The Best Data Protection Advice You’re Not Taking – Part 1

dave_h_colourBy David Hone, Security Specialist, Netutils

Views expressed in this post are original thoughts posted by David Hone. These views are his own and in no way do they represent the views of the company.

Some mind boggling stats for you.

There’s a lot of data out there being created and shared and in amongst all that data are huge volumes of valuable personal and corporate information. By valuable I mean hackers want to nick it, sell it and exploit it.

Let’s take a second to think about the widespread proliferation of our personal data. Consider this. In the past the typical household bill cycle would start by a gas/electric representative knocking at the door to read the meters, 2 weeks later a bill would arrive directly from the supplier on the doorstep, typically that bill would be paid with a cheque in the post direct to the supplier or in cash at the local post office, both methods being secure in so far as a very limited amount of personal data was collected, processed or stored.

Roll forward to today’s Software as a Service (SaaS) dominated world and we have a very different picture. No-longer are our meters read by official employees of the gas or electric companies. Most likely the person reading the meter is subcontracted and employed by a different company. This instantly means a certain amount of your data is already being shared and these organisations are likely to have your account reference, house number, address and postcode. While this may appear a trivial amount of data it’s probably enough for someone to match this up with the electoral role to acquire your household name in order to request a copy of your electricity bill. Armed with a copy of your bill they could easily apply for some instant shop credit in your name. Scary stuff.

But it doesn’t stop there. The gas/electric company want to save money by making you read your meters directly for them and by paying your bills directly online. So they commission a company to design, build and manage a site to aid this process. You are then encouraged / forced to use the new service and more importantly are required to identify yourself and signup to the process, in doing so your personal data has the potential of being exposed in a myriad of different ways:

  • Direct breaches of data by the employees of the companies involved in managing the online platform.
  • Without the right level of anti-virus, anti-malware and phishing awareness protection your personal data could be stolen at source when you sign-up for the SaaS without the gas/electric company knowing or even caring!
  • Call centres and data centres reside offshore, in places which likely do not have the same personal data protection regulations in place or enforced as we have here in the UK

So with the new age of SaaS we can clearly see that we, as individuals, can quickly lose control of our personal data and the possibilities of this data being leaked, lost or duplicated and then used for financial gain starts to become infinite. Multiply this by the number of SaaS platforms that you are compelled to subscribe to and use and you can quickly see that the potential for your personal data being leaked, lost or abused is extremely high.

Worried yet? Then think how easy it is for your personal information to end up in the wrong hands. For example simply typing the wrong email address could result in your email being sent to a number of unintended recipients across the world. If a cybercriminal setup a domain such as “HSCB” the chances are they could easily capture a certain amount of traffic intended for HSBC, such correspondence are likely to contain information cybercriminals would otherwise not know.

Here’s 4 simple tips to help protect your personal data both at home and in the office:

  1. Two (or more) steps are better than one

Protecting your data with just a password? Stop! The danger here is that a single password can easily be guessed. Most secure systems deploy 2 factor authentication. This involves a password that only you/ your employees should know and a token element that typically changes with time. The other weak area of any of these systems is the mechanism linked to single sign on and the use of the same email address with these single sign on systems. Single sign-on typically allows you to use one account (for example your Facebook account) to login to other services such as Amazon. The weak link being the interception of a live session for any of these services, this allows the hacker to change the account email address by spoofing the live session. Having changed the email address the hacker simply requests a password reset which is then sent to the new email address provided by the hacker, from this point onwards the hacker has complete control of all your accounts and personal data all linked to the same single sign-on information. Don’t link social media sign-on details with confidential services like online banking. Also consider keeping services separate by having a number of different email addresses linked to these services that are only used in isolation, for example myname-mytax@{yourdomain.com}, or myname-goingout@{mydomain.com}, by doing this you are limiting the damage that can be caused should any one service be compromised. Finally (and many of us are guilty of doing this) never use the same password for all services; this I know is difficult to do and remembering all the usernames/passwords can be a real challenge, so read on….

