“What’re you in for?” a prison inmate asks. “I shared my Netflix password with my sister,” you say. This conversation might be absurd, but according to a recent ruling in accordance with the Computer Fraud and Abuse Act, it’s one that could actually happen. Now, sharing your Netflix password to let someone catch up on their favorite TV show can be considered a federal offense.
The ransomware Petya (previously thought to have been eradicated) has unfortunately resurfaced, and it’s brought a friend to the party. Petya was delivered via an email containing an invitation to apply for a job, including the virus in an executable file that was disguised as a PDF job resume. When a hepless user clicked the file, Petya would get to work.
Businesses are volatile entities that can change drastically at any given moment. All it takes to eliminate data and cause disaster is an unexpected natural disaster, like a flood or fire, or a hardware failure that wipes out mission-critical data. The fact remains that your organization could face significant downtime from data loss, and the future of your business could hang precariously in the mix.
Why Backup and Disaster Recovery is Necessary
If your business doesn’t have a reliable way of recovering from a data loss incident, you need to implement one as soon as possible. It’s been proven time and again that businesses that fail to recover their data within seven days of the incident, will likely go out of business within one year. Here are some of the most common reasons why data loss disaster is so prevalent in the business world.
What You Need to Look For
Depending on your business’s specific needs, you’ll require a data backup and disaster recovery solution that’s designed to take regular backups and rapidly recover data, among other things. Here are three topics to consider when determining which kind of BDR solution that you want for your business.
For more information about BDR, business continuity, and more, contact Infradapt at 800.394.2301.
Hackers of all shapes and sizes use brute force attacks to gain access into accounts and infrastructures, but do you know how they work and what your business can do to protect against them? Failing to understand brute force attacks could put sensitive information in the crosshairs of hackers, and leave it vulnerable to ongoing attacks.
What Are Brute Force Attacks?
A brute force attack consists of a hacker repeatedly assaulting a login form with credentials at an incredible rate, hoping to crack the code and gain access without knowing the password to the account or system login. Most brute force attacks are performed by an algorithm that’s designed to rapidly input thousands upon thousands of credentials every second, hence the term “brute force.” Since it takes a more deliberate and frontal assault, rather than using a discrete or intellectual path, it’s considered more straightforward and forceful. Though there are many types of brute force attacks, one of the most common is called a dictionary attack, where password attempts are systematically generated with popular words pulled from the dictionary in order to access the system.
Why They’re a Problem
McAfee Security reports that in 2015, brute force attacks accounted for about 25 percent of all online hacks, second only to Denial of Service attacks. Perhaps this is due to how straightforward these attacks are, since they are deliberate attacks that don’t require skirting around security measures. Those behind brute force attacks know that they will be caught, which makes them particularly dangerous, since all caution is thrown to the wind and forgotten. These types of attacks are used to access accounts or system infrastructures in order to steal credentials like credit card numbers, Social Security numbers, and other data.
Plus, brute force attacks can be used to install a rootkit on a device, or turn a PC into a zombie bot. It’s not uncommon for brute force attacks to be used as a jumping-off point for other major threats.
What to Do
A security solution that can lock out users based on IP location or failed login attempts is one way to protect your business from brute force attacks, but if the attacker is executing the campaign with a botnet, these measures will be limited in their ability to protect you. Botnets consist of several infected computers with various IP addresses, acting as individual users, thus rendering your security measures useless.
One other technology that can be effective at eliminating brute force attacks is two-factor authentication. In addition to your password, two-factor authentication provides an extra layer of security. Basically, if hackers don’t have access to your physical device or a secondary email account, they won’t be able to get the second code required to access your account or infrastructure. Two-factor authentication is a great asset in general, so it’s worth taking into consideration regardless of what type of business you’re running.
Your business should be equipped to handle all types of online threats, particularly those which are dangerous and present a significant threat. Infradapt can help your business integrate solutions designed to maximize your organization’s security and continuity. To learn more, give us a call at 800.394.2301.
Mobile devices have grown extraordinarily popular in the workplace. Organizations find them to be of considerable value for staying connected and getting work done while outside the office. This trend has presented a serious risk in the form of network and data security. How can businesses support mobile devices in the workplace, without compromising on the security of the device and the data it holds?
Data leakage is one of the major pain points of businesses that allow employee-owned mobile devices in the workplace. Every business has sensitive information that needs to be secured from malicious entities, no matter how benign it seems. As the business owner, it’s your responsibility to ensure that you have a policy put into place to protect your data. In the case of mobile devices, you need a Bring Your Own Device (BYOD) policy that dictates how an employee uses their mobile devices for work purposes.
A recent study by Bitglass shows that 72 percent of various organizations, including financial, technology, healthcare, government, and education, feel that BYOD should be supported for at least some of their employees. As for mobile device management, which is an organization’s control over devices used by employees, only 14 percent of organizations used solutions that protect data with device encryption. This is a significant difference that reveals a tricky situation: company’s like the idea of BYOD, but don’t (or aren’t able to) implement a mobile device management solution.
Naturally, you can’t let your business be the next to lose information due to mobile security threats. Implementing a mobile device management solution from Infradapt can help your business retain complete control over the data that’s stored on your employees’ mobile devices. You can restrict access to data based on work role, whitelist and blacklist app data, and even remotely wipe devices:
For more information about BYOD and mobile device management solutions, reach out to Infradapt at 800.394.2301.