Everything You Need To Know About PCI Compliance For Your Business

PCI Compliance Doesn’t Need to Be an Impossible Task

For the longest time, businesses on the internet were susceptible to credit card fraud. Credit card handlers and companies alike were unsure of how to protect data stored on the internet. That’s where PCI compliance comes in. Founded in 2006, the PCI Security Standards Council sets restrictions for how business online is done. PCI compliance keeps companies, cardholders, and banks safe. Here, we’ll discuss all things PCI Compliance for you and your business. From the required standards to questionnaires, you should have a solid grasp of all that makes up this safety standard by the time you finish reading. Understanding PCI compliance does not need to be an impossible task.

 

What is PCI Compliance?

It was determined a long time ago that credit cards on the internet needed some form of protection. Without protection, these methods of payment are susceptible to fraud and theft. PCI compliance exists to ensure that a platform is safe for customers to plug in their private information. It assures your clients and customers that their data is safe with your business.

To be considered PCI compliant, your business site must pass a set of standards. These standards include:

  • Shopping cart page regulations where credit cards are used
  • Checks on any card readers that are attached to your computer
  • Username/password systems that protect a client’s information

 

Do You Need PCI Compliance?

The short answer is yes. For any site that accepts payment, PCI compliance is a must. Without it, fees and risks rise exponentially. If your site or business takes credit cards on the internet, you need to go through the process for the sake of your future. It is of the utmost importance, and it is also a legal requirement for your safety.

There are a few different levels of PCI compliance. A business must first determine what level they fall under before proceeding. From there, they can go about securing their network. We will discuss this a little later in the article.

 

Common Acronyms Used in PCI Compliance

When you look into the process of becoming PCI compliant, you’ll see that there are a bunch of different steps that you need to complete. Three items are labeled with acronyms that might be confusing at first glance. You will need to know all of them so that you know what to expect when you see them.

The three items you will need to know the differences between include:

  1. PCI DSS Self-Assessment Questionnaire (SAQ)
  2. Attestation of Compliance (AoC)
  3. Report on Compliance (RoC)

We’ll go over each of these so that you know what they are and when they come into play. Each has a part in ensuring that your method of accepting payment is secure for your clients. They are all critical to your business.

 

1. PCI DSS Self-Assessment Questionnaire (SAQ)

This item is a form that will help you determine which compliance regulations apply to your organization. There are nine different versions of the document, and they all depend on how your business processes, handles, and stores the information that cardholders provide.

The nine types include:

  • SAQ A
  • SAQ A-EP
  • SAQ B
  • SAQ B-IP
  • SAQ C-VT
  • SAQ C
  • SAQ P2PE-HW
  • SAQ D for Merchants
  • SAQ D for Service Providers

You will need to determine which is best for you to use based on how you handle business. Having this form is a crucial part of becoming PCI compliant. It will keep you from taking unnecessary measures for your business as you go about this process.

 

2. Attestation of Compliance (AoC)

The Attestation of Compliance is an action completed by a QSA, otherwise known as a Qualified Security Assessor. They will create documented evidence that informs the council that your business upholds solid security practices. They will ensure that you have completed your SAQ and meet all the required standards.

There are a few different versions of the AoC, just as with the SAQ. You’ll need to pick the one that corresponds with the SAQ you filled out based on your business. That way, you can get a proper attestation completed.

 

3. Report on Compliance (RoC)

The RoC, or Report on Compliance, is a report on everything a business does to ensure the best protection for cardholders. Another Qualified Security Assessor will examine and perform an audit of your controls. They will also summarize and document their findings, which turn into this final report. 

The RoC reports on items such as:

  • The security posture
  • The overall environment
  • The systems in use
  • The methods utilized to protect data

This report is necessary because it will allow your clients to understand what your security is. They will know if their card information is safe on your site. They will also know if there are any risks they will be taking in providing you with personal information. This report is one of the final steps when you are determining if you are compliant or not.

 

How Do You Become PCI Compliant?

There are six steps that you must take on to become PCI compliant. By following each of them carefully, you can ensure that your site is safe and protected. This process varies depending on the size of your business and how many transactions occur on your site. Different standards apply to varying organizations.

The six key steps include:

  1. Determining your PCI level
  2. Acknowledging potential consequences for failing to be PCI Compliant
  3. Completing a Self-Compliance Questionnaire
  4. Creating a secure network
  5. Filling out an Attestation of Compliance
  6. File paperwork

We will go over each of these carefully so that you can understand the process. It probably seems complicated, but it’s not. With careful reading, you will be able to make your site PCI compliant in no time at all.

 

1. Determining Your PCI Level

The first step when making your business PCI compliant is to determine what PCI level you are. There are four of them, all based on a few different factors.

The PCI Levels include:

  • LevelOne: This applies to you if your business processes over six million transactions annually, no matter what channel is being used.
  • LevelTwo: This applies to you if your business processes between one million and six million transactions annually, Level Three: This applies to you if your business processes 20,000 to one million eCommerce transactions annually.
  • LevelFour: This applies to you if your business processes less than 20,000 eCommerce transactions annually, or less than one million no matter what channel is used.

Based on the transactions that your business makes, you can decide what your PCI level is. This label will assist you in determining what standards you will need to use to make your business PCI compliant.

 

2. Note Consequences

Any store or business that stores credit card information is required to be PCI compliant. Failing to do so can result in fees, fines, and even larger consequences down the road. You’re putting your business and customers at risk by avoiding the process.

Some of the events that could occur as a result of failing to become PCI compliant include:

  • Loss of business reputation
  • Credit card breaches
  • Lawsuits
  • Fees and fines

You should note the potential consequences for your particular PCI level. You should be prepared to face them if you fail to make your business PCI compliant.

 

3. Complete a PCI RSS Self-Assessment Questionnaire

Next, you will need to fill out a Self-Assessment Questionnaire. These are the forms we discussed above. You will fill out the one that corresponds to your business and the online transactions that occur within your fiscal year.

The form is as simple as they come. It goes over each of the PCI Data Security Standard Requirements, to which you will answer yes or no in response. A yes means that your company security follows that standard. A no means that you may have some gaps that you need to address.

The PCI RSS Self-Assessment Questionnaire will help you figure out what you need to tackle before auditing your PCI compliance. You should be able to answer yes to every question if you are fully functional in protecting your clients’ cards.

 

4.  Create a Secure Network

Once you know what areas your security is lacking, you can address them. You should adhere to the twelve guidelines that fit your business. If the changes are simple, you can do them yourself. If you’re not sure how to address them, you can seek outside help to make the alterations.

Some fixes made at this point could include:

  • Adding a firewall to protect data
  • Restricting access to cardholder data
  • Authenticating access to the system
  • Creating a policy for personnel to follow for security

Once you have addressed each of your security problems, you will be ready to move on to the final steps of becoming PCI compliant. Make sure you have covered all of your bases before proceeding.

 

5. Fill Out an Attestation of Compliance

Once you feel that you’re ready, you can fill out an Attestation of Compliance. This decision means that you are positive that your business fits with all of the required guidelines. A Qualified Security Assessor will come and scope out the situation, filing a report in the process.

When they are done, they will have completed a Report on Compliance. This report will inform the council whether or not you have adhered to the guidelines. If you succeed with filing your attestation, you are ready to move on to the final step.

 

6. File Paperwork

The final step in becoming PCI compliant is to fill out paperwork. You will need to do this with banks, credit card companies, and every other company you may be working with. Some papers that you might need to submit:

  • The SAQ
  • The AoC
  • An external vulnerability scan

Once the paperwork goes through, you should be good to go. Your business can proudly declare that it is safe for cardholders to access their information. If you need help during the process, there are companies out there that can assist you. Ask for help if you are stuck. It’s better to get help than to fall short of becoming PCI compliant.

 

How to Become Compliant on Various Platforms

Many platforms can be used to collect credit card information. On most of them, you will need to become PCI compliant for the safety of your business and clients.

We will discuss two popular platforms that you may need to become PCI compliant on. If you run any form of credit card transactions through these, you will need to go through the PCI compliance process.

PCI Compliance on Microsoft Teams

Microsoft Teams is a platform that is often used in the workspace. If you capture or record credit card information at any time in this space, you will need to make your platform PCI compliant. If you are using calls to contact your customers, you should use an add-on agency to ensure that the calls are private.

To become PCI compliant, you can follow the same process as stated above. Your situation will only apply to phone calls. The security efforts you make will be based on making sure that every call you make is as private as possible.

 

PCI Compliance on WordPress

WordPress is a website maker that many use for their businesses. This means that goods and services are often purchased through this online format. While the internet is a great place for an up-and-coming business, it can be dangerous. Anyone taking credit card payments on WordPress should take action to make their site PCI compliant.

To make your WordPress site fit this standard, you will need to:

  • Find your merchant level
  • Fill out the SAQ
  • Figure out necessary security patches
  • Use proper plugins and tools to take in the information
  • Fill out the appropriate paperwork

Once you are PCI compliant on WordPress, your customers can feel safe giving you their information. This completion can help a small business get on its feet much faster.

Eventually, you will understand the security measures like the back of your hand. PCI compliance might seem annoying, but it is a great item that protects you, your customers, and even the banks from falling prey to fraud online.

 

The Path to PCI Compliance

This is just one of the most important regulations you may come across in your organization. It’s a good idea to examine your compliance procedures at least once a year, and more frequently if the regulations change.

