Posts

Be Able to Recover

Backup Man
Accidents will happen. And while accidents that damage or destroy data are more common, malicious attacks will happen as well.  The rate of ransomware is on the rise and large companies are not the only targets. Whether by phishing attack, advanced persistent threat, or other means your company is seen as having data valuable enough to extort a ransom, you are a target.

In short, if you are reading this, you are a potential target.

While improving your endpoint protection and educating users can greatly minimize your risk, no malware solution can provide you with a guarantee against ransomware. So, if you are hit, you need to be able to recover.

For your on-premise systems, you most likely have a backup/recovery solution. In the event of ransomware, you can delete the encrypted files and restore from a point in time prior to the attack. Yes, you lose data, but a solid backup plan can minimize the loss and the impact.

Your cloud data needs the same protection. You want the same recovery process.  

Traditional and cloud backup services can be installed and connected to cloud servers in much the same way as they work for on-premise servers. For cloud file services, like Google Drive and Microsoft OneDrive, traditional backup solutions will not work as they cannot connect to the service. The same holds true for data in SaaS applications like Salesforce.com.  You need a specialized solution.

Our Recommendation

For most of our Google Apps and Microsoft Office 365 clients, we recommend Backupify as our preferred solution for several reasons:

  • Multiple backups per day for some or all users
  • Unlimited backup space
  • Unlimited backup retention
  • Multiple admin accounts with delegation
  • Powerful search
  • Fast restores
  • The ability to archive data for past users (Google Apps)

Our Offer

Try Backupify for free for 21 days. If you like what you see, we can save you money on license and support.  If not, we discontinue the service.

Interested? Let us know.

Upgrade Your Endpoint Protection


Most malware and virus protection takes the form of an endpoint protection solution that resides on each PC or Mac. As the system accesses files, the content is compared against a database of malware profiles. These types of solutions are failing more frequently as the number of malware variants skyrockets and the threats get more sophisticated.  Detecting malware depends more on analyzing file behavior patterns than it does the file content.

Cloud-based Alternatives offer Better Solutions

Traditional endpoint protection software is limited by the local device resources and the need to minimize performance degradation.  Instead of using a database with megabytes or gigabytes of information, cloud-based solutions compare file content and behaviors against terabytes of information, improving accuracy and dramatically reducing risks. The footprint on the endpoint can be significantly less, avoiding the performance impact of most endpoint protection software. Cloud-based endpoint protection solutions offer the ability to protect users across devices — PC, Mac, iOS, and Android — through a single system and management console.

Leveraging a cloud-based endpoint protection solution can improve your protection against current and evolving risks, at a more cost-effective price.

Our Recommendation

We recommend Webroot SecureAnywhere as our preferred solution for several reasons:

  • Webroot is better at catching behavioral malware, such as ransomware
  • Webroot can coexist or replace your current endpoint protection solution
  • Webroot can protect individual devices, or users across multiple devices and device types
  • Webroot has a small, secure footprint that does not create performance issues

And, we can offer you Webroot SecureAnywhere for 25% off the published price. Learn More.

Our Offer

Try Webroot SecureAnywhere for free for 21 days and let’s see if your current solution is missing any risks. If you like what you see, we can save you money on licenses and support.  If not, we discontinue the service.

Interested?  Let us know.

Security Alert: New Malware Wipes Hard Drives to Prevent Detection

computerkey
As first published on ZDnet’s Zero Day Blog, Cisco System’s Talos Group has identified a new strain of malware that will render systems useless to avoid detection and analysis.

Named as the Rombertick strain, the spyware collects data on everything a victim does online, indiscriminately, without focusing on specific areas such as online banking or social media.

Most concerning, however, is the Rombertick’s built in defenses. If the virus detects that it is being analyzed it will attempt to overwrite the Master Boot Record, rendering the PC inoperable. If that fails, the virus will destroy all files in a user’s home folder by encrypting each file with random keys.

In short, once infected, it is nearly impossible to remove without rendering you PC useless.

As Rombertick infection rates are still low, the best protection is good security practices:

  • Make sure you anti-virus software is up to date and switch to (or add) a cloud-based AV solution with continuous updates.
  • Do not click on attachments from unknown senders
  • Block email attachments that include executable scripts or code

While these steps are helpful, a defense-in-depth approach is best at identifying and preventing malware, particularly for viruses that are designed to evade detection.


If you would like to verify the robustness of your anti-virus protection, we can add a cloud-based layer of protection at no cost for a month and help you analyze your results. Contact us for additional information.

Click these links to learn more about our Webroot solutions and additional data protection and security solutions.


 

Ransomware Still Crippling “Protected” Networks

cyrptovirus
The rate of infections from crypto-viruses and other ransom-ware continues to rise. Even networks with traditionally strong malware protection are getting caught.

And while with good backups in place, it is possible to recover without paying the ransom, the process time consuming, frustrating, and expensive.

We outline the reasons for the broad failure of anti-virus/malware protection software in this prior blog post, providing 5 failings of most antivirus solutions.

Now, we are offering a risk-free way to assess if your malware protection is up to par.

