Data is growing faster and is more important than ever! All organization are experiencing explosive data growth and it’s becoming more and more apparent that the data being generated and protected is critical. Company viability is jeopardized when data is at risk and without secure and protected access to critical data, organizations face potential collapse. While the threat of a malicious attack against organizational data is not new, the methods and vectors of attack have evolved, and attacks have drastically increased in recent years.
Attacks on your data are at an all-time high! Ransomware is more powerful than ever, and corporations face an increased number of malicious attacks including both external and internal threats due to the era of connected platforms. The threat to data is real, and as part of an overall data management strategy leveraging new technologies is critical to protecting that data and ensuring that organizations are protected from malicious intent where data is either permanently deleted or held for ransom.
The storage landscape has fundamentally changed with Object Storage. With the release of Veeam Backup & Replication 9.5 Update 4 in 2019, we introduced the Veeam Cloud Tier which enabled customers to take advantage of Object Storage. Due to its increasing popularity, infinite scale-out capacity and lower cost for long term retention, Object Storage offers many advantages over traditional block and file-based storage systems. With regards to increasing amounts of backup data, and requirements to keep that data for longer periods of time, Object Storage is a perfect fit. Veeam has witnessed an overwhelming adoption of Object Storage with over 100PB of data offloaded to just a few top cloud object storage providers alone, despite the fact that in Update 4, the Cloud Tier was only capable of offloading older data to help to reduce the costs of long-term archival. This was just step 1, and now v10 brings more!
Introducing the next iteration of Veeam Cloud Tier in v10
With the launch of Veeam Backup & Replication v10 we have made drastic improvements. In v10, the Cloud Tier feature set has been extended to include three distinct, but very interconnected customer needs:
Achieving the 3-2-1 rule and performing off-site backup in a fast, effective and automated fashion, thus lowering off-site RPOs
Protecting your data from attacks by malicious insiders and hackers
Simplifying recovery from a major disaster
Let’s dive into each of these customer needs further.
Copy Policy: Makes 3-2-1 easier than ever
Building on the “Move Policy” in Update 4, Copy Policy allows backup data to be instantly copied to the SOBR Capacity Tier as it’s created. This is an important distinction from what Move Policy does, where there is only ever one copy of the data sitting either in Performance Tier or Capacity Tier, which can leave recent restore points within the Operational Restore Window at risk in the case of disaster or malicious intent.
With Copy Policy enabled on a SOBR, all backup files that are created are effectively duplicated as soon as they are created to the Capacity Tier. This allows us to adhere to the 3-2-1 rule (3 copies of backup, on 2 different media, with 1 offsite) of backup that requires one independent copy of data offsite. In fact, when using cloud object storage, it allows customers to much more easily achieve 3-2-1, by being 1 of the copies, on a different media AND in a different location. It’s a 3-2-1 rule slam dunk!
When used together, both Move and Copy policies complement each other perfectly to fully take advantage of object storage by keeping the local landing zone for quicker operational restore easier to manage from a data growth and capacity planning point of view. Copy mode then ensures that, in the case of disaster, there is a full copy of backup restore points available for recovery.
Ok, 3-2-1 is achieved faster and easier than ever. Check! Now, are you fully protected and 100% safe? Not yet. What about ransomware, hackers or malicious insiders?
Immutability – Your solution for ultimate protection.
Protection against malicious intent or accidental deletion of backup data has become critical in anyone’s data protection strategy– and with immutable backup functionality for Amazon S3 and S3-compatible object storage repositories, data that is shifted or copied into the Capacity Tier is further protected. This feature relies on the S3 API to set a period of time on each block of data uploaded to Object Storage where it cannot be modified or deleted by anybody. Yes, we mean anybody: intruders, malicious actors, accidental deletion by admins and more.
This effectively works to protect all recent (and generally most important) backup points until the set period has expired. And even having the highest-possible privileges on an AWS account does not provide you the ability to delete or modify the data, period.
As mentioned, immutable backups is a feature available for Amazon S3 and a variety of S3-compatible object storage providers including Ceph, Cloudian, Zadara and more. Check out the latest approved Veeam Ready “object” providers here for the latest and expect many more to come soon.
Now ransomware and inside threats are under control, but what if I lose the datacenter completely? We have a solution there too.