We recommend consulting with legal counsel if your organization lacks in-house staff with the detailed understanding required to assure compliance.

You should contact a skilled compliance and technology partner, such asEdge Networks, to help you with the technical and operational parts of your compliance journey. Your investment will begin to pay for itself immediately, and remember, you can’t put a price on your peace of mind. Contact us today for a free 30 minute consultation.

3 Ways Software Updates Can Increase Cybersecurity

A Simple Step in Cyber-Attack Prevention

Cybersecurity is often a complex undertaking, requiring high technical knowledge, education, and skills to fully understand. At the same time, some of its most crucial aspects are remarkably straightforward and easy to implement. Perhaps the most relevant example of this seemingly contradictory concept is software updates.

Updating your software is simple, often requiring nothing more than clicking a button or inputting a password. It’s so straightforward that it’s easy to overlook as a security measure, and many organizations do. However, these software updates play a critical role in reliable cyber-attack prevention. Here are a few ways how.

 

1. Address Old Vulnerabilities

Given how complicated software development can be, programs, platforms, and operating systems will almost certainly contain minor flaws. Because of this, developers continue to analyze their products after launch, listen to user feedback, and release updates. If these updates are not installed, there is nothing stopping the software from retaining its original vulnerabilities.

 

laptop and a software update reminder post it

 

In December 2020 and January 2021, dozens of organizations and government agencies experienced a data breach from failing to update an outdated software program. The program, Accellion FTA, was more than 20 years old and nearing the end of its life. Had these companies kept up with updates or upgraded to newer software, they wouldn’t have fallen victim to these attacks.

 

2. Stay Safe From Emerging Threats

Just as software updates address old risks, new threats are emerging every day that they also must defend against. There are more than 1 billion pieces of malware on the internet today, with more appearing regularly. Software developers must frequently release new patches as they learn how to address new attack methods.

Cybercrime is a dynamic field, with criminals continually coming up with new ways to infiltrate systems. Consequently, cybersecurity must also be a continuous effort, hence the importance of software updates. If your system isn’t up-to-date, its built-in defenses may be insufficient against new attack strategies.

 

malware graphic

3. Introduce Helpful New Features

In addition to patching new and old security vulnerabilities, software updates can provide new features that further bolster security. These aren’t always directly related to safety but can indirectly minimize potential problems through quality-of-life improvements. For example, an update could boost compatibility with other programs, eliminating disruptions and outages that could leave either program vulnerable. 

If your software runs more smoothly, it will be less distracting to employees. As a result, employees (especially ones who have undergone Security Awareness Training) will be more likely to spot anything out of the ordinary, improving the company’s overall cyber vigilance. 

 

Best Practices for Updates

Even if you understand the importance of updating software, how best to approach it may not be immediately evident. The most crucial path to consider is enabling automatic overhauls. Automatically updated software will ensure you always have the latest version, even if you forget to look for or install new patches.

You should also remember to update your hardware along with your software. Unforeseen circumstances can impact the supply chain and make new hardware scarce or even unavailable. Upgrading early can help you avoid using potentially vulnerable legacy equipment while better alternatives are accessible.

Since updates often require your device to be unavailable for a short time, it may be best to update outside work hours. If you choose to go that route, set timers for your off period to remind you to check for or install updates. That way, you won’t forget to install new patches, and doing so won’t interfere with your job.

checking for updates graphic

Software Updates Are a Crucial Part of Cyber-attack Prevention

Since cyberattacks can be so complex, it’s easy to forget about the more straightforward aspects of cybersecurity. While they may not seem particularly significant at first, software updates are one of the most important steps in developing robust security. Taking the few minutes necessary to update your software will keep you safe from many threats.

Software updates are just one of the many facets of keeping your company safe from cyber-attacks. To learn more about the health of your business’s cybersecurity, take our free, self-guided IT security risk assessment today, or contact us for a free 30 minute consultation.

 

Guest Writer: Devin Partida

Devin Partida is a data center and networks writer whose work has been featured on AT&T’s cybersecurity blog, Yahoo! and other notable publications. To read more from Devin, please visitReHack.com, where she is the Editor-in-Chief.

The Future of Passwords and Password Management

The Best Password Managers to Keep You Protected

Passwords have been around for a long time as one of the first layers of account protection. Still, many businesses and individuals are not adapting best practices for password creation and management, making their accounts easy to get ahold of. The internet has become a dangerous place, filled with cybercriminals waiting for the perfect opportunity to strike. A password vulnerability could lead to an exploit, one where customer and company data are exposed. That’s why it’s crucial to choose a good password management strategy – one that helps both individuals and organizations keep their data, accounts, and online infrastructure safe.

 

What is Password Management?

Password management is a set of practices meant to organize, store, and manage passwords. This is a huge necessity for large companies, who must keep the possibility for a password to lead to an exploit low. With the right kind of management plan, updates are automatic and no one can use the same password twice.

Managing passwords alone can be difficult, but companies with lots of employees can be more protected with the help of a password management system.

 

Password Breaches: How Often Do They Happen?

According to the 2019 Breach Alarm, 1 million passwords are stolen every week. One of the most common means of execution is Password Dumper, a kind of malware that randomly guesses hundreds to thousands of passwords in just a matter of seconds, attempting to find the correct one.

The Ponemon Institute Cost of Data Breach Study estimates that the average cost of a data breach is $3.86 million, something that could throw a company out of business. Protecting passwords is essential, as it is a pretty juicy target for cybercriminals.

 

How Easy Is It to Crack a Password?

A lot of web surfers out there think that it’s fairly complicated to crack a password. However, that’s not entirely true. As a matter of fact, the shorter your password is, the easier it is to crack, taking an experienced hacker little to no time at all. For instance, let’s take a password with five characters.

If you think about the most common passwords, you could come up with 100 different combinations per character. This means that a password with just five characters could have up to 10 billion combinations. It sounds like it would take a long time to crack, right? Wrong. A hacker with the right software and expertise could get into a password like this in less than a minute.

The longer your password, the less chance that hackers have to crack it, or should we say, the more trouble they will have. Some ways that you can decrease the chances of a hacker simply guessing or taking multiple guesses are to:

  • Capitalize random letters
  • Add numbers
  • Put special symbols around one word or multiple words
  • Jumble it up after you create it
  • Use a password manager that offers strong password suggestions 

As you can see, there are many ways to get hacked, so taking care of your passwords is key to keeping them away from hackers. One way to do that is with password managers. Below, we have 5 of today’s popular password management programs to check out, along with the key features that make them shine above others.

 

Top 5 Password Management Programs for 2021

1. Dashlane

When it comes to doing everything that a password manager should do, Dashlane has it figured out with basic to advanced features that spot weaknesses in passwords and even highlight ones that have been compromised.

They offer an app that sits on your desktop where you can take a look at stats and get everything you need to create a better password than ever before and keep them safe. The only downside is that most of their high-tech features come with a price tag, and the more protection you need, the more it’s going to cost you.

Pros 👍

  • Compatible with all systems, including macOS, Windows, and Android
  • Free versions with basic password management needs
  • Comes with optional VPN protection
  • Keeps an eye out for compromised passwords

Cons 👎

  • Some of the options come with a high price tag
  • Some say it tends to have a hard time with multiple logins
  • Storage is not upgradable

Star Quality ⭐️

Features of all kinds with built-in security at every point. No matter if you’re looking for solo protection or something for the whole squad, Dashlane has something to offer.

 

2. 1Password

With 1password, users will have protection across all devices, no matter how many there are. It has a way of organizing passwords and implementing a two-factor authentication that helps to keep passwords dually protected. This is a great and affordable option that works to keep all passwords safe, though it lacks some expert features that would take it to the next level.

Pros 👍

  • Compatible with all systems
  • Has great password organization, even for multiple people
  • It’s easy to use
  • Works as a two-factor authentication

Cons 👎

  • Some say it is limited compared to other password managers
  • Doesn’t have features for password inheritance

Star Quality ⭐️

This password manager is easy to use and has a killer feature that syncs all passwords across all devices. It doesn’t have many bells and whistles, but it does get the job done, and then some.

 

3. OneLogin

For an affordable option that won’t leave you empty-handed, this app has it all. Compared to the competition, you can find advanced features that help you manage your passwords, no matter how long your list is. Plus, enjoy a multiple-factor login, something that helps to secure your passwords better than ever before.

Pros 👍

  • Comes with HR-style services
  • Perfect for the management of many passwords
  • Tons of features and support if needed

Cons 👎

  • Pricing can get high
  • The highest-priced option is pretty limited compared to the competition 

Star Quality ⭐️

OneLogin has an HR quality password management platform that makes it one of the best around. With tons of options to keep your passwords safe and out of virtual harm’s way, this is a good choice for solid protection.

 

4. Chrome Password Manager

Google’s version of a password manager is everything you’d expect it to be. Advanced features and super fun interface with the solid protection you need.

Pros 👍

  • It’s free!
  • Super simple setup
  • Allows for smooth transition between multiple log-ins for the same site
  • Optional capture and auto-fill for passwords
  • Compatible with all systems

Cons 👎

  • Not a lot of extra features like some of the others
  • No multiple or two-factor authentications
  • Cannot be used offline, so if something happens, you might need to let your memory kick in

Star Quality ⭐️

Chrome Password Manager is free. That’s not its only star quality, though, coming with lots of features that are meant to keep your passwords secure and even help to keep them far from landing in the wrong hands.