  1. One size should not fit all

It’s frustrating when you can’t remember your passwords. Let’s face it life is busy enough. However there are a number of solutions out there that can help. Most of these solutions take the pain out of trying to invent new passwords and then trying to remember them at a later date. Typically these systems store all your passwords in one centrally managed place. However there are some security issues with this you should be aware of. Maybe you’ve lost your device for example, and this contains all your passwords. You can protect against this by using the device’s own password access systems before the key password application can be accessed. What you are buying here is time to react and the ability to generate longer random password seeds that should be harder to crack, difficult to remember but easy to manage and use. Check out http://lifehacker.com/tag/password-managers for ideas.

  1. Clean up after yourself

You know that website you used to make a random purchase? They made you sign up for an account right? Delete it! You have no idea what these companies are doing with your data or how well they are protecting it. I refer to my point above on SaaS. With the proliferation of SaaS, we as individuals can quickly lose control of our personal data and the possibilities of this data being leaked, lost or duplicated and then used for financial gain starts to become infinite. Delete those dormant accounts.

  1. Run and hide (well not literally, you’ll see what I mean below)

So why did Facebook recently purchase WhatsApp? Our data, what we do, where we go, what we purchase, when we purchase it, what groups we belong too and our buying power is all information with a commercial value. By signing up and agreeing to use certain services we are agreeing to allow these companies to own our data. In some instances access our photos and know our locations. Is this really information you want corporations to have about you? Consider this; you don’t have to fill in your real name and address when signing up for these services, or you could encrypt the data you sign up with. One solution that can hide our surfing habits is a solution called TOR from the TOR-Project .The browser bundle provides a clean browser (i.e. free of any tracking cookies and plugins) that connects by way of a VPN connected network of global hosts, your traffic is routed through the global hosts and exits at different places at different times, thereby obscuring and masking who you are, where you are and what you are visiting.

Keep an eye out for part 2 of our blogging series on the ‘best data protection advice you’re not taking’ which will provide you with hints and tips on educating your employees on the dangers of phishing attacks.

 

Want your network to run more smoothly? Here’s 4 ways to do it.

MalcolmBy Malcolm Orekoya, Senior Technical Consultant at Netutils

Views expressed in this post are original thoughts posted by Malcolm Orekoya. These views are his own and in no way do they represent the views of the company.

With user demand increasing at a rapid rate businesses are spending more and more time and money keeping their networks running and highly available. Investment is now consistently made in redundancy everywhere. Two or more of everything in the network is now normal practice; dual routers, dual firewalls, stacked switches, dual ISP’s, multiple application server, dual power inputs etcetera. All this redundancy will no doubt keep the network uptime high, but will it necessarily keep things running smoothly?
Here are 4 tips worth considering:

  1. Optimum Use of Resources

What is the point of having huge bandwidth, the fastest network with great big servers everywhere if you cannot make the best use of them? Allowing ALL types of traffic/users/applications (the good, the bad and the ugly) through your network without any visibility, policing or prioritisation of business critical services and applications, essentially amounts to a waste of all that investment that you’ve put into providing the robust network in the first place. There are good and bad users as well as good and bad applications both inside and outside of your network and they will always seek to utilise or take advantage of any open, free or unpoliced resources they can get hold of. As C-level executives, IT Managers, Network Managers or IT Administrators, it is your responsibility to make sure you can make the best use of your network resources to provide the best user experience, while preventing malicious usage and controlling the usage of unimportant (low priority) application/traffic.

  1. A Proactive Network

Historically network management has always been very reactive in its approach to dealing with network problems and network traffic utilisation. In general, until there’s a problem (usually reported by users) to investigate, everything is considered to be working and traffic is considered to be “normal”. Ever thought of a “learning network”? A network that can monitor the types of traffic coming in and going out, identify applications and users where applicable and even inform you about changes in the types of applications passing through your network when compared to what is normal (i.e. the baseline). A network that can monitor applications and server response times then proactively alert you based on a traffic light system “Red-Amber-Green” highlighting potential issues. A network that can provide you with recommendations on optimum policies to apply to your network based on your traffic and not just wait for you to figure it out (usually only after there is an issue to troubleshoot). It might sound a bit futuristic, but the good news is, it’s not. All of these elements that make up “a proactive network”, already exist in the Exinda Network Orchestrator solutions.

