Security

Adopting MFA in your company

Accessing your accounts with a single username and password simply isn’t enough to keep sensitive data safe.

With cyberattacks sharply on the rise, it’s essential you implement multi-factor authentication (MFA) to protect your business.

Cyberattacks are estimated to cost global business $10 trillion by 2025.

And it doesn’t matter how small your business or the industry in which you operate. Every business is vulnerable.

MFA adds extra layers of security to your accounts by asking you for more than just a password. It can include a fingerprint scan, one-time passcodes, or facial recognition among other forms of proving your identity.

Read on to find out more about why MFA is so important, the common challenges that businesses face with adopting MFA, and how you can protect your business by introducing MFA.

Why is multi-factor authentication important?

According to Microsoft, 99.9% of cyberattacks can be prevented simply by enabling MFA.

The problem with usernames and passwords is that they’re easily compromised. Hackers find several ways to steal passwords to then log into corporate accounts and steal data.

This could be everything from client addresses, payment details, and sales records to your business online banking and employee information.

Nearly two-thirds of cyberthreats happen due to negligence inside your business, according to an IBM study. Employees might leave passwords lying around or share them within insecure networks.

The positive is that by adding MFA to your company platforms, it becomes almost impossible for hackers to replicate these credentials, and guessing your password isn’t enough for them to gain access.

In multi-factor authentication, your employees can provide different types of information to prove who they are. These include:

  • What they know—usernames, email addresses, and passwords
  • What they have—an SMS containing a code, an authenticator app, a smart card
  • What they are—biometric data such as facial recognition or fingerprints

When two or more of these forms of information are used together, it creates a dramatically higher level of security to protect your business from breaches.

Common MFA challenges

Although many services and platforms have adopted multi-factor authentication, users could still be unfamiliar with what is expected of them when your business implements MFA.

Users unsure of the importance of MFA

Put simply, many users do not understand why a username and password aren’t enough to protect company data, especially if they’re so used to doing it this way.

Helping users understand good cybersecurity practices and address their concerns is key to helping your business more confidently adopt MFA.

Extra training needed

To effectively implement MFA, every member of staff will need a briefing on what changes will take place, when MFA will rollout and how this will impact their jobs.

Thankfully, familiar platforms such as Microsoft and Google provide easy-to-use MFA and resources to help the less confident users.

MFA asked for too frequently

When users feel additional security measures are interrupting their work it might mean they’re less likely to adopt it. For example, if platforms ask for confirmation of their credentials too often.

Choose a platform that only requires these steps when it’s required, leading to a smoother and more user-friendly experience.

Adopt multi-factor authentication

There are several steps to ensure your business adopts multi-factor authentication successfully.

The first is for you to determine what areas of the business require the extra levels of security. Databases and platforms where sensitive information is stored would require MFA. You might decide that other systems which don’t store sensitive data or aren’t connected to the same network, may not justify the cost.

Catalog all current users and what systems they have access to. If necessary, you should revise these permissions.

Decide what your current capabilities are and which methods of MFA will work for you.

MFA should be adopted across all resources, devices, and applications that require it. This ensures that data is protected company-wide across the network and not just on the computer at a user’s desk.

Finally, once you have implemented the MFA on your systems, you will need to onboard all employees so they understand how to set it up and use it as part of their working day.

Conclusion

One of the most powerful steps toward fighting cyber threats in your business is to adopt multi-factor authentication.

Using two or more forms of identity confirmation to access company systems prevents over 99% of attacks.

You’ll need to undertake careful planning to decide:

  • What systems are protected
  • The people inside your business who have access to data
  • The methods of MFA your business is capable of implementing

Be prepared to offer training and resources so your employees can effectively switch to this increased level of security.

Although the cost of implementing MFA can be high, the benefits far outweigh the risks of leaving your business vulnerable to attack.

Tips

Cleaning up your disk

by Chris Taylor

About Chris Taylor:  Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at the Ottawa Public Library, and is President of the Ottawa PC Users’ Group.

Disk space seems to disappear over time. If you have hundreds of gigabytes or even terabytes of free space, this may not seem to be a problem, but there are some things to keep in mind that may make it worth some effort to keep things svelte.