 

5. Apple Keychain

Everyone knows that Apple usually doesn’t disappoint when it comes to its newly released products and software. Like all the rest, Apple Keychain is tearing up the competition, coming with many advanced features. When it comes to password management, though they are advanced, they are still super simple to use, something that most users boast about when they first use this system. 

Pros 👍

  • Super simple to use
  • Has an auto-fill feature that doesn’t disappoint
  • Has a two-factor feature to keep your passwords safe

Cons 👎

  • Only works with Apple devices
  • Password auditing system is weak when put head-to-head with the competition
  • Cannot be used if you’re offline, needs a solid Wi-Fi connection

Star Quality ⭐️

Apple’s name is a good one. It is known for some of the best software that rises above the competition. There is not only space here for passwords but also for other things that need protection like credit card numbers and shipping addresses too.

 

Risks of Weak Systems

It’s no longer just your account and personal information on a social site you have to worry about. These days, hackers could get ahold of your banking information and even change the information or corrupt it so  you can no longer get access to it. If you have a weak password, you could be at risk for any of the following attacks.

  • Spoofing – Using a database of stolen passwords
  • Sniffing – Using software like key loggers
  • Brute Force – Trying out various combinations

None of these are fun, especially when it comes to your data, so keep it safe and create a solid password that hackers will have a hard time accessing.

 

Password Management Best Practices

When it comes to keeping passwords out of the wrong hands, there are a few things that individuals and businesses should adapt. Hackers know a thing or two about getting ahold of passwords and look for weak authentications and weak passwords wherever they can find them. When setting up your password, be sure to include the following best practices:

 

1. Strong Passwords

As a rule of thumb, you should aim for a password that has a good length and features a mix of numbers, upper and lowercase letters, and special characters. Some websites will require you to use each of these in your password, which helps you create a more secure password. Avoid adding any information that’s too easy to guess, like your name, date of birth, or favorite color.

 

2. Get and Keep a Reset Schedule

Keeping the same password for long periods is in itself a vulnerability. Over time, hackers can hone in on an account and use software to try and guess all kinds of passwords. That’s why you should reset your password regularly, keeping it from being guessed too easily.

Cybersecurity experts recommend you change your password once every 30-90 days, or less if you’re an avid surfer. The more you’re on the web, the more you should change up your passwords, as someone could be watching.

 

3. Use Two or More Authentications

You’ve probably heard of two-factor authentication, but if you haven’t, it’s the pop-up that requires you to enter a code sent to your phone before you can log in. The account checks that it’s you logging in by making sure you have an alternate device that matches. Though often feeling inconvenient and eliciting eye rolls, this is a great way to keep hackers away and helps to prevent your password from getting stolen.

 

4. Ditch the Sharing

Sometimes, we share our passwords with our friends, coworkers, or our parents. Data in motion is very sensitive on the web, especially if you’re not taking care to secure it before you send it out. Don’t share your passwords over the web unless it’s absolutely necessary, keeping them protected from advanced hackers. If you need to share a password for some reason, consider using a site like Privnote to help protect the data in motion. Privnote allows you to type sensitive information onto a virtual sticky note and then provides you with a link to send to a recipient. Once that link is opened, the note self-destructs.

 

5. Keep Storage on Lockdown

If you’re dealing with many passwords, you should store them in one place and take steps to keep that place secure. Limit access and never share where you’re keeping all your passwords.

 

6. Keep up to Date

Last but not least, you and your company should do what’s necessary to keep up to date with all the latest best practices out there. Those trying to prevent attacks are hard at work, looking for better ways to manage passwords and increase their online security.

Click here to download our free Passwords Best Practices E-Book!

 

Keep Your Passwords Protected and Manage them Correctly

The web is a dangerous place, especially if you’re not careful. To keep your accounts and devices safe, you need to create solid passwords and change them often, reducing the chance that a hacker could come in and steal them from you.

Using a password manager and following suggested password-creating tips, you could have a solid password that’s hard to get into, keeping your accounts and sensitive data safe. Choosing a top-rated password manager will help you keep on top of managing your passwords and help you keep them secure. When online, remember to protect your accounts and information and keep them far out of the wrong hands.

Are you concerned about the cybersecurity of your business? Edge Networks can help! Take our free, self-guided IT Security Risk Assessment, or contact us today for a free, 30-minute consultation.

Understanding PrintNightmare: a Print Spooler Vulnerability

PrintNightmare: Understand and Overcome

In June of 2021, Microsoft issued a warning entitled “Windows Print Spooler Remote Code Execution Vulnerability.” This vulnerability, known as PrintNightmare, leaves the print spooler open for a hacker to attack by allowing anyone to remotely install a printer ‘driver’ with the ability to execute malicious code and take complete control of a PC. The attacker could access data, create new accounts, and destroy users’ accessibility to their devices.

This is an ongoing issue. While there has been a security update from Microsoft addressing this vulnerability, it is not perfect, and many devices are still at risk. We will discuss ways to mitigate the problem and keep devices safe from this vulnerability. By following the steps in this post, you will be better equipped to handle these attacks and reduce the probability of becoming the next victim.

 

What is the Print Spooler?

The print spooler service is a software program that manages any print jobs that need to be sent to a printer server. In many cases, Microsoft relies on this program for the organization and control of its devices. It is an essential program for anyone needing to print, and it keeps the print jobs organized and in order. While the print spooler is a practical and often necessary tool, it can also be dangerous if it falls into the wrong hands.

Some of the most basic functions of a print spooler include:

  • Managing the files that are in the process of printing on the device
  • Monitoring the files that are in the process of printing on the device
  • Keeping everything in order and organized as the items print

Most Microsoft machines have the print spooler system automatically enabled, and many do not think twice about it when activating their device for the first time. After all, when hackers are not attempting to break into it, it can be a very beneficial (and often necessary) tool.

Since its original release, there have been few maintenance updates on the print spooler. It was this lack of improvement that could have left it vulnerable to hackers and attackers. However, in July 2021, Microsoft issued a security update addressing this vulnerability. They are recommending that users install these updates immediately. After all, you do not want to be the next company with a data security breach.

 

Understanding the PrintNightmare Vulnerability

The PrintNightmare vulnerability first appeared in a June 2021 release by two research teams. It was so named because of the versatile nature of this weakness across a variety of different products. Recently, the PrintNightmare shifted from ‘low’ severity to ‘critical’ severity. Users need to be aware of this as it grows worse.

To fully understand this vulnerability, it is important to be familiar with the print spooler and how attackers can use it to their advantage. This issue is a critical flaw that may need to be handled in-house while Microsoft works towards finding a permanent solution for all users. Otherwise, the system could be taken over by hackers. 

 

What Are the Vulnerabilities in the System?

Two central vulnerabilities lie inside of the print spooler system. Each serves as a different attack point for a hacker trying to find a way into vulnerable devices. It is critical to understand each of them so that you know the weak points that they target.

The core vulnerabilities include:

  • Local privilege escalation, ensuring that a hacker who gets into a computer with low privilege can elevate to an admin level on the device
  • Remote code execution, which can allow the systems to be weaponized either locally or by using a domain controller

These vulnerabilities can offer power to the attackers that allow them to take over many systems at once. 

 

How Can Hackers Use This to Their Advantage?

It can be a little bit difficult to understand what hackers can do with access to a print spooler. This device’s only job is to manage printing items and does not seem like it would be very threatening. It is a program that many people overlook, yet hackers can pose a massive threat if they gain access to this software.

This threat includes:

  • Hackers gaining access to sensitive information
  • Manipulating private and personal data to their advantage
  • Installing malicious programs onto the device

These are just a few of the things that can happen if an attacker gains control of a system through the print spooler. It can be a massive invasion of privacy.

 

How to Mitigate PrintNightmare

Since the security update addressing this issue was released in July 2021, the best practice for mitigating the problem of PrintNightmare is to install this update. However, this update may not completely eliminate the threat of PrintNightmare. Some systems are not able to install the update, and it can cause issues with some printing devices. Because this update is not perfect, there are other options that can reduce the threat, depending on the devices operating system.

Option 1: Disable the print spooler service on your device.

Taking this action will stop hackers from being able to access the print spooler, and therefore stop them from being able to access data. However, this action would also disable to ability to print completely.

 

Option 2: Disable the option for print spooler to accept client connections.

Taking this action will prevent remote printing operations, which will remove the attack vector. This means that remote printing will no longer be possible (though printing locally to a directly attached device would still be possible).

These workarounds are not ideal, because the print service will not be able to be used in the way it was intended, if at all. However, the alternative could be losing access to the device altogether due to an extensive attack. Again, the best practice would still be to install Microsoft’s security update addressing this issue. However, because this isn’t an option on all devices, we will go over how to implement these workarounds.

 

Disable the Print Spooler on Windows 10 Home Edition

If unable to install the security update, the print spooler on every single vulnerable item in the workspace can be disabled. Any device that has a print spooler can be hacked into and potentially pushed into other devices. Follow each of these steps carefully so that you don’t have to start over again.

