7 Firewall Capabilities That Enhance Network Security

7 Firewall Capabilities That Enhance Network Security

As the threat landscape continues to evolve, organizations must implement security technologies to protect their organization from threats like malware and DDoS attacks. According to the 2018 Cybersecurity Survey Report by the CIRA, 61 per cent of organizations monitor their networks and use firewalls to identify cyber risks to their organization. Firewalls are a traditional security tool that help organizations secure their network edge. As threats got greater and technology improved, firewalls evolved their capabilities to become next generation firewalls (NGFW).

Source: Firemon 

How Next Generation Firewalls Protect Organizations  

A NGFW firewall has the same benefits of a traditional firewall but includes enhanced capabilities that allow real time protection against malware, vulnerabilities and network attacks. 

Many firewall services like our Secure IT Firewall solution feature next generation firewalls to provide organizations with greater protection against the evolving threat landscape. Secure IT Firewall also contains years of Hybrid Intelligence that combines both human and machine learning to apply rules to specific applications and other functions to allow or deny traffic.

7 NGFW Capabilities for Advanced Protection 

1. Advanced threat protection 

Most traditional firewalls integrate with a separate intrusion prevention system (IPS) to gain additional security features. Next generation firewalls have IPS capabilities built in to protect against a wide variety of threats, such as DDoS attacks, malware and spyware. Further integration with threat intelligence systems like SIEM provide advanced layers of protection to defend against the modern threat landscape. 

2. SSL Inspection

Malicious threats can be hidden within encrypted web traffic. In order to filter out malicious content, the NGFW intercepts encrypted web activity to filter out malicious activity through a “man in the middle” approach. The NGFW will first decrypt the incoming web traffic and then scan for threats like malware or viruses. After its examination, the traffic will be encrypted and forwarded to the user so that the user can access the data as originally intended. 

3. Application Control 

The users on your network use several tools on their devices, such as email, social media and other vendor applications. Some of these web applications can be malicious and lead to open backdoors that can be exploited to enter your network. Application control allows organizations to create policies that either allow, deny or restrict access to applications. This not only protects organizations by blocking risky applications but also helps them manage their application traffic to ensure availability for business-critical resources. 

4. User identity awareness

User identity awareness allows organizations to enforce policies that govern access to applications and other online resources to specific groups or individuals. The NGFW integrates with your authentication protocols (such as LDAP or Active Directory) so that access is governed by user identity as opposed to IP address. User identity awareness not only helps organizations control the types of traffic allowed to enter and exit their network but also manage their users.

5. Deep packet inspection

Deep packet inspection inspects data to identify and filter out malware and unwanted traffic. By inspecting the content of a data packet, the NGFW can intelligently determine which applications are being used or the type of data being transmitted. This allows the firewall to block advanced network threats (such as DDoS attacks, trojans, spyware and SQL injections) and evasion techniques used by threat actors. 

6. Centralized Management 

Firewalls need proper security management to ensure that they meet the security needs of the organizations that need protection. Firewall capabilities need to be updated and firewall rules need to ensure they are being properly enforced. Centralized management of your firewall(s) is crucial in gaining on overall view of your firewall configurations. Organizations need to ensure they can scale their firewall to ensure that their organization has maximum protection to fit their growth needs. 

7. Reporting and insights 

Firewalls generate logs that detail information about security and network traffic that security administrators review to understand the overall activity. This information provides organizations with useful insights to help them prioritize application traffic and understand their network security and monitor user activity.

Threats of the Week – February 24, 2020

Threats of the Week – February 24, 2020

Parallax RAT

A remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system.

Being offered for as low as $65 a month, attackers have started to heavily use this malware to gain access to a victim’s computer to steal their saved login credentials and files or to execute commands on the computer.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against Emotet trojan and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2020-3764

Adobe has released an update for Adobe Media Encoder. This update resolves  a critical out-of-bounds write vulnerability that could lead to arbitrary code execution in the context of the current user.  

Source: Adobe

How do you protect yourself?

Updated Adobe Media Encoder to the latest version (14.0.2).

ObliqueRAT

Researchers have uncovered a new Remote Access Trojan (RAT) that appears to be the handiwork of a threat group specializing in attacks against government and diplomatic targets.

