Skip to main content
IT services

Multi-Factor Authentication: What It Is and Why You Need It

By Blog, Uncategorized No Comments

It is increasingly important to protect our sensitive electronic data. It is estimated that over 30,000 websites are hacked every day, and according to the IBM Data Breach Report of 2021, data breaches and ransomware in 2021 cost companies an average of $4.6 million dollars. Simple passwords and basic password protection aren’t enough to protect you and your organization against a potentially dangerous and costly data breach.

Multi-factor authentication (MFA) is an electronic method of password and user authentication that requires the user to have two or more forms of identity verification to get access to a website, account, application, or network. These different forms of identity verification, or “factors” could include a fingerprint scan, a code emailed or texted to your personal device, or an authenticator app that generates a new code every 60 seconds.

Chances are, you have already used MFA in one way or another. When you log into your email from a new device, you might be prompted to enter in an OTP (one-time password) that was sent to you. Maybe you must use your fingerprint and your password to log into your online banking app. These kinds of MFA help keep your accounts secure and keep hackers from stealing your valuable and sensitive personal information. Integrating these security measures in your organization will also help protect your sensitive and proprietary data that keep your organization running smoothly. This could include anything from your sensitive client data, financial information, private emails, and even your personnel data like social security numbers and bank information.

 

Most of the applications that you and your business use will likely have a multi-factor authentication option available; you just need to activate it and train your team to use it. Though it may seem like an inconvenience, having MFA is the first line of defense against hackers. If MFA is offered on an application that you use, it is important to ALWAYS enable it before an intrusion happens.

MFA can be enacted in multiple different ways, depending on the application you are trying to access, or the needs of your organization.

MFA can use what you know: A password, a username, or the answer to security questions

MFA can use what you have: An authenticator app on your phone, or a code sent to your email address

MFA can use what you are: A fingerprint, an eye scan, or a voice activation key.

 

Having Multi-Factor Authentication enabled for you key business applications and resources can keep you and your organization from experiencing major data breaches, financial disaster, and crippling hacking attempts. As a reputable MSP, Digital323 knows the security needs of organizations and industry best practices to keep your IT functional, stable, and secure. MFA will secure your data and applications and protect you from disastrous data breaches. If MFA is offered on an application that you use, it is important to enable it before an intrusion happens.

Contact Digital323 to roll out MFA and other technologies to secure your data and applications.

Financial Compliance

What are Risk Assessments?

By Blog, Uncategorized No Comments

Risk assessment is a process that helps identify internal and external vulnerabilities and threats to business data, systems, software, clouds, and networks. It also helps us identify and understand consequences if threat actors exploit vulnerabilities, and know the possibility of harm that may eventually unfold. Failure to conduct regular risk assessments can be costly!

 

Knowing Your Security Risk Environment

Did you know that only about 40% of owners believe there is sufficient risk assessment conducted in their company? Additionally, cybercrime has shot up by 40% since the start of the COVID-19 pandemic. If you don’t know your risk, you can’t fix it, and not being alert to threats can make you the next target.

About 70% of organizations faced a cloud data breach in 2020 and it is also predicted that ransomware attack will occur every 11 seconds in 2021. These threats leave no room for complacency when it comes to data security and risk assessment.

 

The Consequences of Undetected Risks

If any business risk goes undetected, it can snowball into a severe breach and cause a variety of problems for your organization. Some of these consequences can include a loss of productivity, where average downtime of employees is close to two hours, or financial loss. The average total cost of data breaches in 2020 is estimated at $3.86 million. Other major consequences can include reputational damage and legal liability. According to the IDC report, one-third of customers will be their association with a business following a major breach. And in 2020, the OCC fined Morgan Stanley $60 million citing failure to comply with standards and secure sensitive data.

Regular risk assessments are a positive and preventative investment in protecting your business.

 

Maintaining Regulatory Compliance

To stay ready and compliant with security requirements of most regulatory bodies, regular risk assessments are essential to identifying and measuring potential business impacts. You can classify risks as high, medium, and low.

High impact risks, if unchecked could lead to a major breach and have significant impact on the operations of your business or even result in external monitoring and enforcement. Medium impact risks, if unchecked could adversely affect your business’ cybersecurity posture and lead to demand for operational changes by the external enforcement agency. Low impact risks, if unchecked, might contribute to failure in accomplishing some of your business objectives.

 

Benefits of Regular Assessments

There are many benefits to including regular risk assessments into your business plan.

  1. Identifying your risk profile: Detecting threats and sorting risks bases on their potential for harm helps you to focus your efforts on urgent pain points.
  2. Asset discovery and protection: With an up-to-date inventory from your risk assessment, you can determine ways to protect your critical assets and vital data.
  3. Reduce security spending: Regular risk assessments help you reduce security spending because you know where you need to put money to ramp up security.
  4. Actionable analytics: Availability of information that gives enough insight into the future helps you take adequate actions that can improve your business’ security.
  5. Keeps you compliant: When you handle your business assets and data securely through regular assessments, your business can avoid regulatory violations.

 

Though it sounds a bit complex, with the right partner by your side, you can run regular risk assessments for your business and prevent a risk from escalating into a full-blown data breach. Contact us now!

engineering IT services

The Dangers of Insider Threats

By Blog, Uncategorized No Comments

Many business owners – and the IT professionals they rely on – focus on protecting their companies from external threats – the lone hacker out for a large ransom, the industry competitor pilfering secrets, or organized cyber-criminals with sophisticate phishing schemes, etc. But what about internal threats? Organizations sometimes fail to consider the true risks that insiders pose to their cybersecurity. Yet, internal risks are every bit as dangerous and damaging as the external ones, even if there is not malicious intent.