Enhanced Recoverability with Simplified Backup Import
The resiliency built into the Cloud Tier is such that if you totally lost your on-premises installation of Veeam Backup & Replication, you would be able to restore from data that was copied or moved into the object storage. This was true in the Update 4 release, but we have further improved the convenience and speed in which this data back be accessed after a disaster scenario has been triggered with the new Mount Object Storage Repository feature in v10.
With this feature, content in an existing object storage repository can be registered in a newly provisioned backup server (even running on a laptop and using Community Edition), and you can have the existing backup data points made available for restore operations in no time, including restores directly to the public cloud or instant recovery back to on-prem.
Unlike with the previous version, you no longer need to re-create and re-scan SOBR, because we make restore points available directly from the object storage by quickly downloading a very small amount of metadata during the most familiar Import Backup process. In other words, you can now import backups from object storage as quickly and easily as from local storage. How cool is that?
With these innovative additions to Veeam Cloud Tier, the abilities for customers to do off-site backup faster, store data for longer periods at lower costs, achieve 3-2-1 , and to recover quickly from a potential malicious attack or disaster scenario have been greatly enhanced. Not only are we now able to copy backups offsite for redundancy and longer term retention on object storage, but we are able to also have that data immutable, and easily recoverable with the new Import feature, leading to much lower RTOs.
This article was provided by our service partner : Veeam
You couldn’t go a day in 2019 without hearing about another cybercriminal hitting a business or city, and 2020 will be more of the same. You’ve probably even had your fair share of conversations with your customers about what you’re doing to keep them and their data secure. It’s better to have the tough talks now and get a plan in place than try to make excuses for your lack of protection if your customers get hit. So, let’s get ready for 2020 together with these cybersecurity tips. Learn how incident response services can benefit and improve your business strategy.
1. Pay Attention to the Security Around APIs
Cybercriminals and their tactics are evolving and will continue to evolve. With new advancements in technology, attacks will go beyond the normal threat vectors. You can see Nettitude online for cybersecurity assistance
“There are still plenty of attack surfaces today in your traditional Windows® domain environments,” says Jon Murchison, CEO of Blackpoint Cyber. “As the shift starts to the cloud and as we open more APIs for automation, I think you’re going to see API-based attacks increase massively. Vendors need to pay attention as they open more of these things up, they’ll be turned against them.”
While the cloud and automation have made life easier for managed service providers (MSPs) and their customers, they also present an opportunity for cybercriminals to use that convenience against unsuspecting victims. When you’re looking at your security for 2020, you need to be aware of all the entry points into your network and your customers’ environments, which leads us to our next tip: enabling multi-factor authentication (MFA).
2. Enable MFA on Everything
Although it may seem like a minor inconvenience for end users, MFA is a small security measure that can have a significant impact on making sure the right people have access to networks and applications. MFA, or two-factor authentication (2FA), is an added layer of security that requires a user to present a second form of authentication, typically a code sent to an email or text after the user enters their account login information. Once the user enters the code, they’ll gain access to the account.
Like all things, MFA is only successful if you use it correctly. Having it enabled on just a few accounts defeats the purpose of implementing it to begin with.
“We’re seeing a breakdown of proper configuration and management of MFA,” says Drew Sanford, Director of Sales Engineering at Continuum. “If you’re managing remote systems or administering user access, you should be using MFA, but you need to be using it for all accounts, especially the MFA systems themselves.” That’s right. Secure the security measures.
“Nothing is worse than protecting your systems with MFA just to find the hacker was able to log in and reset your Google, LastPass, or other accounts,” Drew says
3. Have the Right Resources
There has been a talent gap across the industry for the past few years, and cybersecurity is no different. It’s a job-seeker’s market, with unemployment for cybersecurity professionals close to zero percent. That makes finding talent hard and keeping it even harder. Skilled professionals will demand top dollar for their expertise.
The hiring crunch trickles down to the quality of services. According to research from Continuum, 37% of MSPs say they aren’t able to obtain the right level of in-house cybersecurity skills. Without the right skill sets, your security team might not be able to meet the demands of your customers and leave them vulnerable to a security incident.
When it comes time to start providing security services, if you haven’t started already, you’ll need to decide whether to build your security offerings on your own, buy an established security company, or partner with a security vendor. There are pros and cons to each option, and there is no ‘one-size-fits-all’ approach. Your security requirements are unique to your business, so it’s crucial to pick the strategy that works for you—and getting it right can help you stand out from the competition.
