Despite the millions of dollars being spent on security infrastructure, companies are still being compromised through simple employee mistakes or negligence.
Jolera Inc., a Toronto-based multinational technology hybrid aggregate service provider, has launched a hands-on security training service to help organizations better prepare their staff for potential cyberattacks. The white-labeled program is a 90-minute instructor-led workshop that can be delivered in person or online and includes a quiz with a certificate of completion.
“Human error is the leading cause of data breaches today because security is often an afterthought in a world where companies are focusing on keeping up with all the latest new technologies,” Alkin Gorgun, director of cybersecurity training at Jolera and developer of the program, tells IT World Canada. “We wanted to develop a program that empowers people with knowledge of why security is so important and how to be safe. It’s not up to just the IT department anymore, this is an ‘everyone’ problem.”
Gorgun, who developed the program, explains that most existing cybersecurity training comes in the form of online modules that employees don’t take seriously or don’t care about. The Jolera workshop is based on the company’s experience in managing networks for hundreds of customers and engages participants through dialogue, videos, and classroom exercises to ensure employees learn and understand the material.
“We’ve translated these experiences into a non-technical, end-user program that truly gets the message across about what can happen as a result of a cyber breach, and why employees at every level of an organization need to pay attention,” Gorgun adds.
The goal of the training program is to convince employees that cybersecurity is important, he continues, and to teach them defensive measures. Essentially, awareness is the key to ensuring collective safety.
“We want these people to leave the room thinking about security and understanding what happens when they click on that suspicious email. Ransomware, for example, isn’t just about the financial losses – what’s important is that you’re without your computer for a day or even longer and you might lose data permanently. Those factors are critical to businesses,” Gorgun emphasizes.
The training is for both small and medium-sized business, as well as bigger corporations. Available now to partners across Canada, the training workshops are part of a service being sold through the channel community thanks to Jolera’s robust partner ecosystem.
“Jolera builds solutions and takes them to partners who then sell it under their own name. That’s why I brought my program to Jolera initially. There was so much interest in it, I wanted to use Jolera’s existing network and partnerships to reach more people,” Gorgun continues.
At least one of the top five biggest banks in Canada have been in contact with Gorgun to take advantage of the program, as well as one of the largest medical foundations and insurance companies in the country and one of the biggest international retailers. He could not reveal their names for security reasons.
“Some companies are trying to build programs like this in-house, or hire a full-time security expert to train all their staff, but that’s expensive and not really effective. I have a business marketing and cyber security background, so I’ve built a compelling and educational program that focuses on IT safety – they should save their resources,” Gorgun concludes.
You can find out more information here.
To view this protected post, enter the password below:
Back in the early days of the Internet, firewalls were invented to keep out the bad guys — similar to an electric fence around a building compound. But times have changed.
Evolution of network threats
Firewalls have evolved and become much more sophisticated. So, too, have hackers and malware. Organizations have more complex networks, ubiquitous Wi-Fi, mobile workers, cloud apps and bring-your-own-device policies. Enter the Internet of Things — where almost any inanimate object can have an IP address — and cyber-security is getting awfully difficult to manage these days.
A next-gen firewall should be part of every organization’s cyber-security arsenal, providing a basic line of defence by allowing or blocking access to the corporate network. NG firewalls are not the be-all-end-all, since hackers have found ‘back doors’ into even highly secure networks.
Using IT vulnerabilities or social engineering attacks, the bad guys are able to slip past the firewall and hover around, gathering data, and in some cases exit and enter at will. Most breaches aren’t noticed for weeks or months at a time — and that’s a lot of data gathering.
“Forget the gate and drawbridge idea, there are now hundreds of potential entrances to the castle because businesses are connected to customers, suppliers, and employees over the internet. Not only that, but it’s as if everyone who comes in and out of the castle has a key to unlock all the doors as well.”