Once all of the items are prepared, you should enact the following steps:

  • Open the Start Menu
  • Type ‘PowerShell’
  • Pick ‘Run as Administrator’
  • When asked if you want to allow the app to make changes to the device, answer yes
  • Type ‘Stop-Service-Name Spooler – Force’ and push enter
  • Type ‘Set-Service-Name Spooler -StartupType Disabled’ and push enter. This will keep the spooler from starting up again when the computer is rebooted.

This sequence should disable the print spooler on devices containing the Windows 10 Home Version and a few other varieties. If you have the Windows 10 Pro or the Enterprise edition, there are a different set of steps to follow to disable the print spooler. 

 

Disable the Print Spooler on Windows 10 Pro and Enterprise Edition

If you have Windows 10 Pro or the Enterprise edition, the print spooler will need to be disabled using the group policy editor. This method only works for those two systems.

To disable the print spooler, you will need to:

  • Open the run box by using ‘Win + R’
  • Type gpedit.msc
  • Press enter
  • Wait for the Local Policy Editor to open
  • Type ‘Computer Configuration > Administrative Templates > Printers
  • Click ‘Allow print spooler to accept client connections’
  • Click ‘Disabled’
  • Press ‘Apply’ and ‘OK’

These steps should effectively disable the print spooler on the printer and other devices that operate under these programs. If it doesn’t work, double-check that you have followed all the instructions completely. 

 

Can You Enable the Print Spooler If Needed?

Enabling the print spooler again might become necessary if a print job is required. This action might seem intimidating, as it could potentially reopen the systems to hackers. However, enabling it for a short period of time should be relatively low risk. 

 

Enabling for Windows 10 Home Edition

To enable the print spooler again after it has been disabled, there are a few steps that can be followed. On the device:

  • Open the Start Menu
  • Type in ‘PowerShell’
  • Pick the option ‘Run as Administrator’
  • When asked if you want to allow the app to make changes to the device, answer yes
  • Type ‘Set-Service-Name Spooler-Startup Type Automatic’ then hit enter
  • Then type ‘Start-Service-Name Spooler’ then hit enter

This sequence should enable the print spooler again. If the security update has already been installed, this can remain enabled. If it was disabled temporarily for the ability to print, it can be disabled as soon as the printing process is finished to ensure the device is protected. 

 

Enabling for Windows 10 Pro and Enterprise Edition

Just like with disabling the print spooler, a group policy editor is needed to enable the print spooler on Windows 10 Pro and Enterprise Edition. This specification is critical to note, as this will not work for other versions.

To re-enable the print spooler on these devices, these steps should be followed:

  • Open the run box using ‘Win + R’
  • Type gpedit.msc
  • Hit enter
  • Type ‘Computer Configuration > Administrative Templates > Printers
  • Click to allow the print spooler to accept client connections
  • Pick ‘Not Configured’
  • Press ‘Apply’ and then ‘OK’

This process should successfully enable the print spooler on these devices. As with the other method, this can remained enabled if the security update has already been installed. If not, it can be disabled until the next time it is necessary to print.

 

Will this security update completely eliminate the PrintNightmare problem?

As previously mentioned, the best practice for reducing the PrintNightmare issue is to install the security update. However, the update is not flawless. There is a long way to go until PrintNightmare is completely eliminated.

The July Emergency update:

  • Only worked on a few select devices, leaving the others just as vulnerable as before
  • Caused issues for users attempting to print to various printers
  • Affected receipt and label printers that connected with USB

This update has its flaws, which can affect any Microsoft device. Future patches in development will likely be able to fix the issues that the current update has. Hopefully, this comes in the next few months. Until then, users that are still vulnerable should disable the print spooler for the safest results.

This is just one of many ways that your company can be targeted and data can be lost. If you’re looking to be more proactive in your cybersecurity, we’ve created an outline of five critical components your incident response plan should have. Read more about it below.

 

Moving Past PrintNightmare

The PrintNightmare situation is a wake-up call for those unaware of how vulnerable the print spooler can be. Hackers can easily lock themselves into the system and change data belonging to the user. They can then make use of the device remotely or through a computer elsewhere.

This is dangerous for users who are not aware of this problem. With the knowledge you read here, you should understand how to mitigate the issue until the issue is completely resolved. If you’re unsure of whether or not your network is secure, take our free, self-guided IT Security Risk Assessment, or contact us today for a free, 30-minute consultation.

For all you Star Wars fan out there – this is a meme summary of the seriousness of the attack.

 

5 Ways to Make Cloud Computing Work for You

For many, “the cloud” is a familiar term, although many struggle to describe what it really is. Loosely, the cloud can refer to any number of servers accessed via an internet connection. Some people are familiar with the concept that it is a data storage center, but they aren’t aware of much more than that.

Recently, the need for more services that fall under the umbrella of cloud computing has grown. There are numerous ways to use cloud computing to your advantage, but there is undoubtedly a cloud computing service you can use regardless of your needs.

data stored in cloud fact

What is Cloud Computing?

Cloud computing is a way to utilize computing services via the internet in any number of ways. These services are offered by a number of businesses and are becoming commonplace in business. It’s estimated that the market growth for cloud computing services well over doubled from 2016 to 2022 (see Figure 1).

To understand how to make cloud computing work for you, you’ll need to understand what services you need to utilize the cloud.

rapid growth of cloud computing chart

Common Services Available via Cloud Computing

In addition to the simple file storage applications that most people are acquainted with, there are scalable services available from many vendors that allow businesses to tailor cloud computing to their individual needs. So, whether you only need access to a specific application or need assistance with all aspects of your computing needs, there is a service in mind for you.

File Storage and Data Backup

These two services often go hand-in-hand, and it’s hard to talk about one without the other. File storage and data backup are two cloud computing services that most people are familiar with, with companies like Google and Dropbox offering storage services. These cloud computing services have been available for years, and most people have utilized them in one way or another.
Data backup is where file storage can become something more than simply storing documents. Data backup services often offer guaranteed protection of your data, shielding them from viruses, unexpected data losses through hardware failure, and encryption to protect them from prying eyes. In addition to this, the data backup process is often automated, needing no oversight from a person, whereas backing data up on an external drive would need supervision.

Infrastructure-as-a-Service

Infrastructure-as-a-service, or IaaS, is another common cloud computing service and is often identified as one of the most used types of cloud computing services. IaaS is the utilization of a vendor’s service and storage, networking services, and data centers. When choosing to use IaaS, you’ll still be responsible for the applications and tools that your computers will be using, as well as their operating systems.

IaaS is a great way to save on expenses for the necessary hardware to run a business, like servers, storage, and networking. So if you are looking to save money on capital costs when starting a business that needs these things to function, IaaS is the best choice for you.

Platform as a Service

Another common online cloud computing type is platform-as-a-service, or PaaS, which allows businesses to utilize environments to develop, test, and manage the applications that they are working on. Software developers often use PaaS services to help avoid the costs associated with developing a new application.
Using a PaaS service allows users to avoid having to pay for operating systems, servers and storage, networking resources, and data storage. The only thing that the user is responsible for is the code for the application being developed.

Software as a Service

While most people are familiar with file storage and data backup services, most are also patrons of some sort of software as a service, or SaaS. SaaS is the utilization of cloud-based applications or software. Email services fall under this category, and most people have an email address, meaning that they have used a SaaS service.
Other instances of SaaS services include monthly subscription-based programs, like Office 365 or the Adobe Creative Cloud. When using a SaaS service, you are responsible for nothing but paying for access to it, if needed. The vendor is responsible for the application and development of it, the operating system, servers and storage, networking resources, and the data center. It is often more cost-effective to pay for subscriptions to a cloud-based application than to pay for the licenses needed for each computer in a company. SaaS is an excellent way to save money and is easily scalable to fit the client’s needs.

Data Analytics

All businesses have some sort of data analytics needs. We live in the digital age, and businesses are constantly collecting data. Analyzing this data is crucial and often more demanding in terms of resources than the initial collection of the data. Cloud computing allows businesses to access the resources that vendors have to process power, making the analysis of large data sets a simple task rather than something that can take a large amount of in-house resources.

Typically, these services are on-demand and affordably priced, allowing companies to allocate funds to other company needs. The money that would have traditionally been spent on the hardware necessary to process these large datasets stays in the pocket of the business, with only a small percentage of it being paid to the vendor, which can make a world of difference in terms of budget.

 

What are the Benefits of Utilizing Cloud Computing?

While there are many benefits to using cloud computing services, here are the five most relevant to business owners and what makes cloud computing work for you.

1. Cost

No matter how you look at it, using a cloud computing service allows the user to save money. These savings are almost always associated with the initial hardware costs to set up servers and data centers and the required human resources. When using cloud computing, vendors provide the physical aspects for most computing needs and the IT expertise to keep them running smoothly. While the services offered are still paid for, they pale compared to the cost of setting up similar services in-house.

2. Performance

The high performance associated with cloud computing services can be attributed to the vendor handling all of the hardware related to the service. These vendors often have access to a network of high-performance data centers and computer hardware, allowing for faster processing times and, in turn, quicker computing than an in-house data center would.

3. Speed

The services offered by a cloud computing vendor are bound to be faster than in-house operations. The services they offer are preset and on-demand, ready-made for their clients. Even if the computing is complex, the system is typically set up for such computing, allowing the client to avoid the need to allocate resources to resource-heavy operations.