The latest campaign started in January 2020 and is ongoing. The cybercriminals behind the scheme use phishing emails as the primary attack vector, with malicious Microsoft Office documents attached to the fraudulent emails designed to deploy the RAT.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against ObliqueRAT and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

3 Steps to Optimize Your IT Infrastructure for Growth

3 Steps to Optimize Your IT Infrastructure for Growth

The growth period of a business is always exciting, but it can also be an overwhelming time. Organizations need to ensure their operations can support greater demands. If their IT infrastructure is not optimized to scale, this period of transition can be more difficult.

A common business practice that indicates growth for companies are mergers and acquisitions (M&A). While there are many factors that go into M&A deals, technology and security plays a critical role. According to research from (ISC)², 63% of M&A experts say IT tools are factored in as assets while 95% consider cybersecurity a tangible asset. Optimizing your IT infrastructure will benefit business productivity, increase security and prepare your business for future growth, even if you don’t expect to be a part of a M&A.

Source: (ISC)²

Optimizing your IT infrastructure

Your organization should not just be optimized for your current business needs but also for your business plans for the next 5 or 10 years. Of course, the future is always uncertain, and many things can happen in between. However, optimizing your infrastructure for something like a M&A will help your organization get to where it needs to be when the time comes. Here are three things you can do to optimize your organization for future growth.

Audit and Assess

The first step in optimizing your IT infrastructure is to assess your IT assets and understand how they are being used across your organization. Sometimes organizations purchase software programs or applications that they later abandon or are similar to something already being used. As a result, they are potentially spending a lot on licensing fees on services they aren’t even using/don’t need. It’s important for organizations to gain visibility into their infrastructure in order to understand how their IT investments work for their business.

The best way to gain visibility into your IT infrastructure is to audit and keep track of all the devices, software and apps being used and who has access. As roles change and employees depart your organization, you need to ensure that permissions are being adjusted accordingly. Taking the time to review your IT assets can help keep your organization more secure and ensure you’re maximizing your IT revenue.

Manage and Monitor

Management of your IT infrastructure is important in ensuring that all systems, software and applications are updated to the latest versions. When your IT systems are properly managed, its easier to keep track of which parts of your infrastructure need to be upgraded and ensure that your network is working efficiently. Failing to update your IT assets puts your organization at risk to security vulnerabilities and compliance regulations.

Monitoring and management of your IT assets can be overwhelming, especially if you have limited resources. In cases like this, outsourcing to a managed services provider like Jolera can help reduce IT costs and provide organizations with IT expertise. Outsourcing IT management leaves the IT issues to your service provider while you focus on your business. If you are interested in how Jolera can help you manage your IT infrastructure, contact us today.

Scale and Secure

When organizations start to grow, things can get complicated very quickly. Having an IT infrastructure that can support expansion can alleviate stress and make the process easier. The traditional on-premise IT infrastructure model makes it more difficult for organizations to scale their business due to the hassle of having to purchase, configure and integrate new equipment into their network. Using cloud technologies within your IT infrastructure ensures your organization is built to scale.

When scaling your IT environment, it’s important to ensure your organization remains secure and complaint. Encryption is key to protecting data, whether its in transit or at rest. Having IT experts who understand your business needs and security is key. Securing your IT infrastructure is important no matter where your servers reside. Protect every threat vector by integrating security solutions like our Secure IT platform. Our solutions were created to work together to ensure that organizations can layer security across their technology assets.

Threats of the Week – February 24, 2020

Threats of the Week – February 19, 2020

Emotet Trojan

A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device.

If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them — a tactic that can rapidly escalate Emotet’s spread, said researchers

Source: ThreatPost

How do you protect yourself?

Proper security measures must be in place to defend against Emotet trojan and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2020-3742

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: Adobe

How do you protect yourself?

Updated Adobe Acrobat and Reader to the latest version.

KBOT Virus

KBOT, a virus that spreads by injecting malicious code into Windows executable files, is the “first “living” virus in recent years that we have spotted in the wild.”

KBOT is able to spread through Internet-facing systems, local networks, and removable drives. Once a system is infected, the malware writes itself to Startup and the Task Scheduler, infecting all .exe files on logical drives and shared network folders in its path.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against KBOT virus and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

Jolera Achieves SOC 2 Type 2 Certification

Jolera Achieves SOC 2 Type 2 Certification

Toronto, February 12, 2020 — Jolera Inc., a leading multi-national IT service provider, announced that it has recently achieved its SOC 2 Type II certification for its controlled, secure and efficient operations. The certification further reinforces Jolera’s commitment to maintaining a secure and compliant environment to protect customer data.  