Matthew Wall, BBC News
Social Engineering attacks
Social engineering attacks — which manipulate users into handing over sensitive data or clicking on malicious links — are becoming more commonplace, in part because they’re so effective. They’re also becoming increasingly sophisticated.[pullquote cite=”Saryu Nayyar, InformationWeek”] “One new employee, one new contractor, one new business associate. That’s all it takes to own a target. Keystroke loggers and botnet malware will do the rest.”[/pullquote]
User training is helpful (and necessary), but it’s not 100 percent effective. “When a threat actor launches an attack that is planned to take months or years to carry out, all they have to do is spam and wait,” writes Saryu Nayyar in an article for InformationWeek’s Dark Reading.
She argues that security awareness alone won’t stop hackers. As all it takes is one individual falling victim.
Hackers can exploit vulnerabilities in software or applications (particularly older versions that haven’t been patched). Or, they can target BYOD devices that aren’t properly managed. They can even target air-gapped computers — ones that are physically isolated from unsecured networks — that are often used in military, financial and critical infrastructure networks.
Indeed, a recent Wired article points out that researchers in Israel were able to steal data from air-gapped computers. “To steal data from them an attacker generally needs physical access to the system — using either removable media like a USB flash drive or a firewire cable connecting the air-gapped system to another computer,” writes reporter Kim Zetter in Wired. “But attackers can also use near-physical access using one of the covert methods the Ben-Gurion researchers and others have devised in the past.”
Detect and resolve intrusions
It’s not all doom and gloom, though. Many industry pundits say the focus shouldn’t be on keeping hackers out. Instead, it makes more sense to stay informed of new threats, analyze vulnerabilities, recognize when a breach has occurred and stop it before any real damage is done.
In addition to a firewall and anti-malware, organizations should consider anti-exploit tools that can recognize when an attack is launched — so they can stop it before malware is installed. When it comes to backdoor attacks, network monitoring is key; network admins are flagged when something is ‘off.’
For many organizations, especially smaller ones, this is a tall order. It requires skilled expertise — hence, time and money — which they probably don’t have in-house.
[prompt type=”left” title=”Secure your network today!” message=”Are you interested in a Security Event Management (SEM) solution that actively monitors and actions live threats on your network? See how you can achieve enterprise-grade security at a fraction of the price. Check out our Secure I.T.™ page for more details!” button_text=”View our SEM solution” href=”http://www.jolera.com/secureit”]
It can be difficult for companies to find talent to secure each of their vulnerable areas, writes Sharon Florentine in an article for CIO.com. That’s where a managed security solution provider comes in. “An MSSP can cover all the security bases for a company: firewalls, intrusion detection and intrusion prevention solutions, security event and incident management, managed vulnerability and identity management solutions — even first-level incident response.”
[bctt tweet=”A next-gen firewall is a must. But relying on that firewall will leave you with gaps — er, back doors.” username=”jolera”] At some point, an intruder is going to find a back door into your network; the key is knowing when it happens, so you can take action before it’s too late.
[content_band bg_pattern=”https://www.jolera.com/wp-content/uploads/2016/05/crossword.png” border=”all” inner_container=”true”] [custom_headline style=”margin-top: 0;” level=”h4″ looks_like=”h3″]About Jolera[/custom_headline] Jolera is a Toronto-based technology hybrid aggregate service provider focused on network architecture and IT solution service and delivery. Jolera is dedicated to innovating the cloud and managed service market space with disruptive solutions for customers, the channel, and the tech and telecom industries around the world.
[x_button shape=”square” size=”regular” float=”none” target=”blank” info=”none” info_place=”top” info_trigger=”hover” class=”mtm” href=”http://www.jolera.com/about”]About Jolera Inc.[/x_button][/content_band]
[cs_content][cs_section parallax=”false” class=”mbn” style=”margin: 0px;padding: 0px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][cs_text]
It’s the hottest hacking trend of the year, but this is one trend you want to avoid
Ransomware has been around for a few years, but it’s growing in popularity with more advanced — and more devious — variations to exploit victims. There’s even ransomware-as-a-service, such as Ransom32, allowing inexperienced hackers to get in on the action.
