Business Email Compromise – When the criminal’s reading your email.
This section can be repurposed a number of ways.
Remote access to corporate technology (email, data, infrastructure, financials, etc) isn’t new. Most organizations have had some sort of solution in place for at least the last decade, with stragglers getting a push from the pandemic.
But as conversations like Zero Trust or UX (the user experience) become more common, our clients look to better position themselves and it’s no longer just about “accessing the network”. Cost, compliance, latency, security, productivity, collaboration – all of these are shaping the way IT teams and corporate leaders consider the future of their information technology and nothing can match a virtualized environment.
Users want easy access to business applications, data, and email. Managers need productivity analytics and integrated collaboration tools that are easy to use. Regulatory and compliance requirements call for advanced cybersecurity. Finance wants a cost-effective solution with clear billing and no long-term obligations.
The solution is an integrated cloud computing model with a native user experience and services that include analytics, cybersecurity, computing, database, mobile, networking, storage, and web apps.
Next-Gen Cloud from OWG is built on the Azure infrastructure and from safety to UX we’ve considered it all. For a closer look, check out our published live demo. From a higher level, our solutions let’s you and your team:
• Stay productive from home and outside the office. Sign on to any device and quickly launch office apps and securely access corporate data.
• Protect IP and business-critical data. Give users freedom and easy access to their work from anywhere over a secure network.
• Control access through the user profile. Conditional access controls determine user access based on user profile, geo- location, team, etc.
• Simplified licensing and billing. Can be included with Offices 365 billing which you’re likely paying already.
• Leverage advanced cybersecurity features. Including integrated and enforceable multi-factor authentication, and auditing features for easy compliance and reporting.
• Remain vendor agnostic. Don’t get hamstrung by your IT services vendor. Next-gen cloud allows you to select the vendor of your choice and makes it easy to leave when you decide.
Like trying to explain what water tastes like, or defining the word “the”, we’ve found that while today’s business leader is quite familiar with the term “vulnerability assessment” few can explain what a vulnerability assessment actually is.
Even more, ask three IT professionals what a vulnerability assessment is and you’re likely to get three different answers.
So what is a vulnerability assessment? How often should you have one? How much should you expect to pay? And what’s the difference between a vulnerability assessment and a penetration test? .
Defining a vulnerability assessment as “the process of defining, identifying, classifying, and prioritizing vulnerabilities in computer systems,applications, and network infrastructures”, our friends at TechTarget have published an excellent article defining the process and detailing some of the finer points. Below is a summary of TechTarget’s publication, and a few of their highlighted best practices. (For a deeper dive into the process, check out www.techtarget.com/searchsecurity/definition/vulnerability-assessment-vulnerability-analysis)
As explained by Linda-Rosencrance of TechTarget, a vulnerability assessment can provide an organization with the necessary knowledge to understand and react to threats within its environment. Organizations of any size, or even individuals who face an increased risk of cyber attacks, can benefit from some form of vulnerability assessment, but large enterprises and high-target organizations (eg. insurance agencies, financial institutions, accounting firms, medical offices, law firms) that are subject to attacks will benefit most from a vulnerability analysis as they provide an organization details on any security weaknesses in its environment and direction on how to assess the risks associated with those weaknesses.
The process offers an organization a better understanding of its technology assets, security flaws and overall risk, thereby reducing the likelihood that a cybercriminal will breach its systems and catch the business off-guard.
· Network-based scans: Used to identify possible network security attacks. This type of scan can also detect vulnerable systems on wired or wireless networks.
· Host-based scans: Used to locate and identify vulnerabilities in servers, workstations or other network hosts.This type of scan usually examines ports and services that may also be visible to network-based scans. However, it offers greater visibility into the configuration settings and patch history of scanned systems, even legacy systems.
· Wireless network scans: Focus on points of attack within the organization’s wireless network infrastructure. In addition to identifying rogue access points, a wireless network scan can also validate that a company’s network is securely configured.
· Application scans: Test websites to detect known software vulnerabilities and incorrect configurations in network or web applications.
· Database scans: Identify weak points in a database to prevent malicious attacks, such as SQL injection attacks.
A vulnerability assessment often includes a penetration testing component to identify vulnerabilities in an organization’s personnel, procedures or processes. These vulnerabilities might not normally be detectable with network or system scans. The process is sometimes referred to as vulnerability assessment/penetration testing, or VAPT.
However, penetration testing is not sufficient as a complete vulnerability assessment and is, in fact, a separate process.
A vulnerability assessment aims to uncover vulnerabilities in a network and recommend the appropriate mitigation or remediation to reduce or remove the risks. It uses automated network security scanning tools, and lists the results in an assessment report. However, it does so without evaluating specific attack goals or scenarios. Organizations should employ vulnerability testing on a regular basis to ensure the security of their networks, particularly when changes are made. For example, testing should be done when services are added, new equipment is installed or ports are opened.
Penetration testing, in contrast, involves identifying vulnerabilities and attempting to exploit them in order to attack. Although sometimes carried out in concert with vulnerability assessments, the primary aim of penetration testing is to check whether a vulnerability really exists and infiltrate the organization. In addition, penetration testing tries to prove that exploiting a vulnerability can damage the application or network.
