alt tag

Posts Tagged ‘data’


Training Employees in Data Security Practices: Tips and Topics

Tuesday, April 3rd, 2018

While there’s plenty of technology available to keep your business’s data protected, the human element is still the most important piece to consider in safeguarding your company’s data. Properly training employees to understand and implement data security best practices works best when your business makes a cultural shift toward prioritizing IT security. Successfully training your staff is half about knowing how to train them and half about knowing which topics to train them on. Businesses that embrace a proactive approach to training employees on data security will have a much better track record than those that take a reactive approach.

Training Tips

Don’t just make a plan: Implement a program that focuses on training all employees. Have your business take an active role in implementing a data security program. This ensures training is far more effective than simply creating security practices, offering one-time training and hoping it works.

By implementing regular security training meetings on changing topics, your business can train your staff on a wide range of concerns.

In addition, your company can benefit from focused training while constantly reinforcing security as a priority. Hold multiple sessions that get into each topic in depth to help your employees better understand data security.

Training doesn’t end when the session ends — it’s an ongoing process. As an extension of training, your security staff should frequently send out reminders about security concerns to help employees remember what they’ve learned. Make your data security training materials easily accessible in the event staff members see a reminder and realize they should read up on a topic if they’re unclear of what the reminder is about. Additionally, C-level staff, IT and supervisors should lead by example.

Training Topics

The bad news is hackers will always create new threats for your staff to worry about — but the silver lining is that you’ll never run out of fresh topics to cover. Because of the fluidity of data security, your program will need to change which topics are covered in training and continually adjust strategy to address new threats. The following list covers just some of the many topics training sessions can cover:

  • Strong passwords and more secure authentication practices: This includes covering two-step authentication when applicable.
  • Secure Wi-Fi best practices: Explore red flags to look for when using public Wi-Fi and discuss whether public Wi-Fi should be used at all.
  • Physical device security: Cover topics such as encryption and disabling devices remotely to minimize data leaks for stolen/lost devices.
  • Use policy: Reaffirm that non-employees shouldn’t be using employee hardware.
  • Device security: Discuss the importance of keeping software patched and running security software on devices.
  • Popular methods of attack: Cover security best practices for avoiding popular phishing, man-in-the-middle and ransomware attacks.
  • Social engineering threats: Discuss the importance of the user as an essential line of defense when software can’t protect from threats.
  • Three-copy backup strategy: Explain that data is also at risk of being lost rather than stolen, and explore key backups to minimize these losses.

Hackers and thieves are known to exploit human complacency in security practices — and frequent training sessions will help employees stay aware. Is your business looking to improve its security practices? The IT consulting experts at MPA can help; contact us today to learn more.

Spectre and Meltdown: Valuable Lessons for Your IT Security Team

Monday, February 12th, 2018

At the end of 2017, the world learned about Spectre and Meltdown: two far-reaching security threats that exploit how CPUs work to expose protected information on nearly every recent PC, server and smartphone. Hackers can use these exploits to do things like steal passwords and other protected private information stored in a computer’s memory through programs such as a web browser.

These vulnerabilities essentially affect every computer, including Macs, iOS devices and Chromebooks.

Hardware and software manufacturers are hard at work fixing the vulnerabilities, but it is up to the end users to make sure the fixes go through.

How the Exploits Work

Spectre seizes the ultra-fast memory on the CPU itself, known as the CPU cache. CPUs use processes called “Branch Prediction” and “Speculative Execution” to guess the most likely upcoming instructions from branches in a program to speed up performance. Spectre attacks manipulate those processes to push data from protected memory into the cache then load that pushed data from unprotected memory. The exploit identifies protected information because it loads faster from the cache.

Meltdown exploits a flaw in processor privilege escalation that allows executed code to get access to protected memory. Essentially, Meltdown breaks the isolation between the application and the operating system. Meltdown is the easier to exploit, but the easier to fix of the two.

What It Means for IT Security

IT security staff needs to make sure that all devices impacted by Spectre and Meltdown are properly updated to mitigate the threat. For the most part, this means staff needs to take some key steps: apply the operating system patches, install firmware updates, update web browsers and update other software that works with secure data, all while keeping the antivirus active.