First, if your boot partition (where Windows is installed—normally C:) is on a solid-state drive, it might be relatively small. If that’s the case, you might run out of available space fairly quickly. At an absolute minimum, you want to ensure you have enough space to install yearly Windows Feature updates, which can take 11 GB or more on the boot partition during the update process. You also want room to install future applications. As well, many computers are configured to store user data on the boot partition. That could include hundreds of gigabytes of documents, photos, videos, music, etc.

Second, since an image backup contains a copy of everything on the disk—operating system, programs, and data, your backups will take longer to complete and take more space on your backup drive than necessary if you have a lot of clutter. What? You don’t do image backups of your computer? Stop right now and read Why backup published in Cybersecurity News in February, 2019 (https://mailchi.mp/glasswire/glasswire-newsletter-is-your-pc-a-victim-of-this-creepy-data-hog).

There are pretty effective tools built into Windows for keeping your disk clean and tidy. The main tool is Storage Sense. Hold down the Windows key and press i to open Settings. Click the System icon.

Click on Storage in the left panel (1 in the screenshot).

Section 2 in the screenshot shows major categories of files. You can click on any of them to get more information and you can manually get rid of stuff you don’t need. Manual cleanup is sometimes the only way to deal with clutter. Windows can’t—for instance—decide what documents or programs you don’t need.

Click the link Configure Storage Sense or run it now (in section 3 in the screenshot)

Storage Sense can clean up three things (section 4 in the screenshot): temporary files not currently being used by programs; files that have been in the recycle bin longer than a specified period; and files that have been in your Downloads folder for longer than a specific period. All three of these areas tend to collect a lot of files over time.

Pick a timeframe for files in the recycle bin and Downloads folder; from Never to 60 days.

Run Storage Sense by clicking the Clean now button (5 in the screenshot)

You can automate the running of Storage Sense with the slider (section 6 in the screenshot). When you toggle it on, you can choose when Storage Sense runs (7 in the screenshot): every day/week/month or when disk space is low.

Microsoft says “Low free disk space will vary depending on disk size and minimum operational thresholds. You’re in a low disk state when the capacity bar in Start > Settings > System > Storage turns red.”

There is another major cleanup that can be done—Windows Update. Whenever Windows Update runs, it squirrels away previous versions of updated files in case want to uninstall a problematic update. These old versions of files can take up gigabytes of disk space. If my computer is not experiencing any new problems a week after Patch Tuesday (the second Tuesday of the month), I seriously doubt I will need to roll back an update and these older versions of files are just useless clutter. Microsoft provides another tool that can remove these—Disk Cleanup. Click the Start button and type Disk Cleanup. Click on Disk Cleanup in the results.

When Disk Cleanup loads, immediately click the Clean up system files button. Disk Cleanup will reload with additional options, including Windows Update Clean-up. As you can see in the screenshot, it can free up a lot of disk space—6.5 GB on this particular computer. A warning: choosing Windows Update Clean-up can take a long time to complete. I have seen it take over half an hour. That’s because it is doing more than deleting old Windows Update files and these additional actions can help free up disk space. First, it does the equivalent of dism /Online /Cleanup-Image /StartComponentCleanup. This looks at the component store (C:\Windows\WinSxS folder) for components that are no longer being referenced and deletes them. This is normally done automatically as a schedule maintenance task; Windows Update Clean-up forces it to run immediately. The other thing it does is look for operating system files that could benefit from being compressed and compresses them.

There are additional categories that Disk Cleanup can deal with. Select any of them and the Description field will give you more information about the particular option, which should help you decide whether or not you want Disk Cleanup to remove those files.

The combination of Storage Sense and Disk Cleanup will give you a fighting chance at keeping unnecessary clutter under control.

Security

Stay secure against ransomware

Ransomware made easy

The concept of ransom, despite being totally unfortunate, is pretty easy to understand.

A bad actor takes something without permission and asks for money to give it back.

Adapting such a form of crime to nowadays technologies is pretty easy as well.
A malware enters your device without permission and encrypts all your files with an encryption key that is virtually impossible to decipher by chance. Then, the only window you are allowed to see on your monitor is the one with the ransom request. When (and if) the ransom is paid, the attacker will finally send you over the decipher key, giving you back access to your files.

