Contact Us Today!   314.394.3001   |   info@andersontech.com

Working from Home Due to COVID-19: Keep Your Company Data Protected

/in , , /by

Over the past weeks, we’ve worked with many of you to add or increase your work-from-home capabilities as a result of the COVID-19 pandemic. This move not only helps keep our coworkers safe but also our families and the greater community. As our team burns the midnight oil to do our part, our thoughts and prayers go out to everyone affected by this international crisis.

To better assist your work-from-home goals, please be mindful of the dangers of and best practices for remote work.

While social distancing is critical, we must also recognize the risks a remote workforce poses and be vigilant to keep our systems secure. Remote work immediately increases the vulnerability of your company’s cyber security. Suddenly, we’re no longer at one office location with multi-layered security measures in place.  Our surface of attack is exponentially spread into homes that aren’t equipped with enterprise-grade firewalls and onto personal computers that may already be compromised (studies estimate that 1/3 to 1/2 of home machines are).

COVID-19 Scams

Taking advantage of the interest and coverage of COVID-19, cyber criminals are using new tactics in their phishing and malware attacks. Fake coronavirus websites, often with legitimate information from trusted sources, are being created to spread malware. New phishing emails and clickbait links using similar messages are also spreading. Do not trust COVID-19-themed emails, even if they appear to come from governmental sources. If you receive one and think the information may be worth clicking, go instead to the organization’s website. Any official, legitimate updates will be included there.

Avoid falling victim to one of these scams. Follow basic phishing prevention as we’ve explained in our learn page and phishing quiz, and always go to official government sites for coronavirus information.

As with all phishing attempts, never open attachments or links in unsolicited emails. If you know the person who sent it, confirm with them that the email is legitimate first, preferably by means other than email as responses can be faked. When searching for coronavirus information, hover over the link before you click and make sure the URL matches the source it appears to be in search results.

Maintaining Confidentiality

Working from home presents unique challenges to the privacy of your work, but your company’s confidentiality policies and contracts remain in effect no matter where you are. This is especially important if you are subject to HIPAA or other governmental regulations. Keep up to date with all regulatory changes made to accommodate the novel coronavirus situation.

There are measures all remote workers should follow to protect the confidentiality and security of their work space while in a home environment.

  • Always lock your screens when you step away from the computer to keep curious children (or pets) from wreaking unintentional havoc.
  • Work in your own room or create a space away from other members of your household. The space should be isolated enough to avoid onlookers and to conduct work conversations without being easily overheard.
  • When using a company-owned device, keep it locked or turned off whenever you are not with it, and never allow others in your home to use it for any reason.
  • If using a personal device for work, create a separate, password-protected user profile to access company data from. Do not allow others to use this profile.
  • Keep any work papers or confidential information in a safe, preferably locked, place.

Home Network Performance

Home networks, including your internet service, are typically not as reliable as your office IT systems. With the additional load of millions of users across the nation trying to do the same things you are, you will likely face performance issues when working from home. Since home internet often isn’t as fast as your work connection, video conferencing may flake out and remote connections to your office network or devices may lag. The more people taxing your internet with activities such as online learning, streaming, gaming, or video chatting, the more likely you are to have performance issues.

Due to the increased need for high-speed internet to accommodate the sudden influx of both home-based work and schooling, some internet service providers (ISPs) are offering additional speeds for those with no or limited internet access at no extra cost. Others are removing data caps and related fees for those on fixed data plans. If you think you might qualify, contact your ISP for more information.

Home Network Security

Performance isn’t the only potential issue with a home network. Security is a big concern when connecting to the office network from home. Besides the obvious security measures such as having patched, up-to-date computers with strong anti-virus/anti-malware protections, here are a few more tips to securing your home network.

  • Update router firmware if needed.
  • Make sure Wi-Fi has WPA-2 or higher encryption with a strong password (not the default).
  • Update firmware in all IoT (Internet of Things—smart thermostats, cameras, etc.). IoT is often more vulnerable to attack and has been used to infect home networks.
  • Never use default passwords on any internet-connected device.
  • Remove or deactivate all browser extensions not necessary for work. They might seem helpful, but many have tracking embedded in them and some are vehicles for malicious code.
  • Use multi-factor authentication (MFA) whenever available.