The best way to thwart these attacks is to be prepared — and not react based on fear. Security products and protocols are critical. But so is something much simpler: a backup and recovery solution.
“By regularly backing up data, enterprises make many parts of incident response from this and other types of malware much easier,” writes Nick Lewis, program manager for trust and identity at Internet2, in a post for TechTarget. “If the data can be easily recovered from backup, the system can be rebuilt and the data restored to recover from the malware.”
In a ransomware attack, hackers encrypt files until the victim pays a ransom (typically in virtual currency), at which time a decryption key is provided. The victim is given a payment period, and if they don’t pay up in time, the ransom increases — usually quite dramatically.
New variants are popping up, such as Samas, which targets out-of-date versions of JBOSS and encrypts data on entire networks (not just one computer at a time), and Chimera, which not only encrypts files but also threatens to release them to the public if the ransom isn’t paid. (According to TrendLabs Security Intelligence, the malware doesn’t actually have the ability to do this, but fear can drive organizations to pay up.)
Ransomware can be spread through phishing emails with malicious attachments or drive-by downloading, as well as vulnerable Web servers. For a business, the results can be devastating: loss of proprietary information, financial loss and reputational damage.
And it’s on the rise — because it’s so effective. Many organizations would rather pay the ransom than risk losing their corporate data, or having that data exposed on the Internet for all to see. That’s a reaction based on fear and panic.
The University of Calgary’s recent admission that it paid more than $20,000 to hackers after its system was compromised makes it clear why it’s more important than ever to have a plan to mitigate ransomware. The university paid up in order to regain access to its own email system; it didn’t want to lose researchers’ work, according to an article in the Toronto Star.
The bigger question, though, is why that research wasn’t backed up (and in multiple locations). Because, once an organization pays ransom, who’s to say it won’t happen again — and again, and again?
The Canadian Cyber Incident Response Centre issued a joint alert with the U.S. Department of Homeland Security earlier this year about the proliferation of ransomware. The CCIRC estimates there were more than 1,600 ransomware attacks against Canadians last year. And that number is expected to grow; after all, when organizations pay ransom, it encourages extortionists to keep demanding it.
More of these attacks are going after public organizations, such as schools and hospitals. Norfolk General Hospital in Simcoe, Ont., for example, became a host for TeslaCrypt — a ransomware variant — that spread malware to the site’s visitors, asking them to hand over $500 to recover their encrypted files. This also happened to the Ottawa Hospital and Hollywood Presbyterian Medical Center in Los Angeles, which admitted to paying hackers US$17,000 in bitcoin to regain access.
Private organizations aren’t immune, either. Earlier this year, the New York Times, BBC and NFL sites were all hit, thanks to infected ads. In this case, the malware attempted to find a backdoor into users’ computers, where it installed ransomware and demanded payment in bitcoin.
Clearly, ransomware isn’t going away anytime soon. Security products and procedures can help; anti-exploit tools should be part of your security arsenal. But the best defense is good backup, which includes backing up all data to disconnected storage media (since you don’t want those backups to be encrypted by ransomware).
[prompt type=”left” title=”Backup your critical data!” message=”A backup solution can protect you from a ransomware attack. Utilize our hybrid backup solution that backs up your data both onsite and offsite into the cloud! Check out our Store I.T.™ page for more details!” button_text=”Hybrid data backup” href=”http://www.jolera.com/storeit”]
That way, if your organization is targeted, you can wipe your systems and restore them to the last clean version — just like you would if dealing with a hardware or application error.
But not all organizations have effective backup and recovery strategies in place. They might not run their backups often enough, or they may not test them to see if they successfully recover. And it might not be enough to back up just critical data and documents, according to Maria Korolov in a feature for CSO. “Entire machines may need to be backed up, if they are critical to the business.”