According to Continuum’s white paper, Underserved and Unprepared: The State of SMB Cybersecurity in 2019, cybersecurity is becoming a determining factor for SMBs deciding to use or continue using an MSP. How much so? 84% of SMBs surveyed who do not currently use an MSP would consider using one if they offered the right security services.
4. Protect Your House
This has become one of our more popular cybersecurity calls to action, but it’s not just a saying, it’s an integral part of running your business. When you protect your house, you’re ensuring you have the proper security controls and procedures in place across your organization. Yes, you’ll be more secure, but you’ll also be showing current and potential customers that you’re committed to security.
You build trust with an SMB when you show them you not only take proper security precautions, but the solutions you use internally are the ones you’re selling them. Your security offerings are tried and tested. This could be the thing that separates you from the competition.
The TSP-ISAO is an independent organization formed to provide a secure infrastructure within the TSP industry to set the standard for TSPs in the services and products they provide to their clients, as well as the people, processes, and tools they employ.
“We believe that the TSP-ISAO has an important role to play in educating MSPs and SMBs to the existential nature of the threats they face. Both MSP and SMB industries have never faced a threat like this and are collectively unprepared to understand the true nature of the threat. Working with our public and private partners, we will develop programming to ensure the threat is understood and countered,” said TSP-ISAO Executive Director, MJ Shoer.
Patching—the act of updating, fixing, or improving a computer program—is an important part of maintaining your clients’ systems against viruses and hacks. The majority of MSPs do this through remote monitoring and management (RMM) tools. But no matter how well your RMM software can fix a bug or close a vulnerability, if you don’t follow the right patching policies and procedures, you may end up putting those same clients at a higher risk of security breaches.
According to the Ponemon Institute, 57% of data breaches can be directly attributed to attackers exploiting a known vulnerability that hadn’t been patched. That’s a real problem. And patching doesn’t just improve system security—it facilitates overall smooth processing, ensuring that there are no bugs slowing down your (or your clients’) day-to-day operations.
Clearly, regular patching is important—but how can you make it a seamless part of your workflow? To help you out, here are some best practices to follow as you use RMM tools to perfect your patching processes—and reasons why they’ll help you, your technicians, and your clients.
Make Patching a Priority—and Ensure Your RMM Tools Facilitate That
In 2018 alone, there were upwards of 15,500 published common vulnerabilities and exposures (CVEs). And as technology increases in complexity and sophistication, these numbers will only continue to multiply. Keeping up is a challenge for businesses and their IT service providers—especially those that may continue to rely on manual patching processes rather than their RMM software.
In addition to managing the sheer volume of vulnerabilities cropping up each day, the actual patching process can drain time, resources, and disrupt the end-user experience. That’s why any RMM software comparison should take into account the ability to use these tools to streamline and simplify patch management. With the right RMM tools, it’s much easier to work regular patching into your workflow and to ensure your whole team is equipped to make it a priority.
Follow a Simple Framework Built Around Your RMM Software
When it comes to patching, there’s no need to reinvent the wheel. Aligning on well-established procedures or protocols for patch management works fine—applying them consistently is the key. For a strong start, select a simple and repeatable process to use as a guide. The entirety of this basic workflow framework can be performed with RMM tools:
Deploy regular rediscovery of all systems
Schedule vulnerability scanning—especially for systems at higher risk
Install patches and patch definition databases
Monitor, test, and deploy patches to vulnerable systems
Perform regular data collection and reporting, and review processes for future improvements
This framework should provide a good jumping-off point. Build on it to customize the process to your specific team, organization, and RMM software.
Always Watch the Clock
A central challenge facing managed services providers (MSPs) is that once a vulnerability is officially announced, all information about it is disclosed along with it—giving hackers all of the information they need and a wide-open window to target and further exploit the vulnerability across your clients’ systems. The chances of exploitation and infection increase the longer an organization waits to apply the patch. At the same time, hackers and other cyberattackers are becoming increasingly quick to attack, giving organizations less and less time to patch.
Being cognizant of every disclosure and using your RMM tools to stay on top of each alert is critical. Even a few hours can make all the difference.