Training & Communication

While knowing how to spot phishing and social engineering attacks is essential to network safety, that’s not the only kind of training those who work from home should receive.

Review relevant security and office policies and ensure that you know who to contact if an issue arises. What problems can be resolved by office staff or a coworker, and what problems need to go to IT experts? Work efficiency will suffer if you continually contact the wrong people to resolve your problem. Consider partnering with another team member to check in about potential suspicious activity or emails before reaching out to an IT professional. You may not be alone in experiencing an issue or threat.

 

We’re already taxing our systems and IT personnel; don’t give criminals the edge. Be even more vigilant at home. It’s easy to become relaxed in your own space, but those with malicious intent are also working overtime to capitalize on our situation.

Quotables: Is Your Workforce Suddenly Remote? Here’s What to Know About Cybersecurity (CO by U. S. Chamber of Commerce)

/in , , /by

Principal Farica Chang is featured in CO by U. S. Chamber of Commerce, a resource for everything business owners need in times of national emergency and otherwise.

Click here to read the full article!

And read our Ultimate Guide to Secure Remote Work on our blog.

Are you in need of expert IT consulting?  Anderson Technologies is a St. Louis IT consulting firm that specializes in system administration for small businesses.  Let us help you today!  Give us a call at 314.394.3001 or email us at info@andersontech.com.

What are Quotables?  This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers. 

Quotables: COVID-19 Have You Working at Home? Check Your Cyber Security! (Ms. Career Girl)

/in , , /by

Cyber security is in the news, and Anderson Technologies is offering our expertise. Principal Farica Chang is featured in Ms. Career Girl, a site providing education and tips for women at work.

Click here to read the full article!

And read our Ultimate Guide to Secure Remote Work on our blog.

Are you in need of expert IT consulting?  Anderson Technologies is a St. Louis IT consulting firm that specializes in system administration for small businesses.  Let us help you today!  Give us a call at 314.394.3001 or email us at info@andersontech.com.

What are Quotables?  This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers. 

The Ultimate Guide to Secure Remote Work [Updated for 2020]

/in , /by

With the coronavirus in the news, more businesses than ever are considering whether telework is a viable option for their company and employees. But with new cyber threats and data breaches constantly reported, business owners have to ask themselves,

How do I maintain my cyber security when my employees work remotely?

Whether you have one employee working on a mobile device while on a business trip or your entire staff telecommuting from home, your cyber security shouldn’t be sacrificed for convenience. By understanding your options and working with a quality IT services provider, you can safely navigate the cyber world and keep your business protected.

Cyber Security and Telework

Maintaining your cyber security while allowing your employees to work remotely can be a challenge, but it can be accomplished with minimal risk if you plan ahead and choose the right options for your business. If you don’t expect someone to infiltrate your network, you won’t be protected when someone tries. Always prepare for the worst-case scenario.

Assume that communications on external networks, which are outside the organization’s control, are susceptible to eavesdropping, interception, and modification.”—Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security (NIST 800-46r2)

How Do You Prepare for Telework?

Start by choosing the best telework option for your business’s needs and budget. There are four basic ways to secure your network while allowing remote access to employees.

  1. VPN Gateway:

    Virtual Private Network (VPN) gateways create secure access from the employee device to the VPN gateway and onward to your internal network. In this way, your enterprise-level cyber security measures are extended to the VPN, which acts as a secure tunnel for employees to work through. Some VPN gateways can even extend your business’s firewall rules to the employee computer no matter where they are working through the use of a portable device—a great advantage when travelling on business.

    VPN gateways offer several great telework features, but while communication is protected through a VPN gateway, the employee’s computer could still be at risk of transmitting infected data if the computer itself is compromised. VPN gateways should only be used in conjunction with properly configured, company-owned hardware to maintain high security standards and minimize the risk to the internal network.

  2. Portals:

    In this method, telework employees access company data and applications through a browser-based webpage or virtual desktop. All applications and data are stored on the portal’s server and cannot be downloaded or saved on an employee’s device without permission. This is a good way to keep control over who is accessing your data and how it is used.