Ransomware isn’t going away. But finding the right backup strategy for your organization — which may involve working with a third-party specialist — could thwart any would-be extortionists without having to pay a single bitcoin.
[/cs_text][/cs_column][/cs_row][/cs_section][cs_section parallax=”false” style=”margin: 0px;padding: 0 0px 45px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 0px;”][cs_text][x_line]
[content_band bg_pattern=”https://www.jolera.com/wp-content/uploads/2016/05/crossword.png” border=”all” inner_container=”true”] [custom_headline style=”margin-top: 0;” level=”h4″ looks_like=”h3″]About Jolera[/custom_headline] Jolera is a Toronto-based technology hybrid aggregate service provider focused on network architecture and IT solution service and delivery. Jolera is dedicated to innovating the cloud and managed service market space with disruptive solutions for customers, the channel, and the tech and telecom industries around the world. [/content_band][/cs_text][/cs_column][/cs_row][/cs_section][/cs_content]
As part of our continued effort towards training and teaching our existing clients, we have partnered with Microsoft to build the only Customer Immersion Experience (CIE) facility in downtown Toronto. The goal of this service is to provide hands-on training on the new suite of Microsoft products in a real-life setting.
The need for CIE
During our transition to Office 365, we noticed a lack of awareness of the platform. As a result, we experienced sluggish adoption and underutilization of it. In order to address this, we ensured that all our team members were put through an immersion experience in our CIE facility. This created a more connected, effective and productive work environment through improved utilization and adoption.
We soon realized that this problem around adoption and understanding of the Office 365 platform persists across the organizations we serve today. We determined that educating our clients and helping them adopt this new platform would be of significant value to them. The CIE facility allows Jolera to offer structured Office 365 training programs and help our clients achieve improved productivity through a thorough understanding of the platform. These training programs offer participants a hands-on learning experience of the new suite of Microsoft products in a real-life setting. In return, Jolera gets to fortify its value as a service provider, along growing side-by-side with our clients as they succeed through productivity.
Nearly every organization in the world is using Microsoft Office suite to run most of their day to day operations. According to Microsoft CEO Satya Nadella, there are nearly 50 million Office 365 active users. Office 365 also surpasses Salesforce as the most deployed (and fastest growing) app among Okta’s 2,000 enterprise customers. Whether it be preparing documents, creating quotes, announcements or communications, Microsoft Office is an integral part of an organization’s productivity. With the launch of Office 365, Microsoft has focused on streamlining all of these applications by increasing collaboration across all of them.
The CIE benefits you if…
- You currently have Office 365 suite and would like to utilize it better
- You are currently considering to migrate from on-premise to Office 365
- Migrating to Office 365 is part of your future road map
- You are curious and want to learn more about Office 365 and how it works
How the CIE works
Our CIE is tailored around being engaging, collaborative and fun. We do not want to bore our audience with presentations, statistics, and sales pitches. We provide the CIE through a “hands-on” model where our audience’s actions shape the experience. We guide our audience to be in the driver’s seat and encourage them to explore the platform presented to them. By allowing natural collaboration, we enable the audience to realize for themselves how powerful the platform is. We then take it one step further by showing them what else it can do. A trained facilitator leads the entire experience so that the audience can focus on discovering the right solution for their business while allowing them to experience the “future of productivity.” By following this approach, the CIE aims to highlight the immediate tangible benefits it brings to an organization.
Where do I sign up?
The CIE presentation is currently open to any organization that registers through our CIE registration page. The CIE program is hosted in our Customer Immersion Experience facility in the Jolera office.
Maximize Appliance Utilization
At Jolera we are heavily invested in pushing our carefully chosen security appliances to their full potential. This month we worked extensively with our system engineers and Managed Services team to thoroughly review our Managed Security as a Service (SECaaS) offering. We believe our efforts have now resulted in a service that provides unparalleled security on a budget. The focus of this service is to provide our channel partners with a cost-effective solution they can trust and improve their time in the market.
