Technology

What & Why: Multifactor Authentication

MAF.png
Article+.jpg

by Chris Bianco, TeamLogicIT – Myrtle Beach

Most data breaches can be traced to poor password hygiene, which means that securing network or account access solely with passwords is very risky business. For added protection, many companies now safeguard their systems with multifactor authentication (MFA), which requires two or more forms of verification before granting user access.

A LastPass survey of 3,000 companies showed that year-over-year use of MFA nearly doubled in 2018. Security “factors” include: something users know (username password/pin number), have (security token, SMS code), or are (biometric proof, also called “inherence,” such as a thumbprint, iris scan or facial recognition).

Online retailers, social media platforms and others offer MFA options. So, if you go multifactor, employees will know the concept. Given rising breach costs and compliance requirements, MFA could be a prudent and worthwhile investment. But choosing a solution requires expert knowledge and insight.

TeamLogic.jpg

About TeamLogic IT – Myrtle Beach 
From user end-points such as laptops, desktops and smartphones to servers, virtualization, cloud computing and IT optimization - TeamLogic IT covers your entire network both onsite and off premise so your data is there for you, when you need it. Their managed IT services are provided by an engineering team that is not only highly skilled, but constantly upgrading their own certifications in the dynamic and ever-changing technology field to better serve you. To learn how TeamLogic IT can help your business, visit teamlogicit.com/MyrtleBeachSC or call 803-232-9200.

Will Your DR Plan Weather the Storm(s)?

Article .jpg

by Chris Bianco, TeamLogic IT – Myrtle Beach

Hey Myrtle Beach, hurricane season 2019 is here. We have endured multiple years of catastrophic weather, fires and earthquakes provide reason enough to re-evaluate your disaster recovery (DR) plan. Especially if your business operates on or near a U.S. coastline. Florence, Michael and Matthew. Add in the sad realities of escalating cyberattacks and the crushing cost of unplanned downtime, and the impetus to scrutinize your DR plan–today–becomes nearly indisputable. Ideally, the process should include consulting with an IT MSP. But before that, advises Network World, “Any serious review should begin with a kind of SWOT analysis skewed toward weaknesses and threats.”

Examples of basic questions a preliminary DR self-audit might include:

1) How long since the plan was last reviewed and tested?

2) Have any new threats surfaced since the last plan review?

3) Does the DR plan account for all business-critical systems, apps and infrastructure?

4) How will data and equipment be restored? 

Of course, these considerations barely scratch the surface. But they can serve as a reminder that, natural or man-made, unplanned outages can strike without warning, and that there’s no time like the present to prepare.

About TeamLogic IT – Myrtle Beach 
From user end-points such as laptops, desktops and smartphones to servers, virtualization, cloud computing and IT optimization - TeamLogic IT covers your entire network both onsite and off premise so your data is there for you, when you need it. Their managed IT services are provided by an engineering team that is not only highly skilled, but constantly upgrading their own certifications in the dynamic and ever-changing technology field to better serve you. To learn how TeamLogic IT can help your business, visit TeamLogic IT or call 803-232-9200

Why Health Care Businesses Must Fortify Against Ransomware

by Chris Bianco, TeamLogicIT – Myrtle Beach

Ransomware rapidly is becoming the weapon of choice for cybercriminals targeting health care businesses. Per research shared in a recent Information Management article, health care organizations reported an 89% year-over-year increase in ransomware attacks, with smaller health care firms bearing the brunt of the onslaught.

Why are small health care companies such enticing targets for cybercrooks? Because “most don’t have adequate financial or technical resources to defend themselves” columnist Marcus Chung theorizes in the IM piece. Plus, Chung blames a few other factors:

Less complexity, lower risk than other cybercrimes – When hackers steal valuable patient records from a health care provider or payor, the culprits must find buyers for the data on the open market of the dark web, which Chung calls a “tricky” and risky proposition. After a successful ransomware incursion, perpetrators in essence are selling the victimized company’s stolen property back to it, which Chung says “improves the odds of getting paid quickly and quietly.”

Availability of cryptocurrencies – Paying ransom in real world requires delivering bundles of cash (which can be marked) or executing wire transfers (which can be traced.) But in the cyber realm anyone can establish a cryptocurrency account (called a wallet) in minutes. “With cryptocurrency,” Chung explains, “Neither the wallet nor the resulting transactions can be easily connected to any real-world identities.”

Accessible as a service – Developing malware in the past typically required significant coding skills. Today, illicit technology vendors sell “ransomware-as-a-service” kits at relatively low prices through illegitimate virtual markets. Some of these vendors even offer customer support for buyers.

Our readers know we’ve been tracking the rise of ransomware for several years, providing insight into disturbing trends as demonstrated by our recent post about the attack on the Professional Golf Association (PGA). Readers also know we’ve run series of articles customized for health care organizations, such as last fall’s piece about budgeting for data breaches. So, given the troubling intersection between ransomware assaults and health care businesses, we felt reiterating sage advice was in order. Here are some tips for fortifying against ransomware that we gleaned last year from IM’ssister publication HealthData Management:

• Increase the frequency of complete system backups; no one knows the day or the hour of an attack.

• Include ransomware in general planning for data breaches, with specifics for incident response.

• Check email security protocols for systems and networks more often than you did in the past.

• Know that comprised patient health information (PHI) means engaging HIPAA data breach procedures.

• Launch a ransomware-focused employee education program:

  • Focus on email, the main channel for attacks.

