Keeping sensitive data and critical tech safe from cyberattacks is crucial for businesses like yours. Your survival and growth depend on how well your organization can withstand cyberthreats. That’s where cyber risk management comes into play.

Businesses with solid cyber risk management strategies can build formidable cyber defenses and reduce risks without compromising business growth. Besides enhancing security, it also ensures your business stays compliant.

In this blog, we’ll share the core principles of cyber risk management and show you how integrating it with a simple but effective security framework can help you achieve strategic success.  

Key Characteristics of Risk-Based Cybersecurity

Risk-based cybersecurity helps organizations focus their efforts and resources on the most critical risks. This approach aims to reduce vulnerabilities, safeguard what matters most to you and ensure you make informed decisions.

Here are the key characteristics of risk-based cybersecurity:

Risk reduction: By proactively identifying and neutralizing threats, you can reduce and minimize the potential impact of a cyber incident.

Prioritized investment: By identifying and assessing risks, you can concentrate your investment efforts on areas that need your attention most.

Addressing critical risks: Dealing with the most severe vulnerabilities first can help you strengthen your business security. That is why it is important to conduct vulnerability assessments regularly, at least every quarter if not more frequently. 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices to assist with vulnerability management. Visit us here to learn how we can help take this off your IT plate.

Cyber Risk Management Frameworks

Cybersecurity risk frameworks act as a guide that helps businesses achieve the full potential of a risk-based approach. Here are several ways frameworks can help you enhance your current cybersecurity posture:

• Takes away the guesswork and give businesses a structured way to assess their current cybersecurity posture.
• Helps organizations systematically focus their investments on addressing the most critical and relevant risks.
• Provides organizations with the right guidance that helps build security, which is crucial for building customer trust.
• Are built using controls that have been tried and tested. They essentially help businesses implement effective security controls.
• Designed to help organizations achieve compliance with government and industry regulations.

NIST Cybersecurity Framework

The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) is a popular, user-friendly framework that empowers business leaders like you to boost organizational cybersecurity. Think of it as a valuable tool created by top security experts to help you protect and secure your digital assets.

Here’s how the NIST CSF supports a risk-based approach:

• It helps you understand your risk by identifying what is most valuable to you.
• It gives you a high view of people, processes, technology, information and other business-critical aspects that need to be secured from threats so your business can operate successfully.
• It helps you prioritize your risks based on their impact on your business.
• It helps you allocate your resources where they matter most and ensures you maximize your investment.
• It promotes continuous monitoring and helps you adapt to evolving threats.

Secure your Future

Safeguarding your business from cyberthreats is critical for the survival and growth of your business. Don’t leave your business security to chance. Partnering with Databranch as your managed IT provider, means your business will have the security of knowing that your network is being monitored and maintained on a 24/7 basis.

Download our infographic, “Assess Your Cyber-Risks in 7 Critical Steps,” and strengthen your defenses against lurking cyber dangers.

Read More

We live in an era where organizations are increasingly aware of the ever-changing cybersecurity landscape. Despite billions of dollars invested worldwide to fend off cyberthreats, cybercriminals still manage to penetrate even the strongest security defenses.

They relentlessly exploit vulnerabilities with one primary target in mind — employees. Cybercriminals perceive employees as the weakest link in an organization’s cybersecurity perimeter. However, you can address and shore up this vulnerability through proper training.

Strengthening employee security awareness is paramount in safeguarding your business. In this blog, we’ll look at why employees are prime targets for cybercriminals and explore the critical significance of enhancing their security awareness. By recognizing vulnerabilities, we can proactively mitigate risks and empower your workforce to actively defend against cyberattacks.

The Vulnerabilities Within

Is your organization dealing with any of the following?

Lack of Awareness

One of the key reasons employees fall prey to cybercriminals is their limited knowledge of common cybersecurity threats, techniques and best practices. Cybercriminals can launch phishing attacks, malware infections and social engineering ploys by exploiting this knowledge gap among your employees.

Privileged Access

Employees often hold privileged access to critical systems, sensitive data or administrative privileges that cybercriminals crave. By compromising your employees’ accounts, cybercriminals can gain unauthorized access to valuable assets, wreaking havoc within your organization.

Social Engineering Tactics

Cybercriminals are masters of manipulation, leveraging social engineering tactics to deceive employees into disclosing sensitive information, sharing login credentials or unwittingly compromising security measures. These tactics can exploit human emotions, trust and curiosity, making your employees unintentional accomplices in cybercrime.

Bring Your Own Device (BYOD) Trend

The rising trend of BYOD can expose your organization to additional risks. Employees accessing business information and systems from personal devices that often lack the robust security controls of company-issued devices create vulnerabilities that cybercriminals can exploit.