“Earning this attestation puts Jolera in a new league of benchmarked process and controls maturity – this is a very advantageous position relative to security and operational controls,” said Manish Govindaraj, Chief Operating Officer at Jolera. “This reinforces our commitment to providing our partners and customers the confidence that their data is being handled in accordance with industry standards and that we are operating in a very controlled, efficient and secured manner.” 

SOC 2 Type II certifications are given to companies that follow a set of standards encompassing security, availability, processing, integrity and confidentiality of customer data. The SOC 2 Type II certification provides information on the service organization’s system and the suitability of the design and operating effectiveness of controls. 

The SOC 2 audit was completed by an independent accounting, tax and business consulting firm. The auditing process examined the controls, procedures and personnel involved in Jolera’s operations for adherence to industry best practices. Upon completion, it was determined that Jolera’s service complied with audit controls and provided a secure service with high availability as at the report date of February 12, 2020. 

—– 

Jolera Inc. is a multinational IT service provider focused on delivering IT solutions for its customers and channel partners. Jolera’s core services include customized technology solutions, IT assessments and strategic plans, IT device & infrastructure management, data backup and recovery solutions, cloud and on-premise migrations, enterprise-grade security services and 24/7/365 quad-lingual end-user support services. With a growing staff of over 200 technical service delivery people, Jolera’s team designs and delivers technology systems encompassing the following traits – effectiveness, competitiveness, scalability and value. 

How Your Security Culture Builds Customer Trust

How Your Security Culture Builds Customer Trust

Cybersecurity risks are at an all time high, making security an integral part of an organization’s business. As consumers become more cognizant of data breaches and the threats to their information, they expect organizations to secure their data. Research by Privitar found that 50 per cent of consumers would trust a company less if their data was being inappropriately used. By integrating security inside out via your organizational security culture, you end up with more secure processes and controls to protect customer data. As a result, organizations can build trust with the customers and business partners they work with daily.

Source: ZDNet

How Security Culture Shapes Organizations

Security culture encompasses the beliefs, behaviours and values that drive how an organization approaches security. A good security culture ensures organizations are safeguarding data and decreasing cyber risk by embedding security into their business processes and encouraging employees across all departments to share the security responsibility. 

To reduce risks and protect their network, many organizations implement security technologies like firewalls and anti-malware tools. However, many hackers are targeting employees instead with phishing emails and other social engineering tactics. Without a strong security culture to motivate and guide employees to take security seriously, organizations put their business at unnecessary risk. 

Building a strong security culture is an ongoing process and simple activities like forcing employees to undergo cybersecurity training once a year is not enough. Organizations need to shift their mindset and see their security culture as an opportunity to improve their organization instead of a liability. 

How to Differentiate Your Organization with Security

Building customer trust is not easy and retaining it is even more difficult. Implementing steps to improve security culture will not only give you peace of mind in that you are staying secure but will help you build trust with business partners and customers.

Increase Executive Understanding

Without support from business leadership, having a strong security culture is difficult to maintain. Business leaders are responsible for prioritizing security and ensuring that there is a security budget available. If business leaders aren’t putting in the necessary effort to invest in security, an organization’s overall security culture will be weaker.

Executives who make it a point to have a strong security culture show employees and business partners that they understand the risks cyber threats pose to their business.  This means they are investing in protecting their data by using security solutions and implementing user awareness training. When customers or stakeholders see that security measures are being taken seriously, it makes them more willing to enter business.

Improve Data Security

Security isn’t separate from business processes. In fact, all business processes should have security built in to ensure data is adequately protected. Organizations must consider a data-centric approach to security. This includes being aware of the data they collect, its value and how that data is being secured and accessed. 

An effective cybersecurity culture will help employees mitigate cyber risk and prevent data exfiltration. Being aware of threats like social engineering will help employees be more alert and prevent them from engaging with these attacks. They will also feel more open to reporting these kinds of incidents if they come across them. Limiting employee access to organizational files and ensuring data is encrypted and backed up is also crucial. Integrating cost effective security solutions like those from our Secure IT platform will keep data safe at every threat vectors. 