Integrate Patching Tools with Your RMM Software
With multiple vulnerabilities to remedy in little time, you want to implement as many tools as possible, as quickly as possible. Rather than having your technicians spend most of their time approving and applying patches to disparate machines, you can implement an integrated RMM tool like ConnectWise Automate, to alert you and handle much of the heavy lifting.
With the right RMM tools and increased automation capabilities, your technicians spend less time on tedious manual patching tasks and you reduce the likelihood of human error or important updates slipping under the radar.
Consider Third-Party Patching
Cloud-based, automated patch management software allows you to schedule regular update scans and ensures patches are applied under specific conditions. As you take on new clients, the software gains even greater value, enabling you to remain on top of patching while your business continues to grow.
Third-party patching is a native component of ConnectWise Automate, simplifying and securing the entire patch management workflow. The platform enables application updates, along with a host of other automatic capabilities—including automated billing through the professional services automation (PSA) software you already have with ConnectWise Manage
As you audit, patch, document, and bill for third-party application updates, all third-party patch definitions are deployed following our best practices. Automatic daily updates and downloads ensure that you’re always patching with up-to-the-minute technology. And as you streamline patch management for you and your clients, you gain recurring monthly revenue streams.
Generate Regular Reports
It’s important to make patching and staying on top of every client relationship a priority. With streamlined automated regular reporting you have a simple and effective solution right in your hands.
In September, Mozilla announced its plans to implement the DNS-over-HTTPS (DoH) protocol by default in the Firefox browser. Subsequently, Google announced its intention to do the same for the Chrome browser. Firefox has already started to gradually shift to DOH. Chrome is expected to start shifting some traffic by the end of the year.
What is DoH?
DNS stands for Domain Name System; it’s the system for matching the domain names to IP addresses, this obviously makes it easier for us to browse the internet by name rather than having to remember IP addresses. Until now, all of that has happened via an unencrypted DNS connection. As the name DNS over HTTPs implies, DoH takes DNS and shifts it to a secure, encrypted HTTPs connection.
What is http/https?
http is a system used where a browser make a GET request to a server, then server then sends a response, typically a file containing HTML. Of course, the browser usually does not have a direct connection to the server so this request with have to pass through multiple hands before it gets to the server, the response is dealt with in the same way.
The problem with this is that anyone along the path can open the request or response and read it. There is no way of knowing what path this traffic will take so it could end up in the hands of people who do harmful things such as sharing the data or even changing it.
HTTPS fix this poor state of affairs, with https – each request/response has a lock on it. Only thye browser and the server know the combination of that lock meaning only the browser and the server can read the contents of this data.
This solves a lot of security issues, but there are still some communications happening between the browser and server that were not encrypted, this means people could pry on what you are doing. One of the places were this type of communication was exposed is in DNS. In steps DoH which works on the same idea described above to prevent tampering and eaves-dropping.
By using HTTPS to exchange the DNS packets, we ensure that no one can spy on the DNS requests that our users are making.
Mozilla and Google are making these changes to bring the security and privacy benefits of HTTPS to DNS traffic. All those warnings about the security risks of public WiFi? With DoH, you’re protected against other WiFi users seeing what websites you visit because your activity would be encrypted. DoH can also add protection against spoofing and pharming attacks and can prevent your network service providers from seeing your web activity.
Privacy vs. content filtering: a conundrum
So far, so good – we have underlined the possible privacy benefits of DoH but could there be a problem on the horizon for schools and organisations that use DNS based content filtering?
DNS-based content filtering is so prevalent that almost every parental control device (whether its installed on your network or via some type of web service) uses it. If DNS queries are now encrypted before passing through these products, they could see cease to work.
This could see broader DoH adoption by web browser disrupting existing content filtering implementations.
DNS-based filtering still possible
Since the DNS queries are only encrypted when they go beyond the router, DNS-based threat intelligence and parental control functionality can still work. For example, if someone accidentally stumbles on an adult website, the router will intercept his DNS queries and show him your custom message instead. It’ll also encrypt the rest of his innocuous queries so that people outside of your network won’t be able to exploit his browsing history.