Remote/Hybrid Work Challenges

The shift towards remote and hybrid work arrangements introduces new security challenges for businesses like yours. Unsecured home networks, shared devices and distractions can divert employee focus from cybersecurity best practices, increasing their susceptibility to attacks.

Best Practices for Developing an Engaging Employee Security Training Program

To fortify your organization’s security, implement an engaging employee security training program using these best practices:

Assess Cybersecurity Needs

Understand the specific cybersecurity risks and requirements your organization faces. Identify areas where employees may be particularly vulnerable.

Define Clear Objectives

Set concrete goals for your training program, outlining the desired outcomes and essential skills employees should acquire.

Develop Engaging Content

Create interactive and easily digestible training materials for your employees. Use real-life examples and scenarios to make the content relatable and memorable.

Tailor Targeted Content

Customize the training to address your organization’s unique challenges and risks. Make it relevant to employees’ roles and responsibilities.

Deliver Consistent, Continuous Training

Establish a regular training schedule to reinforce cybersecurity awareness and foster a culture of ongoing learning. Keep your employees up to date with the latest threats and preventive measures.

Measure Effectiveness and Gather Feedback

Continuously evaluate your training program’s effectiveness through assessments and feedback mechanisms. Use the data to refine and improve the program.

Foster a Cybersecurity Culture

Encourage employees to take an active role in cybersecurity by promoting open communication, incident reporting and shared responsibility for protecting company assets.

Collaborate for Success

Investing in employee security awareness can transform your workforce into a formidable line of defense, safeguarding your business from cybercriminals and ensuring a more resilient future.

Ready to empower your employees as cybercrime fighters but unsure where to start?

Contact Databranch today at 716-373-4467 x6 or [email protected]. We can discuss our Breach Prevention Platform and Security Awareness Training with simulated phishing tests that engages your team and strengthens your organization’s defenses against evolving cyberthreats.

Read More

What is Ransomware?

Ransomware is a type of malware that encrypts data on a computer or network into an unreadable format until a sum of money, or ransom, is paid.

How does Ransomware Work?

When run, ransomware will scan the file storage disk for files to encrypt – typically documents, spreadsheets, etc. The files are encrypted with a key that only the attackers know, thus preventing your access to the files. Then, threat actors hold you files hostage, demanding a ransom to be paid for you to get your access back.

How do Hackers Sneak into an Environment?

Hackers are stealthy and can sneak in using many different approaches. Here are a few of the most popular ways that hackers gain access:

• Phishing: This is when a threat actor tricks someone into handling over their sensitive, personal information, such as a credit card or Social Security number. The victim believe they’re handing over their information to a trustworthy resource when in reality, they’re giving their information to threat actors.
• Public-Facing Vulnerabilities: Threat actors scour the internet looking for systems with known vulnerabilities. Then, they exploit them to gain access to the environment.
• Drive-By Downloads: This is when someone navigated to a malicious webpage and unknowingly downloads malicious code to their computer – all by visiting the webpage.
• Purchased Access: There’s a marketplace for everything these days, and cyberattacks are no exception. The dark web is a treasure trove of hackers for hire and deployable ransomware for download.

Ransomware Prevention

1. Keep your computer updated and patched.
2. Verify, then trust.
3. Make sure your connection to a site is secure before submitting any personal information.
4. Stay up-to-date on the latest cybersecurity education.

Ransomware Detection

Prevention is only part of the puzzle. Some attacks are virtually impossible to prevent. It all comes down to fast detection and response times, which help you combat tomorrow’s threats that may not be detectable today.

The most efficient way to detect ransomware is to leverage the tools in your security stay. 

Secure your business with a cybersecurity platform that secure your business and detects hackers. To protect our managed clients, we deploy a suite of cybersecurity tools that are backed by a 24/7 Threat Operations Center that worked to protect your assets and evict malicious actors.

Reach out to Databranch today at 716-373-4467 x115 or [email protected] to learn more.

Read More

Companies both large and small share this one cybersecurity problem. They have computers that are still running older operating systems. Staff might use these devices only occasionally or the company may be running customized software that won’t run on newer OS versions.

The problem is that when the OS becomes outdated, the system is open to cyberattacks. When Microsoft or another developer retires an OS, it means that it is no longer supported. No more feature updates and no more security patches for newly found vulnerabilities.

The latest operating system to lose all support is Windows 8.1. Microsoft released the OS in 2013, and it was officially retired on January 10, 2023. Microsoft issued the following warning for companies:

“Continuing to use Windows 8.1 after January 10, 2023 may increase an organization’s exposure to security risks or impact its ability to meet compliance obligations.”

Here are a few facts you should know about what this retirement of Windows 8.1 means.

The OS Will Still Technically Work

When an operating system reaches its end of life, it doesn’t just stop working. Thus, many companies go on using it without realizing the security risk. Technically, the OS will work as it did the day before retirement. But it’s a lot less safe due to the loss of support.

