10 Security Best Practices for Businesses

Security,
24
Oct 2015

banner-05

It’s essential for businesses to protect their data assets from any potential security threat. Here are tips to help your business achieve this.

The world of IT security, however, can be an intimidating landscape and many business owners struggle to put a plan of action together. And this leaves them vulnerable to security attacks.

Thankfully, though, we’ve learned a thing or ten about protecting data from rogue elements and will be sharing these security best practices with you.

  1. Segment Your Networks
    ibwf_diagram_3

One of the best strategies to minimize data loss is by segmenting your networks. The use of firewalls between each network segment will prevent attackers gaining access to all of your data at once. It’s likely that this frustration will lead to attackers giving up and heading elsewhere.

  1. Visualize What You’re Securing

Data, in its purest form as binary code, isn’t something you can physically see. And it’s this lack of physical mass which means it’s difficult to assess the knock on effect of implementing new security policies. To prevent leaving your business open for attacks, keep detailed visibility records of your networks and their configurations. This allows you to make future changes which won’t compromise your security.

  1. Don’t Give Everyone Admin Rights
    1311_WindowsPromote2

There needs to be a level of control when it comes to your network, so you can’t issue everyone admin rights. Sure, it may save users a little time in sorting out network issues such as installing new hardware, but it also sets your network up for an attack by making admin rights less privileged.

  1. Keep Tabs

It’s vital that you create a ‘security knowledge’ database to help keep everyone on the same page as to who has specific access to which security features. This allows a hierarchy to be observed and easy to understand processes to be carried out when dealing with applications or even decommissioning them.

  1. Carry out Security Training

Everyone in your organization will need to undergo some form of security training. This allows your business, as a whole, to be more secure from attacks. And it doesn’t need to be intense training either, it may be as simple as going through the company IT policy with new starters or regular email updates about current viruses and malware.

  1. Regularly Patch your Systems
    3

The easiest security attack is one that targets a known vulnerability e.g. an opportunity to get into your system via a ‘back door’ in a piece of software. Therefore, always make sure you install every patch you’re offered as it could make a huge difference to your chances of staying secure.

  1. Analyze your Security Stats

The only way to confirm that your security efforts are working is to analyze their performance every month. This is why you will want to measure metrics such as number of attacks, user errors etc. to monitor exactly which direction your security is heading in.

  1. Communicate with Other Teams
    cross functional team

Communication needs to be clear and defined between your security team and other in-house teams to guarantee high levels of security. Any changes that are made in-house need to be communicated between security and the corresponding team to allow security provisions to be updated/implemented. Likewise, your security team has to inform all other teams of any upcoming security changes to keep everyone aware.

  1. Reduce Outbound Access

Many data thefts occur from within businesses, so it’s good practice to limit the amount of outbound access available. So, if, for example, your business has no need to use Google Docs then put a block on it and prevent any data leaking out via this avenue. Don’t forget: insider data theft can not only be disastrous, but also highly embarrassing.

  1. Automate Certain Security Tasks

It’s a tough job to monitor every single aspect of your data security, so why not automate some of the more basic tasks e.g. monitoring unauthorized attempts at bypassing firewalls. This gives your security team more time to concentrate on more complex security issues.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

KeyRaider Malware Causes Havoc for Apple Devices

Security, , ,
22
Oct 2015

trouver-et-suprimer-malware-keyraider-infoidevice

Users running Apple’s iOS software may have been exposed to a nasty piece of malware which threatens to steal user data and make unauthorized app purchases.

This malicious software has been dubbed ‘KeyRaider’ and has been responsible for uploading sensitive user information to a central server. This type of data theft is alarming enough, but affected users are also having to contend with KeyRaider purchasing apps without authorization.

The KeyRaider infection, so far, only appears to affect Apple devices which have gone through the ‘jailbreak’ process, but up to 225,000 accounts have been compromised as a result.

How did KeyRaider Start?

Jailbreaking an Apple device involves removing hardware restrictions enforced by iOS and is a fairly common practice for Apple users who are tech savvy. The aim of jailbreaking is to give more control over how the device runs and to enhance functionality.

9544245659_899baface2_z

Now, a whole industry has sprung up around jailbreaking in order to really highlight what an Apple device can do and to show off developers’ coding skills. And at least one amateur developer has decided to exploit this desire by creating jailbreak tweaks which hide a nasty surprise.

Once these tweaks are installed on an Apple device the system becomes compromised and puts the user at risk of a serious infringement of their security.

The Malicious Tweaks in Full

Two jailbreak tweaks in particular have been identified for putting users at risk of contracting the KeyRaider malware and they are:

  • iappstore – This jailbreak tweak promises to allow jailbroken devices to download paid apps from the App Store without spending a single cent.
  • iappinbuy – Many apps require users to make in-app purchases to enhance that app’s experience e.g. unlocking extra features in games. And this particular tweak pledges to circumnavigate the payment.