  1. Application Performance Monitoring

Almost everything within a network today comes down to two thing; applications and services. All the infrastructure that underpins everything boils down to providing some sort of application and or service to a user somewhere. Therefore it can be said that keeping the user experience good and ultimately the user happy comes down to making sure the application or service is performing optimally. To do this you first need to have complete visibility of all applications running through your network. Then you need to be able monitor the most critical applications to your business (usually productivity applications) and establish a baseline of what can be considered “normal”. You then need to be able to observe when these applications start not performing optimally and very quickly figure out why that is the case. Scrolling through pages of log data will not speed up this process, so most importantly you need something that can do all of this for you easily and provide that information back to you in simple (ideally) graphical format.

  1. Speedy Troubleshooting

By making sure your network resources are used optimally and your network proactively informs you of the performance and utilisation of your network applications; you will already have decreased the time it takes to troubleshoot network issues. Having done all this however, it is important to have a monitoring tool available to you that can instantly provide real time analysis of traffic passing through your network as well as being able to look instantly at historic utilisation data for comparison. This will inevitably speed up troubleshooting and reduce downtime.

Want to know more? Please get in touch. info@netutils.com

If you’re responsible for managing your company network bandwidth we would like to personally invite you to join our free half day technical workshop on Wednesday 3rd December 2014 at the National Space Centre, Leicester, UK. For more information and to sign up visit: http://www.netutils.com/exindaSpace.php

About Malcolm
As Senior Technical Presales Consultant at Netutils Malcolm consults and advises on specialist IT Networking, Security and Service Management requirements.

 

DNS based DDoS Attacks- What’s in a Name?

You may already know that we have recently partnered with Infoblox.This partnership provides us with an excellent array of network control and security solutions.

InfoBloxControYourNetworkA big focus for Infoblox is their secure DNS solution. DNS attacks are at an all-time high and traditional DNS servers do not offer the protection you need. Recent press has shown a marked increase in DDoS attacks on ISPs around the world. Our ISP customers may be interested in this blog post from Renuka Nadkarni at Infoblox.

Here Renuka explains how ISPs are especially sensitive to DDoS attacks – disruptive to the business and time consuming to mitigate. Her blog goes on to explain the six new attack types and how each one works, covering: Basic NXDomain Attack, Random Sub-domain attacks on Legitimate Domains, Phantom Domain Attacks, Lock-Up Domain Attacks, CPE-driven DDoS attacks in the ISP network and DDoS attacks using Malware-infected CPE devices.

Infoblox are working with ISPs and enterprises to help them protect their DNS infrastructure. Read the full blog post on the Infoblox website here.

 

 

We don’t just shift the tin we lift customer expectations

By Jay Ludgrove, Account Manager at Netutils.

Jay Blog 2Views expressed in this post are original thoughts posted by Jay Ludgrove. These views are his own and in no way do they represent the views of the company

Ok, so we know we are not the only IT technology reseller out there. But let me tell you a little about why I think we are different. It’s actually all about when to shift boxes, and when to add real value by working closely with customers to ensure they get the most from our expertise and their technology investment.

When an IT reseller is simply focused on volume sales the likelihood is that the customers’ needs and requirements get left behind when the reseller moves onto the next ‘big volume’ order. This begs the question – can you, the customer, only get the best pricing by sacrificing the service?

I have been with the IT industry for the last 12 years and worked on both sides of the fence, both within technical teams and within sales environments and the one question that has plagued me is how does the customer get the best service at a great price?

This is obviously dependent on the customer’s choice of supplier; do they want a technically accredited company to help with consultancy / development / installation / configuration and future needs? Or would this be plain useless to them because they have an in house team who are already employed specifically for these duties?

