Montana Technical Solutions Website Development Design Maintenance Kalispell

Montana Technical Solutions Computer Workstation Security Primer

Local Workstation Best Practices

Local workstations on a corporate LAN  represent an important attack vector for hackers.  They are attractive to attackers due to the fact that end users vary widely in their sophistication and  practices.  If enough end users are targeted, eventually some form of penetration will be achieved.  Fortunately, it is not difficult to significantly improve security of these network end-points.  Review the five points below to quickly and easily achieve improved security:

  1. Implement corporate policy requiring strong passwords on end user workstations and accounts.  Unsophisticated end users will complain, but most will actually comply.  This exercise is useful in identifying the truly vulnerable end users who are at most risk.  (HINT: they are the folks who struggle to create a strong password and need help entering it once it is implemented).  Work with them closely to further reduce your exposure.
  2. Review your backup and restore procedures.  Obviously backups need to be done regularly, normally daily, and stored securely, both on and offsite.  Have you tested your restoration procedures?  BE SURE your backup plan is working.  Even great vigilance can be undone via a single viral email or DNS-redirected web page.
  3. Review your anti-virus and safe browsing software from the workstation point of view.  We assume your end users are behind a firewall appliance, or, at the very least, some form of network firewall software.  Windows 10 offers the best workstation security for general purpose PCs, but be sure to review your Group Policy settings for Windows 10 configuration.  For Windows 7 Defender is competent, but not entirely reliable.  It requires extra effort, but using a combination of the best anti-virus solution with the best safe browsing solution is a ‘best of all worlds’ answer.  Not  only do your settings need to be complimentary, the extra burden on your workstations is also non-trivial.  So be it.  We recommend taking the time and effort required to optimize this aspect of your workstations => that is what Group Policy is for!
  4. End user procedures.  Are your end users adequately coached on ‘do’s and dont’s’?  Do they have reasonable access to help desk support if they have questions?  Be sure they do!  Don’t put them in a position of having to choose between not getting their work done and taking an unnecessary risk with, for example, a questionable email attachment, simply because they cannot timely reach tech support.  It is IT’s responsibility to assist!
  5. Finally, end user procedures.   Are your end users adequately coached on ‘do’s and dont’s’?  Yes we are repeating ourselves here, but this is a broad topic.  However, two main threat vectors exist for end users:  email and web browsing/social media.  Educate end users on both topics and insist that they do not surf non-SSL websites without explicit permission.  Lock down their browsers and refuse to do business with those websites.  If this is a new policy, set a deadline for implementation.  The time is long past for permitting corporate employees to interact with insecure web sites on the public internet.  Use the built-in browser security features of Edge, Chrome, Firefox, and/or Safari to assist in securing your network.  As for email, Gmail offers security and convenience.  If Gmail is not acceptable, use either a white label email hosting service setup by your internal IT staff or your IT consultants, or use a highly reputable third party email hosting service.  Use great care in selecting your vendor, cost, convenience, reliability, and security vary greatly  Admittedly, this is a non-trivial approach, but necessary => there is a reason Gmail is so popular.

Follow these steps to greatly enhance your network end user security, reducing significantly your exposure to external attacks.   We overlooked #6 => keep your software up to date, but hopefully, in 2017, this is self-evident.  If not, we repeat, KEEP YOUR SOFTWARE UP TO DATE!

Thanks for visiting!

Montana Technical Solutions Computer Workstation Security Primer

 

Montana Technical Solutions Website Design and Development Computer SecurityRemember This?

This is a screen shot of a compromised website after WordPress websites were attached worldwide two months ago.  At that time we reported that no websites managed by MTS were compromised by the attacks.

These cyber attacks continue unabated, making the news regularly.  This past weekend’s headlines indicate that hundreds of locations worldwide were struck by crypto-attacks where data is encrypted and held for ransom.  Here’s how the extortionists break the news to their victims:

Montana Technical Solutions Safe From Cryptolocker AttacksThis is not an actual screenshot, but closely resembles those we have seen in the course of our duties.  It is no joke to be attacked in this way, because if the data in question has really been encrypted it will be essentially impossible to unencrypt, necessitating a restoration from the most recent set of backups.  MTS has helped several clients in this fashion.  Note that, in the absence of a secure, uninfected set of backups, data will be permanently lost.

MTS Clients So Far Safe

We are pleased to report our clients continue to be operational and not reporting any serious issues from the most recent round of crypto-attacks, thanks to greater vigilance as well as in-place measures.

Consequences of Website Intrusion

Having your website hacked has potentially severe consequences.  Even a minimal intrusion is embarrassing and stressful.  A severe intrusion could shut down your site or even hi-jack its traffic, routing your visitors into unauthorized destinations.  Sensitive data can be compromised, regaining control can be expensive, and some damage may never be undone.