4. Productivity

Many, if not all, cloud computing services are prone to automatic updates and scheduled patching or maintenance. The vendor taking on these services allows any in-house IT staff to avoid meager tasks like software or application updates, leaving them to tend to more important matters that the client is responsible for. Additionally, these updates are seamless and meant to keep the client on the most recent product or service available, meaning that they won’t fall behind as software updates. This is a problem with purchasing individual licenses as opposed to paying for cloud computing services.

5. Security and Reliability

Cloud computing vendors understand the importance of keeping data safe, which causes them to implement numerous security features into their services. Keeping your data protected is one of the best ways to keep your costs down, as any sort of breach is costly. Additionally, these vendors are reliable, as they understand the responsibility they have to keep your data safe from loss. Often, if there is data loss, disaster recovery is more manageable than if it were to happen in-house, as they can keep the data backed up in several locations at any given time.

The Future of Cloud Computing

Cloud computing is a market that most, if not all, businesses cannot get away from. The required costs to initially set up all of the needed hardware and networking resources for a business can be higher than what is feasibly affordable, but many vendors have stepped in to fill the needs of these businesses. Their presence on the market allows businesses to avoid these initial costs and reduce the necessary hours for IT in-house. 

Cloud computing services are entirely scalable and applicable to all businesses. Whether you need access to office applications or an entire infrastructure to get your business started, there is an option available to you via cloud computing. It really comes down to your individual needs and determining what options are best for you.

At Edge Networks, we’ve made many of our clients ’ transition to the cloud easier and more secure. Contact us today for a free 30 minute consultation.

Social Engineering: Common Methods, Examples, and Preventative Measures

What is Social Engineering?

Social engineering is a strategy that has invaded much of our world today. Around 98% of cyber-attacks rely on social engineering to get them their information. So how does social engineering work? Thieves and criminals attempt to use manipulation to trick individuals out of information, because it is easier to exploit a human’s ability to trust another than teaching themselves how to hack software. Knowing the techniques they use, how they use them, and how to prevent these attacks can come in handy.

 

Keep on reading to learn more about this sneaky strategy that many manipulators use. By the end, you should be much more prepared to take on one of these attacks if it should happen to you. With any luck, you will be able to avoid the many ways that a hacker may attempt to push themselves into your system.

 

Common Methods Used in Social Engineering

Those who use the social engineering tactic have a lot of methods that they can choose from. The way they try to get information from people spans across all platforms, from text messages to websites. Practically every industry on the market has been breached in some way by social engineering.

There are six main methods that social engineers will use to pry information from people. Knowing these could help you from falling victim to an elaborate plan. You should become familiar with them as best as you can.

 

1. The Whaling Attack

The whaling attack centers its target on a very specific group of people. It’s a sophisticated attack that works against those who have special access to systems that tend to be at a higher level than others. Someone who might experience a whaling attack would have a large sum of money hidden behind an intricate system.

When conducting a whaling attack, the criminal will typically do the following things:

  • Find a messaging platform that is often accessed by the user, such as an email
  • Craft a compelling message that entices the viewer to click it
  • Draw the user in and grab their information

Once the link or mail is clicked, that’s all that it takes. Most often, the message will seem urgent, and the user might want to respond immediately. It is critical to check where the item is coming from before following through.

 

2. The Watering Hole

The watering hole attack takes inspiration from the drinking spots where animals go to get hydrated for the day. Like this spot, the hacker will place harmful code on a popular website, targeting the types of people that they assume will visit that site. This leaves them vulnerable whenever they go to that particular site.

The attacker using this method will likely:

  • Wait until a particular moment to use this attack
  • Launch on a website or a software
  • Be quick and efficient

The watering hole technique is used when these attackers want access to a specific group of people. It could be anyone, from entrepreneurs to financial advisors. This one is a little harder to prevent since you cannot see it coming.

 

3. The Pretexting Method

The pretexting method targets those who fall victim to others telling them that they need assistance. The attacker might message the victim to let them know that they need their personal information to fix a problem on one of their accounts. This can be done through messaging or calling.

Often, someone using the pretexting method will:

  • Text without further notice, asking right away for information
  • Use that information, should they get it, to access the victim’s accounts

The damage is done when the victim gives up all of their passwords and usernames to these attackers. If you do not give it to them, it is harder for them to get it. They rely on human nature to provide a helpful response in a time of uncertainly.

 

4. The Baiting Attack

The baiting attack is perhaps one of the most common forms of attack. Through this, a link disguised as being helpful is sent out to a victim to manipulate them. However, it often contains malicious and aggressive software that will do them harm.

Often, these attackers will send out the link through:

  • Text messages
  • A messaging platform on social media
  • An email

These links are usually pretty obvious. However, some can be trickier than others. Any random link in an unexpected email should not be clicked for safety purposes. You could risk the entire security system of your computer or phone.

 

5. The Quid Pro Quo Attack

The quid pro quo attack is a lot like the baiting attack. However, there are a few things that set them apart from each other. This attack involves the baiter giving tasks to the victim, often pretending to be someone to help them with their device. These instructions will leave the device vulnerable for the attacker to swoop in.

This one is particularly tricky because the victim must perform the steps themselves. It is critical to avoid any instructions or advice that come from a source you are not anticipating. Being cautious can prevent your private information from slipping into the wrong hands.

 

6. The Phishing Attack

The phishing attack is seen most often. The phishing attack uses a variety of items to try to get a person’s attention. These often have emotional ties and pretend to be trustworthy individuals that the victim could trust. They also use companies and sources that seem legitimate to anyone who glances at them.

The individual using the phishing attack will:

  • Take on an identity tied to the victim
  • Send a message to get the victim’s attention with urgency
  • Wait for the victim to click
  • Gather their information

It’s all too easy for someone to fall victim to this trick. The phishing attack is especially dangerous because it targets people’s emotions. Emotions are a powerful thing, something that could take anyone down in an instant.

These malicious messages make up most cases of social engineering cyberattacks. Around 65% of these attacks utilize a form of phishing as the way that they gain access. The phishing attack is a simple way for hackers to claw their way into a system.

Examples of Social Engineering in Action

For many, it can be hard to understand this concept without putting it into action. We’ll dive into a few examples of social engineering, showing examples of attacks in specific locations where they might happen.

Not all attacks are created equal. Knowing what a few might look like can help you pick one out, no matter how different it looks from others that we have shown.

 

1. Examples of Whaling Attacks in Social Engineering

As the whaling attack is intended to target one particular type of person, there are very specific situations in which an act is carried out. We will go over a few examples to fully understand how this method of social engineering works.

The attacker essentially goes for the “whale” of a company, organization, or network. They will wait patiently and then will strike someone such as:

  • A prominent hedge fund founder over a network like Zoom
  • A small business owner through email
  • A firm CEO over a cyberattack

All of these are examples of whaling attacks in action. The hacker will wait until the moment is right. Then, they spring on the leader and attempt to pull as much money and access as possible from the person they have attacked.

 

2. Examples of Watering Hole Attacks in Social Engineering

As we have discussed, a watering hole attack targets a group of people involved in the same kind of industry or profession. The attacker will probe the website for a weakness that could allow them to infiltrate the website and those that make use of it.

Some examples of watering hole attacks include:

All these items targeted a website and those that visited it regularly. The attacks occurred once they had infiltrated the site and gained access to the hundreds of thousands of people who visited it every day.

 

3. Examples of the Pretexting Method in Social Engineering

Pretexting is the method of attack in which an attacker will contact an individual with an informational request. The individual will then respond with their personal information that the attacker can then use to gain access to more private information.

Pretexting can occur in a variety of formats. Some of them include:

  • An attacker posing as the CEO of a company and requesting personal information from employees
  • A social engineer acting as the leader of a bank and requesting personal information to assist a customer with an account
  • Someone working as a customer assistance rep and requesting access to a certain account to help

The pretexting method can sneak up on people rather unexpectedly. If you receive a message requesting any personal information, it is critical to double-check the source. Pretexting can happen to anyone who is not paying attention.

Never give out your personal information through a text message or email. This is a rare way to exchange this kind of critical information about your life. Unless you have had a verbal, in-person agreement, you should not be handing yourself out on the internet. It doesn’t matter how trustworthy they seem to be in the space.

 

4. Examples of the Baiting Attack in Social Engineering

Often, a baiting attack happens in the real world. A criminal might leave a hard drive or a link that, when clicked or entered, will lead the victim straight to harmful malware. From there, the attacker can get what they want.

Baiting can also involve advertisement online. These can be tempting for a user to click, with enticing images and headlines. When the victim clicks, they download the malware onto their computer or phone.

Malware can take many forms, such as viruses, ransomware, spyware, spam, and more. The first step to avoid all types of malware is staying educated on how they happen, where they come from, and what they can change into. Read the blog post below to discover 6 ransomware trends you should watch for in 2021.

 

5. Examples of the Quid Pro Quo Attack in Social Engineering

A quid pro quo is a high-level format of attack. The hacker asks for access to a company or a large organization in a method that sounds simple, easy, and harmless. From there, they can take control and finish whatever they have set out to do.

A quid pro quo attack might involve:

  • Someone offering assistance if an individual disables their security
  • A free fix for the cost of some personal information

Both of these offer to give something away, but for the victim to receive that thing, they must also give something in return. It sounds too good to be true, and often that’s because it is.

