31 Mar

Data Security Best Practices For Business

Last Updated on March 31, 2019 by Ruchir Shastri

As per Gartner’s prediction, the number of cloud users will increase at a very rapid pace every year, and is not about to slow down. Today, more people and businesses utilize the cloud services in one or other form without even realizing they are doing so.

Unfortunately, being unaware of using the cloud also means that people aren’t always as protected as they should be. Just because you are using a cloud, be it AWS, Azure or Google, this is no way means that your data and servers are protected from hackers.

Business Data Security

These cloud computing services bring tons of changes to the business workflow, and as a result, companies require a new set of rules and a different way of thinking about its security. In this post, we’ll discuss some of the best approaches to secure your information on the cloud.

Install Robust Anti-Malware, Anti-Exploit & Anti-Ransomware

You might have heard of terms like, Spyware, Malware, Ransomware, Keyloggers, Rootkits, Adware, Backdoor shells, Hijackers and what not. The list of threats to server security is long, varied, and pretty scary. Even if you’re the most careful cloud user, malware can find a way to download itself onto your server.

For instance, an innocent looking email from your friend could in fact be a stealth method of exploiting security features, or it could be a widely spread ransomware encrypting entire file system. There are literally hundreds of ways in which your data can be compromised and entire operating system can be hijacked.

While most of the generic anti-virus software will do a good job of removing known threats from your

servers, intruders can still find loopholes to steal data, install backdoors to gain access, spy on your activity, hijack server resources to run malicious applications or encrypt sensitive information.

Difference Between Antivirus & Anti-Malware

Antivirus and anti-malware are two different cybersecurity concepts, and not to be used interchangeably. Of course, they both refer to cybersecurity software, malware is a more generic term while virus is more specific. The conventional antivirus software offers protection against classic computer viruses, but it cannot detect and address all types of infection like anti-malware software does.

To avoid your cloud instances from getting infected, it is necessary that you have an enterprise-class anti-malware, anti-exploit and anti-ransomware engine installed on your server which will provide real-time protection from viruses / malware entering your server.

In addition, you should also setup a full system scan by these engines at once every week so as to ensure that your system is completely secure and safe. We have a number of customers using “MalwareBytes” successfully with complete protection around-the-clock and our technical support staff is well versed to configure it appropriately for our customers. MalwareBytes adds an extra layer of protection to your cloud instances. It not only protects you from known threats, but keeps itself continually evolving for future threats.

Email Security

While you protect your cloud environment against advanced threats, a sophisticated enterprise-grade email protection is also an essential measure to secure emails against a wide array of threats. It’s proven fact that, 91% of hacking attempts are launched through email-based attacks. Taking stats into account, an email security must be the first priority for any organization.

Email Security

On top of your conventional email service, these email security provides protection against routine threats like spam, viruses and malware while also delivering the secure cloud email services. With this solution, your emails route through email gateway which enables you to improve security and system performance by thwarting known and advanced email threats before they reach your network.

It can protect your employee’s emails against advanced threats like spear-phishing, zero-day attacks, malware and spam. It uses keywords, pattern matching, file hashes and dictionaries to actively scan all email communications and attachments to stop data leakage and support compliance.

IDS / IPS – Network Level Security

When your cloud systems are online, this also opens up the possibility of hackers trying to get into them through known exploits or by using brute-force attempts. With growing security vulnerabilities across the web, it’s extremely important to have an external network security system in place which helps to protect your cloud servers. This network security system comprises of the below key components:

External Firewall

With external firewall in place, you can restrict access with fine-tuned rules to allow traffic from known sources or to allowed destination ports only. This also helps in ensuring that your server and website is PCI-DSS compliant to process secure transactions and store sensitive customer’s data including their credit card numbers.

Intrusion Detection System (IDS)

Intrusion Detection is a security management system for servers and networks which analyses each packet passing within a network to identify possible security breaches or intrusions. It can detect patterns typical of attacks or abnormal activity patterns and reports such activities to Intrusion Prevention System to protect it instantly.

Intrusion Prevention System (IPS)

After a possible security threat is detected by the IDS system, it is necessary to have a solution in place which blocks this access immediately to prevent systems from being exploited. Intrusion Prevention System (IPS) immediately creates rules to block this malicious access and keeps your system safe & secure. Both of these systems (IDS & IPS) work closely with each other to ensure complete security for your server & website. This also ensures that any / all traffic entering your system is scanned and free from any known vulnerabilities.

Web Application Firewall

A Web Application Firewall (WAF) is a firewall for HTTP applications that protects web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It applies a set of rules to protect web applications from common attacks such as cross-site scripting (XSS), file inclusion and SQL injection. It may come in the form of an appliance, server plugin, or filter, and may be customized to an application.

Web Application Firewall

By deploying a WAF in front of a web application, a virtual shield is placed between the web application and the Internet. While a proxy server protects the client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF runs upon the set of rules often called policies. These policies help to protect against vulnerabilities in the application by filtering out malicious traffic.

Remote Desktop Guard (RDPGUARD)

RDP (Remote Desktop) allows users to connect to a remote server from anywhere. Indeed RDP is a very useful feature, however it also has several security issues. When a malicious user launches the network/port scanners or RDP brute-force attacks on Windows servers, thousands of failed login attempts are generated and pages of events are being logged. Such attacks abuse your dedicated server resources (CPU, RAM, Disk Space and Network Bandwidth) and degrade the overall functionality of the server.

