Data Breach CRA, Colonial, and other high pofile attacks.

Data Breaches

A question to us this week with regards to a few of the high-profile data breaches was:

“Can you send out one of your newsletters explaining this situation and how it happens to a huge company like Colonial, and what your security is doing to prevent this type of situation?”

It is pertinent to repeat, courtesy of, Bloomberg what they said, “You’ve got to get the culture change at the top where the board is getting updated on their cybersecurity posture as often as production and revenues and EBITDA,” he said.

We are asked sometimes “If these big companies and the Tax Services of Canada are hacked how can JEI Tech stop it happening?”

  • You cannot stop having a puncture – so – maintain your tires and carry a spare tire in your car.
  • You cannot stop fires in a building – so – have fire protection systems and fire insurance.
  • You cannot stop being attacked on the web – so – use accepted security measures to prevent and minimize the impact on your business.

First and foremost, it is not currently public knowledge how the hackers accessed the systems at Colonial Pipelines (that may never be released). What we can say is they were most likely targeted with phishing e-mails and this is the most common method of accessing networks.

 

JEI Tech protects clients in the following ways

We recommend best practices which many of our clients are following. These are also Canadian and Albertan legislated requirements.

JEI Tech commonly used best practices:

  • A secure Firewall. We use WatchGuard Firewalls. WatchGuard includes a local agent to monitor for ransomware. Others we feel are good and work well if correctly configured and monitored are:
      • Meraki
      • Fortinet
      • Sophos
  • Monitored Computers and Antivirus. JEI Tech uses a RMM tool to manage the security and updates on all computers and servers. Windows automatic updates are not enough. Our RMM includes ransomware detection and isolation.
  • Secure E-mail
      • Either Microsoft Exchange with Office 365 or G-Suite, you need to include a Spam and phishing filter with this.
  • Cloud Backups. These allow us to restore lost or encrypted data in minutes for clients and fully virtualize their systems on the cloud in case of emergencies.
      • If you have a server we recommend Datto devices which backup your data every 1 or two hours and backup to the cloud every night.
      • If you do not have a server we would recommend a Datto device for your computers to backup to or a direct cloud backup per critical computer.

JEI Tech has deployed the below less commonly used security practices on our own network. All of which we are now going to be recommending to clients.

  • Two Factor Authentication
  • DNS Protection
  • Active Directory Cloud
  • Secure Wireless Devices
 

Questions for any company

Can you survive days without computers, e-mail and internet and stand to lose any or all your data? What will the effect on your business be?

If the Answer is NO then you need to ask these questions

  • Do you have a secure Firewall? (physical not your antivirus and this is not a router)
  • Do you have your systems monitored and updated automatically by a third party?
  • Do you have a local up to date firewall with antivirus on every system?
  • Do you have secure e-mail and are you using the latest software to handle your e-mail?
  • Are your wireless access points secure? There is currently only one provider who has a patented secure wireless device.
  • DO YOU HAVE 2FA? (Two Factor Authentication)
  • Do you have a Cyber Insurance Policy that will allow you and your IT to focus on the outage while they contact your clients and do damage control for you?

The biggest and most common reason for a breach is not the lack of security, but rather it is the people behind our desks. Not because of carelessness but due to the overload of e-mail, lack of training and the access to open internet. These are all factors you can address.

In the MSP community we have found the average cost of being secure is a minimum of $100 per computer/user. This does not include support.

“Whenever we talk about AI integrated into technology, the most common application that our clients are aware of is how facial recognition cameras can integrate with AI. With an appropriate data set, AI can proactively suggest a course of action based on a target’s background, prior behaviors, and other factors. This has obvious benefits for enhancing the security of any physical location,” stated Coleman, Director of JEI Tech . “However, AI is becoming more central to every facet of cybersecurity, as well. While the applications are still growing in widespread popularity, many business owners will soon be faced with this question: should I put my business on a ‘Smart Network’ or just on ‘a network?”

As more businesses utilize key SaaS (software-as-a-service) apps like Slack, Office 365, GSuite and Salesforce to power their operations, the more attractive those services have become to cybercriminals. JEI Tech is now leveraging AI to heighten defenses so that businesses can continue to work with their favorite SaaS applications, but can also rest assured that their access to those mission-critical programs remains 100% secure. AI is like adding another layer to an organization’s security stack that constantly evolves into a better version of itself.

AI is also entering the cybersecurity space as a tool for research and marketing purposes. Some AI-enabled applications can cross-analyze multiple publicly available databases to help businesses find their ideal clients’ names, email addresses, phone numbers and other relevant information in real-time. “AI is absolutely exploding, right now,” added Coleman. “The fact that technology can learn, become smarter and more efficient, means ultimately that the businesses who harness AI now, are poised to gain significant competitive advantages in their industry. In other words, the gap between early adopters and laggards is widening.”

The main driver for AI-based technology is simple: since cybercriminals have access to more advanced technologies, they have continued to devise new methods of infiltrating networks. Since those are built on the back of AI, the solution for SMBs who want to operate securely, must meet those strategies with equally sophisticated cyber defense tools. With the proper AI infrastructure, SMBs can not only outpace the innovation curve of cybercriminals, but they can also enhance their security across every area of the organization.

Take Our Cyber Security Quiz

How does your cyber security posture stack up? Take our short quiz to see!

Contact Info

John Coleman, Director
JEI Tech
(587) 208-6940
john@jei.tech
Brian Suerth
Technology Assurance Group
(858) 946-2112
brian@tagnational.com