  • Provide samples of ransom popups and messages.

  • Show warning signs, such as missing file extensions or odd ones like “.crypted” or “.cryptor.”

  • Consider restricting peer-to-peer file sharing on networks, a common way ransomware spreads.

  • Teach that, when a device is attacked, disconnect from the internet and turn it off.

IT Managed Service Providers (MSPs) that specialize in health care firms can secure access points into protected health information and medical devices from ransomware, as well as general business systems. But does your MSP have the stuff of a health care cybersecurity guru? Read our recent post to find out.

About TeamLogic IT – Myrtle Beach

From user end-points such as laptops, desktops and smartphones to servers, virtualization, cloud computing and IT optimization - TeamLogic IT covers your entire network both onsite and off premise so your data is there for you, when you need it. Their managed IT services are provided by an engineering team that is not only highly skilled, but constantly upgrading their own certifications in the dynamic and ever-changing technology field to better serve you. To learn how TeamLogic IT can help your business, visit teamlogicit.com/MyrtleBeachSC or call 803-232-9200.

Mobile Devices Magnets for Security Breaches

phone.png

by Chris Bianco, TeamLogic IT – Myrtle Beach

Researchers in an IDG/Lookout survey of 100 business executives were surprised that 74 percent of the leaders polled said they had experienced a mobile-related security breach.

Maybe the revelation shouldn’t have been so surprising, given that 82 percent admitted that ‘most’ of their corporate data was accessible via mobile devices. Still, the news may be instructive to security-conscious companies that also have BYOD policies and practices in place. Survey respondents identified several sources through which their companies suffered data breaches, including:

• Vulnerable mobile apps (38 percent)

• Malware-rigged mobile apps  (30 percent)

• Unsecured WiFi connections (30 percent)

• Rooted and jailbroken devices (30 percent)

• Mobile apps that send or access sensitive data (28 percent)

• Apps downloaded from nonofficial  stores (15 percent)


Mobile devices are seldom a cyber thief’s primary attack vector, and none of the recent big-time breaches has been attributed to mobile devices. In fact, says InformationWeek’s Dark Reading blog, Windows PCs tethered to mobile WiFi devices, hotspots, and smartphones are the bad-guys’ sweet spot, accounting for 80 percent of all malware infections on today’s mobile infrastructure.

Still, it would be a big mistake to ignore mobile security best practices or discount the possibility of mobile breaches occurring in your company, especially given projected increases in the number of mobile users.


TeamLogic.jpg

About TeamLogic IT – Myrtle Beach 
From user end-points such as laptops, desktops and smartphones to servers, virtualization, cloud computing and IT optimization - TeamLogic IT covers your entire network both onsite and off premise so your data is there for you, when you need it. Their managed IT services are provided by an engineering team that is not only highly skilled, but constantly upgrading their own certifications in the dynamic and ever-changing technology field to better serve you. To learn how TeamLogic IT can help your business, visit TeamLogic IT or call 803-232-92

How to Prevent and Detect Cryptojacking

by Chris Bianco, TeamLogic IT – Myrtle Beach

Cryptojacking, illegally creating e-coin value for one’s own electronic piggy bank, requires massive computing power that far exceeds one or even dozens of PCs linked together. The practice, perpetuated by a new breed of cybercrooks called ‘crypto miners,' displaced ransomware last year as the top malware threat. To succeed, crooks must surreptitiously commandeer the power of other people’s servers and computers. The more machines they can jack, the more booty they can scam.

Last year, incidents involving machines in Russia, India and Taiwan netted hackers more than $3.6 million in value in just one month. The threat is growing rapidly because it requires only modest technical skills, and because exploit kits can be bought on the dark web for as little as $30. Moreover, the risk of being detected, caught and identified is far less than with ransomware or other attacks. With cryptojacking, crooks’ primary goal is to steal and use your machines' processing power, not to infect, ransom or pilfer network data. This typically happens in two (equally) nefarious ways: 1) with phishing-like tactics, using legitimate-looking emails that trick victims into clicking a poisoned link, and 2) by infecting websites or pop-up ads with ‘scripts’ that secretly deploy when clicked or displayed in a browser.

Script codes work continuously in the background, siphoning CPU cycles to line miners’ electronic pockets. Infections manifest through degraded performance and annoying system slowdowns. Overheating (from excessive CPU usage) and unusual spikes in energy consumption are other telltale signs of compromise. Make no mistake: the resulting costs can add up quickly. “Organizations with [multiple] cryptojacked assets can incur [significant labor and other] costs, in terms of help desk support and IT’s time replacing components.” 

You can reduce your company’s risk of unwanted cryptojacking through vigilant network monitoring (accompanied by strategic data analysis) and employee awareness training. Other defensive measures may include ad blockers, anti-mining browser extensions, web filtering and endpoint protections, all of which should be discussed in detail with your IT team and/or managed services provider.

If your systems aren’t performing normally or your users need additional security training, call TeamLogic IT today. 


TeamLogic.jpg

About TeamLogic IT – Myrtle Beach 
From user end-points such as laptops, desktops and smartphones to servers, virtualization, cloud computing and IT optimization - TeamLogic IT covers your entire network both onsite and off premise so your data is there for you, when you need it. Their managed IT services are provided by an engineering team that is not only highly skilled, but constantly upgrading their own certifications in the dynamic and ever-changing technology field to better serve you. To learn how TeamLogic IT can help your business, visit TeamLogic IT or call 803-232-92