16 Jun

Making Remote Work Secure: Five “Must Do” Steps

Since COVID-19 became a global pandemic and steps were put in place to contain its spread, more and more people have been forced to work from home. This transition requires many changes in how individuals and organizations operate and communicate, especially in terms of using computers, personal devices, and specific software that enables remote work.

At the same time, cybercriminals recognize that attacking home users is much easier as they are typically less secured outside their office, where security policies and measures are enforced (at least at some level). Yet to do their jobs, these remote workers need to connect to various servers and access and create confidential, sensitive documents and data from their less-secure home office environment.

The risk of losing important data or being compromised becomes much greater at home. That is why every remote worker should be prepared to secure his remote workspace. Here are five recommendations for securing a home office.

1. Use a VPN

Whether you are connecting remotely to company resources and services, or you are just browsing web resources and using telecommunication tools, use a Virtual Private Network (VPN). VPNs encrypt all of your online traffic to prevent hackers from capturing your data in transit.

If your company has a VPN practice, you most likely will get instructions from your admin or MSP technician. If you have to secure your working place yourself, use a well-known, recommended VPN app and service – they are widely available in different software marketplaces or directly from vendors. If you are in need of secure VPN, get in touch with us and we will help you with it.

2. Be wary of phishing attempts

As a topic, COVID-19 is already being widely used in all types of phishing attempts – and the number of such malicious activities will only grow. Every remote worker needs to prepare for the increase in phishing attempts by understanding and recognizing the threat.

Themed phishing and malicious websites appear in large numbers every single day. These typically can be filtered out on a browser level, but if you have a cyber protection solution installed on your work laptop or your company’s MSP delivers that protection with a solution like Acronis Cyber Protect Cloud, you are also secured by dedicated URL filtering. The same functionality is also available in endpoint protection solutions, although in Acronis Cyber Protect we have a special category related to public health which is updated with higher priority. 

Of course, those malicious links have to come from somewhere, and they are typically delivered in instant messages, emails, forum posts, etc. Do not click any links you don’t need to click on, and always avoid those that you did not expect to receive.

These attacks also use malicious attachments to emails, so always check where an email really comes from and ask yourself are you expecting it or not. Before you open any attachment, be sure to scan it with your anti-malware solution, such as Acronis Cyber Protect Cloud.

To be sure that all phishing and malicious websites are blocked by security solution with embedded Web/URL filtering functionality like Acronis Cyber Protect Cloud

It also helps to remember that the information you really want regarding COVID-19 or similar pandemics can be found from official sources like the World Health Organization (WHO), your national ministry of health, and state/local government agencies. Refer to those official agencies rather than opening links or emails from unknown sources.

3. Be sure to have good anti-malware up and running properly

Having a good anti-malware solution installed is a must nowadays. With Windows, where the majority of threats are targeted, the built-in Windows Defender makes it easier. It does a good job of stopping threats, although it still cannot match the top anti-malware products from security vendors.

Acronis Cyber Protect Cloud delivers many well-balanced and finely tuned security technologies, including several detection engines, so we would recommend it to use instead of an embedded Windows solution.
Simply having an anti-malware defense in place is not enough, however. It should be configured properly, which means:

  • A full scan should be performed at least once a day
  • A product need to get updates daily or hourly, depends how often they are available
  • A product should be connected to its cloud detection mechanisms, in the case of Acronis Cyber Protect to Acronis Cloud Brain. It is active by default but you need to be sure that the internet is available and not accidentally blocked by anti-malware software.
  • On-demand and on-access (real-time) scans should be enabled and adjusted for every new software installed or executed.It is also important that you do not ignore messages coming from your anti-malware solution. Read these carefully and, if you use a paid version from a security vendor, be sure that license is active.

4. Patch your OS and apps

Keeping your operating system (OS) up to date is crucial, as a lot of attacks succeed due to unpatched vulnerabilities. With Acronis Cyber Protect, you’re covered with embedded vulnerability assessment and patch management functionality. We track all identified vulnerabilities and released patches, which allows an admin or technician to easily patch all their endpoints with a flexible configuration and detailed reporting.

Acronis Cyber Protect not only supports all embedded Windows apps, but also more than 40 third-party key popular apps including all telecommunications tools like Zoom or Slack, and a lot of popular VPN clients that are used to work remotely. Be sure to patch high-risk vulnerabilities first and use success reports to confirm that patches were applied properly.

If you don’t have Acronis Cyber Protect and do not use any patch management software, it is much harder. At a minimum, you need to be sure that Windows gets all the updates it needs and they are quickly installed – users tend to ignore system messages, especially when Windows asks for a restart. Ignoring these requests is a big mistake.

Also, be sure that auto-updates to popular software vendors like Adobe are enabled and such apps like PDF Reader are also updated promptly.

