Client Area

This section can be repurposed a number of ways.

Security

hand holding mobile phone displaying CrowdStrike advertisement

Ensuring Business Continuity Amid IT Disruptions

As business owners, the thought of a sudden system crash disrupting operations, causing data loss, and potentially tarnishing our reputation is a nightmare we all share. The recent CrowdStrike and Microsoft incident is a perfect example of how even routine updates can lead to significant disruptions. Here’s what happened, how it could have been prevented, and why partnering with an It Support team can be your best defense against such digital catastrophes.

What Happened?

On July 19, 2024, CrowdStrike, a renowned cybersecurity company, released an update to their Falcon sensor software designed to enhance security. However, this update contained a logic error that caused millions of Windows devices to crash, displaying the dreaded “blue screen of death” (BSOD). The error led to a system-wide disruption, affecting approximately 8.5 million devices globally. Businesses using BitLocker encryption faced additional challenges, as the recovery process required access to keys stored on the impacted servers. The timing of the update, during business hours across different time zones, exacerbated the situation, causing significant operational disruptions.

How It Could Have Been Prevented

While it’s impossible to eliminate all risks, several measures could have mitigated the impact of this incident:

Rigorous Update Testing

One of the critical aspects of maintaining a secure and reliable IT environment is ensuring that all updates undergo rigorous testing before deployment. The recent CrowdStrike incident highlights how a failure in the Quality Assurance (QA) process can lead to widespread disruptions.

Enhanced Monitoring and Backup Systems

Real-time monitoring systems can detect anomalies quickly, allowing for swift corrective action. Regular backups and accessible recovery keys, especially for encrypted systems, are vital for quick recovery.

Collaborative Incident Response

A comprehensive incident response plan involving collaboration between software providers and end-users ensures streamlined communication and remediation efforts during crises. Swift and transparent communication from vendors is essential to manage and mitigate the impact effectively.

Proper Evaluation of Tools

Choosing the right cybersecurity tools is crucial for maintaining business continuity and avoiding disruptions. While it’s tempting to go with popular choices like CrowdStrike, it’s essential to evaluate tools based on your specific needs and not just general consensus.

How Working with an IT PArtner Can Prevent These Issues

Partnering with an expert IT Support partner offers businesses the expertise and resources needed to prevent and manage such incidents effectively. Here’s how an MSP can help:

Proactive Monitoring and Maintenance

IT support teams provide 24/7 monitoring of systems, identifying and addressing potential issues before they escalate. Regular maintenance and updates managed by IT partners ensure systems are up-to-date and secure.

Robust Backup and Recovery Solutions

Support teams implement comprehensive backup solutions, ensuring data integrity and availability during unexpected outages. Efficient disaster recovery plans tailored to your business needs minimize downtime and data loss.

Expertise and Resources

Access to specialized knowledge and resources that small to medium-sized businesses may lack in-house. A comprehensive IT support team offer comprehensive security strategies, including the latest threat detection and prevention technologies.

Incident Response and Support

Immediate response and support during incidents, providing expertise to mitigate impact and restore operations swiftly. Regular training and updates to clients on best practices for system security and incident handling.

Strengthening Your Business Against Future IT Failures

At OWG, we understand the fears and frustrations that come with potential data loss, damaged reputation, and the risk of losing clients. Our proactive monitoring, robust backup solutions, and expert incident response can help safeguard your business against such disruptions.

Partner with us to ensure your operations run smoothly, even in the face of unforeseen challenges.

Business Email Compromise –  When the criminal’s reading your email.

 

We’re all connected – the closer a hacker gets to your vendor, your client, your partner… the closer they are to you. Here’s the story of an advertising agency who thought they were communicating with their event venue.

Inc. estimates 60% of companies go out of business within six months of a cyber attack.

Haven’t we had enough attacks, hacks and breaches? The best offense is a strong defense – it’s time to start defending ourselves! 

 

Drop your name and email to learn more, or tag our calendar to setup a conversation.

VPN is dead

Today’s modern and mature business can’t function through the VPN or an antiquated remote desktop solution.

