Posts Tagged IT security

Data Security For Small Business

Businesses of all sizes may use Internet to access and use different computer-based or cloud hosted tools and databases to work efficiently. This makes it important for businesses to have data security as a part of their overall strategy. Small organizations may safeguard their on-premise data by fulfilling these five requirements:

Gathering, categorization, and storage of data

Create a centralized list of various kinds of data collected, collection procedures and storage facilities available and in use. Verify whether the collected data is stored safely and is secured by various authentication mechanisms. Sensitivity of every kind of data varies on the basis of a lot of parameters. Email lists, for example, must be protected, but their level of confidentiality is far lower than that of customer records, such as Credit Card information. By classifying data according to confidentiality and the consequences if their privacy is compromised, you may obtain a sense of what your security program requires.

Law of the land

Depending on your sector of work and your business location, you may be subject to legal compliance
obligations. These are the rules that govern how you get, manage, store, and transmit sensitive data. These
may alter based on your industry, geography, and who or where your customers are. Business owners must
clearly describe the infractions and their repercussions, which must be read and understood by all workers.

Threats and dangers

A risk assessment aids in the discovery of flaws in the security implementation strategy. Determine what forms of personal data are regulated and what efforts are being done to ensure compliance. It’s important to examine the risks that unregulated PII poses to reputation, competitiveness, security, and other factors. From the most likely to the least likely, threat sources are rated. Controlling procedures and precautions are examples of risk management approaches you may apply. Insider threats are sometimes disregarded because they aren’t always carried out maliciously. Negligent behaviors and errors, which are also insider risks, can lead to a data breach or data destruction. The outcome usually costs regulatory fines, reputational damage, and financial loss to the business. Security solutions to protect against both unintentional and intentional insider attacks is a must.

Data retention and disposal

Data is stored and saved by any business for a certain period of time as deemed fit to their business application and compliance requirements. While saving as much data as possible may seem like a good thing, confidential data can become a security risk if left unmanaged. Examine your organization to discover what data may be deleted. Customers who have moved away, or had their service terminated, as well as old personnel data, are just a few examples. People who have asked for their personal information to be removed and data discovered on unused devices or in accounts that have been abandoned. Data, especially PII, accumulates over time, “cleaning your house” can both save you money and reduce your risk.

Policies should be reviewed, updated, and upgraded

Examine your entire security program to determine which safeguards need to be updated. Similarly, make sure you’re using the most up-to-date technology and solutions to safeguard sensitive data. Setting up SOCs and NOCs, as well as developing holistic IT strategies, can help firms stay one step ahead of attackers. As a result of the introduction of new data privacy legislation, your policies may need to be revised. Examine your internal security policies and develop policies that include best-practice security procedures. Maintaining compliance with the SOC2 framework and CIS benchmarks criteria helps ensure the security of the data you store and handle.

Centex Technologies provide data security solutions for businesses. The IT security specialists work with clients to provide customized security solutions for their business. For more information, call Centex Technologies at (254) 213 – 4740.

, , ,

No Comments

What is LockBit Ransomware?

LockBit is a ransomware family that is part of a RaaS (Ransomware-as-a-Service) operation associated with LockerGoga and MegaCortex. LockBit has been seen in the wild since September 2019. The group previously advertised their services on hacking forums. They started advertising an affiliate program as “LockBit 2.0” in June 2021 via their own website on the dark web.

LockBit is initially deployed manually by an attacker that has already gained access to a victim system, but will quickly begin spreading to other systems by itself. The LockFile payload is known for its fully automated attacks and quick encryption. It prevents victims from accessing their files on an infected system by first encrypting the files adding a .lockbit extension to them. It then instructs the victim to pay a ransom in order to regain access to those encrypted files. The malware is capable of automatically spreading to other systems via SMB (Server Message Block) shares and executing PowerShell scripts. Victims regain access to their files by paying the ransom. They then obtain a custom decryptor that decrypts the locked and encrypted files.

This threat group uses a double extortion technique, threatening to release the stolen data if the ransom is not paid. Experts believe LockBit is part of a ransomware cartel involving collaboration between multiple ransomware groups, including Maze and Ragnar Locker.

So, how would you protect yourself from getting infected by the LockBit ransomware?

