Blog

When it comes to the company network, cybercriminals are always looking for ways to infiltrate and uncover lucrative data that the can either sell on the Dark Web or use as reconnaissance fodder to plan follow-on attacks. And you don’t have to be a large business for threat actors to set their sights on you — small and medium-sized (SMBs) are just as targeted, if not more so, than their bigger rivals.

What’s also true is that company endpoints – the places where individual employees interface with both the internet and the internal company network – are among the weakest links when it comes to corporate security. So, while there are a lot of reasons to turn to a managed service provider (MSP) for your mission-critical IT and communications needs, endpoint protection should be at or near the top of the list.

Here are the basics that SMBs should know about managed endpoints and security. We’ve also put together a quick, two-minute video overview of what they are and why they need management:

1.What are endpoints, exactly? [0:11]

An endpoint is any device that is connected to your network that employees use to carry out their job functions. These include the web-facing servers that run the applications that power your business, as well as the desktop and mobile computers/devices that your employees use to do their jobs every day.

2.Why do endpoints matter? [0:32]

Think of unprotected endpoints as wide-open doors and windows to your business. If they’re not secured and managed properly, bad actors can easily get in, installing malware, monitoring employee communications or snooping around the files on a computer. They can also pivot, get onto the network, and reach other corporate resources beyond the endpoint itself. The result? Security breaches, frequent system crashes and performance issues, lost productivity, frustrated employees and possibly even competitive harm or legal trouble.

3.It sounds like I really need endpoint protection. Can I handle it myself? [0:54]

While many companies would love to handle things in-house, this is really only feasible if you have the right tools for the job and dedicated IT security staff who have the know-how to cover all the bases. Those bases include making sure every single application and operating system is patched and updated; running daily malware and antivirus scans; purchasing and maintaining the latest endpoint security software for intrusion detection and performance monitoring; ensuring employees are using only sanctioned cloud services; requiring strong passwords; and implementing employee education around things like phishing threats. Unfortunately, it’s often far too complex and expensive for small business owners to put all of these things into place on an in-house basis, especially the technology pieces.

4.Is there anyone who can help me? [1:32]

Yes! Fortunately, managed service providers (MSPs) can act as an extension of your staff, guaranteeing that all of the technical details – like patching and malware scans – are done and that all the tools in use are continuously up-to-date.

TPx, for example, has invested in the best endpoint management technologies, so you don’t have to. We manage troubleshooting and repair, and more, all at one cost-effective price. That way, you can focus on growing your business, with peace of mind that the doors and windows are locked.

If you’re looking for a reliable managed service that will keep your endpoints safe, consider TPx. Visit www.tpx.com/endpoints and contact your TPx representative to learn more.

 

About the Author

Joe Royer is the Product Manager for IT/Cloud services at TPx. He has 25 years of industry experience in sales, consulting, and product management for several leading MSPs.

With payment-card details and personal data remaining a lucrative cash cow for cybercriminals on the dark web, retailers are firmly on criminals’ radar these days. E-commerce and business-to-business (B2B) transactions are the norm for most shops, which opens up a big digital avenue straight into the heart of the business for capturing card information and personally identifiable information (PII) including names, addresses, shopping preferences, and loyalty program information. Exacerbating matters is the fact that retail tends to be a vertical that falls behind on the security front – something that cyber criminals are well aware of.

All of this means that if you’re in charge of a company in the retail space, you need to make cybersecurity a priority. In case it’s not already, here are eight stats to think about as you plan strategic decisions going forward.

1.Retailers are top targets for cyber criminals.

According to a recent Alert Logic cybersecurity report, retailers topped the list of cyberattack targets out of eight different types of organizations (4,000 organizations in total). Alert Logic’s analysis of the attacks in this vertical revealed aggressive scanning, including indicators of extensive directory-guessing techniques and a large array of automated code injection and vulnerability scanning. Application attacks, where hackers infiltrate a victim company’s mission-critical services in order to capture the information flowing to and from them, are by far the dominant attack type in this industry group, accounting for 85 percent of all attacks.