Your System Will No Longer Receive Security Patches

Software and OS vulnerabilities are sought out and exploited all the time. This is what hackers do for a living. The vulnerability cycle usually begins with hackers finding a software “loophole.” They then write code to exploit it that allows them some type of system access.

The software developer learns of this, usually once hackers start breaching systems. They write code to fix that vulnerability. Developers then send the fix to users via an update that they install. This protects the device from one or more hacker exploits.

When an OS reaches its end of life, these fixes are no longer made. The developer has moved on to focus on its newer products. So, the vulnerability remains. It leaves a device vulnerable to hacks for days, months, or years afterward.

Approximately 61% of security vulnerabilities in corporate networks are over five years old.

Visit us here to learn more about penetration testing and how it helps identify the vulnerabilities in your business.

Options for Upgrading

If you have a computer that is still running Windows 8.1, you have two options for upgrading. You can opt for Windows 10 or Windows 11. If the computer is running such an old OS, there is a chance your system may not meet the requirements for one or both. In this case, you may need to buy a new device altogether.

Microsoft states that there is no free option to upgrade from 8.1 to Windows 10 or 11. Some of the advantages you gain when upgrading include:

• Better built-in security
• Faster processing
• Capability for more modern features (like facial recognition)
• Improved accessibility features
• Updated productivity tools (like snap layouts in Windows 11)

What Happens If I Don’t Upgrade?

Security & Compliance Issues

Your data security is at risk if you stay on Windows 8.1. Without any security updates, any vulnerabilities will stay unpatched. This leaves your system highly vulnerable to a breach. One hacked system on a network can also cause the breach or malware infection to spread to newer devices.

If you have to comply with a data privacy regulation, like HIPAA, you’ll also run into issues. Data privacy rules dictate making reasonable efforts to protect data. Using a device with an outdated OS jeopardizes meeting compliance. 

Slowed Productivity

The older a system gets, the slower it will get. Staff that must work on outdated software often complain that it hurts productivity. 77% of surveyed employees were frustrated with outdated tech. Employees dealing with outmoded systems may also quit. They are 450% more likely to want to leave and work elsewhere.

An outdated operating system can hold your staff back. They miss out on modern time-saving features. They can also run into problems with bugs that will no longer get fixed.

Incompatibility With Newer Tools

Software and hardware developers aren’t looking back. Once Microsoft retires an OS, they aren’t prioritizing its compatibility. In fact, some may not want their product to be compatible with it because of the liability.

When you have issues using modern software and hardware it hurts your business. You become less competitive and begin to fall behind. Staying on an outmoded OS keeps you stuck in the past.

Get Help With Your Windows Upgrades

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. To learn more about how we can help take this off your IT plate or help your organization upgrade to a system with a supported operating system, call 716-373-4467 x 115, email [email protected] or visit us here to learn more.

Article used with permission from The Technology Press.

Read More

When the year is coming to a close, it’s the perfect time to plan for the future. Most businesses begin the year with the hope of growing and improving operations. Much of how a business operates depends on technology. So, it makes sense to look to your IT for areas of optimization.

A year-end technology review provides an opportunity to look at several areas of your IT. The goal is to take time to focus on improvements you can make to boost your bottom line. As well as what tactics to take to reduce the risk of a costly cyberattack.

A recent study by Deloitte looked at digitally advanced small businesses. Small businesses that make smart use of technology are well ahead of their peers. Here are some of the ways they excel:

• Earn 2x more revenue per employee
• Experience year-over-year revenue growth nearly 4x as high 
• Had an average employee growth rate over 6x as high

The bottom line is that companies that use technology well, do better. They are also more secure. According to IBM, businesses that have an incident response plan reduce the costs of a data breach by 61%. Using security AI and automation can lower costs by 70%.

As the year is coming to an end, take some time to do a technology review with one of our experienced team members. This will set you up for success and security in the coming year.

Considerations When Reviewing Your Technology at Year-End

The goal of a year-end technology review is to look at all areas of your IT infrastructure. Security, efficiency, and bottom-line considerations will be the key drivers for future initiatives.

Technology Policies

When technology policies get outdated, people stop following them. Review all your policies to see if any of them need updating to reflect new conditions. For example, if you now have some staff working from home, make sure your device use policy reflects this.

When you update policies, let your employees know. This gives them a refresher on important information. They may have forgotten certain things since onboarding.

Disaster Recovery Planning

When is the last time your company did an incident response drill? Is there a list of steps for employees to follow in the case of a natural disaster or cyberattack?

Take time to look at disaster recovery planning for the new year. You should also put dates in place for preparedness drills and training in the coming months.

Interested in learning more? Click here to read about the backup recovery and disaster recovery solutions we have available to protect your business.

