Archive for category: Cloud Security

The Impact of the U.S. Government Eviction of Kaspersky

/2 Comments/in , , /by

The threat of Russian interference in the activities of the U.S. government, a drama that has been unfolding over the past several months, is now one that has entered the realm of cybersecurity.

The FBI is currently investigating whether Kaspersky Lab, a provider of anti-virus and cybersecurity software, has ties to Russian military and intelligence.

A leader in cybersecurity, with 400 million users worldwide, company leaders have denied ties to Russian military and intelligence since Kaspersky Lab was established in 1997.

As a measure of precaution, however, the U.S. government recently announced that agencies have 90 days to remove Kaspersky software from their systems.

This software ban could set a concerning precedent for the global cybersecurity industry.

What Are The Concerns?

Kaspersky software was once a major component of the U.S. government cybersecurity strategy, with anti-virus products protecting privileged files.

There are now concerns from top government officials that at any point, the Russian government could place pressure on Kaspersky Lab to allow access to critical U.S. government information.

Despite Kaspersky’s denial of any allegations and their offer to allow the U.S. to inspect its source code, security officials no longer have faith in Kaspersky products.

This is based on the ability to access and compromise federal information that could impact national security through an undetected back door.

What Does This Mean For Borderless Cybersecurity?

Currently, the global cybersecurity industry relies on mutual trust among the top firms.

Kaspersky Lab, in partnership with U.S. software firm, Symantec, identified the Regin trojan, a cyber-weapon already deployed throughout the intelligence community that could yet have international repercussions.

However, this movement to establish borders on cybersecurity not only restricts the flow of critical information that could be used in mitigating threats, but it shifts the level of confidence from one of trust to that of suspicion.

Ultimately, the ensuing defence posture will hinder efforts to prevent global threats.

Best Buy has also taken action, removing Kaspersky products from their shelves, but their software products are still widely used in many American and Canadian households.

Eliminating Kaspersky products completely will involve an entire shift in the national security infrastructure, significantly impacting cybersecurity.

The successful management of cybersecurity threats has relied on an international pool of experts.

The Kaspersky ban, despite good intentions, could impact government and private businesses, as credible cybersecurity threats may go undetected.

Confining cybersecurity to national software has the potential to reduce some risks, yet exacerbate others, and the entire industry will feel the impact either way.

If you are concerned about your cybersecurity, want to explore options beyond Kaspersky, or have insight into the impact this will have internationally, we’d love to hear your thoughts. Please comment below or join our conversation on Facebook.

Reducing Risk with Vulnerability Management

/0 Comments/in , /by

A comprehensive cybersecurity strategy requires multiple tools, none of which should be considered optional.

Many companies lack key components of strong security infrastructure, leaving them open to malicious attacks and breaches of sensitive information.

Proper cybersecurity measures can no longer exist as repairs alone, managing attacks as they occur.

This tactic is not only outdated, but it can completely destroy a company.

Vulnerability management is critical to your success, exposing and managing risks before an attack occurs.

What is Vulnerability Management?

Reducing Risk with Vulnerability ManagementVulnerability management (VM) is the process of identifying cybersecurity threats and reducing exposure to those threats, rather than addressing software gaps after the damage has already been done.

VM is a form of quality assurance, a means of preventing problems before they can occur and uncovering weaknesses within a system configuration.

Once you are alert to potential problems, you can proactively address security risks, to protect assets.

Why Should I Implement Vulnerability Management Solutions?

Regardless of business size, industry, or location, you are at risk to cyber-attacks.

Hackers are increasingly targeting small businesses in particular, aware that these businesses tend to lack proper cybersecurity precautions.

Cybersecurity, when viewed as a routine chore rather than a serious issue, can result in the failure of your entire business.

VM is a vital component of any cybersecurity strategy, and combatting attacks preemptively should rank high on your IT to-do list.

VM also helps in establishing a standardized process in identifying risks.

  • Discovery – This is the process of categorizing each of your computer assets to determine where they currently fall. What assets are configurations and which ones are patches? Identify which assets are currently in compliance or are vulnerable, with the understanding that your network is likely to change frequently.
  • Reporting – The raw data gathered in the discovery phase is of little use without available IT to interpret. Generate reports that speak to upper management or operations departments, outlining the greatest risks.
  • Prioritization – Once the data is interpreted, you must prioritize what risks need to be mitigated and when. This offers IT guidelines on how resources should be applied in the configuration of new systems.
  • Risk response – This is how an organization chooses to address the present weaknesses, whether they are corrections, reductions, or some acceptance of risk.

Will Vulnerability Management Solve My Security Problems?

No security system is infallible, but VM is the foundation of a strong cybersecurity strategy.

Proper mitigation of risks requires continuous effort, regular scans, and management oversight.

Understanding the vulnerabilities in the context of your organization will help secure your sensitive information, as well as run an effective cybersecurity program.

Every organization must take responsibility for mitigating risk in every way possible.

Vulnerability management is a key part of a comprehensive cyber risk mitigation strategy.

The ITeam can help you determine where you’re at risk and what steps you need to take now. Contact us today for more information.

Improve IT Security with Multifactor Authentication

/0 Comments/in , , , /by

Improve IT Security with Multifactor Authentication

Security breaches are a daily occurrence, making headlines on a regular basis.

