High Profile Data Breaches Why they happen and how to stop them!

High Profile Data Breaches: Why they happen and how to stop them

A question to us this week with regards to a few of the high-profile data breaches was:

“Can you send out one of your newsletters explaining this situation and how it happens to a huge company like Colonial, and what your security is doing to prevent this type of situation?”

It is pertinent to repeat, courtesy of, Bloomberg what they said,

“You’ve got to get the culture change at the top where the board is getting updated on their cybersecurity posture as often as production and revenues and EBITDA,” he said.

We are asked sometimes “If these big companies and the Tax Services of Canada are hacked how can JEI Tech stop it happening?”

  • You cannot stop having a puncture – so – maintain your tires and carry a spare tire in your car.
  • You cannot stop fires in a building – so – have fire protection systems and fire insurance.
  • You cannot stop being attacked on the web – so – use accepted security measures to prevent and minimize the impact on your business.

First and foremost, it is not currently public knowledge how the hackers accessed the systems at Colonial Pipelines (that may never be released). What we can say is they were most likely targeted with phishing e-mails, and this is the most common method of accessing networks.

 

JEI Tech protects clients in the following ways

We recommend best practices which many of our clients are following. These are also Canadian and Albertan legislated requirements.

JEI Tech commonly used best practices:

  • A secure Firewall. We use WatchGuard Firewalls. WatchGuard includes a local agent to monitor for ransomware. Others we feel are good and work well if correctly configured and monitored are:
      • Meraki
      • Fortinet
      • Sophos
      • PaloAlto
  • Monitored Computers and Antivirus. JEI Tech uses a Remote Management and Monitoring (RMM) tool to manage security, vulnerabilities, health and updates on all computers and servers. Windows automatic updates are not enough. Our RMM includes ransomware detection and isolation.
  • Secure E-mail
      • Either Microsoft Exchange with Office 365 or G-Suite, you need to include a Spam and phishing filter with this.
  • Cloud Backups. These allow us to restore lost or encrypted data in minutes for clients and fully virtualize their systems on the cloud in case of emergencies.
      • If you have a server we recommend Datto devices which backup your data every 1 or two hours and backup to the cloud every night.
      • If you do not have a server we would recommend a cloud backup service for your computers and/or your cloud data to backup to separate and segmented location and provider.

JEI Tech has deployed the below less commonly used security practices on our own network. All of which we are now going to be recommending to clients.

  • Two Factor Authentication
  • DNS Protection
  • Active Directory Cloud
  • Secure Wireless Devices
 

Questions for any company

Can you survive days or even hours without computers, or e-mail, or internet and stand to possibly lose all your data? What will the effect on your business be? What happens if all of these were affected not just one?

If the Answer is NO then you need to ask these questions

  • Do you have a secure Firewall? (physical not your antivirus and this is not a router)
  • Do you have your systems monitored and updated automatically?
  • Do you have a local up to date antivirus, EDR, or XDR on every system?
  • Do you have secure e-mail and are you using filtering to protect your e-mail?
  • Are your wireless access points secure?
  • DO YOU HAVE 2FA? (Two Factor Authentication)
  • Do you have a Cyber Insurance Policy that will allow you and your IT to focus on the outage while they contact your clients and do damage control for you?

The biggest and most common reason for a breach is not the lack of security, but rather it is the people behind our desks. Not because of carelessness but due to the overload of e-mail, lack of training and the access to open internet. These are all factors you can address.

In the MSP community we have found the average cost of being secure is a minimum of $ 75-200 per computer/user. 

Take Our Cyber Security Quiz

How does your cyber security posture stack up? Take our short quiz to see!

Contact Info

John Coleman, Director
JEI Tech
(587) 208-6940
john@jei.tech
Brian Suerth
Technology Assurance Group
(858) 946-2112
brian@tagnational.com