Remote access to corporate technology (email, data, infrastructure, financials, etc) isn’t new. Most organizations have had some sort of solution in place for at least the last decade, with stragglers getting a push from the pandemic. 

 

 

But as conversations like Zero Trust or UX (the user experience) become more common, our clients look to better position themselves and it’s no longer just about “accessing the network”. Cost, compliance, latency, security, productivity, collaboration – all of these are shaping the way IT teams and corporate leaders consider the future of their information technology and nothing can match a virtualized environment. 

 

Users want easy access to business applications, data, and email. Managers need productivity analytics and integrated collaboration tools that are easy to use. Regulatory and compliance requirements call for advanced cybersecurity. Finance wants a cost-effective solution with clear billing and no long-term obligations.

 

 

 

The solution is an integrated cloud computing model with a native user experience and services that include analytics, cybersecurity, computing, database, mobile, networking, storage, and web apps.

 

VPN is Dead
Fortunately, we’ve come to a place and time where all of this possible, at a cost that’s affordable and easy to understand.

Next-Gen Cloud from OWG is built on the Azure infrastructure and from safety to UX we’ve considered it all. For a closer look, check out our published live demo. From a higher level, our solutions let’s you and your team: 

Stay productive from home and outside the office. Sign on to any device and quickly launch office apps and securely access corporate data.

 

Protect IP and business-critical data. Give users freedom and easy access to their work from anywhere over a secure network.

 

Control access through the user profile. Conditional access controls determine user access based on user profile, geo- location, team, etc.

 

Simplified licensing and billing. Can be included with Offices 365 billing which you’re likely paying already.

 

• Leverage advanced cybersecurity features. Including integrated and enforceable multi-factor authentication, and auditing features for easy compliance and reporting.

 

Remain vendor agnostic. Don’t get hamstrung by your IT services vendor. Next-gen cloud allows you to select the vendor of your choice and makes it easy to leave when you decide.

 

To learn more, or have a conversation about how Next-Gen Cloud from OWG can benefit your business complete the request for info below, or just book a time on my calendar.  

Incident Response Plan

It’s Monday Morning and your organization was just hit with a cyber-attack.  Your response to the incident in the next few moments is critical.

Do you know what to do next? Does your team? Is the process documented? What’s automated and how much manual intervention will be needed? 

 

Your company needs a published Incident Response Plan OWG can help you get organized.

Shadow IT

Protect your company from Shadow IT.

Shadow IT may seem like a resourceful attempt to problem solve, but it actually can be quite harmful and introduces serious security risks through data leaks, compliance violations, unpatched software and more.

 

Protect against Shadow IT

Michael’s trying to share a file with a client, but’s having trouble… the file’s too large to send in an email. After a few unsuccessful attempts he’s getting frustrated.

Then he remembers a free file sharing app and tries downloading it to his company computer.
Within minutes he gets a notification from the IT Service Desk reminding him company policy prohibits “Shadow IT”, or the use of non-approved software. They also explain that he has Office 365 and can take advantage of its easy to use, secure file sharing abilities. 
Bonus! The client also uses Office 365. The process is seamless and the two can easily collaborate without dealing with multiple versions, emailing back and forth, and lost data. 

Drop your name and email below to learn more, or tag our calendar and let’s have a conversation.

Verify.

How do you protect your company from business email compromise (BEC)?

Here’s a tactic we call #Human2FA

Verify financial requests

Ever get an email asking for financial or banking information? Ever fall for it?
Today’s social engineering tactics are pretty good and more than a few corporate executives have fallen prey.


But there’s an easy way to stay a step ahead of the criminal and we call it Human Two Factor Authentication. 

 

Watch the video, share it with your team and make verifying finical requests policy at your organization. 

Cloud for accountants CPAs

As hybrid work continues, here’s how we helped one NJ firm with a fast, easy, and secure Cloud.

Accounting firms are notoriously conservative, especially when considering offsite computing. 

 

With high standards and a reputation for providing exceptional service through their highly-specialized staff, technology drives this firm. A highly respected institution among its peers, we integrated our Next-Gen Cloud and the staff has never been more productive. 

Cloud for NJ Accounting

Want to know how we did it? Drop your name and email below, and download the business case. 