Finally, while a vulnerability assessment is usually automated to cover a wide variety of unpatched vulnerabilities, penetration testing generally combines automated and manual techniques to help testers delve further into the vulnerabilities and exploit them to gain access to the network in a controlled environment.
Want to learn more? Complete the form and download the business case.
We’ve been providing IT consulting and technology services to the mid-size business community since 1999, and from basic firewalls to advanced breach detection systems we absolutely guarantee there’s no shortage of security products designed to protect the enterprise.
But third party/supply chain attacks have changed this game. Drastically. And, from the most basic user training videos, to a 24×7 monitored security and information management (SEIM) system, there’s not one thing a business can do to protect data when its business management system, ERP or CRM is breached. Bottom line – every business on the planet relies on third-party software and there’s simply no safe place to hide. Boo!
Since shutting down shop isn’t an option, we must, as always, take up this threat and face it head on!
As we wrote in an post about Zero Trust Cybersecurity, you can only worry about what’s within your control. Since fully defending against this attack isn’t possible, we can only protect our organizations and prepare to be attacked.
1. Deploy a multi-layered detection and response approach. Multisyllable marketing jargon aside – as quickly as possible, you need to know you’ve been breached, and you need a post-attack response plan (or plans). “Honeytokens” or virtual trip wires setup to alert organizations of suspicious activity in their network are a great tool. If a being breached is bad, not learning about it till days or weeks after it happens is worse and not knowing what to do next can be catastrophic. www.upguard.com/blog/how-to-prevent-supply-chain-attacks
2. Include threat hunting as regularly scheduled IT maintenance. As described by our partners at SentinolneOne, threat hunting is quite a different activity from incident response (IR). While IR methodologies aim to determine what happened after a data breach, a threat hunting team searches for attacks that have slipped through your defensive layers to help you find adversaries hiding in your network before they can execute an attack or fulfill their goals.
3. Work with a SIEM solution that offers automated remediation actions. A security information and event management (or SIEM) is a cybersecurity solution that collects and converges data from different parts of your IT environment with the intent of monitoring your firm’s security levels. Providing advanced visibility and insight into your users, endpoints, traffic, activity, and more, a SIEM enables you to maintain oversight into your network and beyond the perimeter as your company scales.
4. Log capture and file retention for critical infrastructure. As detailed in this whitepaper from the National Institute for Standards & Technology (NIST) nvlpubs.nist, log management is essential to ensuring that computer security records are stored in sufficient detail for an appropriate period of time. Routine log analysis is beneficial for identifying security incidents, policy violations, fraudulent activity, and operational problems.
5. Encryption for all data. In cryptography, encryption is the process of encoding information or sensitive data so only authorized parties can access it. While encryption can’t prevent criminal activity or third-party attacks, it does deny intelligible content to the interceptor. For more on encryption, we recommend this article published by UpGuard www.upguard.com/blog/encryption.
6. Use two-factor/multi-factor authentication. With two-factor authentication enabled, criminals who do gain access to user login credentials aren’t automatically granted entry. A key element to a Zero-Trust Security framework, multi-factor authentication requires users validate their identity to provide that extra layer of security.
Above all, at OWG we believe cybersecurity will always come down to your corporate culture and your posture – on your toes, knees bent, arms ready. Stay sharp, be prepared and have your plan in place and you’ll have an advantage and typically able to weather the storm. The complacent or unprepared will get swallowed.
For more information, or to set a time to speak, drop your name and email below and we’ll reach out.
Montville, NJ; March 29, 2022 – OWG is pleased to announce that we have taken all necessary steps to prove our good faith effort to achieve compliance with the Health Insurance Portability and Accountability Act (HIPAA). Through the use of Compliancy Group’s proprietary HIPAA solution, The Guard™, OWG can track our compliance program and have earned their Seal of Compliance™. The Seal of Compliance is issued to organizations that have implemented an effective HIPAA compliance program through the use of The Guard.
HIPAA is made up of a set of regulatory standards governing the security, privacy, and integrity of sensitive healthcare data called protected health information (PHI). PHI is any individually identifiable healthcare-related information. If vendors who service healthcare clients come into contact with PHI in any way, those vendors must be HIPAA compliant.
OWG has completed Compliancy Group’s Implementation Program, adhering to the necessary regulatory standards outlined in the HIPAA Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and HITECH. Compliancy Group has verified OWG’s good faith effort to achieve HIPAA compliance through The Guard.
“I am so proud of our team and our continued efforts to distinguish ourselves as a best-in-class, technology consulting practice”, explains Nick Rigali, Operating Partner at OWG.” As a firm, we’ve always been dedicated to protecting sensitive data and the personal information of our partners (clients) and our partner’s clients. This certification solidifies those responsibilities and allows us to publicly demonstrate our commitment to security.”
Clients and patients are becoming more aware of HIPAA compliance requirements and how the regulation protects their personal information. Forward-thinking providers like OWG choose the Seal of Compliance to differentiate their services.
About Compliancy Group:
HIPAA should be simple. That’s why Compliancy Group is the only HIPAA software with expert Compliance Coaches™ holding your hand to simplify compliance. Built by auditors, Compliancy Group gives you confidence in your compliance plan to reduce risk, increase patient loyalty, and profitability of your organization. Visit https://www.compliancy-group.com or call 855.854.4722 to learn how simple compliance can be.