    The danger with portals depends on what permissions the employee has while accessing the portal. If the portal allows an employee to access other areas of the internet while connected, it could provide an unintended avenue for criminals to access your network. It’s safer to restrict employees’ access to other programs while the portal is in use. The more access an employee has, the less secure the connection becomes.

  3. Remote Computer Access Service:

    Remote computer access services allow an employee to remotely control a computer physically located at your business via an intermediate server or third-party software. When the two computers are connected, applications and data remain on your office computer, and your network’s cyber security measures are enforced. Your remote device acts as a display for the work performed on your office machine.

    Due to the direct access, remote desktop connection is considered high risk in cyber security terms. Proper configuration is critical. When set up correctly, communication between the two computers is encrypted for the data’s protection, but it is also encrypted from the organization’s firewalls and threat detection. No matter how good your cyber security measures are, if the employee’s home computer doesn’t have the same protections as the office workstations, malicious data can slip into your network unnoticed during a remote desktop connection.

  4. Direct Application Access:

    Direct application access is probably the lowest risk to your cyber security measures out of all the remote access methods because it is best used only with low-risk applications. In this method, employees can remote into a single application, usually located on the perimeter of your network, such as webmail. The employee doesn’t have access to the entire network, allowing them to work on select applications without exposing your internal network to danger.

    Though there is much less danger posed by direct application access, it generally doesn’t allow for extensive work to be done. There is very little connection to data on your network, and little ability to take data to another application if needed. It is best used when traveling or on a mobile device where complete access to the network is not necessary.

The type of telework you offer may also depend on governmental regulations requiring a certain level of security. Those working in the healthcare sector should consult with their HIPAA Security Officer to make sure any telework is performed according to HIPAA guidelines.

Using company-owned and maintained hardware is the best option when working from home or on the go. Properly-maintained company laptops reduce the risk of unpatched or out-of-date software connecting to your network and often have more robust anti-virus/anti-malware protections than personal computers.

For many small and medium businesses (SMB) though, providing all employees company devices is not financially feasible or practical, especially if the need for remote work is temporary. The best choice for SMBs is either establishing a site-to-site VPN connection or using a secure remote desktop service to connect to their office computer. SMB should be aware of and willing to accept the added cyber security risks of using personal devices before implementing this type of work-from-home policy.

Mobile Devices

Telework isn’t the only way employees access your network. Mobile devices have become ubiquitous for work on-the-go, but if you fail to protect these devices, your business and clients may suffer. There are basic security recommendations for securing any mobile device, including thorough employee training in cyber security, strong encryption, keeping software up-to-date, and supplementing your security with third-party anti-malware/anti-virus software. While these fundamental methods keep the average device secure, if you’re dealing with sensitive or confidential data on your network you may need additional safeguards.

Given the similarity between the functions of mobile devices, particularly as they become more advanced, and PCs, organizations should strongly consider treating them similar to, or the same as, PCs.”—Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security (NIST 800-46r2)

NIST’s Guide to Enterprise Telework offers detailed suggestions for protecting any business when it comes to mobile and telework access, including:

  • Turning off networking capabilities (such as Bluetooth) when not necessary for work.
  • Turning on personal firewalls, if available.
  • Requiring multi-factor authorization before accessing your business’s network.
  • Restricting other applications allowed on the device.

Since loss or theft of hardware is far more likely with mobile devices, it is beneficial to use a mobile device management (MDM) solution to maintain control of a mobile device in case of theft or accidental loss. With an MDM, you can locate, lock, or remotely destroy any data on the mobile device. This way your sensitive information won’t fall into the wrong hands, even if the device itself can’t be recovered.

