December Tech Talk Newsletter

Databranch Monthly Tech Talk

IT Solutions for the Workplace

December | 2021

What's Inside?

01 - Monthly Update from David

02 - Happy Holidays!

03 - Log4j Cyber Security Vulnerability Update

04 - Introducing Datto SaaS Defense

Did you know?

The computer “bug” was named after a literal bug found in a computer.

An actual moth trapped in a computer relay of the Mark II is the reason "debugging" is a used to describe fixing code.

Wishing you the best of everything!

Databranch Will Be Closed for the Christmas and New Year Holidays

May your days be filled with peace, hope, and joy this holiday season.

As always, thank you for your business, loyalty, and support.

In observance of Christmas and the New Year, the Databranch office will be closed Friday, December 24th and December 31st.

All network monitoring services will continue as usual but support will not be available. We will be open for normal business hours on Monday, December 27th and January 3rd.

We wish you well and hope you have a safe and happy holiday!

If you have any questions about support, please call 716-373-4467 or email: service@databranch.com

MONTHLY UPDATE

FROM DAVID

The Databranch technical team has been tracking and responding to the recently uncovered, critical Internet threat. By this point, you may already have seen posts and be aware of the Log4j zero-day vulnerability. Rather than provide multiple links in this update, we suggest that you Google “Log4j exploit” for developing information.

Things we have done thus far from a security perspective:

Tested and secured our Databranch systems externally and internally by testing and working with our vendors to review access to them and if they are vulnerable.
Testing our managed clients externally accessible sites for the vulnerability. However this is not a guarantee of protection.
Scanned client systems covered by Automate RMM tool for presence of the Log4j vulnerable software.
Patched our internal VMware vCenter.

It is possible that web based applications that you may use will be removed from service without warning as software providers deal with this exploit. You may have also already received communication from line of business software developers about whether their applications are vulnerable and remediation steps that they have/are taking. Here is a useful website that is tracking all the impacted software platforms and contains specific mitigation strategies as well: https://github.com/NCSC-NL/log4shell/blob/main/software/README.md

Please let us know if you would like more information or to discuss this latest security issue. If you are concerned if this vulnerability is prevalent in your IT environment we recommend you contact us regarding a Vulnerability Assessment scan through our cyber security partner Cyberstone.

Thank You,

David

Introducing Datto SaaS Defense

Datto has recently enhanced their SaaS Protection solution to include an additional security tool called SaaS Defense which we are recommending to all clients as an additional email security layer.

Why SaaS Defense Now?

43% of attacks impersonate Microsoft, making it the most impersonated brand globally.
SMB's saw a 424% increase in cyber-attacks last year.
Phishing emails are the leading cause of ransomware attacks.

The SaaS Defense Difference

✔ Identifies unknown threats, doesn't just monitor for known ones like most other solutions

✔ Eliminates those threats at first encounter

✔ Secures more than just email with protection for SharePoint, OneDrive & Teams - the entire M365 Suite

✔ Enterprise-grade security built-in from the start

✔ Robust, turn-key solution without complex training

✔ Reporting simplicity - easy to understand reporting metrics for end-users on why a threat was identified as malicious

To learn more about SaaS Defense and how Databranch can help protect your Microsoft 365 platform, give us a call at 716-373-4467 or email: info@databranch.com

Is Your Data Secure? Databranch’s 8 Best Practices for Vetting Cybersecurity Vendors

An effective way to bolster your business’s data security is to work with a Managed Service Provider (MSP) or I.T. Service Provider (ITSP) like Databranch. They address network vulnerabilities to prevent cyber criminals from exploiting them.

Besides monitoring and organizing your servers, a Managed Service Provider (MSP) or I.T. Service Provider (ITSP) plays a pivotal role in the cybersecurity program of your business. They implement several strategies to shield your network from attacks and protect your data.

For instance, many providers use email authentication protocols to monitor your server’s vulnerabilities. They can keep users from accidentally accessing malicious websites by determining spam emails containing malware or viruses. This results in enhanced system security.

Another common practice is training your employees to ensure they follow the highest security standards. This is especially important if you have remote team members since there’s no way to keep track of their activities. To tackle this issue, an MSP or ITSP teaches your staff how to operate safely to avoid harm to your company’s infrastructure and reputation.

On top of that, an MSP or ITSP can neutralize various threats due to their proactive approach. They offer several tools such as firewalls and endpoint detection to control the traffic and stave off cyber attacks. Also, they can install antivirus software and email security to stop intrusion attempts.

Needless to say, an MSP or ITSP can shield you from a wide array of cybersecurity issues. But it’s vital to work with the right provider.

To ensure this happens, you should look for and abide by the best practices for an MSP or ITSP in the cybersecurity space. This article will examine what they are.

The 8 Best Practices

Practice #1 - Enforce Multi-Factor Authentication (MFA)

Cybercriminals are becoming proficient at accessing your credentials, so it’s critical to enable MFA for all your users.