5 proactive and protective best practices helps you and your firm stay resilient against any cyber attack:

  1. Social Engineering Awareness: The users and employees must be provided end user security awareness training periodically. Organizations can release advisories and suggest best practices. Users must be demonstrated how to identify, block and report malicious emails. They must be able to differentiate between legit and illegit, email senders and user profiles on social media based on a list of Red Flags provided to them.
  2. Credentials policy and 2FA/MFA: Usernames and passwords must be configured in a manner that they cannot be guessed easily by the attackers. Use alphanumeric characters and keep the minimum length to 16. Threats ranging from account breaches to ransomware infections can be prevented if only the administrators pay attention to credential policies. You can check haveibeenpwned.com and follow NIST’s guidelines to set secure credentials. Use random password generator and check the complexity score of your password at passwordmeter.com. Enabling MFA (Multi-Factor Authentication) & 2FA (2-Factor Authentication) will prevent brute force attacks on your account. This adds more authentication layers on the top of your initial password-based logins. Alternatively you can implement biometrics and / or physical USB (Universal Serial Bus) key authenticators.
  3. ACL (Access Control List): Grant or assign the privileges or access on a Need-to-Know basis only.! Deployment of IAM (Identity and Access Management) strategy prevents accidental information modification from unauthorized employees. This also limits the scope of access for hackers having stolen the employees’ credentials. Enable a systematic deprovisioning process for employees leaving the company. Revoking the access rights of people who have left the organization is a crucial security responsibility that must be completed on the LWD (Last Working Day) & not get delayed.
  4. Fail-safe Backups: You can encrypt the data in upload it in cloud or keep in offline storage. Choose the CSP (Cloud Service Provider) that provides military-grade encryption. Implement, deploy & launch backup & disaster recovery mechanisms to protect your data.
  5. Holistic IT Strategies: Maintaining your organization’s credibility is very important. Comply to various regulatory standards & frameworks to protect highly sensitive business information. In-house SOC (Security Operations Center) team can monitor the real-time activities of users, services, and applications in your IT environment. Alternatively, to facilitate inadequate budgets & lack of resources, you can hire an MSSP (Managed Security Service Provider). They help you to outsource your security logging & monitoring requirements. They prevent, detect, analyze, & mitigate security risks, threats, vulnerabilities, & incidents for your business. Protect your data & devices with various security solutions such as NGAVs (Next-Gen Anti-Virus), DLP (Data Loss Prevention), XDR (Extended Detection and Response), Honeypot and likewise. Training and securing your users and employees would give hackers a hard time targeting your IT infrastructure.

For more information on various ransomware attacks and IT security measures to be adopted by businesses, contact Centex Technologies at (254) 213 – 4740

, , ,

No Comments

Cookies & Online Privacy

When surfing online, a common pop-up that a user receives is ‘Accept The Cookies’. Some websites use cookies to provide a more personalized and convenient website browsing experience. But in order to understand the relationship between cookies and user’s online privacy, it is first important to understand what cookies are.

What Are Cookies?

Cookies are text files that contain small amounts of data that can be used to identify your computer network. Specific HTTP cookies are used to identify specific users for improving their web browsing experience.

Data stored in the cookies is created when a user connects to an online server. This data is marked with an ID that is unique to the user and his computer/system. When cookies are exchanged between user’s computer and network server, the server reads this data for identifying the information that should be served to the user.

Cookies are of two types:

  • Magic Cookies: This is an old computing term that refers to packets of information that can be sent & received without any charges. This data is commonly used for logging in to a computer’s database systems. This concept is a precursor of modern day ‘cookies’.
  • HTTP Cookies: It is a repurposed version of magic cookies, which was created for internet browsing. It was specifically created to assist web browsers in tracking, personalizing, and saving information about a user’s online session. The server sends cookies only when it wants the web browser to save it. These are stored locally by the browser, so that when the user revisits a website, web browser can return the data stored in the cookies to help the server recall data from previous session. HTTP cookies can be further classified as – Session Cookies and Persistent Cookies.

How Are Cookies Used?

While session cookies are only used during navigating a website and are stored on RAM (never written to the hard drive), persistent cookies remain on the computer indefinitely.

Persistent cookies can be used for two main purposes:

  • Authentication: They help in identifying if a user has logged in and if yes, under what username. They also help in streamlining login credentials so that the user is not required to remember them.
  • Tracking: This is to track multiple visits to a website or webpage over time. This property is used by merchants to identify a user’s browsing behavior to suggest products that may interest the user.

