A recent report states that hackers have a 7-day window to exploit a vulnerability before people are aware that they’re vulnerable. Hackers exploit these vulnerabilities by connecting through various entry points in your organization. The best way to protect your entry points from hackers is to consider having many security measures or layered security.
Source: Canadian Chamber of Commerce
What is Layered Security?
Layered security is a defence strategy that protects I.T. security systems through multiple layers. The point of having multiple layers of security, says Arbind Sahu, an Enterprise Network Architect at Jolera, is that “if you have six or so layers, you hope that if it [a threat] passes through the first three, it’ll hit the fourth and get detected and stopped.” The goal of layered security is to make it harder for criminals to access your data.
Why Invest in Layered Security?
There are many reasons why investing in layered security is a good idea.
- Regulatory requirements: Some data, like finances and health reports, require extra protection with checks and controls. Laws like GDPR have heavy fines if data is not properly protected.
- Profit: The cost of being down due to a cyber attack can end up costing more than maintaining a layered security system.
- Insurance: Investing in layered security could lower your insurance premiums because it shows you are a low-level security risk.
However, the security layers you need ultimately depends on your security needs and environment.
Jolera’s Steps for Layered Security
At Jolera, we believe in protecting your security posture by adding additional layers of security to your environment. With our Secure I.T.™ layered security services, customers can layer a consistent set of technologies and products into their network in a way that fits their budget or where they see their biggest security threat.
Perimeter – Firewall
A firewall is the front door protection for your security. It builds a barrier between your system and outside threats. Firewalls prevent unauthorized access into your networks. At Jolera, we provide constant monitoring, management and support with any firewalls we deploy. In addition, we provide ongoing patching/ firmware updates so that your security is always up-to-date.
EndPoint – Anti-Virus
Your desktop is considered to be the back-door for hackers to get into your network. Protect yourself from viruses and malware by installing anti-virus software into your computers. Since new threats are always emerging, update your anti-virus software regularly.
Awareness training is an important aspect of security. It’s a continuous process because threats are always evolving. Employees need to know the best security practices and understand that people who are trying to break into your networks will use any means. It is critical that everyone understand security.
Your WiFi is another entry point where rogue actors can gain access into your network. One way you can secure your WiFi is to use password protection. For additional security, our Secure I.T.™ WiFi as a Service is a turnkey, leading edge wireless network solution featuring installation, configuration, management and security event management for your WiFi solution.
E-mail & connectors
Sending malicious links through e-mails is another way hackers target companies. It’s important to have a security system for your e-mail to filter out bad actors like phishing, ransomware and malware and prevent them from getting into inboxes.
You also need to protect your cloud hosted mailboxes like Office 365 and Gmail. Connectors facilitate authentication from the corporate office to the Cloud. That way, only authorized people are connecting to the Cloud.
Once you have all of the additional security layers mentioned above, you are on your way to protecting your overall enterprise.
2018 was a big year in security. New privacy laws were implemented (GDPR in Europe and PIPEDA in Canada) and 2018 had the second greatest number of reported data breaches in a year since 2005. Some of the major data breaches that happened this year include those that affected airline Cathay Pacific, Marriott hotels and Facebook. With 2019 coming up, many organizations will be looking to see how they can take their security to the next level. To help your organization get cyber ready for the new year, here are 7 security resolutions for 2019.
security resolutions for 2019
7 Security Resolutions for 2019
1. Manage local admin passwords: Local administrative accounts are privileged accounts that allow access across your network. These accounts often have easy-to-guess, default passwords that are the same across all the machines in your network This means that if a hacker is able to get hold of your local admin account, they can move freely across your network. In order to protect yourself, you need to either disable these accounts or make each local admin password unique. If you haven’t already done this, now’s a good time to start.
2. Adjust your social media privacy settings: Social media has become an integral for businesses to market themselves and reach out to their customers. However, social media can lead to great security risks. It’s important for businesses to adjust their security settings on their social media accounts. Limit access to your accounts and disable auto location tracking. You should be in control of your social media accounts, not the other way around.