2. Retailers lack social-engineering awareness.

The retail industry ranks dead last in foiling social-engineering efforts, where cyber criminals pose as a legitimate correspondent in an email to get an employee to click on a malicious link or open a weaponized attachment. According to the 2018 SecurityScorecard Retail Cybersecurity Report, since the retail industry employs younger, less experienced people at a higher rate than other industries, these employees may be less aware of these attack vectors.

3. Most retailers miss the mark on PCI compliance.

Also, according to SecurityScorecard, more than 90 percent of retailers are out of compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a standard for those that handle credit and debit card transactions. It’s mandated by law, requiring steps such as maintaining a firewall around customer data, practicing good hygiene when it comes to account passwords, and so on. Penalties for non-compliance are as high as $100,000 every month or $500,000 per security incident.

4. Retailers fall behind on encryption for data in the cloud.

According to the retail edition of the “2018 Thales Data Threat Report,” despite being among the primary adopters of cloud storage for company and customer information, retailers tend to put encryption for the data they keep in the cloud on the back burner. Only 26 percent of U.S. retailers are implementing encryption in the cloud today.

5. Data breaches are accelerating.

The Thales report also revealed that half of U.S. retailers experienced a data breach in the past year, up from 19 percent the year before. Further, a full 75 percent of retailers have experienced at least one data breach in the past.

6. Retailers see data theft as the biggest challenge this year.

According to the SecurityScorecard report, eight in 10 retailers think that their biggest IT challenge for 2019 is combatting data theft. And no wonder: a majority (79 percent) of those hit with an incident in 2018 said they lost customers, while 62 percent admitted to incurring legal costs.

7. Breaches impact customer loyalty.

According to a study by KPMG, a fifth (19 percent) of consumers would take their retail business elsewhere after a breach, and 33 percent would take a break from shopping at a store for an extended period. Examples of 16 retailers that have been affected by data breaches since January 2017 can be found here.

8. Security spending is on the rise.

The good news is that many retailers seem to be waking up to the cyber-dangers out there and the implications of a break or attack. According to the Thales study, 84 percent of U.S. retailers plan to increase their security spending in the next year.

The bottom line is that cybersecurity trends are growing worse for retailers in terms of the volume and success rate of attacks. This, combined with a lack of awareness and poor security posture within the vertical, makes retail an attractive target for information thieves. All too often, retail locations don’t have in-house expertise, which can be an obstacle for security preparedness.

The good news is that a growing number of retailers are increasing their use of managed security services  to fill the gaps in personnel and budgetary resources. For example, TPx has a full range of state-of-the-art protections and mitigation services, all offered on a cost-effective, managed basis. Call your TPx representative today to find out how we can help your retail business navigate the always-evolving threat landscape.

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

 

 

Whatever changes are in store for the future, one constant that we all will continue to face is the need to protect our data and infrastructure from increasingly complex digital threats. TPx is on the forefront of managed security services, offering a range of turnkey options to protect your critical data and IT systems without the cost and hassle of doing it all in-house. We’ve been able to establish these world-class – and industry-leading – solutions thanks to a team of professionals that runs our state-of-the-art security operations centers (SOC) in St. Louis, Missouri and Portland, Maine. A close-knit group of security analysts and engineers comes together there to deliver high-value, and highly effective, security services for our customers.

Inside Our SOC

TPx Security Operations Center

In a cyber landscape increasingly colored by spyware, ransomware, data breaches, denial-of-service attacks and many others, our SOC delivers TPx customers peace of mind. Most of the team’s time and effort is focused on enabling and managing the security features that are built in to each customer’s firewall.

The TPx SOC was built from scratch to respond to today’s critical need for security services. Developed by former security experts from the United States Department of Defense, it employs both digital and physical protections to its operations, including multistep access protection that includes:

This enhanced physical data protection is driven by requirements like HIPAA, PCI and CPNI standards. It was all designed into the SOC so our clients can rest assured they have all the layers of protection they need, and that they can meet stringent government and industry standards for maintaining sensitive data in key industries.