IT Issues & Pain Points

You don’t want to go through a big IT upgrade without considering employee pain points. Otherwise, you might miss some golden opportunities to improve staff productivity and wellbeing.

Survey your employees on how they use technology. Ask questions about their favorite and least favorite apps. Ask what struggles they face. Let them tell you how they feel technology could improve to make their jobs better.

This, in turn, benefits your business. It can also help you target the most impactful improvements.

Privileged Access & Orphaned Accounts

Do an audit of your privileged accounts as part of your year-end review. Over time, permissions can be misappropriated. This leaves your network at a higher risk of a major attack.

You should ensure that only those that need them have admin-level permissions. The fewer privileged accounts you have in your business tools, the lower your risk. Compromised privileged accounts password open the door to major damage. Read more about local admin privileges and the associated risks.

While going through your accounts, also look for orphaned accounts. You need to close these because they’re no longer used. Leaving them active poses a security risk.

IT Upgrade & Transformation Plans for the New Year

If you make IT upgrades and decisions “on the fly” it can come back to bite you. It’s best to plan out a strategy ahead of time, so you can upgrade in an organized way.

Have a vulnerability assessment performed. This gives you a list of potential problems your company should address. Eliminating vulnerabilities improves your cybersecurity and planning ahead will allow you to budget for your upgrades while avoiding unplanned expenses

Request your free baseline security assessment here.

Cloud Use & Shadow IT

Review your use of cloud applications. Are certain apps hardly used? Do you have redundancies in your cloud environment? A review can help you cut waste and save money.

Also, look for uses of shadow IT by employees. These are cloud applications that are being used for work but did not go through approval. Management may not even be aware of them. Remove this security risk by either closing the accounts or officially approving them.

Customer-Facing Technology

Don’t forget to look at the customer experience of your technology infrastructure. Go through your website and contact process as a customer would.

If you get frustrated by things like site navigation, then your customers and leads may be too. Include optimizations to your customer-facing technology in your new year plans.

Schedule a Technology & Security Assessment Today!

We can help you with a thorough review of your technology environment to give you a roadmap for tomorrow. Contact us today at 716-373-4467 x 115, [email protected], or fill out the form below to see how we can make the most out of your technology infrastructure for next year.

Article used with permission from The Technology Press.

Read More

Software vulnerabilities are an unfortunate part of working with technology. A developer puts out a software release with millions of lines of code. Then, hackers look for loopholes that allow them to breach a system through that code.

The developer issues a patch to fix the vulnerability but it’s not long before a new feature update causes more. It’s like a game of “whack-a-mole” to keep your systems secure.

Keeping up with new vulnerabilities is one of the top priorities of IT management firms. It’s important to know which software and operating systems are being attacked.

Without ongoing patch and update management, company networks are vulnerable while these attacks are completely avoidable. 82% of U.S. cyberattacks in Q1 of 2022 were due to exploiting patchable vulnerabilities. 

What new vulnerabilities are lurking in products from Microsoft, Google, Adobe, and others? We’ll go through several. These were recently noted in a warning by the Cybersecurity and Infrastructure Security Agency (CISA).

Make Sure to Patch Any of These Vulnerabilities in Your Systems

Microsoft Vulnerabilities

Microsoft vulnerabilities include those in three of its products. Internet Explorer (IE) is one of them. Microsoft discontinued IE in June of 2022. You should remove this from any computers that still have it installed.

You’ll see the acronym “CVE” used in the vulnerability names. This is an industry-standard naming structure. It stands for Common Vulnerabilities and Exposures.

Here is a rundown of these vulnerabilities and what a hacker can do:

• CVE-2012-4969: This Internet Explorer vulnerability allows the remote execution of code. This is a “critical” vulnerability because of the damage it enables. Hackers can release this via a website. Thus, formerly safe sites can become phishing sites when hackers exploit this loophole.
• CVE-2013-1331: This is a flaw in the code for Microsoft Office 2003 and Office 2011 for Mac. It enables hackers to launch remote attacks. It exploits a vulnerability in Microsoft’s buffer overflow function. This allows hackers to execute dangerous code remotely.
• CVE-2012-0151: This issue impacts the Authenticode Signature Verification function of Windows. It allows user-assisted attackers to execute remote code on a system. “User-assisted” means that they need the user to assist in the attack. Such as by opening a malicious file attachment in a phishing email.

Google Vulnerabilities

Google Chrome and applications built using Google’s Chromium V8 Engine are also on the list. These applications are targets of the following vulnerabilities.

• CVE-2016-1646 & CVE-2016-518: These both allow attackers to conduct denial of service attacks. They do this against websites through remote control. This means they can flood a site with so much traffic that it crashes.
• Those aren’t the only two code flaws that allow hackers to crash sites this way. CVE-2018-17463 and CVE-2017-5070 are two others that both do the same thing. Like all these others, they both have patches already issued that users can install to fix these holes.