 

6. Examples of the Phishing Attack in Social Engineering

The phishing attack is a format of aggressive baiting. There are many different subcategories of the act, but the main point of it is to get ahold of personal information that the victim hands out.

A phishing attack can happen:

  • On a fake website
  • Through a faulty link
  • In an email or a mass text message

The phishing attack is the simplest, and yet it is also the most powerful. There is a large group of people who fall for this trick every single day.

 

Ways to Prevent Social Engineering

Standing up against social engineering is a critical part of existing in our society today. Everywhere, hackers make use of social engineering in an attempt to gain valuable information that could win them all of your money. How do you take a stand against such an aggressive and dangerous type of individual?

There are quite a few things that you can consider when trying to prevent social engineering from happening to you. Some of the best include:

  • Staying cautious at all times, no matter how trustworthy the coerce seems to be
  • Never giving out personal information unless you are confident of the situation that you are in
  • Using services to keep track of who is calling you and double-checking phone numbers or emails that you are suspicious of
  • Deleting requests for personal information before you can get involved
  • Giving a second thought to everything before you click on it
  • Ignoring offers and prizes, which are oftentimes fake when sent to you in a mailbox on the internet or in your physical mailbox

By staying on top of the game, you can prevent yourself and your assets from being corrupted by criminals using social engineering.

Are you concerned about the cybersecurity of your business? Edge Networks can help! Take our free, self-guided IT Security Risk Assessment, or contact us today for a free, 30-minute consultation.

Optimize Microsoft 365 For Better Security Without Spending A Dime

Microsoft Office has been around since 1990 & is here to stay. The newest product offering from Microsoft is Microsoft 365, an online suite that makes team collaboration easier.

Whether you have been a veteran user of Microsoft or this is your first experience, a cloud-based office suite will have new features to consider. Teams can now save documents in shared folders without calling the IT department or sending long chains of emails and edit documents in virtual meetings as everyone signs into the same document. The benefits of Microsoft 365 are revolutionary for teams and should be explored. 

Microsoft 365 is a great tool for team collaboration, and we highly recommend it for any sized office. Virtual teams, in-office teams, and everything in between will benefit from the vast features available in the web-based software suite. Although the software is web-based, you can still enjoy the benefits of downloading the Microsoft 365 suite directly on your computer or laptop. This suite enables you to get work done with your computer no matter where you may be.

That said, sharing or storing documents online requires care and proper security. This article will discuss a few ways to optimize Microsoft 365, some practical tips, and resources to learn more. 

 

Best Ways To Optimize Microsoft 365 For Users

Microsoft 365 is web-based. The main difference between this and old software forms is that user registration is not based on a product key. You may remember going to your local office supply store to purchase CDs, and those disks came with codes that you entered to verify ownership. Microsoft 365 is based on your Microsoft account, a web-based account connected to your email. This is a benefit because it allows you to use it on any device simply by logging into your Microsoft account. 
 
Logging into your Microsoft account on a public computer can create a risk. To keep your account safe when using these types of devices, we recommend:
  • Multi-Factor Authentication (MFA): By far, the most crucial way to protect your account is to enable Multi-Factor Authentication. This process ensures that you are the person logging into your account every time your account is accessed. That means if someone guesses your password, either by themselves or with the help of a bot, and you have a common password, you are likely at risk. You can still protect yourself without changing your password. MFA will send a code to your phone every time your account is accessed, and the person who is trying to log in will have to enter that code, even if they have the correct credentials. This protects your account and passwords. You can even download an app on your phone which automatically generates codes. These apps can be used for a variety of applications. Having all your codes in one place is very useful. It is essential to consider that a code generator is typically connected directly to your device. That means if your device is broken or stolen, there is only one way to recover those codes. This is usually a recovery sentence or a key if you use a code generator for MFA to safely store this recovery code.
  • Single Sign-On (SSO): This is a benefit of having an online account become more popular with workplace tools such as task managers. Let’s use Monday.com, for example. If you want to make logging in faster, more secure, and easier for your team, use SSO. In the example, this process connects your Microsoft account to your Monday.com account. This allows you to access Monday.com with your Microsoft credentials, saving you from having to remember an additional password. This SSO is better for your users because they do not have to create a new account for each tool you use, saving time with onboarding.

 

Visit Microsoft’s Security Portal

The Microsoft Security Portal for Microsoft 365 is an excellent tool for administrators to ensure their users are protected online. Among other things, the Portal is used to prevent spam emails and misuse of company email accounts. There are a few essential things to check out when logging into your Portal:
  • Security & Compliance: This section is important because it encompasses several key features to keep your users safe. This includes Threat Management, Policy, and Anti-Spam. These features, when correctly configured, will prevent external forwarding from your email address. If not enable, that gives hackers the ability to forward your data if they gain access to your network. It does not take any IT skills to know what settings to enable and disable within the Security & Compliance section. If you are having trouble, we suggest blocking external forwarding, enable anti-spoofing protection, and adding spam emails to the filter.
  • Consider Purchasing a Higher License: The better the license, the more the features. While this is true with most software, Microsoft keeps a few vital security features behind a paywall. One of these features includes link control for your documents stored in the cloud. If you share a document with a colleague or someone outside your organization, you have complete control over their access. You can send a document for editing and then restrict the access once the editor finishes. In addition, you can run tests on file links to ensure that they are only being shared with the people in need of knowing.
  • Exchanger Center: This is an excellent resource for businesses with legitimate email forwarding that needs to be kept secure. The Exchanger Center gives access to a user that needs to use certain features. You can add external contacts to the recipient’s menu, giving them the ability to forward and other features.
Microsoft’s Security Portal gives administrators the unique ability to keep their users safe without having to log in and manually change settings on each account. In addition, administrators have the power to assign users to groups. This ensures that the correct user has the right access to sensitive features such as forwarding.

Overlooked Tips and Tricks for Microsoft 365

Several companies have emails assigned to each employee. If an employee quits or is terminated, the company wants to preserve the user’s data without risking them compromising the account. To prevent paying extra to keep the older users’ accounts active to retain access to the data, Microsoft allows for Shared Mailboxes . This feature is unique because it will enable multiple users to access the data and files of the older user. For example, suppose the sales department loses a teammate. In that case, Shared Mailboxes allow the administrator to pass the information along to the other sales departments who can split the leads. 

Another great feature that is often overlooked is Azure AD Connect. This feature allows users to connect to their local server to work on their secure Microsoft 365 files. It syncs passwords and other information the local device needs for the user to do their job. 

Finally, we suggest offering training to your employees related to Microsoft 365. This training can be simple and cover essential items like the companies policy on spam and how to identify and report spam. You can cover features discussed like Shared Mailboxes, MFA, and Azure AD Connect in more detail. Do not skip this step. It is essential to make sure your users are aware of these features to protect your companies data. 

 

Microsoft 365 Final Thoughts & Resources

A hacker can be scary, cost you a lot of money, and in extreme cases, cause a company to go bankrupt. It is crucial to be protected online, and your company’s data is no exception. Keeping your business data safe with Microsoft 365 is easy and takes little time to establish. If you have not taken the time to review the Security Portal, make sure you get around to it soon. It will save your company time and money in the long run and protect you from hackers. 
 
Remember, when checking out these features, if you are unsure of what to do, there are plenty of resources available on the internet. Microsoft Office is a massive project that has a talented team backing it. The Microsoft Office team offers documentation on a helpful website. Common problems are answered, and in most cases, the documentation is all you need to determine the solution to a problem. That said, if you are still having trouble, there are some additional resources. Email support is available to users at every subscription level, and premium users can access chat and phone support. 
 
If you still cannot find the answer to your problem consider downloading add-ons and additional features that are available from third-party providers. Useful tools like Grammarly, Translator, and DocuSign can be added to a Microsoft 365 account to give users added benefits when working on projects. 
 
If you are overwhelmed by assembling your Microsoft 365 account, please reach out to our team at Edge Networks or schedule a call with us for a free 30-minute consultation.

Phishing 101: A Beginner’s Guide to Today’s Biggest Cybersecurity Threat

In today’s world, email is one of the most used means of communication. In fact, over 3.8 billion email accounts exist today, around half of the world’s population. If you have an email account, it’s likely that you also receive emails every day. We might receive newsletters we’ve signed up for, updates on deals from our favorite stores, or personal correspondence from friends and family. However, the one email we never want to receive is a phishing scam. Though these emails usually go to our junk folder, sometimes they make their way into our inbox to confuse and frighten us.

 

What is Phishing?

Phishing, a play on the word “fishing,” is a type of cyber attack . Attackers utilize email to perform this type of attack by throwing out a line via email to “fish” for your private information. 

Usually, the instigators of phishing perform the process like this: they create an email that looks like it’s coming from a reputable organization or company and trick the reader into thinking that the company needs something from them. They typically look for credit card information or for the user to click on or download a malicious link or document.

Similar to fraudulent telephone calls soliciting information or money, the goal of phishing is to get some kind of information from you that hackers can use to your disadvantage.

 

Phishing Kits

Surprisingly, phishing “kits” are readily available to hackers around the world. These kits are typically found on the  dark web  and are templates used to emulate prominent companies’ emails.

 There are websites that exist to combat phishing, making available to the public commonly received phishing kits so that people can watch out for them. A couple of these are  PhishTank  and  OpenPhish .