Meet Some of Our Team Members

Technology is nothing without people.  With this in mind, we’d like to introduce you to some of the members of our growing managed security services organization. It’s thanks to them that our customers can focus on their own businesses by day and rest easy at night.

Steve previously worked as a system engineer for St. Charles County, where he was in charge of network security. He also taught IT and mathematics classes for more than two decades, and has spent his time collecting a slew of certifications along the way. Steve taught IT courses at ITT Technical Institute for 12-and-a-half years, and he taught mathematics at other colleges for more than a decade prior to that. Steve brings no shortage of certifications to the TPx table, including: CCNA, CNA and MCP in 2003 Server; the A+, Security + Certified Authorization Professional (CAP) certifications from ISC2; and many more. When he’s not honing his technical expertise, Steve likes to sing karaoke, play guitar, and fly radio-controlled jets, airplanes and helicopters.
Bob has been on the front lines of fighting Internet abuse for the past 10 years. As a Certified Ethical Hacker, he knows the threats, how you can be attacked, what can go wrong in a response, and what to do to proactively protect your network. When not fighting cybercrime and sifting through forensic data, Bob enjoys playing Afro-Cuban percussion and building electric ukuleles.
Bryan is a network security engineer bringing almost 20 years of experience from his time in the U.S. Army – and in various roles afterwards – in the areas of systems, network, and security administration and engineering. He holds a BSc in Information Systems Security and has numerous security certifications. When he isn’t busy working to keep networks safe, you’ll find Bryan relaxing with coffee and a book, in the kitchen trying out a new recipe, or cheering (probably a little too loudly) for one of the Boston-area pro sports teams.
Charles is a security analyst at TPx, where he monitors networks for security breaches and investigates violations when they occur. He also configures firewalls, sets up virtual private networks (VPNs) and adds upgrades. Charles holds a bachelor’s degree in Information systems and cybersecurity. In his spare time, he enjoys basketball and cooking.
Jesse was originally an IT intern with TPx. He has since forged a path into the MSx Security team where he excels as the team supervisor, working on the best ways to maintain and secure networks. Working with the MSx Security director and product manager, he ensures that customers receive the white glove treatment they deserve.

These are just some of the talented folks behind it all, allowing TPx to offer our 24/7/365 protection and mitigation against viruses, ransomware, DDoS attacks and an increasingly sophisticated array of threats to businesses – all with the highest standard of excellence.

TPx has a full range of state-of-the-art protections and mitigation services, all offered on a cost-effective, managed basis. Managed security is always up to date, which means that the latest threats and security incidents can be quickly identified and receive an immediate response. Call your TPx representative today to find out how we help you navigate the always-evolving threat landscape.

 

About the Author

Adam Weber leads the development of TPx’s security product offerings. He has more than 15 years of experience in security and cybersecurity, both in the public and private sectors. He is a 12-year U.S. Army veteran in communications and was deployed to two combat zones. He has also worked with U.S. government agencies like U.S. Transcom (U.S. Military Transportation Command), DISA (Defense Information Systems Agency), and NGA (National Geospatial Agency). In his spare time, he is a computer and technology hobbyist who enjoys building his own networks, servers, labs, and security infrastructure. Adam holds an MBA from McKendree University and CISSP, CASP, CEH, and Security+ certifications.

 

stay secure on a limited budget

The ambition and dedication of small and midsize businesses (SMBs) drive the modern U.S. economy. These businesses face special challenges in the IT space because they don’t have the staffing, institutional knowledge and financial resources that larger enterprises do.

The Threat Landscape for SMBs

99.7% of all U.S. businesses have fewer than 500 employees. That huge footprint makes SMBs a prime target for cyberthreats, cybercrimes, and data breaches and theft – and an attack can have a devastating effect on an SMB’s viability.  The small to midsize business is an increasingly attractive target to malicious actors and cybercriminals because it is often unable to maintain the tools, skills, knowledge, and staff required to adequately defend the business.

