Frequently Asked Questions
- Ransomware: Ransomware is malicious software either loaded directly onto a computer or network or introduced when someone clicks on an attachment. Designed to hold an individual or firm hostage until a ransom is paid, ransomware has evolved considerably since its late 1990’s debut. Back then, after a computer had been infected, data would be encrypted and rendered inaccessible—potentially forever—until a ransom was paid.
- More recently, after businessed were properly educated to make real-time backups of their data, perpetrators have threatened to release sensitive information on the web for all to see. Even worse, cyber pirates offer potential collaborators turnkey systems for infecting computers, with the promise of a percentage payout of the amounted extorted. Someone who has a trusted relationship with members of your business, or who otherwise has access to your computing environment, can introduce ransomware without having to write a single line of code on their own.
- Phishing: Phishing is an attempt to obtain sensitive information such as user names, passwords, and credit card details for malicious reasons, by posing as a trustworthy entity in an email or other electronic communication.Oftentimes, the solution is proper training, good technology and developing a pervasive security mindset. It’s also wise to have protocols in place to address the consequences of such breaches. These protocols can greatly minimize any potential damage to your firm or clients.
- Data Breach/Leak: A data breach is a major security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized entity. A data breach can occur in a variety of ways, including:
- Employees using the same password to manage multiple personal and business accounts.
- An associate prints out an important document and leaves it on a coffee shop table.
- A partner logs onto insecure WIFI at the airport or hotel.
- People: Good people with inadequate cybersecurity training failing to recognize possible threats may unknowingly cause as much damage as people with malicious intent.
- Process: Having a documented process for prevention and incident response, often referred to as an Incident Reponse Plan, is critical to immediately detecting and responding to security threats. If an organization doesn’t have an Incident Response Plan in place or if there are gaps in the plan, they can easily be exploited by attackers, and held accountable by both clients and regulators.
- Technology: Security products are like a bike that needs constant uphill pedaling. When you stop pedaling the bike stops. Having the right combination of products, expertise, and services is critical to combating sophisticated attacks.
A good example of this is the common recommendation to have Anti-Virus, Firewall, and Content Filters from different vendors. Using a single tool for security and operations may cause conflict of interest apart from false positives and it may be best to utilize a Managed Security Service Provider who can partner with a variety of security vendors to piece together the best plan for your business.
Specialized trainings for people that have external email responsibilities via email and Phishing attacks is also necessary, as is the development of regular company-level best practices. In many instances sending test emails to discover who those most vulnerable users might be is a great way not only find out who needs to be re-trained, but also educate the entire organization. Remember – Education is Key, Not Embarrassment.
I don’t have an unlimited budget, but am concerned about my IT Security. Can I properly protect myself and my organization while showing true value to my customers?
It is also best to engage a third party managed detection and response (MDR) service provider to evaluate and manage your response plan. JDL Group’s affordable SOC-as-a-Service installs in minutes and starts continuously monitoring and analyzing your environment to ensure proactive detection and response to threats. Response management and reporting provides hard data on attempted breaches, mitigated incidents and cost-savings from less time and resources spent on data analysis and chasing false positives.
Questions You Should Ask
One of the simplest and effective ways to mitigate this risk is to employ a real-time monitoring and response system that integrates with real-time threat analysis feeds. For large organization, this may be in the form of a dedicated in-house team of SOC professionals with SIEM and intelligence feeds. In small to midsize organizations, outsourcing this function to a monitoring and response service provider (MDR) is the most effective approach. A good MDR provider solution will integrate best of bread technologies, people and processes that are dedicated to mitigate exposure for their clients.
With employee working from anywhere these days, how do I ensure the safety of my company’s data and Intellectual Property?
Do I have the right systems in place to protect my organization from ever-growing security threats like Ransomware and Phishing emails?
Yes, with the recent deployment of high-tech endpoint security software, we can provide full protection of your workstations and laptops from any form of Ransomware or Phishing email. Plus, we can offer a solution to help your organization identify which end users would be susceptible to phishing or whaling emails. We’ll provide the necessary training to educate them and make them aware of suspicious emails, thus warding off a future attack.
All of our clients are able to obtain access to a Central Management Console in the Cloud. This Management console provides a single pane of glass, one console to deploy and push out policies to all your end users. In addition to the console, you are able to also manage your remote users by deploying Mobile protection technologies. Mobile protection technologies let you spend less time and effort enabling the use of mobile devices for work and let users work the way they want, on the devices they prefer, helping them be more productive. We can also help manage security postures on your endpoints including mobile devices as part of our Managed Security Service Program.
Our partner’s one-stop central encryption provides centrally-managed, full disk encryption technologies, including Windows BitLocker and Mac FileVault, taking advantage of the technology already built into the operating systems. These systems allow our customers to seamlessly manage keys and recovery functions from a primary management center. To further simplify your workflow, you can now manage Windows and MacOS full disk encryption in the central management system.