3. Secure remote devices: Working remotely helps business productivity but it is also a security risk. Research has found that a third of cyber attacks are a result of unsecure remote working. Businesses need to ensure that employees are taking the proper precautions when they are working remotely. All remote devices should include endpoint security with anti-virus and firewalls. The new year might be a good time to re-evaluate your BYOD and remote working policies.
4. Implement Zero Trust security model: “Never trust; always verify” is the motto of a Zero Trust model. This means that nothing in your network (including users, devices, servers, etc.) should be trusted until you can verify its identity. Implementing Zero Trust requires a shift in how your organization thinks about security. Start by assessing your devices and data and adjust your security controls appropriately.
5. Limit privilege access: According to Forrester, 80% of security breaches involve privileged credentials. Limiting your local admin privileges is important, and one way to do this is to use least privilege access. Least privilege is the practice of restricting access rights for users and accounts. Make sure that you are limiting access to only those who need it.
6. Use a comprehensive prevention system: Hackers will be looking for any weak spots to exploit your vulnerabilities. It’s important to be one step ahead by protecting every layer of your organization. This includes using advanced security technology, like a SIEM system, to monitor your environment for threats.
7. Boost your security culture: 95% of organizations say their current cybersecurity environments are far from the ones that they would like to have. The new year is often a time for fresh starts, so why not improve your cybersecurity culture? Start the new year by educating your employees with cyber awareness training or with a cybersecurity assessment from our Consult IT team. It’s never too late to start protecting your organization.
Have you ever forgotten your password and got locked out of your account? It can be frustrating when it happens but it’s for good reason. Approximately 43% of all online log in attempts are malicious. However, hackers can sometimes successfully enter your account with your stolen credentials. This leads to credential abuse. It can be difficult to detect credential abuse because hackers are using authorized accounts. It can be especially damaging if hackers gain access to a privileged account because they would be able to move more freely throughout your network.
What is Credential Abuse & How Does It Happen?
Credential abuse happens when hackers use illegally obtained accounts and passwords to access information or takeover accounts. Once hackers gain access to your accounts, they either sell your information or credentials, engage in ransomware or take your data for other malicious reasons. They can access credentials through:
Dark Web: A lot of stolen data, such as those from data breaches, can be found on the dark web. Approximately 2.3 billion credentials were spilled last year alone. Hackers can also easily purchase credentials for as little as $3.
Keylogging: Keylogging captures and records a person’s keystrokes. Hackers use keylogging to find out people’s PIN codes, passwords and other important information. Oftentimes, victims are unaware that their actions are being tracked. Hackers can install keylogging into victim’s smartphones and computers via malware or Trojans.
Phishing: Hackers phish for credentials by posing as someone you may know or a person with authority, such as a colleague or boss. They target individuals by sending them e-mails saying they need to update their accounts or change their passwords. These e-mails often look real, which makes it easy for someone to accidentally give out their information.
Once hackers gain access to your credentials, they validate the data by trying to log in. Bots are a common way for hackers to engage in credential abuse because they can test multiple usernames and passwords at a high speed. The use of bots or programs to act as a flood of login attempts is known as credential stuffing, and costs businesses over $5 billion per year. Once hackers confirm the stolen credentials work, they can use that information against other accounts you may have, such as your online bank accounts and e-mail. Hackers use multiple IP addresses and proxy servers to hide their actions.
How to Protect Yourself
Awareness: Awareness is key to recognizing a cyber attack. When people are alert, they know what to look out for and avoid. Users should monitor their accounts for unusual activity such as multiple log in attempts. Websites should be on the look out for an unusual spike in traffic, which could potentially indicate a bot-driven credential abuse attack. The threat landscape is always changing which means we must keep up to stop cyber criminals.
Changing passwords: Attackers can easily access accounts across multiple websites because people tend to use the same password. Users should regularly change their passwords and use different ones across their accounts.
Layered security: Since hackers are constantly trying to gain access into every entry point, it’s important to have multiple layers of security to make it harder for them to enter.
Use Security information and event management (SIEM): You can’t determine user problems if you fail to keep track of the users in your network. With SIEM, you can track and record the activities happening in your IT environment. The SIEM then analyzes all these events to detect unusual behaviour and acts to stop it. At Jolera, our Secure I.T.™ solution provide various security services that are run through the SIEM to help improve overall security posture.