cloud backup and recovery service

When an incident occurs, your team immediately shifts into overdrive. However, are you confident that each action they are taking contributes to getting your operations back online as swiftly as possible? It’s all too easy to get caught up in panic mode, thinking about all of the systems that need to be restored or quickly shifted with revised processes. Having a robust cloud solution might guarantee that your data storage is safe, but that doesn’t bring your operations back online in the event of a major cybersecurity incident or another type of disaster. When you bring together a robust backup disaster recovery process with your cloud solutions, you are ensuring that your business operations can be efficiently restored when you need them. This takes your resilience a step beyond data recovery and ensures that your digital assets have greater availability over time.

Enhanced Security Standards for Cloud Solutions

It’s not unusual to have questions around cloud security, particularly as you’re considering shifting operations from on-premise to the cloud. While the fundamental infrastructure of most cloud solutions are secure, there are often required steps that must be taken by customers or IT service providers to ensure the long-term security of the applications and data structures that are stored within the cloud. Gartner recently estimated that up to 99% of cloud-based security breaches will be caused by such vague issues as “misconfigured databases” or other preventable security failures. When you combine advanced backup disaster recovery (BDR) with cloud-based solutions, you’re defining a more active strategy that will help protect your organization in the future.

Creating IT Resilience in a Cloud-Based World

Simply shifting your strategies to cloud-based storage and business applications is not enough to ensure business continuity. Instead, your internal team and external IT partners will need to form a cohesive and comprehensive strategy that pulls together operations throughout your organization for BDR. Data recovery is often considered a “first step” in disaster and recovery scenarios, but this will never be enough to reboot your operations after a cyberattack or other disaster incident. Leading BDR and cloud vendors recommend a three-tiered approach that includes:

  • Maximize cross-infrastructure tools for resilience. With many companies shifting some or all of their operations to the cloud, there are still significant amounts of information and processing accomplished on-premise. Knitting together these two storage and application strategies is a vital component of IT resilience.
  • Prioritize testing and compliance. Having the right standards in place “in theory” will not help your organization be successful during and after an expanded incident. Your team needs to be well-versed on the specific processes to launch — and when they should be launched — as well as ensuring that team members are clear on communication standards and practices.
  • Invest in staff training. Few activities are performed in a void, which is why staff training and testing are of the utmost importance. Staff members that are clear and confident in their roles are much more likely to be successful and help reduce the amount of downtime experienced by your organization.

Putting strategies and processes in place for BDR can help reduce the amount of IT downtime your company experiences. With per-minute costs for IT downtime soaring up above $5,600 for a small business, reducing downtime is a crucial aspect of your IT planning strategies.

Creating a secure, reliable, and compliant infrastructure for your business requires concerted and ongoing effort on the part of your internal IT team and your external technology partners. The professionals at Coretelligent are well-versed in the complexities facing life sciencesfinancial services and other companies with rigorous standards for their technology infrastructure. Each of our IT, project management, and support experts are dedicated to ensuring your business success by creating robust security strategies using industry-leading solutions. Contact our team at 855-841-5888 or via email to info@coretelligent.com to learn more about how our backup, disaster and recovery solutions support a more secure infrastructure in the cloud.

Laboratory glassware containing chemical liquid, science background

The past few years have been vibrant ones for life sciences organizations, with nearly 100 IPOs per year fueling significant growth and changes in the sector. The refinement of data-driven technologies, machine learning and AI is creating a perfect environment for growth and revolutionary change that only shows signs of accelerating in the future. While many of these organizations quickly expand beyond expectations, most had humble origins that required a startup mentality before significant advances were made with approved funding. Here are a few of the IT solutions from Coretelligent that will support your life sciences organization at each stage of your expansion from inception to IPO.

Creating Affordable, Scalable Solutions for Life Science Organizations

Few companies have thousands of individuals and multiple locations from inception. It takes time to create a complex ecosystem, but it’s vital that you begin an organization with the correct building blocks or you will quickly find your company hitting technical roadblocks. Having an idea of the potential scale of your organization and sharing that information with your IT managed services provider and technical staff allows them to define the robust and scalable infrastructure that will support smooth growth over time while protecting the important intellectual property that will eventually be stored and utilized within your life sciences entity. With the increased competition in the marketplace and the appealing nature of life sciences organizations for cybercriminals, maintaining high levels of security is an important start to your success.

Establishing Office Setup and Relocation

There’s much more involved with creating a secure and well-structured business environment than simply running cords to connect a network. Structured cabling offers the grid capabilities for upgrade and changes that will help provide a springboard for growth for your organization. During this crucial phase of your early operations, the decisions that you make can have a profound impact on how quickly you are able to scale as well as the costs associated with making changes in the future. When you involve knowledgeable IT professionals early in the process, you’re able to gain the peace of mind knowing that your infrastructure can stand the added pressure and complexity over time. Having secure wired and WiFi connections throughout your space will help boost efficiency over time, particularly when you consider the heavy data demands of a life sciences organization.

Defining Highly Secure, Cloud-based Solutions

Secure and convenient access to information can be a differentiating factor for many organizations, something that is particularly true for life sciences companies where real-time data and immediate analyses are often daily requirements. Human-machine collaboration will grow in importance over time as technology evolves, creating a compelling need for data that is always up-to-date and accurate. Cloud-based solutions for data storage and business applications help ensure that sensitive information is fully protected and accessible, tightening the connections between data and applications while maintaining exceptional levels of protection for individuals and intellectual property.

With a solid background in supporting growing life science organizations, the experts at Coretelligent have the knowledge and experience required to help make your firm a success. Our team of technical and business professionals will support each stage of your journey from inception to IPO, ensuring that you have the solutions and support needed to fuel your growth. Contact the technical and business professionals at Coretelligent at 855-841-5888 or email info@coretelligent.com to schedule your complimentary initial consultation.