In many cases, it means just staying out of the way, as Windows and MacOS devices will automatically install the updates. According to Microsoft, end users mostly just need to make sure Windows Update is active. However, some anti-virus programs may block patches and others aren’t compatible with the updates, so IT staff will need to find an alternative option to update those devices.

The Damage Done

Fortunately, Spectre and Meltdown haven’t led to any major security breaches, but researchers have identified more than 130 instances of malware designed around related exploits. So far, related malware seems to be proof-of-concept attempts rather than attacks.

At this point, most of the damage comes from performance degradation associated with the security updates. Both Spectre and Meltdown exploit techniques used to improve CPU performance, so closing those vulnerabilities often involves disabling those techniques. In particular, Windows-based systems running 2015-era Intel Haswell or older CPUs may experience performance drops, with older operating systems being more likely to show symptoms.

However, the performance loss isn’t consistent and can vary between 2 and 14 percent depending on the task. Some processes are affected more than others, with “privileged” processes seeing the most slowdown. Your IT staff should be concerned about this if your business is running virtual machine clusters. The performance loss may mean a hardware update is in order.

MPA Networks offers valuable services such as desktop management that can help your business avoid the pitfalls of Spectre and Meltdown by keeping your computers updated and secure. Contact us today to learn more.

Do You Have a Crisis Management Plan for a Cyberattack?

Thursday, February 8th, 2018

A cyberattack crisis management plan is your business’s best defense for minimizing cyberattack damage after technology-based preventative measures have failed. Unfortunately for most businesses, cyberattacks are not a matter of if, but a matter of when. Establishing a crisis management plan can help your business minimize data compromise, limit attack scope, decrease recovery time and reduce harm to your reputation. Having a plan in advance means your operation can immediately get to work on containing the attack when it occurs rather than allow it to incur further damage while you scramble to develop a plan during the breach.

What Threats Do Cybersecurity Attacks Pose?

Cybersecurity attacks aren’t going away. According to CBS, as of 2015, criminals contributed to 1.5 million annual cyberattacks. These attacks can have major repercussions for a business.

According to IBM, the average breach costs a business $3.6 million.

Some attacks can lead to massive fallout that can put a business in financial trouble. In 2016, there were 15 breaches that exposed more than 10 million identities, Symantec reports.

The technical side of preventing cyber-attacks is an ongoing cat-and-mouse game. The tech industry pushes to close security holes as soon as — if not before — hackers find and exploit them. Hackers like to take advantage of businesses that haven’t applied software patches to close established security holes.

Malware, ransomware, botnets, IoT vulnerabilities and email phishing were all major threat sources in 2017. In particular, ransomware is a growing problem because businesses are paying more than $1,000 on average to recover “locked” data. Many of these payouts could have been avoided by implementing proper crisis management and disaster recovery plans in advance. While big businesses offer big targets, SMBs still need to protect themselves from attacks.

What Your Plan Should Contain

A cyberattack crisis management plan revolves around three main elements: preparation, response and recovery. Every step is crucial, because a poor response can actually make the situation worse. According to WIRED, Equifax’s management response could have stopped the problem before it started in their major 2017 breach, if they had not done such a poor job. Here’s what to consider:

  • Prepare: Your business should prepare for extreme-level attacks in advance. Part of this process involves creating a response team with key players from all necessary departments. The plan should include what each group needs to do in the event of an attack. The crisis response team should take action to plug major known security holes as they are discovered to prevent a breach.
  • Respond: The response team should identify the attack, secure the compromised systems, and investigate the cause of the breach in that order. Next, the team should take action to prevent further attacks that exploit the same or similar security holes.
  • Recover: The cycle continues after your business contains the threat. The response team should next work to minimize public damage and repair customer trust. According to a 2011 Ponemon Institute study, larger businesses say they averaged $332 million in diminished business value following a customer data breach.

The disaster recovery experts at MPA Networks can be a vital part of your business’s crisis management plan. Our experts can help your staff gets back to business as usual as quickly as possible. Contact us today to find out how we can help.