 What’s even more concerning is the number of phishing kits that exist (that we know of). One  study  found that there are 62 known kit variants for Microsoft, 14 for PayPal, and 11 for Dropbox.

There are a few steps to creating a phishing kit.

  • First, the legitimate website of the company people are using to phish is cloned.
  • Second, the login page is altered to include a credential-stealing script.
  • Third, modified files are put into a zip file to create the kit.
  • Fourth, the kit is uploaded to the fraudulent website, and the files are “unzipped.”
  • Finally, fraudulent emails are sent to unsuspecting people with links to the spoofed website.

The good thing is that there are ways to identify where phishing emails come from. Phishing kit analyzers can look at email addresses found in the kits and track actors down. They can even use the “from” part of the email to track multiple kits made by the same creator.

Of course, phishers always use fake names, leaving them virtually unidentifiable except by location, and thus, many successful phishing scams never find the instigator to hold them accountable.              

Types of Phishing

Though all phishing has the same ultimate purpose of getting a person’s private information, there are many ways to divide these cyber attacks. 

 

Purpose of the Attack

The first way to divide phishing into categories is by the intent or purpose of the phishing attack. Usually, phishers are trying to get the victim to do one of two things:

Give out private information: This type of phishing message seeks to trick users into giving out their important information. The kind of information they’re looking for varies, but it is commonly usernames and passwords used to get in some sort of important account or system. 

The most typical version of this scheme involves receiving an email that looks like it came from a major bank. Scammers send out the message to millions of people, knowing that at least some of them will be members of that bank. The victim is supposed to click on a link that takes them to the spoofed web page of the bank created by hackers and enter their information for the attackers to exploit.

Download malware: Like many spam messages, some hackers send out emails to get the victim to infect their computer with malware.

These messages are often disguised as resumes or other information that certain staff members may need. Once opened, the attachments in the email will infect the victim’s computer with malicious code. The most common type of malicious code is ransomware, with 93% of malware found to be of this type in 2017. 

 

Target of the Attack

Another way to differentiate between types of phishing attacks is by who the phishers are trying to target.

Sometimes, these emails aren’t targeted at all; attackers simply throw out the biggest net possible and hope to catch some information. A company called IronScales studied phishing emails and found that these are the most prominent sites hackers try to emulate:

  • PayPal: 22%
  • Microsoft: 19%
  • Facebook: 15%
  • eBay: 6%
  • Amazon: 3%

As described before, this is a very common trick performed by phishing hackers: trying to get victims to log into spoofed versions of prominent websites and thus give out their account information for hackers to use.

However, some phishing attacks are directed at very specific people. There are a couple of types of these sort of attacks that we’ve nicknamed according to the fishing theme.

Spear phishing: This type of phishing takes its name from the act of aiming at a very specific fish, as a fisherman does with a spear. Hackers that spear phish often use websites like LinkedIn to get information of employees of a certain company. Then, they send emails to important people such as those in the finance department to get sensitive information such as bank deposit details.

Whaling: This is a form of spear phishing aimed at the “big fish” of companies, CEOs, CFOs, etc. However, many of these types of scams also target people that are still high on the totem pole, but not as important as the chief executives, such as company board members. These scammers often target personal emails of these people and pretend to be their coworkers to get private information about the company or themselves.

 

Prominent Examples of Phishing

John Podesta:   One of the most consequential examples of phishing would be when Hillary Clinton’s campaign chairman accidentally gave his email password to hackers.

In this case, Podesta received an email that appeared to look like someone from Ukraine had gotten the password to his Gmail account. He was directed to a link to change his password, effectively handing it over to hackers.

This demonstrates the ability of phishing to affect even the most secure of email accounts.

 

University of Kansas: Five employees of the University of Kansas were attacked by hackers in 2016. They gave out their direct deposit information to the attackers, and lost money because of it.

The targets of phishing attacks can effectively be anyone, from your everyday person, to a prominent political figure, to university employees.

 

Why Phishing Happens

Criminals often take advantage of their environment and circumstances to exploit other people. While we can’t know why exactly people decide to phish for information instead of making a positive impact on the world, we can notice trends in when and why phishing scams occur.

Worldwide crises or even personal problems give criminals and hackers the opportunity to exploit victims by throwing out their phishing bait and hoping for a bite. 

 

 

In a recent article we wrote for our blog about how to maintain the cybersecurity of remote workers, we talk about an example of how cybercriminals have used the COVID-19 pandemic to scam people through text messages, social media, phone calls, and emails to disclose personal information. According to the 2021 Data Breach Investigations Report by Verizon, Phishing has utilized COVID-19 to pump up its frequency to being present in 36% of breaches, up from 25% last year”.  

 

How to Prevent Becoming a Victim of Phishing

The best way to learn how to identify phishing scams is to familiarize yourself with what these emails look like. You can visit the aforementioned websites that crowd-source phishing kits to learn about how hackers utilize email to attack people. 

In addition to getting acquainted with phishing kits and how they work, you can do a number of things to prevent you from becoming a phishing scam statistic:

  • Check the spelling of the URLs in emails, and of the email itself. A professional copywriter for email won’t make abundant mistakes as phishers sometimes do.
  • Look out for redirects from the original website that take you to the spoofed one
  • If you receive a strange email from a friend or family member, contact them directly instead of replying to the email
  • Don’t post personal information on the internet for everyone to see, including things like birthdays and vacation plans

As with anything, the first step to preventing being part of a phishing scam is educating yourself on how these attacks work. It’s crucial to remember that phishing is just one of the cybersecurity risks we face. If you’d like to find out how your company is performing and isolate weaknesses in your cyber defenses, schedule a call with us or take our free, self-guided IT Security Risk Assessment . 

Security Measures to Consider as Employees Return to the Office

Best Cybersecurity Practices for Your Employees as They Return to the Office during COVID-19

At long last, the COVID-19 pandemic seems to be slowing down, at least in the USA. Although millions of more people still need to be vaccinated, and there is a chance that the coronavirus will mutate and become dangerous once again, the next few months will likely continue to see a gradual lifting of pandemic restrictions. Some companies are already starting to ask their workers to return to the office. Even though many people are eager to get back to the way things were before the pandemic, office administrators and company executives need to consider several significant security measures as their workers return.

There are two primary security measures to keep in mind: digital security measures and pandemic security policies.

 

Security Measure #1: Remote Work and Digital Security Challenges

The COVID-19 pandemic caused a wide range of changes to the greater economy, but the most widespread of all was the sudden (and largely required) shift to remote work. According to  Mimecast Limited , 71% of employees are currently working from home.

 



 

Although remote work will no longer be strictly necessary once the pandemic is fully over, many companies are considering allowing certain segments of their workforce to continue to work from home, at least on a part-time basis. But while remote work can be convenient and even more productive for certain employees, it also introduces unique security challenges.

 

VPNs and Antivirus

One of the top cybersecurity recommendations we have is that organizations should look into upgrading or establishing VPN and antivirus software and policies for their workforces if they haven’t yet already. VPNs or virtual private networks help to mask IP addresses and prevent hackers or other cybercriminals from infiltrating your organization. Antivirus prevents malware and other digital threats from attacking your company’s data or systems.
VPNs can be beneficial for remote workers, especially if they like to do some of their work in public places on local Wi-Fi networks (such as coffee shops, etc.). Companies looking to maximize security should make VPN usage a requirement and educate their employees about how to use these new digital tools correctly and safely.
While VPNs can be very helpful for maximizing company security, it’s also important to remember that they aren’t foolproof. A VPN doesn’t prevent an employee’s computer from being hacked, so they still need to practice good digital hygiene to prevent compromising their company’s security as they work from afar.

Remote Log-In Protocols

By the same token, companies should endeavor to educate their employees about secure remote login protocols. Here are just a couple of ideas:
  • Never leave a work laptop or computer unattended
  • Never share workplace login info with anyone
  • Don’t use public Wi-Fi with a work computer (even with a VPN)
  • And so on.
By establishing remote login protocols now, any remote employees who continue working for your company from home won’t compromise your organizational security or allow bad actors into your systems.

These guidelines might seem like common sense for your responsible employees, but making them into companywide policies can protect your company in the event of legal trouble and help you to crack down on compliance if necessary.

Educating employees is essential for security; be sure to stay on top of current trends to help you avoid cyberattacks.

Have Cyber Hygiene Training Ready for Employees that Return to the Office

Beyond these remote work-specific tips, it’s never a bad idea to have “cyber-hygiene” seminars and quarterly meetings, especially for your in-person employees.
Digital hygiene is surprisingly relaxed in many organizations across America. If you want your workplace to be as secure as possible, you have to teach employees how to practice good digital hygiene, such as not leaving ID badges or other identifying information around, never sharing workplace passwords with anyone else, and more.
Cyber-hygiene training seminars allow everyone to get back on the same page as they re-acclimate to working in an office environment. Many employees have likely lessened their security practices during the pandemic, as many of them have primarily been working from home, but it’s time to get back to work and strive to keep the workplace secure in our modern, digital-focused environment.

Security Measure #2: COVID-19 Concerns – How to Keep Employees Safe

The other significant aspect of security as your workforce returns to the office focuses on pandemic concerns. Even though many companies are now allowing their employees to return to the office, we’re still in the midst of a pandemic. Even with increased vaccination rates throughout the country, it will likely still be some months before everyone is immune to the virus.
To that end, you should keep these strategies in mind to keep your employees safe as they return to the office.