Despite many Apple users doubting the authenticity of these tweaks, they were downloaded over 20,000 times. And every single download puts users’ personal data at risk.

What Type of Data Is Being Stolen?

KeyRaider appears to be stealing three types of data from users under the following categories:

  • Usernames, passwords and the Apple devices ‘global unique identifier’
  • Push notification service certificates and private keys
  • App Store purchase logs

These three forms of data carry very powerful user information which is allowing KeyRaider to create high levels of panic particularly due to the financial edge.

How to Protect your Apple Device

sunset_ios_8_wallpaper-copy-1160x725

The simplest piece of advice we can give you is NOT to jailbreak your Apple device. They’re pretty amazing bits of kit as they are, so some things are better off left alone. However, I appreciate that many people want that little bit extra, so we advise the following:

  • Do NOT download the iappstore or iappinbuy app.
  • Avoid downloading anything from Cydia Substrate which is like the App Store, but for jailbroken devices – this is where the malicious tweaks first surfaced.
  • If something sounds too good to be true – such as not paying for paid apps – then it probably isn’t worth installing.

By following this advice you will safeguard your Apple device from disruptive malware such as KeyRaider.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

SmartPhone Malware Found on Popular Brands

Security,
20
Oct 2015

study-reveals-xiaomi-huawei-lenovo-phones-contain-malware-by-default

It’s not just PCs that are at threat of malicious software (malware), smartphones are fast becoming the prime target for malware, but how has this happened?

First of all, what exactly is malware? Essentially, it’s a nasty string of code or a program which enters software with the main aim of stealing data, taking control of your system or flooding your device with irritating ads.

And you only have to look at the rise of the smartphone to understand exactly why it’s such an attractive prospect for installing software. More people now use their smartphone to access the internet than they do their laptop and this has led to the following issues:

  • Even the most advanced PC user does not fully understand smartphone security as it involves different software and operating systems
  • The average smartphone user is not even aware that their phones can be hacked or monitored

However, the latest malware scandal to hit the smartphone world involves three Chinese smartphone manufacturers (Lenovo, Xiaomi and Huawei) actually preloading their phones with malware. Not exactly the most honest strategy for reassuring users that their data is safe, is it?!

Uncovering the Scandal

881665_NpAdvMainFea

Smartphone malware has been a growing concern for some time, so the German security firm G Data decided it was time to asses the landscape.

And their study reported some shocking findings.

Smartphone malware epidemics are now so common that they’re being discovered roughly every 14 seconds. That means by the time you’ve finished reading this article around 15 smartphone malware epidemics will have erupted. This is very troubling news for every smartphone owner who values their security.

Many brands have been implicated in the scandal, but the most prominent and weighty accusations have been leveled at Lenovo, Xiaomi and Huawei.

Who’s to Blame?

Obviously, once a scandal as hot as this lands, the accused are quick to clear their name and the brands affected have claimed that whilst the malware does exist, it has been installed on their phones by third-party middlemen.

Xiaomi has gone on to comment that this will only occur when purchasing their smartphones through unauthorized dealers. Now, whilst this does sound plausible it’s not ringing true with a number of consumers.

Many consumers feel that the brands involved in the scandal are knowingly involved in the scandal and are, in fact, making a quick buck from allowing this malware to be installed on their smartphones. It doesn’t help that Lenovo has recently been implicated in a bloatware scandal with their laptops, so the level of distrust for such large brands is widespread.

However, actually proving that the manufacturers behind the malware install is incredibly difficult. The malware itself actually clings on to other innocent apps, much like a parasite, and even if these apps are installed it then heads straight to the smartphone’s firmware. This makes it very difficult to pinpoint exactly how the malware got on the smartphone.

The Future of Smartphone Malware

android-malware-01

G Data has conceded that they probably haven’t uncovered the full extent of pre-installed smartphone malware, so many other brands and models could be infected before they’re even turned on for the first time.

This is quite concerning for the huge number of smartphone users which seems to be growing larger by the day. Understanding that your smartphone is at risk is therefore essential in this day and age. And avoiding unauthorized dealers should be an absolute given to limit your chances of falling prey to malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows 10 Blows Data Caps and Gives Some Consumers Huge Bills

Network,
21
Sep 2015

windows-10-update-downloadMicrosoft’s Windows 10 claims to improve the PC experience, but the forced update is causing data caps to blow and creating financial chaos for its users.

No one likes to receive a huge bill for their wireless costs, so many consumers are furious that this is happening due to Windows 10’s automated update service. It’s not the first complaint that consumers have raised about Windows 10, but it’s certainly one of the most serious.

We decided to take a look at the situation to keep you informed about this latest headache to hit Windows 10.

What’s Blowing the Data Caps?

