A question to us this week with regards to a few of the high profile data breaches was:
“Can you send out one of your newsletters explaining this situation and how it happens to a huge company like Colonial, and what your security is doing to prevent this type of situation?”
It is pertinent to repeat, courtesy of, Bloomberg what they said,
“You’ve got to get the culture change at the top where the board is getting updated on their cybersecurity posture as often as production and revenues and EBITDA,” he said.
We are asked sometimes “If these big companies and the Tax Services of Canada are hacked how can JEI Tech stop it happening?”
- You cannot stop having a puncture – so – maintain your tires and carry a spare tire in your car.
- You cannot stop fires in a building – so – have fire protection systems and fire insurance.
- You cannot stop being attacked on the web – so – use accepted security measures to prevent and minimize the impact on your business.
First and foremost, it is not currently public knowledge how the hackers accessed the systems at Colonial Pipelines (that may never be released). What we can say is they were most likely targeted with phishing e-mails and this is the most common method of accessing networks.
JEI Tech protects clients in the following ways
We recommend best practices which many of our clients are following. These are also Canadian and Albertan legislated requirements.
JEI Tech commonly used best practices:
- A secure Firewall. We use WatchGuard Firewalls. WatchGuard includes a local agent to monitor for ransomware. Others we feel are good and work well if correctly configured and monitored are:
- Monitored Computers and Antivirus. JEI Tech uses a RMM tool to manage the security and updates on all computers and servers. Windows automatic updates are not enough. Our RMM includes ransomware detection and isolation.
- Secure E-mail
- Either Microsoft Exchange with Office 365 or G-Suite, you need to include a Spam and phishing filter with this.
- Cloud Backups. These allow us to restore lost or encrypted data in minutes for clients and fully virtualize their systems on the cloud in case of emergencies.
- If you have a server we recommend Datto devices which backup your data every 1 or two hours and backup to the cloud every night.
- If you do not have a server we would recommend a Datto device for your computers to backup to or a direct cloud backup per critical computer.
JEI Tech has deployed the below less commonly used security practices on our own network. All of which we are now going to be recommending to clients.
- Two Factor Authentication
- DNS Protection
- Active Directory Cloud
- Secure Wireless Devices
Questions for any company
Can you survive days without computers, e-mail and internet and stand to possibly lose all your data? What will the effect on your business be?
If the Answer is NO then you need to ask these questions
- Do you have a secure Firewall? (physical not your antivirus and this is not a router)
- Do you have your systems monitored and updated automatically by a third party?
- Do you have a local up to date firewall with antivirus on every system?
- Do you have secure e-mail and are you using the latest software to handle your e-mail?
- Are your wireless access points secure? There is currently only one provider who has a patented secure wireless device.
- DO YOU HAVE 2FA? (Two Factor Authentication)
- Do you have a Cyber Insurance Policy that will allow you and your IT to focus on the outage while they contact your clients and do damage control for you?
The biggest and most common reason for a breach is not the lack of security, but rather it is the people behind our desks. Not because of carelessness but due to the overload of e-mail, lack of training and the access to open internet. These are all factors you can address.
In the MSP community we have found the average cost of being secure is a minimum of $100 per computer/user. This does not include support.