Best Practices for Maintaining Cyber Security

Regardless of the type of remote access you decide on, there are a number of opportunities to shore up your cyber security defenses:

  • Establish a separate, external network dedicated solely to remote access. If something does infect the server, it won’t spread to other parts of your network.
  • Establish a site-to-site VPN connection or use a secure remote service.
  • Use encryption, multi-factor authentication, and session locking to protect your data.
  • Keep your hardware and software patched and updated, including your employees’ remote computers.
  • Enforce strong password policies and have employees use a password manager.
  • Set up session time out on all teleworking connections and automatic screen locks on all computers.
  • Manually configure employee computer firewalls and anti-malware/anti-virus software.
  • Add additional security authentication layers to company data on mobile devices.
  • Set up restrictions to keep unknown or unnecessary browser extensions from being installed. Many have tracking codes the user doesn’t know about, while others are used to spread malware. Stick with trusted and needed browser extensions only.
  • If possible, physically secure computers with locking cables in any untrustworthy place, such as hotels or conference areas.
  • Consider providing company-owned devices for employees to use that can be maintained and secured by in-house IT-staff or your MSP.
  • Consider end-point detection and response or remote access logging to monitor what is happening on your IT systems.

Regardless of how many security protections are used, it is simply impossible to provide 100 percent protection against attacks because of the complexity of computing. A more realistic goal is to use security protections to give attackers as few opportunities as feasible to gain access to a device or to damage the device’s software or information.”—User’s Guide to Telework and Bring Your Own Device (BYOD) Security (NIST 800-114r1)

Privileges, Privileges, Privileges!

No telework operation should ignore the danger of not setting the correct privileges on employees working from home. This step is essential to maintaining a secure, partitioned IT environment.

Implementing accurate and reasonable privileges provides two major benefits to your company.

  1. It keeps employees from accessing data or programs that they shouldn’t have access to.
  2. It keeps cyber criminals from infiltrating your entire network through a single compromised machine or account.

There is no reason a sales rep needs the same access to your company data as the CEO, so why would you give them unrestricted access? Job-specific privileges keep company data safe from insider infiltration while providing each employee with the tools and data necessary to complete their work. The Zero Trust IT model utilizes segmented permissions as the core tenet of its security architecture.

When creating user privileges, keep in mind:

  • Never allow users admin access. The only people who should have admin access to your systems are the IT personnel who maintain them, and even then, they should use an admin account only when performing work requiring it. All users should have a standard, limited user account that cannot alter system settings or privileges.This is especially important when employees work from home on their personal computers. Without the security of an enterprise hardware firewall and business-grade cyber security protections, employees’ personal computers are at a higher risk of being compromised. If their computer is infected and they have admin level access, cyber criminals can use that unrestricted access to infiltrate your entire system, change permissions, and steal or encrypt data for ransom.
  • Need-to-know access only. It takes a bit of technical know-how to set up appropriate user access privileges, but it’s worth the effort. Besides keeping data secure within the company, segmentation of privileges also means that if a computer is infected with malware or an employee account is compromised, the access cyber criminals have to your company and its data remains limited.
  • Use multi-factor authentication. It’s not enough to limit permissions, you need to verify the person signing in is who they say they are. A quick visit to Have I Been Pwned will show how many accounts are already compromised. Multi-factor authentication prevents a compromised account from being used by cyber criminals to access your systems. While security tokens and third-party authenticator apps like Yubikey or Google Authenticate are preferred, any type of multi-factor authentication (email, SMS) is better than no authentication.

Training

Employees need to know more than just how to use the telework programs. Train your employees on cyber security before they go home to work. This is especially crucial if they use their personal computers to telecommute.

Employees should know how to spot and respond to unusual computer activity, which can be an indicator that malware is present. They should also be prepared for phishing and social engineering attempts to gain user account access. Train them on who to contact for IT support and how to verify the person asking for access to their computer is the correct person.

Your employees’ home computers will be the weakest link in your cyber security, so verify they know how to keep their computer safe and how to securely access your systems. Doing so protects them and your business from malicious actors.

 

Telework comes with risks, but with strong security policies and the right cyber security in place, it is worth the investment. A good managed IT services partner can walk you through the process and make sure your business is safe and productive anywhere. For help setting up a telework network, contact the experts at Anderson Technologies by email at info@andersontech.com or by phone at 314.394.3001.

Looking for more guidance on how to keep your work from home systems secure? We’ve got some essential tips on a new blog post, “Working from Home Due to COVID-19: Keep Your Company Data Protected.”

