from loss.

Here  are 3 Must-Have Protections for your Microsoft or Google Cloud Services

 

1Backup Protection for your Data

Data in the cloud is just like data stored on local servers and workstations. Information in in Microsoft 365 or Google Workspace can be lost due to accidents or malicious acts.

  • User action — overwrites and deletes — can destroy content and files, whether accidental or deliberate.
  • Malware and ransomware corrupt files that sync to OneDrive, SharePoint, and Google Drive, can damage or delete your files.
  • Integrated third party apps can damage or delete information.

You need, and want, the ability to restore files, emails, contacts, and other information. A secure backup/recovery solution protects your data, and your business.

2Advanced Threat Protection

Cyber attacks come in many forms. The most common and most effective attacks still use email. Cyber criminals use behavior science and advanced phishing techniques to access your systems, collect personal information, steal data, and ransom your business.

Advanced Threat Protection (“ATP”) is more than “spam and virus protection.” ATP uses machine learning, advanced analytics and heuristics, and behavior analysis to identify and prevent cyber attacks from reaching your inbox. Methods like sandboxing safely test links and attachments before delivery.

Even an educated and aware team can and will fall prey to attacks. Prevention is key.

3  Multi-Factor Authentication

Your team members are human. While they may understand and respect the need for robust and unique passwords, human nature always tries to balance convenience.  Studies show that 70% of us will use the same, or substantially similar, passwords across systems. A hack or breach in a third-party tool poses a significant risk to your employees’ work identities.

A compromised identity does not enable access when you have additional authentication steps. Authenticator apps, dynamic security codes, and security tags/fobs each add physical verification to your digital access.

With cyber attacks on the rise, better protection is worth the minor inconvenience of multi factor authentication. Multi factor authentication delivers one of the best protections against breaches and unauthorized access.

Failing to protect your data in Google Workspace or Microsoft 365 is a failure to protect your business.  Contact us for a free assessment of your data and business protection needs.

Customer Notice Update: Email Advanced Threat Protection

Data ProtectionGiven the demand and need to improve your protection from the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks we are extending the Advanced Threat Protection Priority Opt-in discount period through March, 2020. We understand that adding a service, even a critical service, impacts your budget and costs. Our Priority Opt-In discounts, and other measures (see below), intend to minimize the impact.

Email Advanced Threat Protection (ATP) and Multi-factor authentication (MFA) are necessary, baseline services for protecting your business

Beginning April 1, 2020, we require Advanced Threat Protection for all of our customers’ email service, unless you specifically opt out. Opting out is appropriate if you already have an advanced threat protection service in place.

If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

  • ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription.
  • We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
  • MFA implementation is covered by our support plans as an administrative change.  If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
  • For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers.  We also understand the importance of these protections.  Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Customer Notice: Email Advanced Threat Protection

Data Protection

(Updated January 20, 2020)

We continue to witness the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks on our customers.  The recovery cost and frequency of attacks are increasing at alarming rates. The average cost for a small or midsize business (SMB) to fully recovery from a cyber attack has increased to between $145,000 and $180,000. This includes loss of direct business, remediation costs, damage to reputation, and employee downtime.  At the same time, the number of ransomware attacks so far in 2019 has doubled when compared with the same period in 2018.

As a managed cloud service provider, you have heard from us that you “should” have more protections in place. Our position is changing: these protections are a “must”.

Multi-factor authentication (MFA) and email Advanced Threat Protection (ATP) are necessary, baseline services for protecting your business. 

Beginning April 1, 2020, we will require and will begin adding Advanced Threat Protection to all of our customers’ email service unless you specifically opt out. If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

  • ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription.  We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
  • MFA implementation is covered by our support plans as an administrative change.  If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
  • For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers.  We also understand the importance of these protections.  Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Cyber Protection: Time for New Best Practices

Best PracticesAccording to a recent survey* of IT service providers, ransomware attack downtime costs 23 times more than requested ransom. The average ransom for small and midsize businesses (SMBs) victims jumped 37% to $5,900 from 2018 to 2019.  The average cost of ransomware downtime jumped from $46,800 to $141,000, and increase of more than 200%.