Costly incidents are happening more and more frequently across all industries and businesses.

Every business leader is charged with beefing up IT security and protecting both proprietary data and customer information, but network security alone is no longer enough.

Multifactor authentication is one of many new layers of security that businesses must consider, to help thwart additional attacks.

What Is Multifactor Authentication?

Multifactor authentication (MFA), sometimes called two-factor authentication, is a crucial security layer requiring more than one authentication method to verify a user’s identity.

It blocks all access to a device, network, or terminal unless two of three factors are provided: something you have, something you know, or something you are.

These independent identity authorizations include a password, a security token, and often, a biometric verification.

How Multifactor Authentication Works

MFA makes it virtually impossible for someone to hack into a user’s devices, the network, or a database.

Most consumers use multifactor authorization all the time without realizing it. When you use a bank’s ATM machine, you swipe a card and enter a pin.

That is multifactor authorization.

But businesses need to begin recognizing the significance of containing security breaches by implementing MFA as a part of their overall IT security strategy.

The combinations for multifactor authentication are limitless:

Card swipe + pin

  • Username + password + texted access code
  • Card swipe + fingerprint + security question or password

Cyber Attacks Costs Everyone

The average cost of a data breach in Canada is $6 million, and half of all cyber-attacks on Canadian businesses are successful, with more than 51 percent of businesses reporting losses.

Multifactor authentication technology should not replace existing security (firewalls, malware detection, hosted email exchange, offsite backup and recovery).

Instead should be used to augment security, making it far more difficult for anyone other than the intended party to access sensitive information.

Combined with other security measures, such as stronger employee passwords, robust email security, and secure hosted services, multifactor authentication is an essential element of your organization’s overall security efforts.

MFA can prevent hackers from achieving a brute force entry into your network.

It’s much harder to breach a network using a fingerprint or a one-time-use access code texted to a single mobile device than it is to guess an employee’s password that is likely written on a sticky note under their keyboard.

As technology fundamentally changes how we do business, serve customers, and meet compliance standards, business leaders must re-evaluate whether their current IT strategies are meeting their needs.

The ITeam is committed to helping Calgary- and Alberta-based businesses develop proactive IT strategies that keep them competitive. Contact us to learn more.

How a Cloud-Based Business Helps You Attract Talent

/0 Comments/in , /by

How a Cloud-Based Business Helps You Attract Talent

Hiring and retaining top talent is always a challenge.

Having the ability to retain the best people is something that is on the mind of virtually every CEO and HR executive.

Engagement and retention are essential for remaining competitive in a global economy.

The companies with the best talent win.

So how do you attract talent, develop a leadership pipeline, build resilience into your business, and appeal to the now-dominant millennial generation?

Get your head – and your business – in the cloud.

Why a Cloud-Based Business Equals Better Talent

The most successful companies recognize that better retention, happier employees, and more productivity come from recognizing that a good portion of the talented people you need won’t be looking for a position with your company and may not even be people that you can hire full-time.

In fact, 17 percent of today’s workforce is part of the on-demand economy, signifying that many professionals are happy to provide the skills you need – on their terms.

This means more than just offering flex hours.

It means making your business operations securely accessible online so that your employees can just as easily live in the next continent as they can the next town.

Greg Arnette, founder and CTO of Sonian, a cloud-based email archiving company, explained that a distributed workforce strengthened their ability to attract and retain the best talent:

“We support a distributed team development model, which means we can recruit across the country for the best talent and are not constrained by hotly contested talent clusters in Silicon Valley, NYC or Boston. We’re able to source the best people from Denver, Seattle, Syracuse, Portland and other leader, but smaller, cities. We recognized early this was a way to differentiate.”

Cost Savings Exist for Cloud-Based Businesses

Beyond the standard savings that can be realized from an operational standpoint by shifting to the cloud, having the ability to offer flexible, remote work opportunities can help your organization save even more money.

Consider the amount of money and time that go into training a new hire.

It can be a huge loss if that person has to quit their job because they move, need to be closer to home, or require more flexibility.

When you have a cloud-based business, it’s more likely you’ll be able to retain that talent and experience by offering the flexibility required, rather than losing the institutional knowledge they’ve gained and being forced to incur the expense of training someone new.

Succeeding with a Remote Workforce

Bringing your business into the cloud is relatively simple when you have partnered with the right Managed Services provider.

The bigger challenge is fostering growth and development with a team you rarely if ever, see in person.

Whether all of your employees or only a few are remote, you can provide on-demand cloud-based solutions to help them succeed.

Make sure you have tools in place that let them feel like they are part of the team:

Develop effective and reliable communications (apps, VoIP, and other tools), and provide opportunities to grow with the company and take on new responsibilities.

Remote workers and on-demand talent need accessible leaders and opportunities for professional development to make your company the best choice for their skills.

We’re dedicated to helping Calgary- and Alberta-based businesses make changes now to remain competitive, flexible, and ready to face whatever challenges come their way. We do this by providing essential IT support and customized services designed to meet the needs of your business.

The ITeam will work with you to develop a cost-effective and comprehensive IT strategy that will help you survive economically stressful times and attract the talent you need to thrive. Contact us for a free consultation.