Acronis Cyber Protect Patch Management supports all the popular collaboration, conferencing and messaging tools

5. Keep your passwords and workspace to yourself

While this step has been mentioned many times as the top piece of security advice, during the response to COVID-19 it is doubly important to ensure your passwords are strong and known only to you. Never share passwords with anyone, and use different and long passwords for every service you use. Password management software makes this easier. Otherwise, an effective approach is to create a set of long phrases you can remember. And when we say long, we mean long, since the old eight-character passwords are easily opened by brute-force attacks now.

Also, even working from home, do not forget to lock your laptop or desktop and limit access to it. There are many cases when people can access sensitive information on a non-locked PC from a distance. Don’t assume you are protected simply because you are not inviting anyone you don’t know or trust into your home office.

06 Jun

What Will Change In The Global Business Landscape In 2020?

We are in a healthcare crisis that is also an economic crisis combined with an energy crisis. Add to that a looming humanitarian crisis in some emerging economies and you have a multitude of challenges, all of which are exacerbating geopolitical risks. How will this crisis change the global business landscape in 2020 – and what does it mean for the actions we take today at Softsys Hosting and other business ventures?

Fear And Optimism

Fear and Optimism

The length and depth of the current economic crisis will depend on solving the healthcare crisis with an exit strategy involving a combination of an effective, widely available vaccine and therapeutic drugs. Meanwhile, governments around the world are trying to manage the delicate balance between controlling transmission and returning some people to economic activity. The stakes are high, not only in the obvious health and economic consequences of mis-steps but also in managing public perceptions of risk.

The fears we feel are real. They are reinforced by government messages, the data we read daily on infection rates and the sad reality of the actual numbers of COVID-19 deaths, in particular the data on “excess deaths” that are only now being made public. These have driven public behaviours that have controlled transmission and reduced deaths in many countries, but we now need to cautiously find ways, especially in the business community, of responsibly allowing society to adapt and manage the false dichotomy of public health and economic wellbeing.

Risk Interdependencies

This crisis also highlights the interdependencies of the global risks triggered by the COVID-19 pandemic. Make no mistake, we are experiencing a historic event that will change many aspects of the world we live in, such as geopolitics, the economic impact on many industry sectors, the competitive business landscape, the long-term societal impacts such as an exacerbation of inequality, consumer behaviours, the nature of work and the role of technology both at work and at home.

In addition to the dangers to public health, the pandemic and the resulting lockdowns and shutdowns could have long-lasting effects on people and societies. High structural unemployment is likely to affect consumer confidence and the speed of economic recovery, as well as exacerbate inequality, mental health problems and lack of societal cohesion.   

Technology

 Companies and governments are trying to manage the on going crisis, it is also challenging the relationship between technology and governance. Mistrust or misuse of technology could have long-lasting effects on society. Borders have returned, as have local communities, but technology is allowing a return to a more global world. Technology is enabling the contact-free economy, through applications such as telemedicine, online retail, and social distancing delivery methods such as click and collect. New business and employment opportunities are being created in these sectors, but a greater dependence on technology has also increased cybersecurity risks.

Business And Policy Considerations

Business and policy considerations

In a time of great uncertainty, decisions are being taken today by governments and businesses that will determine how these risks or opportunities emerge and play out. In particular these include:

· To what extent do we manage the operational trade-offs between a quick return to work, but still protect our employees, clients and society more broadly?

· At a time of change for our business, with changing industry structures and changing competitive positions, how do we not only survive, but also find the silver linings?

· How can we accelerate our commitments to sustainability and drive a low-carbon transition?

· How will consumer behaviour change in our sector – and how will that affect our propositions and the way we deliver them? · Build scenarios into existing risk models to understand the impacts of different recovery rates on business, operational, market risks.

04 Jun

How To Choose The Right Backup Service For Your Business Data?

Business data needs to be protected not only from ransomware or other cyber-attacks, but also from natural disasters. If your business isn’t well-equipped with measures that protect mission-critical data, then a single cyber threat can destroy your business in no time.

If your business falls prey to cyber attacks, loss of revenue can be as high as 20% and more. According to a recent cyber-security survey, 4 out of 10 businesses are certain to suffer huge losses and the number of businesses that are hit by cyber attacks is reported to be 29%.

Business can also suffer heavily in terms of its reputation, because it’s not just the revenue loss, but also the loss of loyal clients. Therefore, businesses need to design a robust strategy for data backup to ensure business continuity in the event of cyber-attacks or any natural disasters. In this blog post, we’ll outline some tips to choose the right backup service for your business needs.

Backup Security

Backup & Disaster Recoery

Needless to say that cybercriminals are becoming more and more sophisticated, so how safe is your business data in the backup server? Ask your backup provider how your crucial business data is protected on the backup storage. You should look for at least 256-bit Advanced Encryption Standard (AES) encryption in data storage and for Secure Socket Layer (SSL) while data being sent to and from the server. This will greatly minimize the risk that a hacker can intercept and steal the information being transmitted. Additionally, the backups must be taken on off-site data storage.

Backup Storage & Scalability

How much backup storage do you really need? Backup providers offer anywhere from 10 GB to unlimited space, giving businesses a wide range of options based on their requirements. Obviously, the amount of backup space offered is directly related to service costs. Hence, it’s best to determine how much backup space is needed so you can stay within your budget limits.