Video Call Facetime Chatting Communication Concept

With Americans working from home at an unprecedented rate with very little notice, some staff members are looking for options that allow them to continue their work — often without gaining the input or recommendations of their IT teams. The recent shift to a fully remote workforce has moved the spotlight of cybersecurity over to many of the audio and video conferencing platforms that we rely on now more than ever. One of these platforms being Zoom, a very popular video-conferencing application that many of our customers leverage daily. While Zoom is used by millions of individuals each week, it’s vital to keep in mind that there are some potential risks associated with this easy to use freemium software without taking advantage of some common configuration and security settings to secure your meetings and usage on the platform.  It is also important to note that this particular issue is not necessarily unique to Zoom, and can also occur on other platforms where meetings are not appropriately configured.

Zoombombing: How Can You Mitigate This Issue?

With the news alight with issues of individuals popping into Zoom meetings with hate speech, pornography and simply being disruptive, the security of the Zoom communications platform has taken more than its share of heat in recent weeks. While there are admittedly a few challenges to consider when you are holding remote meetings, the good news is that the team at Zoom is being incredibly responsive to the needs of the user base, taking swift action towards resolution. Here are suggestions that will help maintain your security — and patience! — during a workday heavy with remote meetings.

What is Zoombombing?

While it may sound like a fun term that means having your kids or pets pop into the back of your video conference during an important call, Zoombombing is actually a much more serious security flaw with this popular video conferencing platform. Unfortunately, Zoom meetings can be “broken into” by unauthorized attendees; individuals who are simply doing a web search for URLs that contain “zoom.us” and then joining the meetings. Other companies are publicly posting links to Zoom meeting rooms on corporate websites and social media, providing a virtual welcome mat for uninvited guests. While these issues are troubling, there are additional security flaws within Zoom that need to be addressed to keep your organization’s cybersecurity intact.

Stay Aware of Issues to Prevent Zoombombing and Boost Security

There are some ways to mitigate the possibility of Zoombombing and ensure that your company communications remain secure. This type of intrusion is very troubling for organizations because someone entering the meeting without prior authorization could capture screenshots, audio recordings or disrupt the meeting with unwanted messaging. Zoom has advanced privacy and security settings that will help keep unauthorized individuals out of your Zoom meetings, including:

  • Enable meeting passwords by selecting the “Require meeting password” under the ‘Meeting Options’ area within Zoom
  • Turn on the waiting room feature, which allows the host to control how and when others enter the meeting space
  • Disable the ability for others to join before the host is there to moderate the conversation
  • Under ‘Advanced Sharing Options’ on the ‘Share Screen’ area, ensure that ‘Only Host’ is marked in the ‘Who Can Share’ area to limit the possibility that others could take visual control of the meeting
  • Reduce the possibility of exposing your Zoom password in Outlook by only scheduling meetings using the Zoom Outlook plug-in (keeps your password hidden from others viewing your calendar)
  • Immediately remove unwanted attendees from your webinar or Zoom meeting by navigating to ‘Manage Participants’ ‘More’, selecting the individual’s name and then clicking ‘Remove’
  • Once all attendees have joined your meeting, the host can ‘Lock’ the meeting by selecting ‘Manage Participants’, ‘More’ and ‘Lock Meeting’

While these steps may not block every potential security risk, they can help your team have more control over the possibility of Zoombombing and improve the overall security of your private corporate meetings.

Zoom has also published a helpful security reference that we strongly recommend you review as well. Click here to view.

Zoom Client and Platform Security Concerns

While there has been a fair amount of recent coverage in the news and online about Zoom’s security, the company has moved quickly to mitigate any issues that were found. They have even gone so far as to pause all other development efforts to focus on other challenges as they arise and to be sure they’re managing expectations and maintaining a reliable platform as usage continues to rise. Here are a few of the security issues and what is already in process in terms of resolution.

MacOS Physical Access Flaw

One flaw discovered was for MacOS, where an attacker with physical access to a Mac running Zoom could inject code into the Zoom Installer allowing it to obtain “root” permissions, the highest available permissions on a computer. Malware installed in this manner would essentially have full access to the system and inherit any permissions that the Zoom client has such as Audio and Video access. At the time of this writing it remains unpatched but luckily requires physical access to the device making this vulnerability much more difficult to exploit – especially with everyone staying at home.

Potential Windows Credential Leak

Security researchers recently discovered a flaw in the way the Zoom chat handles URLs. It was discovered that while chatting with a nefarious person, that individual could send you a link to a UNC Path (such as \\192.168.1.1\SharedFolder) and Zoom would convert this to a clickable link. When clicked, your Windows computer would automatically try and authenticate to it, sending this potentially malicious system a hashed version of your computer’s password. Luckily, Zoom has pushed an update to the Windows client addressing this concern that is available for download here. If you have automatic updates enabled, you should receive a popup asking you to install the update.

Zoom Sharing Analytics with Facebook

Most people would be surprised about the level of analytics that is being captured by Facebook and other social media platforms. In an issue that was immediately resolved by Zoom, the iOS application for mobile was found to be sending analytics data to Facebook, even if you did not have a Facebook account. This incident, according to Zoom, was due to the use of Facebook’s iOS SDK used for allowing users to “Login with Facebook” a popular method for non-enterprise users to create a Zoom account. This was addressed and fixed by Zoom once it was brought to their attention, and Zoom also recently shut down a LinkedIn integration that the company felt was sharing too much information with the popular networking platform.

Zoom Leaking Photos and Email Addresses for Free Users

In perhaps the most troubling of their grievances, Zoom has a feature called Company Directory that automatically builds a list of all people who share the same domain name. For instance, if you signed up for Zoom using an @coretelligent.com email address you would be added to that directory. Zoom maintains a blacklist of domains that are publicly used such as Gmail, Hotmail and Yahoo, but with new domains being created every day it is hard to stay ahead of the curve. Fortunately, this feature does not present additional dangers to most organizations as your company most likely does not provide free and public email addresses to those outside of your organization.

Understanding Zoom’s Encryption Technology

There have been recent articles around the internet calling out Zoom for potentially misleading marketing surrounding their encryption practices. Even though Zoom has traditionally marketed their “end-to-end encryption”, the platform does not use full end-to-end encryption on its video and audio calls. End-to-end encryption is a technology where the audio or video is encrypted in transit from one user directly to the other user. Currently, Zoom calls are encrypted in transit but all go through Zoom servers, meaning that there is a point where that information can be decrypted. For those concerned with the potential privacy implications, Zoom addressed this encryption misunderstanding in their own blog post where they stated: “Zoom has never built a mechanism to decrypt live meetings for lawful intercept purposes, nor do we have means to insert our employees or others into meetings without being reflected in the participant list.”

If you have questions or concerns about Zoom or other telecommunications technology that your teams are using during the period of social distancing due to COVID-19, do not hesitate to reach out to the professionals at Coretelligent. Our team is prepared to help organizations of any size ensure that you have the secure and reliable infrastructure that you need during the expanded remote work environment and beyond. You can reach our team of technical experts by calling 855-841-5888 or via email to info@coretelligent.comto schedule your complimentary initial consultation. You can also view our free resources and recommendations with details on how to maintain critical business operations during the current coronavirus crisis online.

Cybersecurity Recommendations

Between concerns of Iranian attackers disrupting computer systems and criminal cyber-gangs ransoming your data for cryptocurrency, cybersecurity threats can quickly become an overwhelming challenge for your organization to stay abreast of. Here is a list of our Top 10 recommendations and best practices that can help better protect your business from these rapidly evolving cyber threats!

1. Perform Regular Penetration Testing

Do you know where any gaps exist in your current IT infrastructure?  Are there critical flaws in vendor software that need to be patched? Are your existing security controls adequate? The best way an organization can answer these questions is through regular Penetration Testing.

Penetration Testing, widely known as just pen-testing, is a security assessment, analysis, and progression of simulated attacks on a network, system or application to test its overall security posture. The objective is to penetrate an organization’s security defenses by looking for weaknesses or flaws that a malicious attacker could exploit to impact confidentiality, integrity, or availability.

The detailed reports created by these pen-testers will provide insight into the effectiveness of your security controls and give recommendations based on the findings of the engagement.

2. Create and Enforce a Patching Schedule

Patches are pieces of software that address one or many vulnerabilities and/or bugs that are discovered in a particular system, network, protocol or application. By regularly maintaining the highest/latest available patch level of a system you dramatically reduce the likelihood that the system will be able to be attacked and compromised. While some hacking groups (most notably the Nation-States) may have Zero-Days, which are vulnerabilities that have yet to be addressed, regular installation of patches and updates will help prevent your organization from becoming an easy target.

3. Regularly Provide Staff with Training

Even the most secure systems in the world all share at least one serious vulnerability; an uninformed user. While Phishing accounts for some 90% of all data breaches, many organizations do not have adequate awareness training for their users.

Phishing emails are not as hilariously obvious as they once were, and attackers are getting more creative and believable every day. Making your users aware of the threats that exist, getting them to understand how to identify those threats and clearly defining a path for reporting them is a must.

The best way to mitigate the risks of phishing is through Security Awareness Training. Regularly talking to your employees about the latest scams and exploits of the internet will help foster an internal culture of security awareness.

4. Actively Monitor Your Infrastructure

Even if you do everything “right” there is always the possibility that you may suffer a cyber event or data breach. With the average cost of a data breach projected to exceed 150 million dollars in 2020 and with 43% of all cyber attacks targeting small to medium-sized businesses, there is no better time to keep a close eye on your infrastructure. Proactive monitoring of computer networks for anomalous activity could signal a data breach unfolding in real-time.

By leveraging managed SIEM/SOC (Security Information and Event Management / Security Operation Center) services, this provides a tremendous force multiplier for your organization to detect and respond to security events in real-time and prevent a breach from occurring.  With a solution such as Coretelligent’s CoreArmor platform, trained Security Analysts are able to flag, review, and act on these events in real-time, minimizing the impact and scope of a data breach dramatically.

While most companies take nearly 6 MONTHS to discover a data breach, proactive review, and monitoring is critical to your organization’s security posture.

5. Perform Vulnerability Testing

Vulnerability Testing is one of the best ways to validate that your patching schedule is effective and working as expected. A vulnerability scan can detect and classify system weaknesses in computers and networks and can predict the effectiveness of countermeasures, giving you regular insight into the vulnerabilities that may exist inside of your organization.

There are two main types of vulnerability scanning: authenticated and unauthenticated scans. The authenticated scan reveals vulnerabilities that are accessible to someone with credentials, while an unauthenticated scan, the scanner is run as an intruder would, without trusted access to the network. Such a scan reveals vulnerabilities that can be accessed without logging into the network or systems.

6. Have and Regularly Test a Disaster Recovery/Business Continuity Plan

Having only one copy of an organization’s data presents a substantial risk. Losing business data to human error, ransomware, system failure, natural disaster, or other potential threats could mean that it is gone forever, with disastrous results to the business. Protecting the integrity and availability of data is just as important as ensuring the confidentiality of that data. The regular off-site backup of information is critical business viability in the event of a disaster.

Regularly testing those backups through restore testing is also a critical part of identifying problems such as potential downtime in a disaster or data corruption. The last thing you want is for the data to be unusable when you need to restore it.

In regards to backups, a simple strategy to remember is the “3-2-1 rule”, this states that you should maintain at least 3 copies of your data at all times, on 2 different storage mediums or platforms (disk/tape, etc.), with at least 1 of them being off-site/remote from the primary location.

7. Draft and Enforce Cybersecurity Policies

Cybersecurity Policies come in all different shapes and sizes and can cover a wide variety of topics and organizational controls. Having and enforcing policy such as a Written Information Security Policy, Incident Response Plan, Data Destruction Policy and more show your employees, stake holders and regulators that you’re taking Cybersecurity seriously. These types of policies remove the guess work during an incident and allows an organization to assign roles and responsibilities, set expectations, plan for different types of scenarios, and contemplate tough decisions in advance rather than amid a crisis.

8. Deploy a Multi-Factor Authentication Solution

A strong Multi-Factor Authentication solution such as iDaptive or Duo, helps mitigate the risks of password reuse and brute-force attacks by adding a second (and sometimes third or fourth) method to authenticate with, making knowing only the password useless as you would also need access to whatever that second factor is. While attacks on organizations have become more complex over the years, basic attacks, such as email phishing, that can be done by almost anyone are still rather effective ways of gaining access to an organization’s most sensitive and critical information.

Protecting systems such as Remote Desktop and VPN as well as Cloud providers with Multi-Factor is an effective way to mitigate against these types of risks.

9. Take Better Care of your Passwords

Passwords protect access to an unbelievable amount of data and yet over 70% of employees reuse poor passwords at work! A 2018 study showed that while 91% of those polled know that reusing passwords is poor practice, 59% of them reuse the same passwords everywhere.  Password reuse and poor password policy are a growing problem and organizations can do more to combat this!

Businesses can leverage technologies that check passwords against known-bad and leaked password databases, ensure that your users are not making use of an easy to break password. Making sure that “Password Complexity” is enabled only does so much, leveraging the products can help make it so that users don’t have “Summer2019!” as a password.

The National Institute of Standard and Technology (NIST) publicly makes available many different standards including Password Guidelines covered in NIST SP 800-63 which presents the following recommended guidelines:

  • 8 character minimum
  • All ASCII characters (including space) should be supported
  • Allow at least 10 password attempts before lockout
  • No complexity requirements
  • No password expiration period
  • No password hints
  • No knowledge-based authentication (e.g. who was your best friend in high school?)

10. Conduct a Cybersecurity Assessment

A Cybersecurity Assessment provides insight into the types of risks that face your organization and whether the cybersecurity controls that are in place are effectively mitigating those threats. A cybersecurity assessment works by identifying, analyzing, and evaluating various information assets and identifies the various risks that could affect those assets.

Typically, a risk evaluation is completed as part of the overall cybersecurity assessment with the identification and reporting of compensating controls that would address the discovered risks. It is essential to continually review the risk environment to address any changes made and to maintain an overview of the organization’s overall security posture.

If there’s one thing we know by now, it’s that it’s an almost criminal understatement to refer to technology as a “complex field.” Worse, it’s a field that’s self-catalyzing; every new development spawns new developments of its own. Those new developments spawn their own and so on to the point that, by the time you’ve learned the first one, most of what you’ve learned is moot. Disaster recovery is one such technology, and many times, it’s mistaken for a variety of other technologies. So let’s take a look at disaster recovery and how it compares to many technologies that are often similar but aren’t the same thing.

Disaster Recovery and Business Continuity

Disaster recovery and business continuity do share some commonalities, but also several differences.

One a part of the other.

Business continuity is actually a larger proposition than disaster recovery, making disaster recovery actually part of business continuity. Disaster recovery sets forth rules on how a business will recover from a disaster, but business continuity describes how a business will carry on after a disaster.

Different methods. 

Since disaster recovery is designed to get a business back on its feet, it’s accomplished much differently than business continuity, which is designed to get a business going beyond the disaster. Using disaster recovery methods as business continuity planning is actually under-planning significantly; it’s effectively the same thing as saying, “The disaster is over; business-as-usual starts now.”

Disaster Recovery and Backup

Here, the problem is reversed. Whereas disaster recovery is a part of business continuity, backup is a part of disaster recovery.

One part of many. 

Backup by itself is not really a disaster recovery plan, because it fails to address a range of issues that may be part of disaster recovery. For instance, if you have system backups, how do you control access to them? If you’ve had a disaster that makes your offices temporarily uninhabitable — a fire, flood or so on — what do you actually do with your backups? That’s the biggest difference between the two.

Backup has parts too.

It may get even more confusing, but backup isn’t just backup. There’s file-level backup, which addresses files, and there’s server-level backup, which also includes software and server configurations used. If you’ve only engaged in file-level backup, how do you access the files? You no longer have the software used to create the files in question. So backup has to go beyond the file-level unless all the software you’re using is common, off-the-shelf tools commonly seen in small businesses.

Disaster Recovery and Incident Response

Here, the differences get a little finer. Disaster recovery and incident response are both parts of business continuity, but since they’re both separate parts of a greater whole, they each have key differences.

Specialization vs. generalization.

Incident response is designed to be what the name implies: a plan to respond to a specific incident. This incident can be related to systems, like a ransomware strike or a hacker attack, or to natural disasters like fire and flood. Disaster recovery, meanwhile, goes a bit beyond that. Whereas an example of an incident response would be to grab a fire extinguisher and put out the fire, disaster recovery would involve hiring a cleanup team to get the ash and foam clouds off the floor and put out a press release saying we had a fire but everything’s all right now.”

Duration. 

Since incident response is so specific in its nature, it also doesn’t last long. Incident response effectively lasts for the duration of that one incident. It doesn’t go beyond that. Once the incident is addressed, disaster recovery kicks in to take over the rest. Disaster recovery can go on long after incident response has finished its job.

Disaster Recovery and DRaaS

This is a very fine point, but it’s a point worth making. DRaaS actually is disaster recovery; that’s what the DR stands for. It’s disaster recovery as-a-service. But it’s that “as-a-service” part that makes all the difference here.

Location, location, location.

Since DRaaS is offered “as-a-service,” that means it’s being offered by another company, generally on a cloud basis. Disaster recovery, meanwhile, can be subcontracted out, or it can be maintained in-house. Disaster recovery can use as-a-service elements, but it doesn’t depend on these exclusively. That can allow companies more flexibility in terms of what they address or don’t address in their disaster planning.

Degree of difficulty.

Engaging in in-house disaster recovery, depending on what disasters you’re looking to recover from, can be a hazardous process. Many businesses actually aren’t comfortable engaging in disaster recovery, as it requires the use of several IT best practices. DRaaS, meanwhile, calls for far less technical expertise because most of it is required on the service provider’s end of things. Better yet, DRaaS can provide interval operations. While disaster recovery has to be actively conducted at certain points, DRaaS can be pre-set at certain times to work whether you remember to do it or not.

Cost savings.

One major difference between disaster recovery and DRaaS is cost. While DRaaS requires a certain amount of costs, and sometimes recurring costs, disaster recovery requires hardware purchases. Infrastructure has to be established and sometimes at a remote location. What’s the point of having all your disaster recovery materials in the same place that just had a disaster? It’s like storing your backup files on the same server as the originals. What do you do when that server goes down?

What to Do When You Want the Best in Disaster Recovery

We’ve had a good look at what disaster recovery is and isn’t, and when you want to improve your stance in disaster recovery, the best place to start is by dropping us a line at Coretelligent. We provide data recovery, systems recovery, and recovery management options to help you get back on your feet when a disaster strikes. So when you’re ready to protect your systems by making sure they’re ready to bounce back when something happens, get in touch with us to get started.

The mid-sized business is a unique and often improperly appreciated animal in the business field. Its goals, concerns, and even threats are wholly different from those seen at the small business and enterprise levels. Too often, mid-sized businesses are lumped in with small businesses to be part of the SMB monolith, even when the mid-sized business faces much different issues from its smaller cousin. As such, the cyber security priorities for the mid-sized business are fundamentally different from those seen elsewhere.

What Should Mid-Sized Businesses Prioritize in Cyber Security?

Mid-sized businesses have some of the biggest cyber security problems around. They have more resources than their smaller brethren, yet they often don’t have the kind of high-end security profiles their larger counterparts do. This combination of a fatter prize than a small business and lower protection than an enterprise makes it a clear target for hackers. So there are some key points in particular to watch out for that should make for cyber security priorities.

Improving leadership. 

This isn’t the kind of problem that can be fixed with software. This is the fundamental basis of cyber security priorities in any business, and without that leadership and strategy, the very will to protect the business, nothing else will do. Don’t listen to the voices that say “We’re not big enough to be a target.” or “We can’t afford proper security right now.” Instead, develop leadership, develop strategy, and start focusing on the protection your business needs right now. Knowing your biggest risks, and how to respond to these, helps ensure you have the right plan going forward. Only proper leadership will be able to determine that plan.

Improving strategy. 

This is also another problem that can’t be fixed with the judicious application of software. The National Center for the Middle Market revealed that 30% of firms studied had no action plan at all, and over half had an action plan, but it hadn’t been updated in years. That’s at least 80% of firms whose security is lagging. Are you one of them? Answer that question honestly, then get your plan in place to address the modern threats in the landscape.

Regularly updating current plans.

Not being up to date in security is actually worse than having no plan at all. While the lack of any plan might spur businesses to develop and activate better protections, the lack of an updated plan provides not only a failed response to current hacking methods, but also a sense of false security that prevents the plan from being analyzed and modified according to conditions on the ground. A faulty plan encourages entropy and the natural desire to leave well enough alone. That’s a desire that could cost your business everything.

Getting the right materials in. 

451 Research study found that 82% of businesses spend anywhere between 20 and 60 hours of staff time per week just on finding, implementing, and managing various security products. That’s a lot of time spent on merely finding the right materials, so try and trim that by keeping to a strategy as much as possible. There’s some value in being prepared to try something new and different—as well as not being hidebound to one particular plan—but without at least some kind of focus, there’s a lot of room for waste. Work to make sure you have some time to experiment and research, but sticking to the plan will have more immediate payoff.

Getting the right people in.

A McKinsey report found that the best performers are fully 800% more productive in “highly complex occupations.” There are few occupations more complex than cyber security, so be sure to push for the very best in your hiring. As Steve Jobs once remarked: “Go after the cream of the cream. A small team of A+ players can run circles around a giant team of B and C players.” Having the right people helps assure team cohesion, and that you’re not scrambling to replace a lost employee in the middle of an extended fight on the hacker front. That’s not to say you won’t lose people from time to time—even in the best environment, sometimes there’s a better offer—but by doing what you can to prevent such things, you’ll give yourself the best chance at success.

Effectively address issues of return on investment.

It’s not easy to quantify the value of cyber security priorities. We all know they’re valuable, but being able to say just how valuable is a tall order. With workloads increasing and budgets not doing likewise—especially in the IT department—it is a particular challenge to execute any of the items previously noted. You can’t get the right people if you have to fire someone to hire someone new. You can’t get the right materials if there’s a spending freeze. You can’t effectively plan for the future if you’re spending all your hours putting out fires. Nothing on this list can be accomplished without the direct support of the C-level staff, and without adequate explanations of return on investment, that support will never materialize.

How to Take These Cyber Security Priorities and Act on Them

Now that you have a better understanding of what qualifies as cyber security priorities for the mid-sized business, you have a responsibility to your business to act on these priorities accordingly. The best place to start is by getting in touch with us at Coretelligent. Our 4-Layer Security Stack system offers some of the best coverage around for a network, helping users better determine what parts should be included in a system, and how these can work together to produce the best overall security system. Mid-sized businesses, your security needs are unique. Act on this fact accordingly and drop us a line today to make your unique business as well-protected as it can be.

Coretelligent logo & three professionals working at computer

Cyber security is a vital component of all our everyday operations. Being ready to protect your business against a host of potential threats in order to carry on with normal functions has never been so important. While many focus on interdicting threats and rebuilding after a threat has struck, there’s a comparatively ignored part of cyber security preparedness that more should be considering: cyber security awareness training.

What Is Cyber Security Awareness Training?

Cyber security awareness training actually isn’t far from meaning just what it says. Essentially, it’s training that focuses on various topics in cyber security that the individual employee should be aware of. Understanding these points will help businesses put forth a better security profile by addressing issues that the regular employee can act to prevent, and in so doing, make the company’s security operations more effective and more efficient.

By training employees to avoid key points of failure, some of the biggest problems, as well as a few of the most frequently-seen problems, can be avoided altogether. This means more resources available to address bigger problems, which often require larger amounts of resources to be properly addressed. There’s less diversion to address problems that may never have emerged in the first place if someone had known better.

Businesses that Should be Using Cyber Security Awareness Training

A wide range of businesses can benefit from cyber security awareness training.

Small businesses. 

Small businesses perhaps stand to benefit the most from cyber security awareness training due to their overall lack of resources. Since they have the least resources of any class of firm, anything they can do to protect themselves in advance of an attack helps prevent those resources from being used for anything short of a serious emergency.

Mid-market businesses.

Mid-market businesses occupy an unusual space. They have more resources than the small business, making them a better target, but they also don’t have the expertise of the larger enterprise business. Being a more tempting target with less capability to defend means the mid-market business will be especially vulnerable. Protecting against some of the simpler problems will, again, make sure necessary resources are on hand to defend against that which isn’t so readily stopped with training.

Businesses under federal regulation.

Both Sarbanes-Oxley and Payment Card Industry (PCI) regulations tend to reflect the fact that the human is the greatest point of failure in a security program. Training, therefore, helps address this fact, shore up the weaker link, and help ensure the small problems that serve as a drain on resources are addressed the fastest.

Businesses with customer-facing operations. 

The costs of a data breach vary from business to business, but any kind of data breach has costs both immediate and enduring. Preventing these breaches from taking place whenever possible means a direct cost savings, and with the right kind of cyber security awareness training, businesses can better insulate themselves against attacks and reduce the chances of a data breach from ever taking place. That means a safer, and therefore better, customer experience, which improves the chances of customers coming back to do business with the firm in question.

What Proper Cyber Security Awareness Training Should Look Like

Not all cyber security awareness training operations are made equal. Knowing what to look for in the best ones will go a long way towards getting the best protection for the business that uses it.

Protects against the right threats. 

If the program trains employees to recognize several common threats like spear phishing, regular email phishing, ransomware, infiltration stemming from bring your own device (BYOD) operations, and the insider threat, then it’s a good chance this is the right program.

Tailored to your needs. 

Is the program personalized? Is it taking into account the threats that the individual business is most likely to see? Can it reach the employees on their current level of cyber security awareness, or is this a program geared toward the expert in a room full of beginners? Answer these basic questions and you’ll have a handle on the program’s effectiveness.

Offers measurable results. 

The old saw about not being able to manage what can’t be measured doesn’t always apply, but in cyber security awareness training, measurable results are a good point to have on hand. Determine just what it is you want to accomplish; fewer system outages, fewer spam emails arriving, or other metrics help determine just how successful a cyber security awareness training program can be.

But Does Cyber Security Awareness Training Actually Work?

With a Bromium report suggesting that large enterprises are spending an average of $290,033 per year just on phishing awareness training, it might be easy to question whether or not cyber security awareness training actually works. Compare the costs spent to the typical phishing attack—$1.6 million, based on a Cloudmark study—and the over five-to-one difference makes cyber security awareness training look well worth its salt.

However, it’s important to note that just packing the employees in big crates on wheels and forcing them into cyber security awareness training likely won’t help. This destroys engagement, and makes the employee a lot more likely to watch a clock and wait for the training to end rather than derive anything useful out of it. So to get the most out of that training—and make sure you see those five-to-one rates of return—do your best to find engaging cyber security awareness training for your employees. They need it, but they also need to want it.

When You’re Ready for the Best in Cyber Security Awareness Training

Cyber security awareness training can be one of the greatest investments you make for your business. If you’re ready to put some extra punch into your security plans, start by getting in touch with us at Coretelligent. We focus on employee awareness and can partner with both large and small firms to help provide the kind of security that can head off threats as well as respond to them. Education is a vital part of the security process; drop us a line to get started.

How to make your law firm SOC 2 compliant with minimal headaches
By Andrew Edstrom, Chief Information Security Officer

For mid-sized law firms seeking to achieve compliance with the SOC 2, NIST, or ISO 27000 controls and other standards can surface some serious pain points. This is largely due to the lack of available tools that can display the state of a firm’s compliance at any given moment. Unfortunately, more often than not, compliance is driven by someone working on a spreadsheet. There simply aren’t a whole lot of tools that can automate compliance without requiring an expert or consultant to come in and work their magic.

A Law Firm’s Pain Points

Controls and Subcontrols

But the absence of tools isn’t the only problem. There are always interpretation issues when it comes to compliance. Two people at a law firm could have two totally different takes about what a control or subcontrol specifically states.That presents a pain point because it can affect your overall compliance. One individual might believe their firm complies with a standard because they utilize wireless security controls. But another person could read the same regulation and say, “Well, we do have wireless security in place, but it’s not set up in the way the control reads.” If someone interprets a control more loosely than it actually is, that creates a misalignment of your compliance.

The Experience Issue

There’s still a big lack of cyber security and compliance personnel in the industry who are experienced and well-versed in this area as well. However, there is a rash of people rushing into the compliance space to get jobs because those positions are in the highest demand right now. And that presents another pain point: hiring the right talent — finding people who are seasoned, have the experience to deal with auditors, and who are ready to react if you have a breach.

Incident Response and Reporting a Breach

One element of your framework is having an incident response plan in place. And once you have an incident, do you report it because it’s a full-on breach of data? Or do you report it because you don’t know the effectiveness of your compliance program or don’t understand the tools that can help you prevent a breach in the first place?

When you report a breach, you’re basically putting your name out there and letting everyone know your reputation is about to be damaged. Then, you’re going to have legal costs, and you’ll likely have to engage a PR firm. Plus, you’ll probably have to make a cyber security insurance claim to cover some of your costs. And even after all of that, you’ll still have to go back and do what you should have done to achieve compliance in the first place.

So given those issues, what’s a good approach for mid-sized law firms to achieve compliance?

Step 1

The first step is to think about leadership. Having the appropriate security and compliance personnel on your team is key. But sadly, a lot of law firms aren’t willing the spend the money to hire a qualified professional. The firm might appoint a member of their staff who has dabbled in compliance, which presents a big risk. And, even worse, some law firms take a reactionary approach and don’t even think twice about compliance until an issue arises. What you need to do is get in front of any problems, instead of waiting until it’s too late.

Step 2

The next thing law firms can do — and this may seem very basic — is to document their plan and communicate it to the entire organization. They need to create a roadmap that outlines what policies you have and how you plan to meet the standards outlined in your compliance framework.

Step 3

Then, that road map needs to be reviewed by a compliance expert to audit the approach your organization has taken. This is a safety net to make sure your program is covering you the way you intended.

The Insurance Catch

I deal with business people all the time who tell me they have cyber security insurance. I always ask to see their policy, because I want to make sure they understand what their coverage provides. I translate it for them so that in the case of an event, they know what to expect. They’re often surprised that many cyber security insurance policies don’t cover insider threats. So if a firm has an internal employee that poses a threat, the law firm will have to pay for the recovery if it’s not specifically written in the policy.

Fortunately, Coretelligent helps law firms specifically overcome these issues. We have experience with multiple frameworks in multiple industries, so we’re exposed to a lot of scenarios most people never see. We encounter compliance issues that don’t just affect law firms but affect all sorts of industries. Our ability to take our experiences across multiple industries is the core of the value we deliver. We bring tools to the table that can simplify your compliance framework and your compliance journey in general.And we help take the confusion out of compliance by explaining it in a way any organization can consume it and make it a part of their natural culture.

Centralized Compliance Platform

Coretelligent uses a centralized compliance platform to manage your compliance journey. This software makes it easy to successfully implement security frameworks and achieve compliance with any compliance standards your organization is working to meet. Essentially, this online dashboard allows users view their compliance status in real time. You can do compliance budgeting against it and share access with auditors or third parties to review what gaps you may be covering. It’s a pretty remarkable program, and the interface is easy enough for any organization to use.

When it comes to compliance, each industry is unique, and each framework has its own nuances. Yet our approach remains constant.By understanding how to read frameworks and knowing exactly what the requirements call for, it makes meeting those requirements an easier undertaking. It’s all about understanding how to get from Point A to Point B, and that’s our specialty at Coretelligent.

You probably already know that there is a huge trend in modern IT management to outsource. Widespread acceptance of cloud and SaaS solutions have paved the way for other elements of IT infrastructure to be obtained “as a service”, including backups, disaster recovery, help desk and even data center management. Relying on the expertise of trusted specialists has many advantages, not the least of which is a more efficient use of resources.

After all, why spend a disproportionate amount of time and money on functions your team isn’t equipped for when you can leverage the right people, as needed, at a fraction of the cost? You’re relieved of the burden of maintenance and upkeep and able to focus on your core business and strategy.

This trend has lately extended even to the project management office (PMO). Today, outsourced project management is one of the best ways to execute new ideas and ensure results. There are numerous benefits to this new type of PMO.

Benefits of an Outsourced Project Management Office

Experienced Staff – Especially in a small to midsize organization, the necessary personnel to manage a particular project may simply not exist. A dedicated outsourced project management office will by nature maintain a variety of specialized talents and expertise on hand. Project management requires the ability to maintain a high-level view of business goals, while simultaneously juggling a large number of moving parts, from vendors to employees. Finding that skill set within your own organization is not always feasible. Even an employee who shines in their current role might require a long and expensive training period to take on project management duties. Outsourcing project management eliminates this ramp-up time.

Fresh Perspective – In IT as in most other departments, there is such a thing as being too close to a project. It can be all too easy to allow other business units or past experiences to influence the decision-making process when undertaking a new project. An outsourced PMO is an outsider to your company, and is immune to such pressures. A new set of eyes can do wonders for a project that seems to be floundering.

Cost Effectiveness – Staffing, training, and maintaining an in-house PMO is simply not feasible for many businesses. Budgets are often tight from small business to mid-market (and many times enterprise as well), and a dedicated PMO is often not on the table. Hiring several new employees who may not yield results for months or more is difficult to justify even for a company in expansion. Outsourcing the project management office is far more cost effective, as the groundwork has already been done. You can reap the benefits of an experienced project management team immediately, without an expensive and time-consuming hiring and training process.

Elasticity – Likewise, an outsourced project management office need not be permanent. Engaging a PMO service allows for resource expenditure to be scaled up and down as needed to suit the current needs (much like cloud). Having experienced project management talent available when needed, but not continuing to draw a salary when there are no projects on the line, is a boon to any budget.

Risks of Outsourcing and How to Mitigate Them

During the outsourced PMO selection process, and in the initial consultation with the vendor you select, there are a few items it pays to keep in mind. Some of the benefits of an outsourced PMO can be a double-edged sword if not managed carefully.

Trust – Any project manager, whether internal or outsourced, has access to sensitive corporate data. A data breach is just as damaging whether it originates internally or at an external PMO. Discuss your data protection and security policies with your PMO vendor, and ensure all safeguards are strictly followed. Proper IT security precautions must be adhered to for all communications between your employees and the outsourced PMO, as well as internally at both your company and the vendor.

Clear Communication – The fresh, outside perspective of an outsourced PMO can be a blessing, but it also requires careful and clear consideration of your business operations and goals. Do not rush the initial discovery phase, in which your PMO vendor can gain a thorough understanding of your project parameters and goals. Once work is underway, review milestone and task status reports frequently to ensure delivery dates are on track and stay on top of problems before they get a chance to boil over.

Employee Acceptance of External Management – From the standpoint of corporate culture, an outsourced PMO holds some risk of friction. Employees may overtly or subconsciously be unaccepting of an outsourced PMO’s decisions and processes. Regular status meetings can help avert this, as can fostering a strong collaborative environment. Above all, a few successes under the belt of a team under outsourced project management will do wonders. In other words, choose the right PMO vendor, and this problem will solve itself.

 Learn more about Coretelligent’s PMO and how we can help

The risk of security breaches for mid-market businesses cannot be overstated. The last few years have shown that no business — no matter the size — is completely safe from external or internal threats. So, while some enterprises are trying their utmost to keep up with the latest security measures, there are several ways they can trip up.

These nine gaps are crucial for IT leaders to consider when mapping out security strategies so they don’t miss a beat.

Perception

Pride goes before a fall, and for many mid-market businesses, pride may be playing a stronger part in security planning than expected. A 2017 study found that 95% of mid-market businesses believed their security posture to be “above average,” and that they were spending enough to cover the gaps. Those who believe themselves safe are the most likely to not catch the problems that may emerge.

Time to Patch (TTP)

Sometimes vulnerabilities are known about, but getting the word out can be slow. Just because a software maker knows about a potential problem with software doesn’t mean a patch is immediately available, or even available in a timely fashion. While this can be at least partially addressed with patch discipline—making sure available patches are always applied quickly—the threat doesn’t stop because a new patch is being developed. Be ready to protect a system in the time between the threat being found and the cure being created.

Priority

Many businesses have made a good start of security, putting firewalls in place or the like. When such protective measures are in place, it’s easy to think that that’s “good enough” and carry on from there, addressing the other issues on a priority list. However, security is a constantly evolving matter, and the threats to security change every day. Firewalls and similar matters may be good enough to protect the threats of today, but what about tomorrow’s threats? Next year’s? A constantly-evolving security presence is the only way to ensure protection all the time.

APTs

An advanced persistent threat (APT) represents a major threat to business operations. Worse, it’s a threat that can’t always be prepared for. Businesses often focus on threat detection or prevention, but APTs represent a threat that has already breached the network. This means that other methods of protection are called for. While businesses often focus their security measures on perimeter defense (prevention of a breach or mitigation of a breach) adding some focus on data encryption can help ensure that — even if data is seized — it’s worthless without the related encryption key.

Data loss

We’ve already seen what happens to a bottom line when customers flee a data-breached business, but what about the data itself? If that data is lost or stolen, it impacts the business’ ability to carry on. Data’s value in the business is well known in everything from analytics to marketing campaign creation;losing that data is lost progress across the entire business. This can have impact on everything from operations to innovation into future developments.

Lack of focus

Don’t count on IT as your only line of security. IT has enough to do keeping the network running and the operators’ issues settled. Make sure your security is dedicated security — whether that be staff or an external provider. Whoever it is might report to IT, but they should be purely devoted to the security technologies your business needs.

Time-to-investigate problem

Not every threat can be investigated with the rapidity and thoroughness a threat deserves. Some threats are even false alarms; just look at what happened in Hawaii recently. Prioritizing threats to investigate also takes time, and sometimes, the biggest threats aren’t investigated quickly enough. This discrepancy makes for trouble, as minor threats are investigated ahead of their due, while major threats can go without proper response.

A lack of visibility

As Donald Rumsfeld once noted, sometimes we don’t even know what problems we need to face. These “unknown unknowns” mean we must have better visibility into operations. Several tools have emerged to help provide that necessary visibility, but such tools need to be put in place before the next threat. It’s hard to overstate how important visibility into a system’s workings are; the more problems that can be spotted, the fewer problems are likely to go unaddressed. A security technology provider can shed light on the latest tools a mid-market business needs to gain better visibility into the network.

What should mid-market businesses do next?

If you’re looking at your own security measures and finding them a bit wanting, then get in touch with us at Coretelligent. We’re ready to offer you an expert, holistic approach to security that lets you protect not only your technology, but also your processes. We can even provide education about threats to come, making your business more likely to survive tomorrow’s threats today.