Cyber Security St. Louis Ransomware Small Business

Ransomware as a Service: When Criminals Mimic Corporations

/in , /by

When you imagine cyber criminals planning ways to infect hundreds of thousands of computers, you probably don’t picture sophisticated marketing operations and software licensing, but you’d be surprised. The black market on the Dark Web is much like any other online store where you purchase goods, only its products are more nefarious. Cyber criminals copy the techniques used by corporations to increase profits by authoring and distributing ransomware-as-a-service (RaaS). RaaS enables less tech-savvy cyber criminals to quickly set up shop, and often includes “customer support,” easy-to-use dashboards, and guides on how to most effectively distribute ransomware onto victims’ machines.

The RaaS Business Model

This is not a recent development. RaaS has been used since 2016, and has proved to be a lasting business model for cyber criminal organizations. These organizations utilize modern marketing and corporate strategies to get their “customers” to choose their ransomware services over other offerings on the Dark Web.

How Does RaaS Work?

In a traditional software business model, a user pays a one-time fee to buy a license for a specific version of the software outright. There are no other costs throughout the life of the software, but if the user wants to upgrade to a newer version, the software must be purchased again. But being required to buy each new version that’s released can be financially impossible for some consumers. That’s where software-as-a-service (SaaS) comes in.

With SaaS, the user can “rent” the software for a monthly fee, giving the user the most current version of the software at a greatly reduced upfront cost. But unlike traditional software purchasing, if the user ends their subscription, they lose access to the software.

On the Dark Web, RaaS utilizes both these business models. Instead of a bad actor authoring and distributing their own ransomware onto victims’ computers, cyber criminals pay for someone else’s ransomware strain. This allows even those who don’t have the skills necessary to create their own ransomware strain to enter the ransomware market.

This arrangement is beneficial to the author of the ransomware, as well. In addition to the subscription price, the author often gets a cut of each ransom paid. The more subscribers who buy and distribute their ransomware, the more money the author makes without needing to infect a single computer themselves.

This is where RaaS mimics legitimate businesses. Some ransomware authors sell licenses using the traditional software business model. When a cyber criminal buys the ransomware license, they are free to use it as much as they want. Other ransomware authors have adopted the modern subscription model of SaaS. As a subscription, buyers have to continue to pay monthly or by number of infected computers. In return, the ransomware they “rent” receives updates and continued support from the author. To entice cyber criminals to choose their strain, some authors will offer discounts or adjust their cut of the ransom. Some even provide tutorials and customer support to buyers to help with distribution.

Ransomware Finds New Ways to Make Victims Pay Up

The authors of ransomware strains aren’t the only ones offering customer support. For several years now, criminal organizations spreading ransomware have provided customer support representatives to facilitate payments, such as helping victims buy bitcoin or walking them through the payment process. Sometimes these customer support reps even lower the ransom for victims unable to pay the requested amount.

While offering customer service may seem absurd for a criminal enterprise, the newest extortion method fits right in. The threat of ransomware includes not only the loss of data but also the weaponization of that data by bad actors. Until now, the risks associated with not paying the ransom have been limited to criminals farming the encrypted data for credentials or losing the data altogether. Now a new type of extortion is threatening to come to the forefront.

To thwart the growing number of businesses taking cyber security seriously and ensuring they have reliable backups in case of a ransomware attack, cyber criminals now threaten to release the unencrypted data they steal if the businesses choose not to pay the ransom. Those behind the Maze ransomware strain have a public website listing the names of businesses they’ve infected, as well as details about the attack and documents stolen from infected systems. The Allied Universal data breach and release was Maze’s first victim to be publicly exposed in this way.

What Can You Do?

When it’s not only loss of data but release of data that is the danger, the usual mantra of back up your data doesn’t cut it anymore. With this evolving threat landscape, prevention is the key to security.

In addition to basic security measures that all businesses should implement, intrusion detection is essential to modern cyber security. Bad actors are often in compromised systems for days or weeks before the actual ransomware attack happens. They can search files, disable security measures, corrupt backup systems, and more to make the business as vulnerable as possible. Identifying the problem when the intrusion first happens could save not only your money but your data and reputation as well.