To add to your concerns, SMBs fall victim to cyber crime and ransomware attacks even when they have traditional antivirus, email/spam, ad/pop-up blockers, and endpoint protection in place.  67% of IT service providers report their SMB customers fall victim to phishing emails; 30% report that most customers still rely on weak passwords and access management.

Traditional cyber security solutions are no match for many cyber attackers. We need a new approach to ransomware, with business continuity at the core.

Using business continuity as a guiding principle drives new best practices for preventing and responding to cyber security attacks. With a business continuity mindset, you focus on what is needed to keep the business running, and how quickly you can “return to operations”.  When we discuss business continuity, we understand that we need to take steps to prevent disruption, mitigate the scope of potential disruptions, respond effectively when disruptions happen, and have the systems and processes in place to recover quickly.

For over a year, we have promoted and refined our CPR model:

Communicate and Educate: Involve everybody in the solution by educating your team on the risks, how to spot and report fraudulent content, and how their behavior can prevent or help an attack.

Protect and Prevent: Implement multi-layer, multi-vector protections that focuses on your people (identities), data, applications, and systems. Our data, our businesses, no longer sit comfortably hidden in a computer room behind a firewall.

Respond and Recover: No defense is perfect. Have services in solutions in place that let you recover and return to operations within a time frame that protects the health of your business. More than getting data and systems back on line, put in place the forensics, legal, public relations, and customer service resources you will likely need in a cyber attack emergency.

Time for Action

Here are 10 Actions you can initiate today to improve your cyber protection:

  1. Ensure your computing environment is protected across multiple attack vectors: Identity, Endpoints, User Data, Cloud Apps, and Infrastructure.
  2. Deploy multi-factor authentication, advanced threat protection, next-gen endpoint protection, and DNS/web protection across your ecosystem for a comprehensive baseline or protection.
  3. Encrypt your data at rest and in transit.
  4. Educate your team on the risk and how their actions can impact the business.
  5. Actively manage your cloud and “as-a-Service” subscriptions, standardize on-boarding and off-boarding of staff and contractors based on role, application needs, and appropriate access to data.
  6. Understand how your team uses your business and unauthorized (“shadow IT”) applications and services.  Reign in shadow IT by ensuring your business systems provide staff with the necessary capabilities.
  7. Test your staff’s behavior related to cyber attacks and follow up with additional coaching and guidance. Discipline and, if needed, terminate those who are unwilling or unable to adapt to the current realities of behavior and risk.
  8. Upgrade from data backup/recovery to a business continuity solution that will get you up and running in minutes or hours, instead of days, should an attack get past your defenses.
  9. Arrange in advance for the legal, forensic, PR, communications, and customer service resources you need to respond to an attack with a potential or actual data breach.  Prepaid breach response services give you nearly instant access, reducing your risks and liability while bundling in baseline cyber insurance coverage.
  10. Get cyber insurance, either a baseline policy bundled with Breach Response services and/or a fully underwritten policy from your business insurance provider.

Please contact us for more information about your cyber protection, available assessments, and solutions. We are happy to schedule a free, no obligation Cloud Advisor Session.

* Global State of the Channel Ransomware Report. Datto, Inc. Oct. 2019.


 

Manufacturers Beware: Attacks on Industrial Equipment are on the Rise

Automation Cyber SecurityWe have seen the issue ourselves: A malware attack crosses the bridge from your network PCs to the controllers in your industrial machines. Your shop floor comes to a halt until you can recover. The effort is painful as you deal with embedded and stand-aside controllers running out-dated versions of Windows, limited network options, and compatibility issues.

The risk is so great, that ZDNet is reporting that the world’s largest and most well-known hacking contest, Pwn2Own, will focus on software for industrial equipment.  Reflecting the reality of current threats, the sponsoring organizations and the “white hat” hackers themselves see an urgent need to bring the issue of protecting your industrial equipment to the forefront.

Fortunately, best practices can help protect your operations.

While it is not always possible to protect your industrial equipment with “next gen” endpoint protection, you can take steps to protect yourselves from potentially devastating attacks and accidents.