It consists of three elements: a password, security token, and biometric verification. Consequently, if attackers breach one security layer, they’ll still have to do a lot of digging to access your information.

Practice #2 - Make Patching a Priority

Application and operating system exploits are common. Hackers target them to access your system and compromise your data, but you can prevent this through regular patching.

Making sure your system is up to date with the latest security standards decreases the risk of exploitation.

Practice #3 - Conduct Regular Cybersecurity Audits

An MSP or ITSP must be aware of on boarding, off boarding, and lateral movements within an organization. This warrants frequent cybersecurity audits to assess the competency of your team.

Many MSPs or ITSPs hire third-party companies to perform their security audits. They can detect if a person who no longer needs access to the network still has it. It’s something that can endanger the client’s information, especially if the individual is a former employee.

Conducting regular audits mitigates this risk. It enables an MSP or ITSP to implement some of the most effective access privilege limitations:

IP restrictions – These security measures ensure that only users who can access your local network can utilize remote administration tools.
RMM software updates – Software vendors typically dispatch updates to fix vulnerabilities and patch numerous security gaps.
RDP (Remote Desktop Protocol) Security – This Windows native administration tool reduces the chances of ransomware attacks in your organization.

Practice #4 - Have An Off-Site Backup

Backups are crucial for tackling malicious activities and ensuring operational continuity after cyber attacks.

They also help address whether the company and its clients can access the latest version of their data and applications. This feature is vital for enterprises that must adhere to compliance requirements, including PCI-DSS and HIPAA.

But besides implementing on-site backups, your MSP or ITSP should also set up off-site versions. If attackers compromise your RMM software, they can most likely reach on-site backups, too.

So, to avoid disasters, businesses should have an off-site backup accessible to only a few people. It should also be offline for greater security.

(Databranch is a proud Datto Diamond Partner and can help your organization implement a true business continuity/data protection solution for your organization.)

Practice #5 - Incorporate Log Monitoring

Log monitoring is analyzing your logs for potential glitches. As an MSP or ITSP scrutinizes your records, they can detect traffic from harmful sources and provide a clear idea of threat patterns. And over time, they can deploy countermeasures to seal these gaps.

For example, cybersecurity experts use reliable security information and event management (SIEM) tools. They facilitate scanning through piles of information to enable faster threat detection.

Practice #6 - Launch Phishing Campaigns

Phishing cyber criminals target your team members with emails or text messages, posing as legitimate institutions to steal your data. Unfortunately, most attacks succeed because of human error, meaning your MSP or ITSP should be aware of and monitor employees’ behavior.

Setting up fake phishing campaigns is a great way to test your team’s ability to respond to phishing attacks. It allows you to pinpoint and improve inadequate responses, bolstering data security.

To learn more about Databranch’s Breach Prevention Platform which includes monthly simulated phishing attempts and continuous end-user security awareness training, click here or email: info@databranch.com

Practice #7 - Choose Your Software Carefully And Secure Endpoints

From small browser plugins to large-scale business systems, be sure your providers take data protection and cybersecurity seriously. Learn about their commitment to these aspects before purchasing their application.

Furthermore, employ web filtering tools, antivirus software, and email authentication to fend off ransomware attacks through malicious emails. Ensure each endpoint and your virus definition library are secure and up to date with the latest standards.

Practice #8 - Set Alerts And Document Everything

An MSP or ITSP that configures their systems to receive alerts upon system changes can work proactively and tackle threats early on. Many platforms automate this process through rules templates, personalization, and direct tickets to the PSA. This eliminates manual digging, saving precious time.

Another useful strategy is to document your cybersecurity information, such as your defense mechanisms, emergency guidelines, and disaster recovery plans. You should also review it regularly to help preempt cyber attacks.

Cybersecurity Is Paramount

While digitalization has significantly streamlined your operations, it’s also made you more susceptible to data theft.

To ensure cyber criminals don’t get their hands on valuable information and ruin your reputation, your MSP or ITSP needs to adopt well-established security practices.

But if your provider hasn’t introduced off-site backups, regular patches, and employee training, you’re not getting your money’s worth. Hence, you may be frustrated since your provider isn’t delivering the necessary results.

This makes you a sitting duck for cyber criminals. You need to resolve the issue as soon as possible.

Databranch can help you do so. Reach out to us for a quick 15-minute chat at 716-373-4467 x 15 and our tech experts will do their best to show you a way out of your cybersecurity dead end.

Article used with permission from The Technology Press.

Technology Trivia

What’s the pseudonym used by the mysterious creator of Bitcoin?

Email us at info@databranch.com for the correct answer!

NEED A LAUGH?

Four fonts walk into a bar. The barman says, “Oi – get out! We don’t want your type in here!”

If you were forwarded this email from one of our great Databranch clients and would like to receive future updates, click here to sign up for our newsletter/weekly tech news!