Why Cookies Can Be A Threat?

  • Since the data written in the cookies cannot be changed, they are harmless. However, cyber criminals can get hold of the cookies to access victim’s browser sessions.
  • Third-party cookies (generated by ads on a webpage, even if user doesn’t click on ads) allow the ad owners to track user’s browsing history, thus interfering in his privacy.
  • Zombie cookies can be permanently installed on user’s system and reappear even after deleted.

Removing cookies can help in combating the risk of privacy breach.

For more information on cookies, online privacy and IT Security, contact Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

Differentiating Between IT Security & Cybersecurity

IT security and cybersecurity are often mistaken to be the same. However, in reality both these terms define different concepts. Both these segments have many overlapping areas but there are certain differences that need to be understood.

IT security or Information Technology security includes protocols, processes and tools to implement certain measures in order to secure and protect information/ organization’s data by using different technologies. The information to be protected includes both digital and physical (paper form) data.

Cybersecurity may be considered as a subset of Information security. It includes systems and processes used as precautionary measures to safeguard an organization against crime involving Internet; for example, protection against unauthorized access to computer systems and data connected to Internet. Cybersecurity is typically focused on protecting electronic data.

Let us take a look at some basic points that can be used to differentiate between IT security and Cybersecurity:

  • Cybersecurity is the practice of protecting an organization’s data, services and applications from individuals or entities outside the resource on the Internet, whereas IT security is about protecting critical information from unauthorized user access and data modification or removal in order to ensure uninterrupted services.
  • Cybersecurity is focused on building the ability to protect an organization’s cyber space from attacks. On the contrary, IT security deals with protection from any form of threat, irrespective of the environment.
  • Cybersecurity tools work against cybercrimes and cyber frauds like phishing attacks, data breach, cyber bullying, etc. IT security helps an organization strive against unauthorized access, disclosure and disruption which may be cyber or physical.
  • Cybersecurity professionals deal with advanced persistent threats. The process involves protection of company logins, profiles, server resources, applications, databases etc. Information or IT security is the basis of data security. IT security professionals prioritize resources before dealing with the threats.

Centex Technologies provides cybersecurity and IT security solutions to enterprises. For more information, contact Centex Technologies at (254) 213 – 4740.

, ,

No Comments

IT Security Recommendations For 2021

Rapid growth of technology is changing the way businesses operate. Technologies such as cloud computing, Artificial, Intelligence, automation, and IoT have created numerous growth opportunities for businesses. However, cyber hackers also use these technologies to launch an array of cyber security threats and attacks such as data breach, identity theft, etc.

The rise in number and frequency of cyber threats has created a need for businesses to focus on their IT security strategies. Here are some IT security recommendations for 2021:

  • Cloud Threats: The Coronavirus pandemic has intensified the remote work and collaboration between different teams resulting in increased use of cloud services for data storage, data sharing, app sharing, etc. However, increased migration to cloud has led to higher number of cloud threats. Some common cloud-based security threats are mis-configured cloud storage, reduced visibility and control, incomplete data deletion, and vulnerable cloud-apps.
  • AI Integration: As the cyber security threats keep growing in terms of intensity, AI is emerging as a helping hand to under-resourced IT security teams. Including artificial intelligence in IT security strategy can help in ensuring timely detection of threats and implementing rapid reaction. AI provides threat intelligence by analyzing massive quantities of risk data from structured and unstructured resources.
  • Extended Detection & Response (XDR): In order to ensure data security, it has become essential for IT teams to gain visibility and deep insight into enterprise and customer data across emails, endpoints, networks, servers, cloud workloads, and applications. It is recommended to include XDR in the IT security strategy as it helps in automatically collecting data from multiple sources and correlate it to ensure faster threat detection and incident response.
  • Security Process Automation: High frequency of IT security threats has resulted in a shortage of trained IT staff. Thus, organizations are required to extensively rely on security process automation. These tools eliminate repetitive security operations using pre-established rules and procedures. This also helps in reducing the errors in routine security checks.
  • SASE: Changing organizational environment has transformed the organization’s network security from LAN-based appliance models to cloud-native security service models such as Secure Access Service Edge (SASE). Using this model, organizations can robustly secure remote workforce and cloud applications by routing network traffic through cloud-based security check.

For more information on IT security recommendations for 2021, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments