The risk of security breaches for mid-market businesses cannot be overstated. The last few years have shown that no business — no matter the size — is completely safe from external or internal threats. So, while some enterprises are trying their utmost to keep up with the latest security measures, there are several ways they can trip up.

These nine gaps are crucial for IT leaders to consider when mapping out security strategies so they don’t miss a beat.

Perception

Pride goes before a fall, and for many mid-market businesses, pride may be playing a stronger part in security planning than expected. A 2017 study found that 95% of mid-market businesses believed their security posture to be “above average,” and that they were spending enough to cover the gaps. Those who believe themselves safe are the most likely to not catch the problems that may emerge.

Time to Patch (TTP)

Sometimes vulnerabilities are known about, but getting the word out can be slow. Just because a software maker knows about a potential problem with software doesn’t mean a patch is immediately available, or even available in a timely fashion. While this can be at least partially addressed with patch discipline—making sure available patches are always applied quickly—the threat doesn’t stop because a new patch is being developed. Be ready to protect a system in the time between the threat being found and the cure being created.

Priority

Many businesses have made a good start of security, putting firewalls in place or the like. When such protective measures are in place, it’s easy to think that that’s “good enough” and carry on from there, addressing the other issues on a priority list. However, security is a constantly evolving matter, and the threats to security change every day. Firewalls and similar matters may be good enough to protect the threats of today, but what about tomorrow’s threats? Next year’s? A constantly-evolving security presence is the only way to ensure protection all the time.

APTs

An advanced persistent threat (APT) represents a major threat to business operations. Worse, it’s a threat that can’t always be prepared for. Businesses often focus on threat detection or prevention, but APTs represent a threat that has already breached the network. This means that other methods of protection are called for. While businesses often focus their security measures on perimeter defense (prevention of a breach or mitigation of a breach) adding some focus on data encryption can help ensure that — even if data is seized — it’s worthless without the related encryption key.

Data loss

We’ve already seen what happens to a bottom line when customers flee a data-breached business, but what about the data itself? If that data is lost or stolen, it impacts the business’ ability to carry on. Data’s value in the business is well known in everything from analytics to marketing campaign creation;losing that data is lost progress across the entire business. This can have impact on everything from operations to innovation into future developments.

Lack of focus

Don’t count on IT as your only line of security. IT has enough to do keeping the network running and the operators’ issues settled. Make sure your security is dedicated security — whether that be staff or an external provider. Whoever it is might report to IT, but they should be purely devoted to the security technologies your business needs.

Time-to-investigate problem

Not every threat can be investigated with the rapidity and thoroughness a threat deserves. Some threats are even false alarms; just look at what happened in Hawaii recently. Prioritizing threats to investigate also takes time, and sometimes, the biggest threats aren’t investigated quickly enough. This discrepancy makes for trouble, as minor threats are investigated ahead of their due, while major threats can go without proper response.

A lack of visibility

As Donald Rumsfeld once noted, sometimes we don’t even know what problems we need to face. These “unknown unknowns” mean we must have better visibility into operations. Several tools have emerged to help provide that necessary visibility, but such tools need to be put in place before the next threat. It’s hard to overstate how important visibility into a system’s workings are; the more problems that can be spotted, the fewer problems are likely to go unaddressed. A security technology provider can shed light on the latest tools a mid-market business needs to gain better visibility into the network.

What should mid-market businesses do next?

If you’re looking at your own security measures and finding them a bit wanting, then get in touch with us at Coretelligent. We’re ready to offer you an expert, holistic approach to security that lets you protect not only your technology, but also your processes. We can even provide education about threats to come, making your business more likely to survive tomorrow’s threats today.

The rapidly growing demand for data means businesses must engage in greater protection methods to keep data safe. Mid-sized businesses are especially ripe targets for hackers, as they don’t have the data protection capability of large corporations, but they also have more resources available to take than the small business. A new era of cybersecurity calls for both current understanding and an idea of how to address future threats. Tools like disaster recovery as-a-service (DRaaS) will go a long way, but there’s plenty more than that to be done.

Data Protection Isn’t Complete Without DRaaS

A proper data protection plan requires disaster recovery, whether it’s done on premises or through DRaaS. Data protection plans work well to keep data safe, but what happens when that protection fails, either through the cleverness of criminals or resulting from a natural disaster so large your entire location is compromised?

That’s where DRaaS can step in and provide an extra layer of protection. If data is accessed and ruined by outside

sources or simply destroyed by flood, fire or similar, then DRaaS can provide a way to reestablish operations and bring them back to how they were before the disaster hit. Protecting data is a great start, but we must plan for what happens when that protection isn’t enough.

DRaaS and Backup: Your Pincer Maneuver Against Cybercriminals

Backup is one of the greatest weapons you can have against cybercriminals. It’s also a vital component of damage recovery.

Recovery times vary.

A typical DRaaS package, as part of its service-level agreement (SLA), will guarantee some points in particular. Especially important to watch for are recovery point objective (RPO) and recovery time objective (RTO). RPO draws its information from the past—how far back before the incident would you like to be recovered to—while RTO is a focus on the present, the amount of time it will take to affect recovery.

Closely linked. 

Backup in itself is only a disaster recovery plan if you’re sufficiently small that you’re only concerned about files. When you’re concerned with server settings and specialist tools like certain apps, you need a deeper backup to get through. This calls for disaster recovery systems, which can provide just the level of backup you need.

Availability.

Backup and disaster recovery work together to allow you to respond to the greatest number of disasters. While hackers and cybercriminals can be rebuffed with backed-up files located independently, natural disasters that take out a whole office may need stronger protections. Having both at once provides that protection.

The greatest measure: RTO. 

Every moment that you’re down from a disaster is a moment that does no small amount of damage. It’s not only direct loss of revenue, but it’s also a loss of face in the market, and opportunity for competitors to slip in and provide the service or goods you used to provide. Getting customers back is much tougher than getting customers, so knowing how much time remains until RTO kicks in and you’re recovered is vital to knowing which DRaaS provider to go with.

What DRaaS and Backup Protects Against

Using the two-pronged strategy helps provide the fullest protection.

Ransomware. 

One of the newest and potentially largest threats, ransomware uses malicious codeto seize control of your data and encrypt it under a key unknown to you. The key is ostensibly provided when you’ve paid the ransom, but not always. Since ransomware depends on seizing your data, if you have a fresh copy somewhere else not affected by ransomware, you can just get rid of the infected endpoint, provide the new endpoint with the backed-up files, and run as usual.

Natural disasters.

Backup also provides a useful protection against natural disasters, especially when used as part of DRaaS. Whereas a natural disaster might take out a building, backups allow its occupants to go to an unaffected building, get backed-up files, and carry on remotely. This is especially useful if you’re already using telecommuting— the infrastructure is likely in place — but can work for temporary bursts only.

Data loss.

Some criminals aren’t interested in money; some, like the Joker in Christopher Nolan’s “The Dark Knight,” famously opined, “just want to watch the world burn.” That can include your data. Some natural disasters don’t destroy a building, but rather just data; sudden electrical surges are sometimes enough to ruin data. No matter what cause of data loss hits, using backup systems and DRaaS can help put data back aright, whether it’s been locked up or plain destroyed.

DRaaS: Start the Ball Today

Businesses need to think ahead and start getting involved with DRaaS operations right now.

Insurance. 

Think of DRaaS like you would think of any insurance plan. The time to have it is before you need it. Plus, it will encourage you to test systems ahead of time and spot where any flaws are, so when a disaster that requires DRaaS operations does come up, you’ll be ready.

Filling in the talent gaps.

This is another facet of disaster recovery that’s needed in advance. If your current IT department doesn’t have the necessary skills to handle disaster recovery, you’ll need to make preparations here. Whether you hire from the outside, provide training to current staff, use DRaaS services to let someone else’s expertise take over, or use a combination, you’ll be ready to go as long as you’re setting this up before the next disaster.

Getting Started With DRaaS

The world ahead is a dangerous one in terms of cybersecurity. While it’s flush with possibilities, these same possibilities also extend to criminals as well. Protecting your business is every bit as vital but much more complex than ever. Take the complexity out of the problem by getting in touch with us at Coretelligent. With business continuity and recovery management systems, we can help you weather any disaster, whether it’s caused by criminals or natural events. So just drop us a line, and help get your business ready to protect its data with disaster recovery systems.

Self-propagating malware can be a nightmare for organizations. These threats, which can take the form of ransomware, worms, and other malicious attacks cripple access to essential files through exploiting weaknesses in systems and networks. Two significant cyber threats over the past few years included WannaCry and Emotet. While these threats pose similar threats to organizations, each is fundamentally different. While one has been effectively identified and thwarted, the other is resilient.

WannaCry’s Wide-Scale Crippling Effect

WannaCry made many headlines in 2017 when the ransomware worm spread rapidly through some computer networks globally. The ransomware exploited a Windows operating system vulnerability that has since been addressed. The patch – an update to the Windows implementation of the SMB protocol (which facilitated communication between various nodes on a network) – was available before the launch of WannaCry. Vulnerable systems that were not updated saw the worm infiltrate and begin encrypting all sorts of files, such as Microsoft Office files. Then, WannaCry displayed a ransom notice, demanding $300 in Bitcoin for a decryption key.

Since a patch exists that fixes the vulnerability, WannaCry’s threat is essentially over. Similar ransomware may pop up from time to time, but security experts have been able to identify a kill switch to shut down the threat. Emotet’s threat persists because it is markedly different from ransomware.

Emotet: Malicious Development Tool

Unlike WannaCry, Emotet is a constant work in progress. Technically, it is an advanced polymorphic trojan — a type of malware with malicious scripts that also incorporates social engineering techniques. It is usually spread by email. The email might contain a link that leads to a downloader document or can have the malicious document as an attachment.

Once the email attachment is opened, the latest version of Emotet moves itself to a directory and adds itself to the start-up folder. Emotet will spread across your network, grabbing credentials and increasing exposure. It only takes one machine, it evolves, and it keeps re-infecting to inflict maximum damage.

WannaCry has been defanged, but how are organizations supposed to handle an evolving threat like Emotet? The answer is security awareness training and advanced detection.

Security Awareness Training and Advanced Detection

Sophos is an organization’s best defense against the type of threat that Emotet poses. The Sophos Sandstorm is a powerful cloud-based sandbox that detects, blocks, and reports on threats. As a sandbox, threats such as Emotet are contained and thoroughly tested for security, resulting in zero-touch threat isolation. Deep learning means your threat monitoring is as evolving as Emotet, so your organization is prepared for the future.

Are you looking for expert guidance for your organization’s security awareness training? Contact Coretelligent today and learn how your organization can protect against today’s ever-evolving threats.

Keeping your business networks safe has been a great deal more difficult in recent years with the burst of major ransomware attacks that are business-agnostic — meaning they can hit any size or any type of business at any time. This malicious software is used by cybercriminals to essentially block corporations or individuals from accessing their data or business systems, holding the digital assets “hostage” until a ransom has been paid in Bitcoin or other untraceable digital currency. The statistics around ransomware are staggering, with American businesses losing upwards of $75 billion per year due to ransomware and the recovery process. What’s perhaps more frightening is that this number is suspected to be under-reported, as a quarter of businesses never notify authorities that they have been the victims of a ransomware attack. Here’s what you need to know about ransomware to help protect your business.

What is Ransomware?

Ransomware is a type of malware, or malicious software, that takes control of your network or individual computers. Your first indication that you have been attacked might be a notification on your screen letting you know to transfer digital currency or lose all access to your digital assets and information. Or you might suddenly notice that a file you know you saved is not where you placed it, or all of your file and folder names have been replaced with gibberish. If you experience any of these situations, it’s time to call in the professionals to review your current systems and determine what the next steps are in terms of remediation and getting your business back online quickly. Hackers claim that they will provide you with an unlock code once you have paid their ransom, but there are no guarantees that they will follow through on their promise.

No Company Is Safe From the Big Business of Ransomware

No business is too big or too small to be the target of an attack, and ransomware is the great equalizer in terms of cybersecurity. Ransomware is often launched through a phishing attack, when one of your well-meaning staff members clicked a questionable email or inadvertently opened an infected attachment. While small businesses may feel like a “safe space” in terms of cyberattacks, criminals are often using small businesses or contractors as a weak entry point to gain access to larger partners that have rich pools of customer data.

Protecting Your Business From Ransomware

While no technology solution is foolproof, there are some ways that you can limit the possibility of your business falling to an attack. Perhaps the most important is through ongoing education of your staff members because a significant percentage of ransomware attacks are accidentally triggered by an employee. Here are some additional ways to protect your business from ransomware attacks:

• Maintain up-to-date software and OS patches on all machines, including IoT devices such as smart TVs
• Place a higher level of security on machines so individuals are not able to install software without permission
• Get aggressive with your antivirus and anti-malware software
• Invest in web-based content and email filtering
• Ensure that your backup and disaster recovery strategies are up-to-date

Each step that you take reduces the chances that the thousands of ransomware variations floating through the cloud will infest your company.

With a proactive co-managed approach to IT, your team can be confident that your company is fully protected from ransomware and other cyberattacks. Even if malware managed to worm its way past your defenses, the team at Coretelligent has the tools and training needed to get your business back up and running without delay. Contact our cybersecurity experts today at 678-730-0345 to schedule your complimentary initial consultation. From IT strategy and planning to execution, Coretelligent is your partner throughout the technology lifecycle.

No one likes to think about experiencing a disaster, for much the same reasons we don’t like to plan our own funerals. We don’t like inviting that kind of trouble into our lives, considering the consequences of a fire destroying all our work or a flood making it impossible to carry on business. A clearer understanding of DRaaS, disaster recovery as a service can demonstrate its inherent value and prove why it should be part of every company’s toolbox.

What is DRaaS?

It’s impossible to fully describe DRaaS without understanding the DR first. Disaster recovery is, essentially, a kind of IT doctrine that acts like a self-managed and self-administered insurance policy. It’s designed to kick in once a disaster has occurred, and it works to either repair the damage caused by the disaster or establish workarounds that allow the company to operate while damage is being repaired.

Thus, DRaaS is disaster recovery offered on an as-a-service basis. It’s commonly cloud-based and comprises several individual points ranging from remote backup systems to cloud-based file storage systems. There are some DRaaS tools, such as remote-site operations, that operate on a purely physical basis, but this is just one option among many.

The Value of DRaaS

DRaaS delivers several key value points for its users.

Flexibility in coverage.

The term “disaster” encompasses many points, from flood and fire to ransomware and hacker attacks. Thankfully, the response to many of these disasters is the same: Revert to a remote backup and access files stored therein to carry on business as normal. With DRaaS, it becomes a lot easier to make the shift.

Prevention of downtime.

We all know downtime costs businesses big time. The costs vary from business to business—one company put together a cost-of-downtime calculator to plug in your specific numbers—but the costs are there all the same. With DRaaS, a company can go from disaster to at least limited operations much faster than without, which carries enormous cost savings.

Reinforce testing.

One of the biggest problems disaster recovery programs face is they often go untested. By establishing disaster recovery plans with DRaaS, you effectively embrace the concept of disaster recovery and begin planning and training for it. Like a fire drill in an office building, DRaaS encourages the testing of systems currently in place. Given that 20% of respondents in a recent study haven’t tested their disaster recovery plans in the last year, it’s a point worth addressing and one that helps ensure you’re ready to go when disaster strikes.

Why Mid-Sized Businesses Especially Need DRaaS

There is a range of general reasons why businesses need DRaaS, but the mid-sized business has its own specific set of reasons.

You’re not already doing it.

A 2016 study from Actual Tech Media revealed that 80% of small- to mid-sized businesses were still relying on some kind of disk-based technology — or even tape-based — to back up important files. Imagine trying to transfer all the files on every endpoint you’ve got to disks. Now imagine updating those disks every day — or even every hour — to accommodate all the new data you’ve generated in those time frames. That’s a big job in itself; now imagine reversing the flow to new hardware after a disaster. That’s a lot of time from disaster to even partial recovery, which leads to the next problem.

You can least afford downtime. 

We mentioned already that downtime costs businesses. These numbers vary, of course, but there’s a bigger issue with the mid-sized business: It can afford losses least of all. It cannot pivot as fast as the small business and segue into backups faster. Small businesses also have less data to back up, so disks and tape might well get them at least somewhat back into the game faster. Enterprise-level operations have more resources to absorb losses and carry out backups, plus their sheer volume of data makes it likely they’re already using cloud-based systems. The mid-sized business lacks both advantages, so it must make provisions for itself.

You’re a bigger target.

Mid-sized businesses make better hacking targets. Small businesses often don’t have the resources to make a hack worthwhile for anything more than the script kiddie who wants to prove his or her skills. Enterprise-level businesses have the richest pots of resources, but also the heaviest security. Mid-sized businesses have resources enough to be a rewarding hack but less security than your larger brethren. That puts you on ground zero for hacking and makes that disaster much more likely to come to pass. Natural disasters don’t care about what size your business is, but they could hit you hard, and your potential viability is at stake.

You’re taking on the world.

When considering the fullest extent of downtime costs, remember: It’s not just lost sales to consider. It’s also the potential boost to the competition. If you’re no longer selling your flagship product because you’re recovering from a disaster, will your competitors quietly wait until you come back? It’s also the loss of face: Will your customers wait until you’ve recovered to buy your flagship product? How long can you survive in the field if you’re not actively selling, and can you put the pieces of your shattered business back together sufficiently rapidly after the disaster comes to pass? If you don’t like the answers to those questions, then DRaaS is worth considering.

How to Get Started Putting DRaaS in Place

If you’re ready to stop hoping disaster never strikes your business and start planning for when it does, get in touch with us at Coretelligent. We offer a wide range of DRaaS solutions, from business continuity systems to remote backups and beyond, which can help you get back in the game faster whether you’ve just been hacked, hit with ransomware, or suffered fire, flood, earthquake, or another natural disaster. So get your DRaaS ducks in a row before a disaster can affect your ability to operate, and drop us a line to get the process started.