Review Security Investments

As organizations grow, security measures might change. As you handle more data and/or hire more personnel, security becomes a greater issue. Organizations need to evaluate their security measures to ensure their security culture reflects what the business needs. For example, if you are hiring new employees, make security a part of onboarding. Ensure that new employees read security policies and are required to do cyber awareness training.

Doing a security assessment will help validate security controls and help organizations keep track of their security processes. These assessments help organizations understand where they need to improve and help guide them on how to be more secure. This can help organizations develop their security strategy and help them focus on how to improve. If you are interested in conducting a security assessment for your organization, contact us today. 

Threats of the Week – February 24, 2020

Threats of the Week – February 10, 2020

Metamorfo Trojan

A trojan malware campaign is targeting online banking users around the world with the aim of stealing credit card information, finances and other personal details.

Like many other hacking campaigns, Metamorfo begins with phishing emails that in this case claim to contain information about an invoice and invite the user to download a .ZIP file. By downloading and running the file, the victim allows Metamorfo to execute and run on a Windows machine.

Source: ZDNet

How do you protect yourself?

Proper security measures must be in place to defend against Metamorfo trojan and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2020-0014

Android has released its monthly security bulletin that contains details of security vulnerabilities affecting Android devices.

The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.

Source: Android

How do you protect yourself?

Updated your Android to the latest version.

.SaveTheQueen Ransomware

Researchers have uncovered a new strand of ransomware that encrypts files and adds the extension ‘.SaveTheQueen’ to it.

The progress of the newly uncovered malware was found to be tracked using the system volume (SYSVOL) folder found on active directory (AD) domain controllers.

Source: InformationAge

How do you protect yourself?

Proper security measures must be in place to defend against .SaveTheQueen Ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

How Security and Compliance Work Together

How Security and Compliance Work Together

In today’s data driven society, compliance and security remain big priorities for businesses. In fact, the 2019 Security Priorities Study by IDG found that 66% of companies see compliance mandates as the driver of security spending. While compliance is important, it’s not enough to be the main driving force of an organization’s security approach. Checking off the compliance box doesn’t necessarily mean an organization is secure. Both compliance and security need to work together to help guide an organization to success.

Source: IDG

Compliance vs. Security

Compliance and security are often thought of as being the same but they are actually two separate actions. Compliance refers to standards that are established by a governing body and outline a general security blueprint organizations must follow. Organizations that follow compliance regulations do so to satisfy a third party. Compliance helps organizations build trust for their business partners or customers. 

Security, on the other hand, consists of all the policies, processes and controls that an organization implements to protect their information and technology assets. Organizations need to constantly maintain the tools and processes they implement to defend against threats. The main driving force of security is not to satisfy a regulatory body but to protect the organization from threats. 

Measuring Compliance and Security

Compliance and security are measured in different ways. To prove compliance, an organization has to undergo an audit. These audits only measure a snapshot of an organization because they are only conducted during a specific amount of time. The purpose of compliance is to validate that organizations have controls in place to protect data.

Security, on the other hand, is an ongoing process. Organizations need to constantly monitor and manage their infrastructure to ensure that the security technologies in place are working well and are updated to protect against the latest threats. The purpose of security is to protect data, prevent breaches and detect threats.

Staying Compliant and Secure

The best approach to compliance and security is to build an in-depth defense approach that not only encompasses compliance needs but takes into consideration the organization’s assets and how to best protect them. A compliance lead approach often leads to organizations only implementing the bare minimum for security. For example, an organization can say they have a disaster recovery plan in place but if they haven’t tested their plan, they won’t know if it will work as intended in the event of an actual emergency.

Both compliance and security work together to manage risk. However, security makes it easier for organizations to achieve compliance. By implementing security technologies and policies organizations, organizations show that they have proper security controls in place. Advanced security technologies like security information and event management (SIEM) systems generate log data that is useful for reporting. SIEM monitors all activity on your devices which validates the processes and controls you are taking to protect data. This information is vital for report generation necessary to prove compliance as required by various regulations. Generating reports and documents is time consuming but already having access to this documentation through the security controls you’ve already implemented can make it easier to provide in the event of an audit. If proper security controls are in place and can be validated and measured, meeting compliance regulations will be an easier process.