The 2019 IBM Cost of Data Breach survey revealed that 24 percent of all data breaches in the past five years were the result of negligent employees or contractors.
Another report, Insider Data Breach Survey, found that 60 percent of executives felt employees who made mistakes while rushing to complete tasks were the primary cause of internal breaches. Another 44 percent pointed to a lack of general awareness as the second most common reason, and 36 percent cited inadequate
training for their organization’s security tools as a close third. To drive home the full harm of insider threats, we’ve compiled five actual case studies of internal actors who’ve wreaked financial and reputational damage when they got careless, or abused their knowledge and positions for personal gain.

Case 1: The Careless Employee
Sometimes employers don’t do enough to educate their workers about cybersecurity best practices, and sometimes employees fail to heed recommended security protocols:

A report by a company’s chief security officer discovered that one of the organization’s techs was using duplicate credentials across multiple accounts and failed to set up two-factor authentication on at least two of his accounts. Though the company recommended these two security best practices – do not use the same log-in for more than one account and apply two-factor authentication for additional protection – the employee neglected to do so. This weak security enabled hackers to easily infiltrate the company’s network where they disabled and deleted all data backups – local and cloud. After sabotaging the organization’s backups, the hackers then installed ransomware and demanded payment. Without a usable backup, the company was forced to pay the ransom to recover its data.

What You Can Do
Set up automatic scans to check each clients security settings on each machine to ensure that your IT security policies are being enforced. Generate an automatic alert when two-factor authentication is not turned on where it should be.

Case 2: The Sneaky Former Employee
The knowledge that trusted employees gain about your business doesn’t get turned in with their resignation. Employees can become threats after they move on:

An engineer quit his job to start his own business that would be in direct competition with the company he left. According to court documents, the engineer hacked his former company’s server using a former co-worker’s stolen credentials. Once inside the network, he was able to retrieve AutoCAD files, design schematics, project proposals, and budgetary documents – all information that could provide a competitive advantage over his former employer. The value attributed to proprietary information he stole was between $250,000 and $550,000. For his efforts, the engineer was sentenced to 18 months in prison and two years of supervised release.

What You Can Do
Establish “exit procedures” for employee turn-over that includes the immediate removal of ex-employees from Active Directory. Scan the network daily for suspicious log-in attempts by ex-employees and others, and generate an alert for each incident.

Case 3: The Compromised Third-Party Vendor
An “insider” doesn’t have to be located directly within your walls to become a threat to your network. Trusted third-party vendors may have enough access to your network and data to be unknowing conduits for external hackers and do damage to your network:

A hacker infiltrated a billing collections agency and gained access to patient information that belonged one of the agency’s clients: a healthcare laboratory. Almost 12 million patient records were compromised, including credit card numbers and other personal identifying information. A security firm that tracks compromised data found 200,000 patient payment details from the billing company for sale on the dark web. Fortunately, the lab had insurance in place to cover some of the potential cost and liability as a result of the breach.

What You Can Do
Set up internal IT security policies that limits storage of credit card and other personal identifying information, and includes additional security levels for access. Regularly scan the network for any suspicious log-in attempts and generate alerts to investigate.

Case 4: The Deceptive Spouse
Spouses share as much information as business partners, maybe even more. When those relationships turn sour, the secrets shared in private can be used for personal gain:

When a business owner’s spouse began an affair with the owner of a competing business, the spouse sought to use insider knowledge to benefit the competitor. The spouse attempted to log into the company computer with the intent of downloading the client database. Fortunately, the network had an insider threat detection program that identified this uncharacteristic behavior and sent out an alert regarding the anomalous login. An internal investigation occurred, revealing the attempted hack as well as the affair. Divorce followed shortly afterward.

What You Can Do
Scan the network regularly for anomalous log-ins and generate alerts to examine any suspicious activity. An insider threat protection system that uses machine learning to establish baseline end-user behavior trends can help determine when investigations are necessary.

Case 5: Unsupported Legacy Software and Devices
Sometimes insider threats are caused by failure to act, rather than an employee doing something bad. Out-of-date devices and software typically do not receive critical security updates and patches, rendering them open doors for hackers:

A massive cyberattack penetrated a software vendor’s IT management systems through a legacy IP scanner tool and compromised an unknown number of end-user client servers. Some clients had administrative superuser accounts created within their Windows active directory, so unidentified intruders had full access to their systems and data long before detection. The vendor admitted, “We still have no way to know what sort of malicious software or gateways may have been left behind nor what data has been stolen, which absolutely could lead to additional problems and liability concerns for us in the future.” More than two months after the attack, the full extent of the damage was still unknown.

What You Can Do
Scan all networks daily, looking for software that is missing the latest security patches, and generate alerts for machines that need updating.

 

The Internal Protection You Need
As a reputable MSP, Digital323 understands cybersecurity and its significance to today’s small businesses. Looking for internal cybersecurity threats is more challenging than managing threats from the outside.We offer formidable insider threat detection and issue alerting that can accommodate any budget and networks of any size. We have specialized security software that runs a daily non-intrusive check of each computer on your network, and alerts us when it detects these kinds of insider threats, and more.
Contact us today to get protected.