As of this writing, we know of no intrusions or other hacking events on sites hosted and developed with MTS.  We investigate known instances the moment we are made aware and take pro-active measures to combat hacking and intrusions.  By design, most measures are transparent to end users, so often website security is overlooked.  After all, if you don’t see the security measures, how do you even know they are in place? Not only are they deliberately transparent, they are generally not discussed (we prefer not to discuss specifics of security measures, so as to avoid compromising them).

Security Best Practices

These are some best security practices that we can discuss, as they are well known:

  1. Strong passwords, changed regularly, and not  used across accounts.
  2. Use of proven encryption protocols to transmit and store data.
  3. Use of VPNs where practicable.
  4. Use of dedicated intrusion detection and prevention appliances.
  5. Network monitoring for known and potential threats
  6. Installation of preventative software at all workstations
  7. Quarantined regular system backups
  8. Timely installation of software updates
  9. Retirement of end of life software and hardware
  10. Principal of least access as a standard policy

Our websites are reviewed from a security stand point on a regular basis and measured against these best practices.  Strong passwords are required for all site users.  Currently we are in the process of implementing SSL on  all of our hosted sites.    Our hosting constantly monitors all access attempts, maintains all software at the latest functional versions.  MTS policy is that all network systems must be currently supported by the Vendor.

Montana Technical Solutions Website Design and Development Computer Security

MTS Websites Secure.  Recently sensational news stories have been published describing widespread ‘hacks’ of WordPress-based websites world-wide.  Reports suggest that tens of thousands of sites have been compromised. Unfortunately, our preliminary review indicates the threat is credible and the third-party intrusions are verifiable.

In most cases, it appears the intruders have simply left a visible record of their having penetrated the site.  Search engine results seem to confirm the intruder(s) have updated numerous sites with their signature posting.

Fortunately, sites managed by MTS appear to have been safe from the hackers.  This would be expected, as our sites are securely hosted and we strive to implement best security practices, including prompt installation of software updates to all our websites.  In this case, WordPress core developers gave web developers and hosting companies one weeks’ grace before announcing the vulnerability publicly, which allowed us sufficient lead time to be prepared.

Naturally, we remain vigilant for threats such as these at all times, so that our clients have maximum assurance of the uninterrupted operations of their websites and IT infrastructure.

 

MTS Kalispell Official ESET Security Reseller for the State of Montana

Kalispell MT – May 24, 2016.  MTS, short for Montana Technical Solutions, of Kalispell Montana, today announced its official designation as MTS Official ESET Security Reseller (premiere reseller) for the entire state of Montana for the elite security software package ESET Node32 Anti-virus.  For over 20 years ESET has been a world-wide leader in threat detection and anti-malware software for corporations and individuals.

MTS is extremely excited to have been chosen to partner with and represent ESET as their exclusive reseller in the state of Montana.  ESET’s motto – ‘the best security money can buy’ is consistent with MTS’  desire to be ‘your best technology source’.  Both ESET and MTS have proven their dedication to their corporate missions:

From Wikipedia:

According to Gartner, ESET showed the largest worldwide growth rate within the Consumer Security industry for 2011. ESET falls within the Niche Player category of the Gartner Magic Quadrant.[12] According to the Gartner report, “ESET has built a substantial installed base in Europe, the Middle East and Africa, particularly in Eastern Europe, and it has a rapidly growing Small and medium-sized business presence in North America. Its Completeness of Vision score benefits from good malware effectiveness in a lightweight client, but it still suffers from weak enterprise management capabilities and lack of investment in market-leading features, such as application control and virtualization support. ESET is a good shortlist option for organizations seeking an effective, lightweight anti-malware solution.”.[13]

According to Frost & Sullivan, “ESET offers high-performance, proactive endpoint security solutions, and the company goes above and beyond the competition to add value to its products by educating both Mac and PC users on how to defend themselves against the latest cyber threats” and it concluded that “ESET will continue to maintain a strong presence in the endpoint security market and provide high value to its customers.”.[14] It awarded ESET the 2012 North American Endpoint Security Products Customer Value Enhancement Award and the 2011 Global Customer Value Enhancement Award.[15]

In addition to these endorsements from Gartner and Frost and Sullivan, ESET also receives high marks for public service.

From Lifehacker.com:

The TeslaCrypt ransomware has been a popular choice for cybercriminals since it was launched in early 2015. But in a surprising turn of events, the people behind the ransomware has unveiled the master decryption key for TeslaCrypt. Security vendor ESET has used that key to develop a decryptor tool for TeslaCrypt and has made it free to the public. Here are the details…<full story>

Consistent with ESET’s reputation, MTS has established a reputation of its own over the past 10 years of operation in the state of Montana, landing notable contracts with significant entities such as law enforcement, school districts, and Fortune 500 companies.

MTS thanks ESET for their vote of confidence and looks forward to offering our clients the best security and privacy protection available at any price.

MTS Official ESET Security Reseller