  • Segregate
    • The network on which your production systems run should be physically or logically separate from other networks — office, voice, etc. — running in your business.
  • Isolate
    • Unless the equipment needs to communicate with the manufacturer, cloud-based systems, or other locations, the production systems network should not have paths to the outside world.
    • If the equipment needs to communicate externally, setup secure VPNs for all traffic.
  • Maintain
    • Whenever possible, update and maintain your industrial systems to run current versions of the manufacturer’s software and the underlying operating system.  Too many production machines are running obsolete versions of Windows that cannot be secured from attack.
  • Scan
    • Before moving any software or programming to a system, explicitly scan the files for malware.
  • Educate
    • Communicate with your employees about the risks and steps they can take to prevent a cyber attack to your industrial equipment as well as their computers and other devices.

Please contact us for more information or to assess your risk and discuss solutions.


 

Phishing and Spear Phishing

This post is part of our Cyber Threat Series.

The Challenge:

Cyber criminals prefer Phishing attacks. Phishing and Spear Phishing remain the primary vector for Malware attacks. Hackers evenly distribute attacks between two variants: Malicious Email Attachment (39.9%)  and Malicious Link (37.4%).

Leveraging human nature, phishing attacks look and feel like legitimate emails. Recipient often miss the cues that the email is fraudulent. We respond by clicking links to malicious websites, opening pictures or videos with hidden downloads, or opening infected attachments.

Advanced phishing attacks correlate public information from social media and pirated information from compromised systems to further personalize the attacks. These advanced attacks do a better job of hiding the malicious intent. As such, even savvy users fall prey.

What to Do:

The best protection is multi-level and multi-vector:

  • Teach your users about the risks and how they can help prevent attacks. User awareness leads to smart decisions on when to trust and when it’s safe to click.
  • Protect your devices with “Next Gen” endpoint protection. This includes your desktops, laptops, and mobile devices. Phishing attacks are usually platform independent and, therefore, trigger from most any email client or application.
  • Protect your email with an independent advanced threat protection (ATP) service. ATP covers inbound and outbound traffic.  ATP uses pre-analysis and testing of links and attachments for mismatched domains, copycat content, and malicious behavior. This “sandboxing” lets the ATP service block attacks from reaching your inbox.
  • Add a DNS and Web Protection solution to your environment.  Web protection blocks infected or fraudulent web sites, including blocking malware on infected sites we trust. DNS protection prevents hackers from corrupting and using your domain identities.
  • Deploy backup/recovery and continuity services that protect your on-premise and cloud data. Should an attack make it through your protections, you should be able to keep your business running while you clean up the damage.

Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Webcasts

Next Normal: IT Efficiency

3T@3 Webcast Series: Tuesday, Feb 23rd at 3:00 PM

COVID-19 and the events of the past 10 months have, and continue, to change the way we run our businesses.  While some of these changes are temporary, many will become part of our next normal. For many of us, these changes came in a scramble to work from home. With respect to IT, this has many businesses using new, often redundant apps and systems.

Are the IT choices made during the crisis the best for your business in the long term?

This month’s 3T@3 Webcast, is the first in our “Next Normal” series looking at how we adapt, prepare, and respond to economic, social, and business changes.  We start the series exploring “IT Efficiency.”  We see where many small businesses signed on to services in order to adapt to mandatory closures, reduced office capacity, and parents’ need to be present for children learning remotely. Many of these service duplicate features in other systems, resulting in excess cost and lost productivity.  Join Cumulus Global CEO Allen Falcon to identify how you may streamline your IT services, reduce costs, and improve efficiencies.

Watch the recording on-demand



Data Protection & Security

library

15 Best Practices for Cyber Protection

eBook Source: Cumulus Global

As our businesses become even more reliant on technology and cloud services, the frequency and sophistication of cyber attacks continue to accelerate. We need our businesses — and our people — to be aware, protected, and able to recover.

At Cumulus Global, our CPR model maps the necessary components of cyber security into three areas.

  • Communicate & Educate
  • Protect & Prevent
  • Recover & Respond

Policies and procedures, technologies, and people are all part of the equation, as is cyber insurance for financial protection. Deciding where and how to invest is a value proposition balancing costs, benefits, and the risks of inaction. 

In this eBook, we look at 15 Best Practices for Cyber Protection. We rank solutions from “bad” to “best”. Your business may not need the “best” solution for every area; you can match services and costs to your risks and needs. 

These best practices improve your protection, mitigate liabilities, and facilitate affordable cyber insurance coverage.

Please confirm you information below to view and download the eBook.