Whats a vulnerability assessment

Can today’s business leader explain what a vulnerability assessment actually is?

Like trying to explain what water tastes like, or defining the word “the”, we’ve found that while today’s business leader is quite familiar with the term “vulnerability assessment” few can explain what a vulnerability assessment actually is.

 

Even more, ask three IT professionals what a vulnerability assessment is and you’re likely to get three different answers.  

So what is a vulnerability assessment? How often should you have one? How much should you expect to pay? And what’s the difference between a vulnerability assessment and a penetration test? .

Defining a vulnerability assessment as “the process of defining, identifying, classifying, and prioritizing vulnerabilities in computer systems,applications, and network infrastructures”, our friends at TechTarget have published an excellent article defining the process and detailing some of the finer points. Below is a summary of TechTarget’s publication, and a few of their highlighted best practices. (For a deeper dive into the process, check out www.techtarget.com/searchsecurity/definition/vulnerability-assessment-vulnerability-analysis) ‍

As explained by Linda-Rosencrance of TechTarget, a vulnerability assessment can provide an organization with the necessary knowledge to understand and react to threats within its environment. Organizations of any size, or even individuals who face an increased risk of cyber attacks, can benefit from some form of vulnerability assessment, but large enterprises and high-target organizations (eg. insurance agencies, financial institutions, accounting firms, medical offices, law firms) that are subject to attacks will benefit most from a vulnerability analysis as they provide an organization details on any security weaknesses in its environment and direction on how to assess the risks associated with those weaknesses. 

 

The process offers an organization a better understanding of its technology assets, security flaws and overall risk, thereby reducing the likelihood that a cybercriminal will breach its systems and catch the business off-guard.‍

Types of vulnerability assessments

·        Network-based scans: Used to identify possible network security attacks. This type of scan can also detect vulnerable systems on wired or wireless networks.
·        Host-based scans: Used to locate and identify vulnerabilities in servers, workstations or other network hosts.This type of scan usually examines ports and services that may also be visible to network-based scans. However, it offers greater visibility into the configuration settings and patch history of scanned systems, even legacy systems.
·        Wireless network scans: Focus on points of attack within the organization’s wireless network infrastructure. In addition to identifying rogue access points, a wireless network scan can also validate that a company’s network is securely configured.
·        Application scans: Test websites to detect known software vulnerabilities and incorrect configurations in network or web applications.
·        Database scans: Identify weak points in a database to prevent malicious attacks, such as SQL injection attacks.

Vulnerability assessment vs. pen test

A vulnerability assessment often includes a penetration testing component to identify vulnerabilities in an organization’s personnel, procedures or processes. These vulnerabilities might not normally be detectable with network or system scans. The process is sometimes referred to as vulnerability assessment/penetration testing, or VAPT.

 

However, penetration testing is not sufficient as a complete vulnerability assessment and is, in fact, a separate process.

A vulnerability assessment aims to uncover vulnerabilities in a network and recommend the appropriate mitigation or remediation to reduce or remove the risks. It uses automated network security scanning tools, and lists the results in an assessment report. However, it does so without evaluating specific attack goals or scenarios. Organizations should employ vulnerability testing on a regular basis to ensure the security of their networks, particularly when changes are made. For example, testing should be done when services are added, new equipment is installed or ports are opened.

 

 

Penetration testing, in contrast, involves identifying vulnerabilities and attempting to exploit them in order to attack. Although sometimes carried out in concert with vulnerability assessments, the primary aim of penetration testing is to check whether a vulnerability really exists and infiltrate the organization. In addition, penetration testing tries to prove that exploiting a vulnerability can damage the application or network.

Finally, while a vulnerability assessment is usually automated to cover a wide variety of unpatched vulnerabilities, penetration testing generally combines automated and manual techniques to help testers delve further into the vulnerabilities and exploit them to gain access to the network in a controlled environment.

For more information or to discuss how a vulnerability assessment can help your organization just complete the form below or set a time to connect.