Adobe Vulnerabilities

People use Adobe Acrobat Reader widely to share documents. It makes it easy to share them across different platforms and operating systems. But it’s also a tool that’s on this list of popular vulnerabilities. 

• CVE-2009-4324: This is a flaw in Acrobat Reader that allows hackers to execute remote code via a PDF file. This is why you can’t trust that a PDF attachment is going to be safer than other file types. Remember this when receiving unfamiliar emails.
• CVE-2010-1297: This memory corruption vulnerability. It allows remote execution and denial of service attacks through Adobe Flash Player. Like IE, the developer retired Flash Player. It no longer receives support or security updates. You should uninstall this from all PCs and websites.
•  

Netgear Vulnerability

Netgear is a popular brand of wireless router. The company also sells other internet-connected devices. These are also vulnerable, due to the following flaws. 

• CVE-2017-6862: This flaw allows a hacker to execute code remotely. It also enables bypassing any needed password authentication. It’s present in many different Netgear products.

Cisco Vulnerability

• CVE-2019-15271: This is a vulnerability in the buffer overflow process of Cisco RV series routers. It gives a hacker “root” privileges. This means they can basically do anything with your device and execute any code they like.

Patch & Update Regularly!

These are a few of the security vulnerabilities listed on the CISA list. You can see all 36 that were added here.

How do you keep your network safe from these and other vulnerabilities?  You should patch and update regularly. Work with a trusted IT professional to manage your device and software updates. This ensures you don’t have a breach waiting to happen lurking in your network.

Automate Your Cybersecurity Today

Patch and update management is just one way that we can automate your cybersecurity. Contact us today at 716-373-4467 x 115, [email protected] or fill out the form below to learn how else we can help by scheduling a consultation today. 

Article used with permission from The Technology Press.

Read More

Heads Up Financial Institutions!

The Federal Trade Commission (FTC) announced the first cybersecurity updates to the Gramm Leach-Bliley Act (GLBA) Safeguards Rule since 2003. The new rule strengthens the required security safeguards for customer information. This includes formal risk assessments, access controls, regular penetration testing and vulnerability scanning, and incident response capabilities, among other things.

Most of these changes go into effect in December 2022, to provide organizations time to prepare for compliance. Below, details the changes in comparison to the previous rule.

Background on the Safeguards Rule

GLBA requires, among other things, a wide range of “financial institutions” to protect customer information. Enforcement for GLBA is split up among several different federal agencies, with FTC jurisdiction covering non-banking financial institutions in the Safeguards Rule. Previously, the Safeguards Rule left the implementation details of several aspects of the information security program up to the financial institution, based on its risk assessment.

The Safeguards Rule broad definition of “financial institutions” includes non-bank businesses that offer financial products or services — such as retailers, automobile dealers, mortgage brokers, non-bank lenders, property appraisers, tax preparers, and others. The definition of “customer information” is also broad, to include any record containing non-public personally identifiable information about a customer that is handled or maintained by or on behalf of a financial institution.

Updates to the Safeguards Rule

Many of the other updates’ concern strengthened requirements on how financial institutions must implement aspects of their security programs. Below is a short summary of the changes.

Overall Security Program

Current rule: Financial institutions must maintain a comprehensive, written information security program with administrative, technical, and physical safeguards to ensure the security, confidentiality, and integrity of customer information.

Updated rule: The updated rule now requires the information security program to include the processes and safeguards listed below (i.e., risk assessment, security safeguards, etc.).

Effective date: December 2022

Risk Assessment

Current rule: Financial institutions are required to identify internal and external risks to security, confidentiality, and integrity of customer information. The risk assessment must include employee training, risks to information systems, and detecting and responding to security incidents and events.

Updated rule: The update includes more specific criteria for what the risk assessment must include. This includes criteria for evaluating and categorizing of security risks and threats, and criteria for assessing the adequacy of security safeguards. The risk assessment must describe how identified risks will be mitigated or accepted. The risk assessment must be in writing.

Effective date: December 2022

Security Safeguards

Current rule: Financial institutions must implement safeguards to control the risks identified through the risk assessment. Financial institutions must require service providers to maintain safeguards to protect customer information.

Updated rule: The updated rule requires that the safeguards must include

• Access controls, including providing the least privilege;
• Inventory and classification of data, devices, and systems;
• Encryption of customer information at rest and in transit over internal networks;
• Secure development practices for in-house software and applications;
•  Multi-factor authentication;
• Secure data disposal;
•  Change management procedures; and 
• Monitoring activity of unauthorized users and detecting unauthorized access or use of customer information.