The Offer

We will install Webroot Secure Anywhere Endpoint Protection, a cloud-based malware protection service that avoids the 5 failings of other solutions, at no cost for 30 days. Based in the cloud, Webroot will not interfere with your current protections.

At the end of the 30 days, you will see what malware, if any, was caught by Webroot that your existing solution has missed.

If your existing solution is not up to par, and you want better protection, we can activate a full subscription to Webroot for you $18 per year per device or less (more than 25% off).

Simply contact us if you are willing to see if your protection is enough, or if you would like more information.

5 Reasons a Crypto Virus May Ruin Your Week

Most businesses run some form of malware protection on their servers, desktops, and laptops. And yet, crypto viruses like cryptowall and cryptolocker still hit these “protected” networks.

Here are 5 reasons your virus protection may fail when it comes to crypto viruses:

1) Limited Virus Profiles

Most anti-virus systems run locally on each device. They compare file changes with patterns related to known viruses as a means of identifying malware. The pattern, or definition, database, however is typically only a few GB in size. With this limitation, it is impossible to detect the many variant forms for viruses.

2) Periodic Virus Updates

Most locally installed anti-virus systems update periodically by connecting to a local distribution server or the anti-virus software vendor’s servers.  Because updates are not real-time, there can be a gap of hours or even days between when your system is unable to detect new viruses or variants.

3) Behavior Analysis

Chances are good that your anti-virus software has some intelligence or heuristics that identify behaviors as likely malware. Chances are equally good that this analysis is triggered by file actions. Few anti-virus solutions monitor systems for virus-like behavior (such as an application rapidly opening and closing files) that are not triggered by user action.

4) Quarantine instead of Rollback

Most anti-virus solutions quarantine files that have known viruses or are likely to be infected. With crypto viruses, however, quarantining the file with the virus does nothing to protect or recover the files that have already been encrypted.

5) Device-Specific

Most anti-virus solutions focus on PC and MAC platforms. But what happens when a virus is saved on a mobile device syncing with your server?

Fortunately, you do have options. Cloud based anti-virus solutions can overcome all five of these limitations. We offer a cloud-based solution that:

  • Has a virus definition database over 2 TB (2,000 GB) in size
  • Updates instantly and continuously when devices are connected to the Internet
  • Analyzes behavior of the system and processes, not just those triggered by human action
  • Will rollback suspicious activity, undoing damage before it can spread
  • Has available protection across MAC, PC, Android, and iOS platforms from a single web-based console.

Here’s your Challenge

As a cloud-based solution with a minimal local footprint, we can install our service without interfering with your current anti-virus software.

Let us install a 30 free, no-obligation trial and see for yourself if your current anti-virus solution is giving you the protection you want or need.

To learn more about your options, or to request a trial, contact us today.

 

 

 

USPS Data Breach: What SMBs Can Learn


As a small or mid-size business, you probably do not worry about hackers and data breaches. Your information is safely stored in-house or in a secure cloud service.  You do not have trade secrets or intellectual property coveted by foreign governments or industry. You accept credit cards, but those transactions are processed, saved, and secured by the credit card processor … you do not even have credit card numbers in your files or systems. It is not unreasonable for you to think that you are not a data breach target.

You are wrong.

The recent data breach at the US Postal Service should, however, serve as a wake up call. Hackers breached USPS systems not for customer data or credit card information; the hackers stole HR records for hundreds of thousands of postal employees and retirees (customer data was just a bonus). And, while the hackers were not able to go on an immediate debit-card spending spree, they captured all of the data necessary to steal identities — names, addresses, social security numbers, and more.

Regardless of your size, any personally identifiable information in your possession is an incentive for criminals. And you don’t need to be big to be caught. A stolen laptop, compromised account, or lost USB stick can enable data breaches in systems you think are secure.

Malware is the inbound marketing tool for hackers and identity thieves. 

When malware spreads, it makes its way onto business computers that the hackers may never have known existed. Malware often sits in wait, capturing passwords or other information and communicating the information to servers half way around the world. Hackers can then use this information to assess the value of the target and to gain more access to even more data. Hackers may also sell this information to other criminals.

Your business needs protection in place, and awareness of the scope of the problem is the first step.  Permissions monitoring and management, web filtering, device protection, endpoint protection, mobile device management, and user data protection may all be components of your solution.


Please contact us for a complimentary review of your current data protection coverage.

 

How eBay Can Destroy Your Business


eBay is putting your business at risk … and not in the way you might think.

This is not about lost productivity, eBay stores, or your merchant account. This is about eBay letting hackers attack your computers.  This is about hackers using eBay to steal usernames and passwords, employee data, and customer data.

As reported by ComputerWorld, eBay is under attack by security professionals for allowing “active content” in ads, which allows hackers to create listings and fake pages with malicious code.  Over 100 eBay listings have already been found to include malicious code designed to steal usernames and passwords.  Many of these listings were hijacked from sellers with 100% ratings and years of successful sales, creating a false sense of trust.

Employees shopping during their lunch break can unwittingly open up your corporate network to hackers, enabling theft of personal and customer information.