Other precautions include encrypting all sensitive data so hackers can’t access it, having strong user access controls and passwords, and restricting administrator access to necessary IT personnel. This limits the amount of data criminals can access if they were to penetrate your systems.

Most of all, train your employees how to identify phishing methods and signs their computer may be compromised. Employees are the front line of defense against infection. Make sure everyone is trained at least annually to stay up to date with new ransomware strategies so that they and you don’t become unwilling customers of the ransomware business model.

 

If you need help shoring up your defenses against ransomware or need employee training, contact Anderson Technologies today!

Anderson Technologies Recognized as a Best Cyber Security Firm for 2020

/in , /by

Anderson Technologies has been featured by Small Business Monthly as one of St. Louis’s Best IT Firms for the past three years, and this year we are pleased to announce that we made the list for Best Cyber Security Firm in 2020!

A core tenant of Anderson Technologies’ 25 years serving the St. Louis area is our education and employee training approach to cyber security. Beyond the purely technical aspects like security monitoring, system audits, and essential hardware—all key parts of managed IT services through Anderson Technologies—we’ve found that continued education on cyber security risks and solutions is often what makes an impact and keeps an organization safe.

Do you need an expert eye on your organization’s cyber security? Download our FREE Cyber Security Essentials Checklist to see where your organization stands in 2020. For more help, please call us at 314.394.3001 or send us an email at info@andersontech.com for more information.

Quotables: Why We Must Leave Windows 7 Behind (VAR Insights)

/in , , , /by

A timely recommendation from Anderson Technologies’ Farica Chang provides education and advice regarding the January 14, 2020 Windows 7 End of Life date.

A few thousand dollars spent now is better than tens or hundreds of thousands demanded by ransomware and the loss of confidence your clients in the future.

Click here to read the full article!

Are you in need of expert IT consulting?  Anderson Technologies is a St. Louis IT consulting firm that specializes in system administration for small businesses.  Let us help you today!  Give us a call at 314.394.3001 or email us at info@andersontech.com.

What are Quotables?  This is a category in our posts to highlight any professional publications that benefit from our expert IT consulting advice and quote us in articles for their readers. 

windows 7 end of life windows 10 upgrade

End of an Era: Saying Sayonara to Windows 7

/in , , /by

January 14, 2020. Today marks the end of an era. As of today, Microsoft no longer offers support for its Windows 7 operating system.

If you’re still hanging on to outdated hardware running Windows 7, you’ll no longer receive updates, attack countermeasures, and security patches.

Your Windows 7 machines—and entire network—will be vulnerable to new breaches, exploits, malware and viruses.

It also means that, starting today, no Windows 7 computer is HIPAA compliant. Using hardware that cannot be protected with patches and updates means the Security Rule is not being followed, and if a breach does occur, you’ll probably be liable.

Anderson Technologies recommends upgrading all Windows 7 machines and other Microsoft offerings that also reach End of Life today, including Hyper-V Server 2008/Hyper-V Server 2008 R2 and Windows Server 2008/Windows Server 2008 R2.

What’s the Big Deal?

Businesses and organizations in every field should take end of support for an operating system seriously. Cyber crime is on the rise, and while many criminals continue to target anyone who will click their bait, many more see the value in targeting vulnerable access points to a network, knowing that the data and additional connections they unlock can really pay off. Recently, hundreds of nursing homes and veterinarians lost access to patient data, and multiple municipalities in Texas were effectively shut down due to their software and cloud providers being compromised by ransomware.

It’s not a question of if you’ll be targeted, but when.

For any business, staying up to date on all security and software patches is an essential part of the electronic era. After today, anyone running Windows 7 is holding the door open for cyber criminals once the newest zero-day threat is identified and exploited. Don’t count on your cyber insurance to cover any ransom or damages you incur in the event of an attack. Many cyber insurance policies require businesses to have certain security measures in order to pay out, and an updated and patched OS is one of the most basic protections you can have.