Effective date: December 2022

Testing and Evaluation

Current rule: Financial institutions must regularly test or monitor the effectiveness of the security  safeguards and make adjustments based on the testing.

Updated rule: Regular testing of safeguards must now include either continuous monitoring or periodic penetration testing (annually) and vulnerability assessments (semi-annually).

Effective date: December 2022

Incident Response

Current rule: Financial institutions must include cybersecurity incident detection and response in their risk assessments and have safeguards to address those risks.

Updated rule: Financial institutions are required to establish a written plan for responding to any security event materially affecting confidentiality, integrity, or availability of customer information.

Effective date: December 2022

Workforce and Personnel

Current rule: Financial institutions must designate an employee to coordinate the information security program. Financial institutions must select service providers that can maintain security and require service providers to implement the safeguards.

Updated rule: The rule now requires designation of a single “qualified individual” to be responsible for the security program. This can be a third-party contractor. Financial institutions must now provide security awareness training and updates to personnel. The rule now also requires periodic reports to a Board of Directors or governing body regarding all material matters related to the information security program.

Effective date: December 2022

Scope of Coverage

Updated rule: The FTC update expands on the definition of “financial institution” to require “finders” — companies that bring together buyers and sellers — to follow the Safeguards Rule. However, financial institutions that maintain customer information on fewer than 5,000 consumers are exempt from the requirements of a written risk assessment, continuous monitoring or periodic pen testing and/or vulnerability scans, incident response plan, and annual reporting to the Board.

Effective date: November 2021 (unlike many of the other updates, this item was not delayed for a year)

Incident Reporting

In addition to the above, the FTC is also considering requirements that financial institutions report cybersecurity incidents and events to the FTC. Similar requirements are in place under the Cybersecurity Regulation at the New York Department of Financial Services. If the FTC moves forward with these incident reporting requirements, financial institutions could expect the requirements to be implemented in early 2023.

Financial institutions with robust security programs will already be performing many of these practices. For them, the updated Safeguards Rule will not represent a sea change in internal security operations. However, by making these security practices a formal regulatory requirement, the updated Safeguards will make accountability and compliance even more important.

Interested in speaking with an experienced team member about the material covered in this article? Contact us today at 716-373-4467 x 115 or [email protected] to schedule your appointment.

Read More

Benjamin Franklin once said, “An ounce of prevention is worth a pound of cure.” This age old advice is easily applied to the digital world we live in today. Computers, applications and networks are under constant attack by hackers who are extremely motivated by big financial gains.

An effective patch and vulnerability management program has the ability to stop most hackers dead in their tracks. It greatly reduces the risk associated with the exploitation of a neglected or un-patched computer system.

Year after year, we learn that the vast majority of successful cyber-attacks have exploited unpatched computers and / or unpatched applications. What is even more interesting is that most of the patches for these compromised systems had been available to install for months, if not years prior to the cyber-attack.

There is no doubt that the combination of routine vulnerability scanning and the timely installation of system patches will make it much more difficult for a hacker to compromise your computer systems and information.

Here are 7 steps to help you build an effective patch and vulnerability management program:

Inventory Systems and Applications

Before we attempt to patch computers, operating systems and applications, we first must know of their existence. It is important to maintain an inventory of all computing assets. If possible, use inventory software to assist with the task but at the least, make sure the inventory is completed using manual means.

Monitor for Vulnerabilities

Vendors will release patches at regular intervals as new vulnerabilities are discovered. You must know when new patches are available to install otherwise, you risk not installing patches in a timely manner – or installing them at all. Good mechanisms to use for monitoring vulnerabilities include a combination of:

1. Checking the vendor website and subscribing to mailing list
2. Regular vulnerability scanning
3. Checking vulnerability databases, such as the National Vulnerability Database
4. Relying on an enterprise patch management tool.

Click here to learn more about our Security Assessment and to request your Free Baseline Security Assessment.

Selecting Patches to Apply

Deciding which patches are ultimately installed is typically based on the criticality of the patch, importance of the system being patched, the resources required to install the patch and assurance of post install system functionality. It is good practice to at a minimum, install all “Critical” and “Security” patches.

Testing

Prior to installing patches, it is important to install patches in a test or non-production computing environment. This will assure that the installation of the patch will not cause any adverse outages or system disruption when it is ultimately installed in a production computer environment.

Verify Backup

Despite the testing efforts completed in the previous section, it is still conceivable that the installation of a patch will create unanticipated issues or outages. For this reason, it is important that you verify the system or application being patched has recent data backup that can easily be restored if needed.

Automate Patching

The National Institute of Standards and Technology (NIST) recommends that patch installation should be automated using enterprise patch management tools or alternative options. Manually installing patches is expensive and inconsistent. Where possible, be sure that systems are automatically updated according to your patch management program parameters.