Conceptually easy in its structure, this form of cyberattack costs millions of dollars every year, with businesses in retail, education, and IT among the most damaged.

Clearly, it is not just that, as more advanced forms of ransomware attacks exist and hit even stronger. They could leverage the threat of exposing sensitive information from the target organization or rely on innovative distribution models.

This is the case of Conti and REvil, the two most dangerous types of ransomware attacks in 2021 in terms of victims and financials. These two types of attack, fearsome on their own, found their fortune on their business model. Both of them have been spread around thanks to a Ransomware-as-a-Service model, where the cybercrime group allowed people from the outside to act as affiliates or mediums. In return, for every successful ransom obtained, these people took a share of the ransom.

The model, other than spreading the virus at an unprecedented pace, made it also harder to attribute the attacks to the original actors.

There are a few actions that everyone could put in place to prevent the risk of get in trouble with a malicious software. Installing a firewall for ransomware, for instance, is the first and most important security solution you could take to prevent exposing personal information. 

How to prevent a ransomware attack

Despite being extremely hard to predict, there are a few best practices that every user could put in place to mitigate and potentially nullify the risk of being hit by a ransomware attack. Bearing in mind that most cyberattacks leverage both human and IT vulnerabilities, there are good habits and technical implementations, mainly for your firewall, that could be extremely useful. Here is a helpful list to keep at hand in your daily internet surfing. 

Best practices  for  firewall  and  network  configuration

  1. Install an easy-to-use firewall, that could ease and not hinder the adoption of security habits.
  2. Remote Desktop Protocol (RDPs) are, with phishing, the main channels of infection for Ransomware attacks. Monitoring and locking down RDP and other services with your firewall is definitely a must for your internet security. Whitelist only applications you consider safe.
  3. Strengthen your passwords and use multi-factor authentication. This is a rule of thumb for every digital asset but take it as a suggestion also for your remote management and file sharing tools so that they’re not easily compromised by brute-force hacking tools.
  4. Limit remote access to your computer setting rules for connection. Your firewall should allow the setup to limit port-based access via filters or passwords. VPNs are also a valid alternative to port-forwarding when accessing your organization’s network from the outside.
  5. Enable TLS  Inspection with support for the latest  TLS 1.3 standards on web traffic to ensure threats are not entering your network through encrypted traffic flows.
  6. Segment LANs into smaller, isolated zones or VLANs, and minimize the risk of lateral movement within the network. VLANs could then be secured and connected together by the firewall. Be sure to apply suitable IPS policies to rules governing the traffic traversing these LAN segments to prevent exploits, worms, and bots from spreading between LAN segments.

Healthy digital habits

  1. Reduce data transfers every time is possible, as more data transmissions equal to more vulnerabilities. Also, try to avoid sending sensitive data on personal devices, usually less controlled and significantly more vulnerable to cyber-attacks.
  2. Download Carefully and check your data sources carefully. If in doubt, check on a search engine. It’s important to only download files from sources and avoid unnecessary downloads to lower your device susceptibility to malware.
  3. Update device software, as security is (or at least should be) a top priority for every software provider. Providers work hard on continuously making their software more secure, and regularly installing the latest updates will make your devices less vulnerable to attacks.
  4. Develop a breach response plan. Data breaches can happen to even the most careful and disciplined companies. Establishing a formal plan to manage potential data breach incidents, primary cyberattack response plan, and cyber attack recovery plan will help organizations of any size respond to actual attacks and contain their potential damage.
  5. Change your passwords from time to time. It’s free and drastically lowers the chances of one of your accounts being spoofed.

Being the most dangerous and spread form of cyber attack, preparing against ransomware is crucial for the digital health of your business, your organization, or even yourself. Adopting a good level of skepticism and common sense with regards to digital environments, and gearing up with a sturdy antivirus and a firewall could really make the difference and save you a lot of money. 

Recent Entries

Finding a lost window

by Chris Taylor About Chris Taylor:  Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at…

Light across the world

by Chris Taylor About Chris Taylor:  Chris is on the Community Review Board for SANS’s OUCH! (the security awareness newsletter designed for everyone), has given over 470 computer-related presentations at…