Purpose of Firewalls
Firewalls are devices that sit at the edge of every IT infrastructure, protecting it from any sort of malicious activity. Firewalls are a necessary part of every IT infrastructure. They assure that both the network and its users are secure. The firewalls do this by ensuring that only trusted data packets are allowed to enter into the environment.
Next Generation Firewalls
Jolera manages and supports all types of NG firewalls that are available in the market today. The latest breed of firewalls are called the Next Generation (NG) firewalls. These firewalls provide deep packet inspection at a layer 7 level in the OSI model. Layer 7 is also known as the application layer, this is the layer at which the data that has crossed across your network (through the cables, routers and switches) to your computer and is being read by the software on your computer. However even before the data gets within your network, the NG firewall inspects the data by pretending to be a computer software/application, and tests to see if the data is safe or malicious. Only after the inspection is successfully completed does the firewall allow this data into the network it is protecting.
This inspection process could be visualized as a series of labeled cargo containers being transmitted over the network. In the past firewalls would only look at the container labels, read the labels and pass on the boxes. The NG firewalls open the containers and examine the contents before passing it along into the network, hence the term deep packet inspection.
Utilizing the SECaaS “Human Layer”
Firewalls are always communicating how they are interacting with incoming traffic and display this information using “log files”. The log files are always being populated and can get pretty big and complicated, but they contain valuable analytical data. Logs are kept of all the different type of traffic going through the firewall – both inbound and outbound. This is the granular level at which we attach our SECaaS offering to ensure proper management of your firewall. This is also the point at which our Human Layer intervention comes into play. By constantly monitoring what the firewall is doing, based on the log files; our Network Operations Center (NOC) team technicians perform maintenance and remediation of a given IT infrastructure. This service may also be referred to as performing Live Security Event Management.
Preconfiguration vs. Live Security Event Management
An out of the box firewall comes configured with basic, default configurations which are not customized for a unique IT infrastructure. Most firewalls come with a configuration console that can only be managed by a seasoned security expert. Obtaining such expertise and working to perfect the firewall setup configuration based on your unique IT infrastructure needs can be a challenge and costly. Jolera’s SECaaS offering provides you with Live Security Event Management on a monthly subscription base, allowing you to fill security holes as they happen – in real time.
With our Live Security Event Management, specializing in zero-day threats – clients pay per use, rather than paying a large amount upfront, and hoping that you covered all your bases. We use analytics and statistics to determine facts, and take remediation actions – all in real time.
Once the configuration is completed by a security expert – that is it. Another individual within the company is required to monitor and maintain the device for software and firmware upgrades, to make sure the device is online all the time, and to create new policies for new types of vulnerabilities. With Live Security Event Management you can rest assured that all of the security vulnerabilities are being monitored, maintained and patched – 24/7/365.
Everything is in real-time, protecting you against threats as they happen, keeping you one step ahead of the threats at all times. This is possible due to our 24/7/365 Network Operations Center constantly monitoring, maintaining and patching your firewall.
A preconfiguration is based on plans, theories and expectations – it stops at the preventative stage. Live Security Event Management adds another layer of protection as it is dynamic – it constantly evolves against the threats. Viruses constantly evolve, allowing new vulnerabilities to appear; sometimes so vast that when not acted upon in real time, no amount of planning and pre-configurations can stop them from causing serious harm. By having a team of trained security experts these vulnerabilities can be identified ahead of time, and acted upon in real-time.
You don’t see the damage an intrusion has done until somebody is unable to do their work, in a typical IT infrastructure. Usually it is somebody calling in at a help desk line saying their credentials don’t work, something very minor. But upon deeper inspection these minor events turn out to be something as critical as a cryptolocker or a ransomware, which for any organization can be disastrous.
Jolera’s SECaaS is a part of our Secure-I.T. product offering. VARs and channel partners are encouraged to recommend both services as a bundle to their clients to ensure complete security. More information about our security product and service can be found on the Secure-I.T.™ products page.