Verify Installation

The installation of a patch should always be confirmed by either re-scanning the system with a vulnerability scanner and / or reviewing log files.

Patching Equals Prevention 

All Databranch Comprehensive Care and Foundation Security clients have scheduled automatic patching and Windows updates on their devices. To learn more about how we can help take this off your IT plate, call 716-373-4467 x 15, email [email protected] or visit us here to learn more.

Article curtesy of CyberStone.

Read More

One constant about technology is that it changes rapidly. Tools that were once staples, like Internet Explorer and Adobe Flash, age out and get replaced by new tools. Continuing to use discontinued technology can leave computers and networks vulnerable to attacks.

While older technology may still run fine on your systems that doesn’t mean that it’s okay to use. One of the biggest dangers of using outdated technology is that it can lead to a data breach.

Outdated software and hardware no longer receive vital security updates. Updates often patch newly found and exploited system vulnerabilities. No security patches means a device is a sitting duck for a cybersecurity breach.

Approximately 1 in 3 data breaches are due to unpatched system vulnerabilities.

Important reasons to keep your technology updated to a supported version are:

• Reduce the risk of a data breach or malware infection
• Meet data privacy compliance requirements
• To keep a good reputation and foster customer trust
• To be competitive in your market
• To mitigate hardware and software compatibility issues
• To enable employee productivity

Older systems are clunky and get in the way of employee productivity. The efficiency of your employee is only as good as the technology they are working on. Slower machines mean a decrease in progress which can negatively impact your business over time. 

Dig you know that 49% of surveyed workers say they would consider leaving their jobs due to poor technology?

Following is a list of outdated technology tools that you should replace as soon as possible. Are any of these still in use within your business?

Get Rid of This Tech Now If You’re Still Using It

1) Internet Explorer

Internet Explorer (IE) used to be the number one browser in the world. But, over time, Google Chrome and other browsers shadowed it out. Including its replacement, Microsoft Edge.

Microsoft began phasing out IE with the introduction of Microsoft Edge in 2015. In recent years, fewer applications have been supporting use in IE. The browser loses all support beginning on June 15, 2022.

2) Adobe Flash

Millions of websites used Adobe Flash in the early 2000s. But other tools can now do the animations and other neat things Flash could do. This made the tool obsolete, and Adobe ended it.

The Adobe Flash Player lost all support, including security updates, as of January 1, 2021. Do you still have this lingering on any of your computers? If so, you should uninstall the browser plugin and any Flash software. 

3) Windows 7 and Earlier

Windows 7 was a very popular operating system, but it’s now gone the way of the dinosaur. Replacements, Windows 10 and Windows 11 are now in widespread use. The Windows 7 OS lost support on January 14, 2020.

While it may still technically run, it’s very vulnerable to hacks. Microsoft Windows OS is also a high-value target for hackers. So, you can be sure they are out there looking for systems still running this obsolete version of Windows.

4) macOS 10.14 Mojave and Earlier

Because of the cost of iMacs and MacBooks, people tend to hang onto them as long as possible. Once these devices get to a certain point, updates no longer work. This leaves the hardware stuck on an older and non-supported macOS version.

If you are running macOS 10.14 Mojave or earlier, then your OS is no longer supported by Apple and you should consider an upgrade.

5) Oracle 18c Database

If your business uses Oracle databases, then you may want to check your current version. If you are running the Oracle 18C Database, then you are vulnerable. Breaches can easily happen due to unpatched system vulnerabilities.

The Oracle 18C Database lost all support in June of 2021. If you have upgraded, then you’ll want to keep an eye out for another upcoming end-of-support date. Both Oracle 19C and 21C will lose premiere support in April of 2024.

6) Microsoft SQL Server 2014

Another popular database tool is Microsoft’s SQL. If you are using SQL Server 2014, then mainstream support has already ended. Plus, in July of 2024 all support, including security updates will stop.

This gives you a little more time to upgrade before you’re in danger of not getting security patches. However, it is better to upgrade sooner rather than later. This leaves plenty of time for testing and verification of the upgrade.

Get Help Upgrading Your Technology & Reducing Risk

Upgrades can be scary, especially if everything has been running great. You may be afraid that a migration or upgrade will cause issues. We can help you upgrade your technology smoothly and do thorough testing afterward. You can also contact Databranch today at 716-373-4467, [email protected] , or fill in the form below  to set up a vulnerability assessment.

Article used with permission from The Technology Press.

Read More

Public networks expose your business to security threats. Switching to a VPN can greatly help in reducing those threats.

Many companies rely on public networks for communication and data sharing. It allows them to cut costs and allocate their funds elsewhere. 

However, it also raises several security issues. 

For starters, the network provider might be monitoring the activity, which gives them access to customer details, emails, and critical files. As a result, sensitive information can end up in the wrong hands, compromising the organization’s reputation. 