To prevent them, host-based intrusion prevention system (HIPS) like RdpGuard is implemented.  This protects servers from brute-force attacks on various protocols and services (RDP, FTP, SMTP, MySQL, MS-SQL, IIS Web Login, etc). It monitors the audit logs and detects failed login attempts. If the number of failed login attempts from a single IP address exceeds the normal limit, the IP address will be blocked immediately.

18 Mar

3 Keys To Successful Data Backups

Last Updated on July 8, 2021 by Joanna Isac

IDC estimates that by 2020 business transactions on the Internet business-to-business (B2B) and business-to-consumer (B2C) will reach 450 billion per day. Is your company among the millions worldwide handling consumer or corporate data collected online? If so, protecting that data should be your top priority.

Look at your data as an investment – you’ve dedicated time, resources, and money to collecting, storing, and analyzing data to grow your business. But, if the worst happens, how will you recover that investment?

That’s why, if your data is important and key for your business, you must have robust data backup plan. Outsourcing this to cloud backup providers like Softsys Hosting ensures that your data is safe from disaster and accessible whenever you need it.

We help make sure that your data backups are…

Comprehensive

Most industry professionals recommend that you store your data in at least three places, on two storage types, with one copy stored off-site. Don’t trust something as precious as your data to anyone other than true professionals. Our cloud backup services provide a second copy of your data to ensure that nothing gets lost in translation and our professional teams monitor each backup to avoid any mistakes.

Our cloud offerings also give you a secondary type of storage – and one that is separate from your physical location and therefore lower risk for natural disasters such as fire, water, etc.

Consistent

Data backups tend to be a topic of conversation only once something has gone wrong. Don’t make the mistake of neglecting your backup routine until you need it. Daily backups help make sure that all of your data is secure in the event of a disaster. This is especially true for businesses where colleagues are constantly adding or updating data. Ask yourself, what period of time are you comfortable losing as a result of a loss event? Most businesses can’t afford to lose more than a day’s worth of data.

If daily backups sound daunting, let us handle them automatically so that you have peace of mind knowing that your data is protected.

Recoverable

What benefit does a data backup offer if the data isn’t usable? Our professionals monitor and manage backups so that your data is in a good recoverable state when you need it. This management lessons the recovery time – or time needed to return to normal operations after a disaster event.

Backup and Restore

At Softsys Hosting, we know that when your systems are down, your company is losing money. Therefore, we work to make sure that you are up and running as soon as possible – typically within a few hours.

Forty percent of companies that do not have proper backup or disaster recovery plans in place do not survive a disaster. In short, your company depends on your data. Work with us to determine and implement a data backup solution that fits your company’s needs and let us do the heavy lifting to monitor and execute the backups – leaving you to do what you do best.

08 Mar

How To Develop Your Company’s Digital Transformation Strategy

Last Updated on March 8, 2019 by Ruchir Shastri

Is your company committed to digital progress in 2019? Digital Transformation is a buzzword that essentially means integrating digital technologies, such as social, mobile, analytics and cloud, in the service of transforming how businesses work. In fact, it’s likely something that you’ve been doing on a smaller scale for several years.

However, until this point, digital change has been largely driven by technology. Companies are put in a reactive position as they are forced to “keep up” with changes in the tech marketplace. This leads to lagging customer experience and, in many cases, loss of market share to more digitally advanced groups.

Digital Transformation With Softsys

If a focus on digital transformation is paramount for your business, it’s important to shift to a proactive approach and begin with a clear strategy.

Involve Stakeholders

Any effective strategy needs buy-in from all stakeholders. This means involved leadership who will guide the direction all the way to team members who will implement the strategy on a day to day basis. Identify everyone who will be impacted by this digital change and work to motivate them to contribute to the strategy in a way that’s most effective for your company.

This could be as formal as a survey or as simple as a conversation. The key is to communicate the outcomes of the strategy in a way that’s meaningful to them. What will this strategy achieve?

Define Scope And Objectives

Once everyone is on board, consider your business goals. This strategy is an opportunity to build a bridge between IT and the business as a whole. Tap into how an intentional and well thought out digital plan can impact each function within your company. How will it affect the bottom line?

When defining the objectives of your strategy, look past your competitors and focus on your customers. Understand the pain points of your consumer and work backwards to identify how digital transformation can address them.

Assess Current Skills and Technology

Now that you have involved stakeholders and clearly defined your objectives, it’s time to consider technology. This process will give you an idea of where you currently stand in terms of technological tools and skills currently within your organization.

From there, you can map out what is necessary to get from your current state to the goal state outlined in the previous step.

List and evaluate your software, technologies, and applications to determine which are necessary to continue to move you forward and should be upgraded or retained and which should be retired or replaced. Match resources to the problems that they solve and prioritize based on the business objectives.

Skills And Technologies

Develop A Timeline And Implementation Plan

A strategy is nothing without implementation. Once you have a clear picture of the necessary steps, map out a timeline and delegate tasks to your internal stakeholders to begin executing the strategy. An actionable plan takes time and resources, and often is implemented in phases.

This phased approach allows you to test and re-align your strategy as you go to ensure its effectiveness.

A timeline also empowers internal stakeholders to begin preparing for change within their departments and proactively develop the skills needed for implementation.

To be successful, a clear strategy must be supported by commitment to change and leadership poised to drive that change and, in today’s climate, supporting digital transformation is no longer a luxury but a necessity. Continued involvement and support from all stakeholders and correct technology partners such as Softsys Hosting is crucial to the long-term success of a digital transformation strategy.