Threats of the Week – February 24, 2020

Threats of the Week – February 3, 2020

CARROTBALL malware

A new malware called CARROTBALL, used as a second-stage payload in targeted attacks, was distributed in phishing email attachments delivered to a U.S. government agency and non-US foreign nationals professionally affiliated with current activities in North Korea.

Source: BleepingComputer

How do you protect yourself?

Proper security measures must be in place to defend against CARROTBALL malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

CVE-2020-3715

Magento has released updates for Magento Commerce and Open Source editions. These updates resolve critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution.

Source: Adobe

How do you protect yourself?

Updated Magento Commerce and/or Open Source to the latest version.

Snake Ransomware

An Israeli cybersecurity firm said it believes a new strain of ransomware was created by Iran and has the ability to lock up or even delete industrial control systems.

The ransomware, like others of its kind, encrypts programs and documents on infected machines. But it also removes all file copies from infected stations, preventing the victims from recovering encrypted files.

Source: Bloomberg

How do you protect yourself?

Proper security measures must be in place to defend against Snake Ransomware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.

5 Benefits of Using Managed Security Services

5 Benefits of Using Managed Security Services

It only takes one security incident to potentially cripple a business. Just last month, one telemarketing company shut down due to a ransomware attack. Any organization can fall victim to a cyber attack and attacks are increasing. According to a report by the Canadian Internet Registration Authority (CIRA), 71% of Canadian organizations experienced at least one cyber attack that impacted their business in the past 12 months. With managed security services, any business can protect themselves.  Here are 5 benefits of using managed security services.

Source: Imperva

1. Proactive security

A proactive security approach is vital for organizations in a time where the threat landscape is always changing. Staying reactive means that you are only catching security incidents after they have happened, which means hackers have time to roam around your network undetected. According to a report by Crowdstrike, cyber criminals can spend up to three months lurking in target networks.

Organizations like Jolera provide 24/7/365 security solutions as-a-service to ensure businesses are protected around the clock. By consistently monitoring IT infrastructures and helping organizations implement preventative technologies like firewalls and endpoint protection, we are able to help them take proactive steps in securing their businesses.

2. Minimize security costs

Modern security platforms are expensive to build, manage and run. The tools, technology, licensing fees and personnel required to run a security operations centre can end up costing organizations millions of dollars. For smaller organizations that don’t have a lot of resources, using security services can provide them with the protection their business needs for a fraction of the cost.

By outsourcing security services, organizations avoid paying high upfront technology costs and don’t have to worry about spending time and resources hiring security staff. Instead, organizations only pay a predictable monthly fee for the security services they use. This makes it easier for organizations to budget their security needs and minimize costs.

3. Greater access to security resources

By implementing security services, organizations leverage the experience, capabilities and expertise of a managed service provider (MSP). Using security services provides organizations with leading edge security because each service offering has been tested across different businesses to withstand the threat landscape.

Because MSPs live and breathe security, they will have greater resources, knowledge and investments in the latest technologies and skills. This gives organizations access to resources they might not normally have. Technologies like security information and event management (SIEM) systems are typically very expensive but can provide organizations with advanced threat detection capabilities. A solution like Secure IT – SIEM makes this expensive technology more accessible.

4. Focus on your business

Running a business is a lot of effort and organizations might not have the resources to handle security in addition to their current workload. Without security expertise readily available, security becomes a difficult and overwhelming task for most organizations. As a result, businesses might neglect their security responsibilities. With security increasingly aligning with business operations, organizations can no longer ignore the impact of security.

Busy organizations can still get the security help they need through managed security services. Security experts are available to take care of the security aspect of an organization, allowing organizations to focus on their business. This gives organizations peace of mind in that they know they are being protected and don’t have worry about making security work for them.

5. Easily manage compliance

Data regulations are becoming increasingly important for organizations. It can be difficult for organizations to manage and understand how industry and global regulations affect their business. Increasing security makes it easier for organizations to achieve compliance.

An MSP will be more knowledgeable in compliance regulations and can help organizations implement the necessary security controls to ensure they are being compliant. Security services also provide records like log data which is important for record keeping and can be used as evidence in the event of a data breach.

For more information on how Jolera can help your organization with its security or IT needs, contact us today.