As a sales account manager that has emerged from a customer service background, I have always wanted to be able to show my customers a value and experience that they can’t get anywhere else and continue to strive to provide the best service that my technical counterparts are able to deliver.

So what about those customers who are not interested in the services that their resellers can provide, they simply insist on the cheapest price? Is this down to years of being ‘sold to’, that has hardened them to any outside help assuming that all sales people are simply out to get the highest deal value possible without any focus on corresponding service levels? Or do they feel that they have gone through the lengthy recruitment process of employing skilled engineers themselves so they simply don’t see the necessity or value in this level of additional support? And what guarantees do they have that they will be sold the ‘right ‘solution and not just the most expensive?

I believe that this is where the reseller’s reputation comes in. In the past I have worked for IT companies that have quite simply told me ‘Whatever the customer needs we can do. Anything at all, just find out what they need.’ I have never felt comfortable within these types of organisations. Common sense told me, you can’t please all of the people all of the time. I never had the confidence that they were going to be able to deliver on this and although they could be exceedingly cheap the post-sale service was generally left to the vendor who may have little or no knowledge of the initial requirement or challenge. From my personal experience these resellers are used for price comparison only and are seldom called upon to discuss or help deliver future projects or resolve existing problems.

On the other hand resellers that are focused on service over price are going to lose out on a number of deals when the client is only interested in the best price. For this reason I feel it is important to not only have a reputation as an expert in a few core areas but to continuously strive to deliver this message to customers. Ultimately these resellers will not make as many sales as their ‘tin shifting’ counter parts but the retention of business is higher year on year and the customer’s will generally come back for consultancy, development and for open discussions on how to move forward with a particular project or requirement. When you achieve this level of trust you can truly start to become an extension of the customer’s IT team, with their goals and needs coming first and front.

Working for the latter type of reseller requires some adjustment in approach as you will have to concentrate more on what the client needs and less on what you can sell them. This will mean that some sales are smaller than they ‘could’ be and it will mean that you will lose out ‘’on price alone’’. Ultimately building mutual respect can lead to a far superior service and experience for the customer. I sleep better at night, knowing that my customers got the best technology solution that their money can buy that meets their challenges and needs. After 10 years, I finally got to work for a company that promotes relationship building and value with a great ethos that means it’s never really just about the price alone.

So I guess the question you need to ask yourself is for your next technology purchase are you looking for a Tin Shifter or an Expectation Lifter? I know where Netutils fit.

Proactive Next Gen Firewalls for Smarter Security

Do you have an active firewall project? What should you look for in a next gen firewall? Watch our short video blog with our technical specialist Malcolm Orekoya and find out what Juniper Networks’ Branch SRX series has to offer. Talk to a solutions expect from our team about our current firewall offers; including (for a limited time only) a FREE half day’s training session for new customers purchasing Juniper’s branch SRX series. Conditions apply. Visit our website here for details.

The Shellshock Bug – Hype or Reality?

By David Hone, Security Specialist, Netutils

dave_h_colourViews expressed in this post are original thoughts posted by David Hone. These views are his own and in no way do they represent the views of the company.

So what exactly is Shellshock (CVE-2014-6271) aka the ‘Bash Bug’ and should you believe the hype?

You may not believe that your organisation will be affected by this security flaw because you don’t run Linux, Solaris or Unix systems, but you may want to reconsider.

Let’s cut through the hype and consider exactly what Bash is and what functions it provides in a computer.

Bash stands for Bourne-Again Shell. In essence the Bash function provides the interface between the user and the computer. Its core function is to interpret what you type and allows the computer system to action these commands.

Bash also provides the ability to script commands, scripting being used to automate a number of steps. For example you could command a Bash shell which creates a script to discover all your database files and then copy them to a database located somewhere else in the world.

The key part to understand is that as the Bash shell is text-based the commands could be initiated from a remote computer and doesn’t necessarily have to be connected to a local keyboard. This allows IT departments / individuals to action commands from anywhere in the world. While Bash is interpreting the physical commands inputted by a user the final point to highlight (and this is one that most people overlook or simply do not consider for any number of reasons) is that as individuals, consumers and businesses we are surrounded by computers of all types (commonly referred to as ‘the Internet of things’) that are often connected to the Internet undertaking activities and processes of which we often have little understanding or knowledge.