While eBay promises to monitor and assess the situation, one simple fact remains:

Even trusted web sites from major corporations can be compromised and pose a threat to your data … and your business.

While preventing people from using the Internet is an option, it is not a realistic option in today’s world.  Active protection is your best option.  Web filtering solutions not only block known malware sites, these services examine the code, content, and behavior of sites for malicious activities like those embedded in the corrupted eBay listings.  Combined with solid endpoint/user protection, you can defend your staff, your data, and your business from attack and data loss.


Web filtering solutions cost less than $3.50 per user per month with an annual contract. Please contact us to learn more or request a quote.

Click these links to learn more about Security Threats and Web-based Malware.

 

 

5 Security Threats SMBs Should Not Overlook: Malicious Web Sites

Security Puzzle
As more services move into the cloud, users bring their own apps to their work environment, and we see more integration and interconnect between systems, the nature security risks and threats are changing.  

This blog series looks at some of these threats, why the should be of concern to SMBs, and how SMBs can mitigate the risks.


Many small and mid-size business owners look past security threats in the belief that their businesses do not have trade secrets or other information coveted by hackers.  This view is naive.  Small businesses are ripe for attack because they often have personal, credit, or medical information about their customers and their employees.

Your business may at risk even if you are not a deliberate target. Hackers and thieves cast wide nets to capture personal information for identity theft. For identity theft, your business IT is no different than home computers.

Many businesses respond that they have security in place.  A well managed firewall, a big name malware suite that updates periodically, and spam/virus protection for their email service.

Unfortunately, users are 20 times more likely to suffer a malware attack from a corrupted web site or a phishing attempt then through the “traditional” means of email and file transfers. While traditional malware tools may catch these types of attacks, web-based malware often behaves more like acceptable code.  The recent outbreak of “crypto locker” malware, which encrypts your data and holds it for ransom, is an example of just how ineffective traditional malware prevention alone can be.

The overlooked solution to closing the web-enabled malware threat is known and simple: web filtering.  Web filters not only track sites known to be risky, insecure, or containing malware, they analyze web traffic and behavior in real-time, identifying sites that may be compromised, including those hacked without the site owner’s knowledge.

For most SMBs, adding web filtering to the ecosystem is an affordable increase in IT spending, typically less than $3.00 per employee per month.   Given that a single malware event can take 20 to 60 hours to mitigate at a cost of thousands of dollars, web filtering is a value-add component for most IT ecosystems.


Cumulus Global can assist in selecting a web filtering solution for your business.  Please contact us, or complete the form below, for more information.

Lots of Bots; Not so Many People on the Internet?

bot-traffic-report-2013
As recently reported by CloudTweaks, a recently published analysis tells us that only 38.5% of Internet traffic is from humans.  The rest is from Bots — good and evil.

Good Bots are primarily search engines and data aggregation services.  These represent 31% of Internet traffic.  This leaves 30.5% of traffic originating from Bad Bots.  

What are the Bad Bots?

  • Scrapers: These bots scrape web sites, capturing text to steal email addresses for spam purposes or to reverse-engineer pricing and business models
  • Hackers: These bots break into sites to steal credit card data or inject malicious code
  • Spammers: Email addresses are the target for these Bots, enabling billions of useless and annoying email messages and inviting “search engine blacklisting”
  • Impersonators: These bots specialize in intelligence gathering, DdoS attacks and bandwidth consumption

The result?  Web sites, email systems, and other online activities should be secure.  Our defenses must continue to evolve and all technology users should have a basic understanding of the threats at hand.

Focusing on protecting users and data, rather than devices, creates a mindset that enables a more integrated approach and solutions.

Contact us to explore solutions that fit your business and budget.

A New Approach to Protection

Security Key
One of the challenges in today’s world is that malware can come from anywhere.  Traditionally, viruses and other malware travelled by disk or thumb drive.  As our desktop protections improved, malware appeared in infected files attached to emails, or spam.  Today, malware is more likely to come from a web site you visit — even legitimate sites have been hacked — than anywhere else.

Additionally, malware targets every platform.  Once thought immune to viruses, MACs face some of the same risks as PCs.  Our smartphones and tablets, running iOS and Android, are also under attack with malware built specifically for those platforms and the information they often hold and access.

The problem with protecting all devices, is that we have historically needed a solution for each platform.  For those with laptops, smartphones, and/or tablets, as many as three solutions may be needed — each with purchase and subscription costs as well as administrative time and costs.  Additionally, historical malware protection focuses on infected files and malicious code on each device … even though the web is the greatest source of danger.

Looking forward, we need a better way!

Instead of working to protect devices and data, let’s focus on protecting the users.  Let’s offer protection through a single system across all devices.  Let’s offer protection that not only looks for traditional viruses and malware, but prevents malicious code and activities from hacked web sites.  Let’s deploy a solution that works with they way our users work — on smartphones and tablets, as well as PCs and MACs.  And, let’s do this without breaking the bank.

Does such a solution exist?

YES!  And, we are launching it soon.  Fill in the form, below, for pre-launch information and pricing.