Another potential consequence is losing access to bank accounts, credit cards, and invaluable resources. These issues can lead to huge losses for any business.

Your business might be facing the same risk whenever a team member connects to a public network. 

To eliminate it, you need to switch to a virtual private network (VPN). They offer online anonymity and privacy, enabling you to conduct your operations away from prying eyes. 

Still, you can’t go for just any VPN. This article features the 10 factors to consider when choosing the right one.

The 10 Factors for Choosing a VPN

Factor 1. Location

The location of your VPN servers is essential for a few reasons. 

For example, the greater the distance between your server and your business, the higher the chances of facing latency issues. That’s why to ensure a seamless surfing experience, stick to the nearest server available. 

Furthermore, you can also consider a VPN from the same place as the content your team needs to access to overcome geographic restrictions. If your work requires research from the UK, for example, find servers from that country. 

Factor 2. Price

Using free VPNs might be tempting, but they deliver a lackluster experience. To start with, they can log you out of internet activities and are often chock-full of disruptive ads. 

You’re much better off investing in a paid platform. They come with various robust features, a larger number of servers, and configurations to bolster your security. 

Factor 3. Device Compatibility

Another detail you should consider is the compatibility of your VPN.

In most cases, you need software that can work with several devices, such as your smartphone, laptop, and tablet. Otherwise, cross-platform work will suffer.

Factor 4. Capacity

Before choosing your VPN, make sure to determine the amount of data you can use. That means if your operations warrant tons of online resources, you should pick a solution that supports considerable data allocation. 

Moreover, check the number of online servers. The higher the number, the more efficiently your platform can support resource-intensive tasks. 

Factor 5. Protocol Support

Protocols are rules that stipulate connections between the client (software on your device) and the server. 

There are different protocols, but the most widely used ones include PPTP, OpenVPN, IPSec, SSL, SSH, and SSTP. Each offers varying speeds and levels of security, both of which are vital to your company. 

For instance, OpenVPN is an open-source protocol and one of the safest options for enterprises. It runs on 256-bit encryption keys and advanced ciphers, offering robust protection against cyberattacks. Plus, it features excellent firewall compatibility.

Factor 6. Data Logging Policies

VPNs log user data to streamline customer support and limit available connections. However, you need to consider what information they’re logging. 

In most cases, this includes session times and IP addresses. But some providers can also log your software, downloaded files, and web pages you visit. 

When looking for a suitable VPN, be sure to read the data logging policy to determine the information the app will store. You should also verify the company is transparent; if someone tries to deceive you, turn down their offer. 

Factor 7. Availability of a Kill Switch

No cybersecurity measure is fail proof – VPNs are no exception. Overloaded platforms can trigger IP leaks, interrupting your private connection and exposing your true address when online. 

To avoid this scenario, look for platforms with a built-in kill switch. It disrupts your devices’ access to the internet in case of IP leaks. The kill switch stops transfers of unencrypted information and can help prevent cybercriminals from obtaining your data. 

Factor 8. Updates

Your VPN provider needs to roll out regular updates to ensure you can perform your operations safely and efficiently. 

If they don’t openly specify the update frequency on their webpage, find out when the last update was on your app store. It should give you a clue on how frequently the updates get sent out.

Factor 9. Centralized Management

Centralized management enables you to control VPN distribution more easily, allowing you to manage access permissions and user accounts. Some of the best apps even feature gateway or role-based access management. It permits users to access only those segments of the network they need to perform their jobs. 

Another important consideration here is control from your console. IT administrators should have permission to open and delete accounts as well as check the devices linked to the platform. 

Lastly, your organization might benefit from VPNs with IP whitelisting. They allow administrators to approve the IP addresses of your enterprise to ensure only members with a verified IP can use corporate resources. This feature provides granular control over network accessibility.

Factor 10. Customer Support

Customer support might be the most significant factor. Your provider should be easy to contact through different portals such as telephone and email. 

Easy accessibility lets you inform the VPN developer about various issues. For instance, they can help restore your network if it goes down and prevents unwanted exposure. 

Most client support teams are highly accessible, but make sure to verify this by reading customer reviews. 

SAFEGUARD AGAINST CYBERATTACKS WITH A BULLETPROOF VPN

Loss of data can happen at any time, which can give your competitors the upper hand and tarnish your reputation. Switching to a VPN can greatly increase your businesses cybersecurity. Users will also need to enable multi-factor authentication when they are connecting to a business network via a VPN connection, and Databranch can help identify and configure the best solution.

Contact us today at 716-373-4467 x 15 or [email protected] if you would like to discuss your VPN options. You’ll also want to patch up any other cybersecurity vulnerabilities and we can help you make that happen. 

Article used with permission from The Technology Press.

Read More