If you operate in the healthcare vertical, staying up to date is not just important, it’s the law. Under HIPAA, any Covered Entity or Business Associate must comply with the same standards. Having patched and routinely updated hardware is part of HIPAA’s Security Rule, and failure to comply won’t just mean trouble from cyber criminals. The Office of Civil Rights can levy significant fines for businesses that knowingly ignore cyber security guidelines.

In the accounting vertical, operating from an unsecured OS could leave you in breach of the FTC Safeguards Rule, and your client data will be vulnerable.

Staying up to date on all security and software patches is essential when fighting cyber crime. After January 14, 2020, anyone still running Windows 7 is inviting cyber criminals in through an unguarded, open door.

What Options Do I Have?

  • Extended Support for Windows 7. Microsoft’s extended support plan is only available to users running Windows 7 Pro or Enterprise through volume licensing. Contact your IT provider or Microsoft representative to determine if you are eligible. If you are, you can purchase up to three years of extended Windows 7 support, starting at $50-$100 per computer for the first year and doubling in price each year following. This is not a long-term fix, but it could allow you to spread out your upgrades over several years instead of upgrading your equipment all at once.
  • Windows Virtual Desktop. Microsoft is also offering three years of support for free with Windows Virtual Desktop. If you’ve been considering moving to the cloud, this might be a good time to look into Azure and reduce hardware costs.
  • Update OS to Windows 10. If hardware costs are holding you back from getting a fully-supported machine, updating your existing computers to Windows 10 might be the most cost-effective option to remain secure. Unfortunately, many computers running Windows 7 are not capable of efficiently running Windows 10.
  • Upgrade Hardware for Maximum Security. The most secure option moving forward is a secure OS (Windows 10) paired with up-to-date hardware built to run modern software and protect data.

If upgrades just aren’t feasible—maybe essential software isn’t compatible with Windows 10 or you’re operating on Virtual Desktop—security should be at the forefront of your mind. Move forward with updates and upgrades when you can, and until then:

  • Do not connect Windows 7 computers to the internet.
  • Don’t store client data on unsecure systems.
  • Back up your business data daily and make sure these backups are configured to adequately protect them against cyber attacks.

The time to act is now. Don’t be caught with your IT systems wide open to the next cyber attack. Upgrade to Windows 10 before it’s too late. Anderson Technologies can help. Contact us at 314.394.3001 or info@andersontech.com.

2020 Cyber Security Essentials Checklist

/in , , /by

The start of a new decade brings a sense of changing times and new beginnings. For your cyber security, it marks a good time to review how the state of cyber threats has changed since the time of Y2K or the 2013 Yahoo data breach. With the evolving threats and methods deployed in cyber crime, basic security standards have also progressed to keep your network safe. Do you know the basic security measures you should take to protect your business in 2020?

Download your copy of Anderson Technologies’ Cyber Security Essentials Checklist for 2020!

Verify everything!

We’ve talked before about the Zero Trust model for IT security. Even if you aren’t ready to bring your entire IT architecture up to Zero Trust standards, several of its security measures are now common-sense protections against modern cyber threats.

MFA

Multifactor Authentication (MFA) is quickly becoming the gold standard for preventing unauthorized access to your systems. In an age of Have I Been Pwned’s free credential checking and the all-too-often reuse of passwords, the question is no longer if your usernames and passwords have been stolen, but when and which ones.

MFA is the most basic way to prevent someone with stolen credentials from accessing your systems, and comes in various iterations, from an email or text code to authentication apps and security dongles like or RSA SecurID tokens. It’s a simple measure that ensures the bad actor needs more than a stolen credential to compromise your systems.

Access Controls: Minimum Necessary Use (Need to Know)

The days of free access within an organization are over. Clearly defining user roles and necessary access permissions is essential. There’s no reason for an intern to have the same access to your systems as the office manager or IT staff. Segmenting user access to the minimum necessary for their job performance means that if one employee is compromised, the bad actor won’t be able to reach every part of your business.

Stop Viruses and Malware in Their Tracks!

It’s common knowledge that anti-virus and anti-malware are required in this day and age, but remember that if your software firewall or anti-virus program catches an intrusion, the threat has already made it into your systems.