Many internet providers put in place a data cap on people’s subscriptions in order to provide a fairer use of the available bandwidth e.g. someone who downloads files 24/7 is going to use a lot of bandwidth and, therefore, slow down the connection for other users, so a data cap discourages users from hogging the bandwidth.

This is all well and good in normal circumstances, but Windows 10 has changed the playing field. The automated update service for Windows 10 is very busy at the moment and runs quietly in the background, so users aren’t even aware of its activity.

Due to the number of people rushing to sign up to Windows 10 coupled with the flurry of updates, users’ bandwidth usage is, unknowingly, skyrocketing and running up huge bills for consumers.

The Impact of Windows 10 Updates

650x489xwindows-8.1-view-estimated-data-usage-for-connection4.png.pagespeed.ic.dbztwzRGaT

The fees associated with exceeding bandwidth usage vary between ISPs and even countries, but some of the hardest hit customers are those in remote locations where internet access is already expensive.

Users in areas such as New Zealand have already received bills totaling $400 for just one month’s usage, so it’s no surprise to learn that this type of financial hardship is actually forcing users off the internet.

To add insult to injury, even the intial ‘free’ download of Windows 10 is also stretching many consumers’ bandwidth usage due to its 3GB size.

How to Counter the Data Usage

There are, however, ways to tame Windows 10’s hungry appetite for bandwidth, so let’s take a look at some of them:

  • The simplest solution is to roll Windows 10 back to the previous version of Windows you were using. This will immediately stop the automated updates.
  • By accessing the ‘Change Wi-Fi Settings’ in the start menu, users can enable a ‘metered connection’ in the ‘Advanced Options’. This makes sure that your system knows you’re running on a data cap and will ask permission before downloading any updates.
  • There are also certain manual changes you can make to driver updates through a special troubleshooting app released by Microsoft. However, this solution is recommended to advanced experts only.

Will Microsoft Weather the Storm?

This latest crisis to hit Microsoft’s newest installment of their flagship Windows product is certainly embarrassing, but teething problems are always going to be present in new software. With around 70 million downloads and counting, Microsoft certainly needs to ensure updates to counter this issue is resolved soon and with their users’ permission.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Lenovo Rootkit Fiasco

Security,
18
Sep 2015

Lenovo-Yoga-658x370-2212b47ff38e685e

It’s irritating to find a fresh PC full of unnecessary preloaded software, but a Lenovo rootkit has been found sneaking software onto PCs after installation.

Preloaded software such as this is called ‘bloatware’ as it uses up vital system resources, but provides virtually no benefit to the user. Many users, therefore, like to perform a fresh Windows install after unpacking their system to eradicate this pesky bloatware.

However, Lenovo have decided to work around this procedure and are still managing to force their software onto Lenovo systems!

Let’s take a look at how they’re achieving this and what it means for you.

Access via Rootkit?

Many people are accusing Lenovo of resorting to rootkit tactics to make sure their software remains on your system.  A rootkit is a malicious piece of software which grants access to your system to remote users. This is commonly used by criminals to steal passwords or credit card details.

However, in this instance Lenovo isn’t actually using a rootkit and they’re not trying to steal your personal details.

How is Lenovo Gaining Access?

20150814192021

Lenovo is actually loading bloatware on to systems by taking advantage of an official piece of Windows software known as the Platform Binary Table (WPBT). The WPBT allows manufacturers to install trusted software to systems in order for them to run properly.

This software needs to be stored within the machine on a physical medium e.g. a hard drive. Now, the most obvious thing to do would be to uninstall this unwanted software, but this is where Lenovo starts to play nasty.

Built into the Lenovo system’s firmware is a piece of software known as the Lenovo Service Engine (LSE). And the LSE runs before Windows boots up and replaces Microsoft’s version of ‘autochk.exe’ with its own.

Normally, autochk.exe is used to verify the integrity of your file system, but Lenovo’s variant installs software which connects to the internet and downloads the bloatware via the WPBT.

The problem is that because the LSE runs before Windows boots up it’s almost impossible to stop this happening even when you’ve deleted the bloatware. It will simply download again thanks to the LSE!

Cleaning up Lenovo’s Bloatware

115717-104371-i_rc

Once news of Lenovo’s shady activities came to light they were confronted with a lot of bad press.

Not surprisingly they soon released a tool to help remove this rogue software from their systems. There are also numerous guides online advising how to remove the threat manually, but this involves burrowing deep into your system’s code and is best left to an expert.

It was also revealed that all desktop machines which were built between 10/23/2014 – 04/10/2015 contained the LSE, so this is a huge number of systems which have been, to all intents and purposes, infected.

Final Thoughts

The LSE debacle has caused a lot of harm not only to Lenovo customers, but also to Lenovo’s brand values. And the ease with which the WPBT was exploited will also raise many questions about just how secure Windows is.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 14