Portions of this article were written by Linda-Rosencrance and published by TechTarget at www.TechTarget.com/searchsecurity/definition/vulnerability-assessment-vulnerability-analysis

Zero-Trust-Cybersecurity

As the business community faces down cyber threats, one medical office is defending itself with a Zero Trust approach to cybersecurity

Physicians have always been at the front of the line when it came to technology integration. Among the first to realize the benefits wearing a pager, having a cell phone, using a tablet, and essentially digitizing their business, doctors and researchers are typical early adopters of mobile, Cloud and IOT systems. 

As attacks on the healthcare industry make weekly news, personal information (PII) floods the black market, and steep fines take their toll,doctors and practice administrators wonder what they can do differently. 

A holistic strategy, a Zero Trust approach to cybersecurity means that you:

     1) Verify Explicitly
     2) Use Least Privilege
     3) Assume Breach

Want to learn more? Complete the form and download the business case.

Zero Trust

As cyberattacks on midsize firms prove inevitable, are you ready to be hit?

A strong defensive posture minimizes exposure, limits collateral damage and protects client privacy. ‍

We’ve been providing IT consulting and technology services to the mid-size business community since 1999, and from basic firewalls to advanced breach detection systems we absolutely guarantee there’s no shortage of security products designed to protect the enterprise. 

 

But third party/supply chain attacks have changed this game. Drastically. And, from the most basic user training videos, to a 24×7 monitored security and information management (SEIM) system, there’s not one thing a business can do to protect data when its business management system, ERP or CRM is breached. Bottom line – every business on the planet relies on third-party software and there’s simply no safe place to hide. Boo!

Since shutting down shop isn’t an option, we must, as always, take up this threat and face it head on!

 

As we wrote in an post about Zero Trust Cybersecurity, you can only worry about what’s within your control. Since fully defending against this attack isn’t possible, we can only protect our organizations and prepare to be attacked.

1. Deploy a multi-layered detection and response approach. Multisyllable marketing jargon aside – as quickly as possible, you need to know you’ve been breached, and you need a post-attack response plan (or plans). “Honeytokens” or virtual trip wires setup to alert organizations of suspicious activity in their network are a great tool. If a being breached is bad, not learning about it till days or weeks after it happens is worse and not knowing what to do next can be catastrophic. www.upguard.com/blog/how-to-prevent-supply-chain-attacks

2. Include threat hunting as regularly scheduled IT maintenance. As described by our partners at SentinolneOne, threat hunting is quite a different activity from incident response (IR). While IR methodologies aim to determine what happened after a data breach, a threat hunting team searches for attacks that have slipped through your defensive layers to help you find adversaries hiding in your network before they can execute an attack or fulfill their goals.

 

3. Work with a SIEM solution that offers automated remediation actions. A security information and event management (or SIEM) is a cybersecurity solution that collects and converges data from different parts of your IT environment with the intent of monitoring your firm’s security levels. Providing advanced visibility and insight into your users, endpoints, traffic, activity, and more, a SIEM enables you to maintain oversight into your network and beyond the perimeter as your company scales.

4. Log capture and file retention for critical infrastructure. As detailed in this whitepaper from the National Institute for Standards & Technology (NIST) nvlpubs.nist, log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time. Routine log analysis is beneficial for identifying security incidents, policy violations, fraudulent activity, and operational problems. 

5. Encryption for all data. In cryptography, encryption is the process of encoding information or sensitive data so only authorized parties can access it. While encryption can’t prevent criminal activity or third-party attacks, it does deny intelligible content to the interceptor. For more on encryption, we recommend this article published by UpGuard www.upguard.com/blog/encryption.

6. Use two-factor/multi-factor authentication. With two-factor authentication enabled, criminals who do gain access to user login credentials aren’t automatically granted entry. A key element to a Zero-Trust Security framework, multi-factor authentication requires users validate their identity to provide that extra layer of security.

Above all, at OWG we believe cybersecurity will always come down to your corporate culture and your posture – on your toes, knees bent, arms ready. Stay sharp, be prepared and have your plan in place and you’ll have an advantage and typically able to weather the storm. The complacent or unprepared will get swallowed.  

 

For more information, or to set a time to speak, drop your name and email below and we’ll reach out.

 

 #StaySafeOnline‍