The Bash Bug vulnerability allows an attacker to remotely execute commands, attacking scripts which have been written in Bash.

For more see http://www.vox.com/2014/9/25/6843949/the-bash-bug-explained

How can you identify which of your devices are vulnerable to this type of attack, the impact, and what you should do to protect your business and private data?

If you have not done so already you should start by implementing a full audit of all devices connected to your network. This should include everything from the routers provided by your internet service provider to any device that your users attach to the network.  It is common practice for manufactures to build ‘the internet of things’ with open source software, so almost any device from the modern fridge, to the ISP’s router, or indeed the core routers and switches in your network are all likely to have a custom built Linux/Unix  operating system derived from a common open source technology which includes the Bash application and therefore all these devices are potentially vulnerable to this attack and are targets for attackers to hijack for any number of illegal activities. 

So how can Netutils help? We specialise in providing networking, security solutions and consultancy and pride ourselves on providing our customers with the highest quality of immediate actionable independent advice and solutions to solve current business security needs. If you have any concerns about the impact of the Bash Bug in your organisation we urge you to get in touch, we are very happy to discuss possible fixes for you and your organisation.

Phishing- Are you ready to be caught out?

By Anthony Mortimer, Account Manager, Netutils

AnthonyMortimerViews expressed in this post are original thoughts posted by Anthony Mortimer. These views are his own and in no way do they represent the views of the company.

In the age of commercialised hacking, organisations are experiencing greater frequency and sophistication of attacks than ever before, this is driven simply by the commercial value corporate data represents to criminals. According to Trend Micro 90% of all known successful data breaches in 2012/2013 were attributed to Phishing attacks.

At Netutils we see and talk to a broad range of organisations all with very different views to the risk these threats pose. For many smaller organisations the presence of a firewall and basic security is seen as sufficient; but here’s why these smaller businesses should be concerned.

For a start criminals are now regularly targeting suppliers or customers of big organisations as the staging point to attack the bigger network. More importantly we are seeing a trend for large businesses to dictate security policy to their suppliers for them to continue to trade with them or to win new contracts.

A significant growth area is in the use of targeted Phishing emails and more focussed spear phishing attacks tailored to specific individuals based on pharmed data. These types of attacks are becoming more difficult to mitigate against putting significant stresses on IT department’s budgets.

We have witnessed organisations handling these threats with 2 broad methodologies:

  • Deployment of technology to counteract attacks
  • End user training

It is generally accepted that by far the greatest risk to the security of your corporate data are your employees themselves who may unwittingly fall victim to phishing attacks. According to industry figures 60% of UK office workers receive a Phishing email at least once a day. In addition the greatest issue with regards to end user training is that for most organisations it is difficult to deliver such a course in a way that will make a real difference. Businesses will often run a single awareness session and hope that will mitigate the risk. Unfortunately Phishing attacks are dynamic, although they follow a similar pattern the content and mechanisms change, unless staff are made aware of these on a regular basis the training deployed may only have value for a few weeks after delivery until a new form of attack is devised.

The second method of combating these threats is via the deployment of technology, this poses real issues to businesses and it can be argued many traditional signature based solutions offer little real protection. This is essentially because they rely on a known database of attack signatures to spot and block an attack. However with the rise in commercial hacking activities self-service malware portals can provide the enterprising hacker with a unique piece of malware for as little as $100 that can sit undetected on corporate machines, up until it is discovered and the signature published.

At Netutils we believe that effective mitigation requires a layered approach to handling these issues. At the heart of our solution set are 2 key elements: ongoing security training via our interactive training platform (PhishAware) and cutting edge signature less technology.

If you have any concerns about the impact of Phishing in your business then do please contact a solutions expert from our team on:

t: 020 8783 3800
e: info@netutils.com

PhishAwareTrial