Know Your Hardware

Businesses need to understand the difference between a hardware firewall and a software firewall. You need to have the best protection against cyber threats, but many business owners don’t realize they are missing the necessary hardware firewall. Go to your IT closet and take a close look. Can you identify your modem, router, and hardware firewall? They are three different pieces of equipment, and if you aren’t sure which is which, talk to your IT staff or MSP to make sure all three are in place and properly configured for maximum protection and minimum interference.

Training and Filters

Firewalls and anti-virus programs won’t be of much use if an employee clicks a link in a phishing email and lets the bad actors in. Blacklisting certain websites and installing email filters like Proofpoint are great first steps for keeping malicious links and emails from getting through, but the biggest way to prevent phishing is training your employees how to recognize it. These tactics are too prevalent not to invest in comprehensive employee training.

Update! Update! Update!

Nothing invites bad actors into your systems like an unpatched computer, such as Windows 7 which stops receiving updates after January 14, 2020. Security updates are not just slight improvements; they often fix known bugs and zero-day threats that bad actors can use to infiltrate or bypass the implemented security safeguards. Without keeping up to date with your security updates, criminals can exploit unpatched vulnerabilities to breach your security and either install malware on or extract valuable and private information from your systems. So, when an update appears, make sure it gets installed right away and upgrade un-supported software as soon as possible.

Be Prepared for a Breach

The era of small businesses being too little to be profitable to hackers is long gone. Small, medium, and large business are all targets for cyber criminals and it’s essential to think not in terms of if you are breached, but when you are breached. How can you mitigate the risk or minimize the damage a breach could do to your business?

Backups

No business in 2020 should be without comprehensive and secure daily backups of their IT systems. Properly configured and tested backups are your insurance against ransomware and natural disasters. If you know you can restore all your data effectively and quickly from backups, there’s no need to pay a ransom for the hope you can get all your data back.

But don’t just grab the first out-of-the-box backup solution you find. Make sure your backup provider doesn’t keep only one iteration, meaning if your backup gets infected, you have no other options. Configure the solution correctly to back up all the information you need.

Encryption

If you are in a HIPAA-regulated industry, encryption is not optional. It’s the best way to prevent unauthorized breaches when mobile devices and laptops are lost or stolen. A properly encrypted laptop lost on a business trip isn’t a breach even if ePHI is on it, since the encryption prevents anyone who finds the machine from accessing the data.

Encryption is a good idea for any business that uses laptop and mobile devices for work purposes. The last thing you need is someone finding a lost phone or laptop and suddenly having access to sensitive business information or programs.

The Daily Routine

Sometimes it’s the little things that end up being the source of a cyber intrusion. These security measures may seem like common sense, but that doesn’t mean you shouldn’t have a clear policy for them. Failure to follow basic procedures everyday can open the door for cyber criminals.

Passwords and Password Managers

Reusing or only making minor alterations to passwords across applications is a major problem. Too many passwords are hard to keep straight, but people struggle even more to remember secure randomized passwords. This can lead to the worst-case scenario of employees writing down passwords that anyone could find. Having a long phrase or sentence the employee can remember is best practice, but if you have a lot of programs that require passwords, you don’t want employees using only one across the board.

Password managers like Myki or LastPass are a great solution to this problem. Employees can create the long, randomized alpha-numeric passwords, which are considered most secure, without the need to write them down or repeat the same password over and over. These services also provide apps for mobile phones so employees don’t need to be at the desk to access their passwords.

Screenlocks

Not every company institutes a screenlock timeout procedure for their business, but it’s a simple and effective security measure, especially if parts of your business are open to the public (HIPAA requires it). Even if you don’t have any public areas, screenlock policies can prevent insider threats from gaining access to an employee’s computer or information simply because they forgot to lock the computer before they left their desk. Make sure the screenlock requires a password and isn’t delayed to the point it’s useless to protect your information.

If you don’t have these basic policies and procedures in place, it may be time to re-evaluate the security measures you are using. Were they created for a different time and threat landscape? Can they continue to protect you against modern cyber crime? If not, it’s time to step up your basic security measures and stop criminals before they sneak into your business.

 

If you need help determining if your current security measures are adequate to protect your business, contact us today for a free consultation!