You need to confirm that your existing content filtering will work when browsers start support DoH by default.
https://www.netcal.com/wp-content/uploads/2019/12/doh.png261730ktranghttps://www.netcal.com/wp-content/uploads/2015/11/netcal_logo2.gifktrang2019-12-13 06:34:212019-12-13 06:34:21DNS over HTTPS – What You Need to Know about Content Filtering
Nearly half of all office workers have had their data compromised at some point. And as if that wasn’t scary enough, the numbers only get more concerning from there. Following an incident, a whopping 35% of office workers don’t change their passwords—a measure that can go a long way to preventing future information theft. And while at work, 49% of respondents admit to clicking links that were sent to them by unknown senders – so should your service provider be offering security awareness training?
In this age of heightened awareness around cybersecurity, most employees have some appreciation for the risks this kind of behavior opens their companies up to. But data thieves and scammers can be incredibly cunning and deceptive—preying on workers’ information deficits and busy schedules to sneak in under the radar.
Employees and businesses need to master the basics of good cyber hygiene to keep sensitive data safe. Educating employees in the difference between a safe link and link that’s part of a phishing scam can spare companies the time, money, and PR headache of being compromised.
Since every employee has a different level of knowledge and awareness when it comes to cybersecurity best practices, training can be an essential tool to bring everyone up to an acceptable baseline. And this isn’t just true for large organizations anymore. Nearly half of all cyberattacks today are targeted at small- and medium-sized businesses (SMBs)—and 60% of those targeted go out of business within six months of the attack. As a result, SMBs are increasingly looking for security awareness training programs to keep their employees, and their information, as safe as possible.
This presents an opportunity for MSPs to deliver even more value to their clients—and become trusted advisors in the process. And to help you make the most of this opportunity, our recent webinar, Why Security Training, Why Now, and What’s in It for Me?, covers the what, why, and how of offering cybersecurity awareness training—and doing it effectively.
Here are some of the key takeaways from the webinar to help you decide whether to offer this training to your customers.
Who Benefits From Security Awareness Training?
A properly managed security training program can be beneficial to everyone involved.
Increasingly, companies’ compliance obligations mandate that they participate in these programs—and allocate budget specifically to them. With an existing budget and a real need among customers, security awareness training represents a huge opportunity for MSPs—one that can yield significant returns.
The training can also be invaluable for the customers, saving them money and headaches in the long run. Even a tiny data breach can have wide-reaching implications, so every dollar spent on training can pay off in spades. Emphasizing the long-term benefits of security training will be an essential part in upselling existing customers and showcasing the value to prospects.
To get buy-in from individual employees, it’s also useful to point out that this training can benefit them in their personal lives—helping them keep hackers out of their bank accounts and far away from their families’ private information.
What Makes a Good Security Awareness Training Program?
The value of security awareness training programs is evident, but how can you get companies to choose your program?
The most important thing any MSP can do is make sure their program is effective. A robust program will cover everything from phishing awareness to social engineering to mobile device security. That being said, it’s important to start with the basics and build up to more complex security lessons. While some employees will come in with a thorough understanding of general best practices, others may be entirely new to the subject. Never assume that something is obvious. Besides, a little refresher course never hurt anybody.
Behavioral change takes time, so it’s also important for your program to follow a pace that refreshes participants’ memory over time without overwhelming them. Consider outlining clear participation guidelines from the start to help everyone involved understand what’s expected of them. For example, you might plan two phishing simulations per month and offer three cyber awareness courses per quarter. Knowing what’s coming, the training won’t feel like a burden to employees—it will just be another part of their week.
To help ensure the training sticks, tailor it to your audience, making it department-specific when appropriate. You can also be proactive and integrate security training into existing onboarding processes so that security is prioritized from the get-go. These steps, while seemingly small, can make security training more digestible to your audience—and make their data safer as a result. If you think you need a software to help you manage and secure your data, then consider Couchbase.
So, Should You Offer Security Awareness Training?
There has never been a greater need for security training. With cyber threats growing increasingly deceptive and dangerous, the market for efficient, high-quality training is one that’s worth tapping into. While MSPs don’t specialize in education, this situation offers the potential for you to step in and be the hero—helping your clients protect themselves from malicious threats.
This article was provided by our service partner : connectwise
https://www.netcal.com/wp-content/uploads/2019/12/Security2.jpg3001000ktranghttps://www.netcal.com/wp-content/uploads/2015/11/netcal_logo2.gifktrang2019-12-10 05:39:552021-04-10 09:27:51Should You Be Offering Security Awareness Training?