Update Everyone on New Policies – Including Security Protocols – As They Return to the Office

Any office targeting 100% security and health compliance should update their current employees about new policies they might have implemented during the pandemic, especially the policies developed specifically for returning to work in the office.
Many of your employees might have even forgotten the standard security protocols in place before the pandemic. For both of these reasons, consider sending out a security protocol packet or email to employees before their first scheduled day of work back in the office.
For example, your office might consider installing a new security checkpoint before employees can enter your building. You can take the temperatures of ingoing and outgoing employees at this checkpoint, ask for ID badges to scan people in, and more. Still, this new security measure will go over a lot more smoothly with your employees if you alert them to it before they arrive.

Vaccination Requirements and Regular Tests

Your company might also consider adopting vaccination requirements, especially if you plan to bring your workers back into the office in waves. Vaccination requirements help ensure the lowest possible likelihood of COVID-19 transmission and bring peace of mind to all the employees already in the office.
If everyone at your physical workplace has been vaccinated, the chance of a coronavirus outbreak in your office is near zero.
Additionally, regular COVID-19 tests can help to bolster peace of mind and reinforce a sense of security and efficiency at your workplace. Tests should be used if vaccination is not yet available for everyone in your area or in the weeks and months leading up to 100% vaccination for your workforce.
Of course, these measures aren’t possible for every company, and some organizations may need all hands on deck ASAP. Still, if it’s at all possible to mandate vaccination before a return to office work, you’ll do any returning employees a big favor, maximizing their security to the best of your ability.

Social Distancing and Physical Barriers as Employees Return to the Office

As you enforce regular COVID-19 tests for your employees, you should still mandate some social distancing and physical barrier rules, particularly in crowded areas. Masks are always a good idea, especially as employees will still pass one another closely even while they generally adhere to social distancing restrictions.
Physical barriers, such as enclosed office cubicles, can help to bring privacy back to the workplace and prevent the spread of micro-droplets if employees want to take their masks off while seated at their desks.
These measures may seem a little restrictive, but they can help lower the likelihood of a COVID-19 flare-up. Even better, you can reassure your employees that these measures are only temporary until everyone in your office has been vaccinated or until the risk of COVID-19 subsides.

Keep Health and Disinfectant Supplies Readily Available

Lastly, you’ll want to keep lots of health supplies – such as hand sanitizer, soap and water, and antibacterial wipes – on hand and within easy access for your employees. Even once they get vaccinated, many employees may want to maintain top-tier hygiene to protect people they have back home.
Giving them the tools to stay healthy and to keep their workplaces clean will show your employees that you care about the safety of them and their families and will help facilitate an environment of safety and trust.

Find the Right Balance Between Productivity and Security as Your Employees Return to the Office

All of these security tips are crucial, but it’s important as an office administrator or executive to strike a balance between productivity and security. The point of bringing everyone back to the office is to bring collaboration back, as well as make everyone feel like they’re part of a team once again.
With this in mind, consider asking your employees what security measures or restrictions they feel would best suit them and their needs. An open-door policy (and establishing an ongoing dialogue between yourself and your workforce) is the best way to make sure you can keep your organization safe and secure, plus make your employees feel heard.
For instance, your office employees might not feel that masks are necessary if you have a vaccination requirement. Alternatively, several people who work for you might still feel strongly about social distancing and maintaining health protocols over the next couple of months because they have an immunocompromised family member at home. Regardless, having these discussions can help you calibrate your security response, at least regarding COVID-19 policies.
If your company is still working partially or fully remote, check out the blog post below for tips on how to maintain the cybersecurity of your remote employees.

COVID-19 has been challenging for us all, but things are starting to look up again. As we stick to secure practices and finish strong, we can reach the second half of 2021 healthier and more productive than ever before. 

If you’d like to find out where you company stands in terms of cybersecurity, schedule a call with us or take our free, self-guided IT Security Risk Assessment

6 Ransomware Trends All Employees Should Watch For in 2021

Ransomware is an ever-present and worsening problem in today’s society. It’s crucial to stay abreast of related trends, regardless of a person’s role or rank within a company. Here are six ransomware trends to consider sharing with your employees. 

1. Decision-Makers Paying the Ransom and Not Getting Results

Ransomware happens when cybercriminals gain access to files and encrypt them, then demand that the victim pay to get the data back. A recent report from Mimecast indicated that 52% of affected parties paid the amounts. However, only 66% of the entities in that segment recovered the data. Another 34% didn’t get any of it back, even though they paid the ransom.
Understandably, some people under pressure in desperate situations would opt to pay the ransom and hope for the best. However, you can decrypt your files for free with online tools, provided you know what kind of ransomware affected the system. Becoming familiar with those options is a smart thing to do in case you ever need the knowledge later.

2. Ransomware Volume Continues Growing

Unfortunately, with ransomware, you can safeguard a system against a few types and stay in the clear. Hackers regularly develop new, more damaging kinds, trying to always stay ahead of any defensive measures their targets might take.
Cybersecurity researchers at McAfee recorded a 69% increase in new ransomware between the third and fourth quarters of 2020. They also clarified that many of the attacks capitalized on vulnerabilities in work-related apps and processes, such as VPNs and remote management tools.
Read more about the recommendations we have to help mitigate against ransomware attacks in our post below.

3. Cybercriminals Increasingly Use Social Engineering

Online criminals who plan and deploy ransomware attacks use various methods to achieve their aims. They also typically choose targets that enable them to do the most damage, such as hospital networks.
Managed service providers (MSPs) are also commonly hit because criminals can affect all those companies’ clients. One such recent attack caused at least $20 million in losses. Although MSPs are common targets, other business types are at risk, too.
For example, a research paper indicated that social engineering attack rates climbed during the COVID-19 pandemic. The authors expanded their search beyond ransomware to include all internet threats. Still, they noted that the dramatic increase in people working, shopping and otherwise doing more things online likely caused the shift. Plus, some criminal campaigns specifically involved COVID-19-related messages to catch people’s attention.
weekly ransomware attacks chart

4. Cybersecurity Researchers Warn of Triple Extortion

Not long ago, the cybercriminals who caused ransomware attacks only locked victims’ access to their files. They then began more frequently using so-called double-extortion approaches.
In those cases, hackers stole files and threatened to leak the data unless they received payment. Cybersecurity security researchers recently explored a triple extortion tactic, first identified as an issue in October 2020.
Hackers still demand payment from their primary targets, locking down the data and threatening to leak it. However, a new aspect involved the hackers engaging with the people who had their data stolen. The first notable instance of this happened at a 40,000-patient Finnish psychotherapy clinic. Hackers emailed patients directly, saying they’d leak their therapy notes unless the people paid them not to.

5. Ransomware Remediation Costs on the Rise

Another worrisome ransomware trend is that it costs progressively more to fix these issues after they happen. A study showed that the average remediation cost in 2020 was $761,106. However, it’s now an estimated $1.85 million in 2021.
The study also found that fewer respondents reported experiencing data encryption from ransomware since the last edition of the research. However, since the costs to address the problem increased so quickly, the study’s publishers warned that cybersecurity teams should stay alert for complex attacks that are more likely to have higher financial ramifications.

6. Ransomware-as-a-Service Gaining Prominence

An increasing number of “as-a-service” brands cater to individuals and companies that need resources and want to reduce the logistics involved to avail of them.
For example, a manufacturing executive might work with a robots-as-a-service company. They can typically rent an industrial robot for a flat rate that includes installation, maintenance and any other necessities. Cybersecurity researchers are keeping a close watch on a trend where people offer ransomware-as-a-service, usually by marketing themselves on the dark web.
Ransomware groups even hire hackers that share their views and agree to operate within certain parameters. For example, the people who work for a ransomware group might only target particular countries or commit to never attacking specific industries. The groups hiring the hackers usually take a 20%-40% cut of the profits from attacks, with the person working on behalf of those organizations keeping the rest.

Ransomware Remains Concerning

These six trends highlight why ransomware isn’t going away. Criminals continually create new attack methods and think of additional tactics to raise their success rates. These patterns pose challenges for businesses, particularly since attacks can compromise essential data and systems. It can also take days or weeks to resolve them. That often means affected companies operate with restrictions that compromise their profits. It’s even harder to recover if victims opt to pay ransoms.

However, having an awareness of the trends is an excellent way to determine how to conquer ransomware in your organization. From there, consider how you might back up files, perform a cybersecurity audit or familiarize yourself with some of the social engineering tactics that criminals often use. 

Remember that employee training is vital for safeguarding against ransomware. Indeed, a company can follow cybersecurity best practices and still get attacked. However, relatively simple precautions like never interacting with unexpected links or files in an email can help workers play their part in reducing the likelihood of dealing with ransomware.

It’s important to stay on top of cybersecurity before it’s too late. If you’d like to learn how to build a solid Cybersecurity Incident Response Plan, check out our blog post below. To learn more about the health of your business’ cybersecurity, take our free, self-guided IT security risk assessment today.

 

 

Guest Writer: Devin Partida

Devin Partida is a data center and networks writer whose work has been featured on AT&T’s cybersecurity blog, Yahoo! and other notable publications. To read more from Devin, please visit ReHack.com, where she is the Editor-in-Chief.