Also, find a backup service that offers scalability and agility so that your backup can grow as your business grows. While you don’t necessarily have to opt for unlimited space, your options include purchasing more space than you need or signing up with a vendor that offers flexible solutions.

Disaster Recovery

Hosting providers can make all the uptime guarantees they want, but the reality is that unforeseen events, such as cyber-attacks and natural disasters, can shutdown servers and render your data inaccessible. For instance, Amazon’s northern Virginia servers went offline due to severe thunderstorms, taking down major services like Netflix, Instagram and Pinterest. If large institutions like AWS can get hit, so can small businesses. While downtime is not always preventable, what’s important is to make sure the business data backup you choose provides an effective and efficient disaster-recovery plan to get you back online ASAP. This can mean anything from multi-location backups to cyber-attack mitigation.

Platform Support

A backup service doesn’t do much good if it doesn’t protect the data on all of your business devices, not just on servers or desktop PCs. In a typical environment, Mac and Windows systems comprise the bulk of laptops and workstations. Linux and Microsoft Windows Server are the most popular platforms for servers. Getting access to data from a mobile device is becoming not just popular but increasingly critical as mobile devices become more sophisticated and not only store more data but create it as well. At a bare minimum, Android and iOS devices should be considered as backup targets.

In many cases, organizations host virtualized infrastructure on-site as well as in the cloud and, since this is really just software, it should be backed up along with everything else. Therefore, you’ll need to ensure that your backup provider can support these requirements. Citrix, Microsoft Hyper-V and VMWare VSphere tend to be the most commonly used commercial products for creating and running VMs.

App-Specific Support

It’s equally important to consider app-specific options while choosing backup service. Some back-end business apps might need special capabilities when it comes to backup and restoration, especially complex, database-driven platforms such as big customer relationship management (CRM) apps and enterprise resource planning (ERP) solutions. Popular examples of such business apps include Microsoft Exchange, Microsoft SQL Server, NetApp, and Oracle, which all require special handling. The best options will have native support for backing up and restoring them. Otherwise, you will be left with trying to cobble together a backup solution that only works under the best circumstances.

Customer Support

Backup service providers’ product support varies widely. Customer support should be one of your service provider’s main selling points. By using a data backup service, you are entrusting your business’s operational foundation to a third-party provider. You want to know that they have your back when something goes wrong or you need help. While some offer excellent support, others may as well be nonexistent. Choose a vendor that can be contacted via multiple channels, such as phone, email, chat and even social media. Also, choose a service provider that will treat your data as if it was their own.

Our Recommendation

It takes a whole lot of research to select an appropriate cloud backup service for your business. It needs a balance of availability, configurability, price, security, and usability. In the end, the best cloud backup service will be the one that most closely meets your company’s needs because that’s the best way to ensure it’ll be easily adopted by your users.

Cloud Backup

Our datacenter engineers have tested a number of industry leading backup services and recommended Acronis Cyber Backup and Protection as the best choice among them all.

Acronis is a modern, quality cloud backup service having a number of uncommon features such as blockchain checks and ransomware monitoring. It also offers continuous backup and incremental backup features. It also offers you private, end-to-end encryption that is a very important security feature in this day and age. Unlike it’s rivals like Carbonite or Backblaze, Acronis is easy to set up and use. Here are some streaming features that we liked the most in Acronis:

  •   Multi-service management portal.
  •   Multi-tier cloud architecture.
  •   Comprehensive white-labeling.
  •   Straightforward pay-as-you-go pricing.
  •   12 data centers to choose from*.
  •   Extensive usage reporting.
  •   Feature and quota management.
  •   Single sign-on for multiple services.
  •   Backup operations dashboards and reports.
  •   Integration with RMM and PSA tools: Autotask, ConnectWise (Automate, Manage, Control), Kaseya, SolarWinds (Coming Soon).
  •   Integration with hosting control panels and billing systems: cPanel, Plesk, WHMCS, HostBill.
  •   Integration with marketplace providers: CloudBlue, AppDirect.
  •   A RESTful management API.
  •   User interface in 25 languages.

Key Data Protection Features

  •   Secure cloud backup storage from Acronis, Microsoft and Google.
  •   Flexible local and to-cloud backup options.
  •   Hosted self-service management portal.
  •   Full image and file-level backups.
  •   Data protection on 20+ platforms, including Windows and Linux servers, VMs, eight major hypervisors (vSphere, Hyper-V, Nutanix, Virtuozzo, Citrix XenServer, Linux KVM, RHEV, Oracle VM Server), PCs, Macs, iOS and Android mobile devices, Microsoft on-premises apps, SAP HANA, Oracle Database, Office 365, G Suite and websites.
  •   Initial seeding with physical data shipping.
  •   Customizable policies with backup schedule/frequency and retention rules.
  •   Wide range of recovery options: entire machine, ESXi configuration, single files and folders, databases, office 365 items, etc.
  •   Recovery to dissimilar hardware, including bare-metal, physical, virtual, or cloud environments.