According to Barkly, 57% of SMBs reported an increase in cyberattack volume in the last year. However, even though cyberattacks are becoming more sophisticated, only 36% of SMBs expect to be willing or able to increase their cybersecurity budget in FY2019.  These numbers point to a chilling existential risk to the survival of SMBs that rely on access to their data.

The Securities and Exchange Commission (SEC)’s Public Statement plainly states:

Cybersecurity is clearly a concern that the entire business community shares, but it represents an especially pernicious threat to smaller businesses. The reason is simple: small and midsize businesses (“SMBs”) are not just targets of cybercrime, they are its principal target. In fact, the majority of all targeted cyberattacks last year were directed at SMBs.

Why Are SMBs Being Targeted?

The same SEC Public Statement also indicates that many SMBs cannot handle a cyberattack effectively on their own.  A survey in the same report indicated that as many as 27% of SMBs have no cybersecurity protocols at all, and as many as 60% of them did not respond to a cyberattack correctly.  These conditions are exactly what a cybercriminal or malicious actor needs to continue perpetrating their attacks.

The question of “why” SMBs are being targeted at such high rates is easy to define.  It’s much harder to change the characteristics that make SMBs a high-priority target.  However, one thing is certain: money is a primary motivator for cyber adversaries. Cybercriminals are either trying to steal the SMB’s money directly, or they’re looking for data that they can sell for a profit on the black market.

Whether the discussion about how to assist SMBs in their cyber defense is about training, education, tools, skilled employees, around-the-clock monitoring, or using the most up-to-date technology to mitigate threats and vulnerabilities, the sticking point is always about the budget, the financials, and the overall impact on the business plan.

Managed Solutions for SMB Cybersecurity

Some SMBs will attempt to “go it alone.”  According to a report from Trustwave and Osterman Research, in 2014 SMBs spent $156 per user on security solutions (software, hardware, services and other technology), compared to $72 for enterprises.  Of this spend, only about 19% was dedicated to managed or cloud services.

The conclusion of this report indicates that security solutions for SMBs are often too expensive to purchase outright, which is why Managed Service Providers (MSPs) have been a financial relief to them.  Investments in inclusive infrastructure solutions, software solutions, computing solutions, or expert staff are cost-prohibitive for most SMBs.  MSPs provide these solutions at a fraction of the cost.  MSPs have the knowledge to monitor for, assess, analyze, report on, mitigate, and remediate cybersecurity threats and vulnerabilities for many customers at once, without having to undertake the onerous financial burden that an SMB would undoubtedly face on its own.

Some of the solutions a Managed Services Provider can offer include:

  1. Triage – Underskilled and undertrained IT staff face an insurmountable task when looking at the sheer quantity of passive and active attempts to infiltrate a network or device. Every SMB has specific data that is important to its business plan, and has unique and proprietary systems that require protection.  Additionally, there are often industry standards, regulatory compliance requirements and customer data protections that dictate what can or can’t be done.  MSPs can implement prioritization techniques that analyze the severity of attack attempts and appropriately implement policies that thwart them.
  2. Automation – MSPs can purchase more state-of-the-art tools and appliances, allowing them to implement automated tasks and alerting. This gives MSPs an advantage that many SMBs cannot afford to implement.  A streamlined and automated workflow of alerting, reporting, mitigating, or even remediation can result in large financial savings rather than waiting on a human being to perform the same tasks.
  3. Education and Training – Cybersecurity training and education is a never-ending task. MSP security analysts and engineers undergo constant training on tools and appliances, and they continue to accumulate security certifications in quantities that SMBs would likely never be able to afford.  Additionally, MSPs can provide user training to inform their customers of the dangers in the cybersecurity landscape.  Some of these dangers include opening unknown emails, clicking unknown ads, implementing poor passwords, connecting to unsecured WiFi networks, and browsing dangerous websites.
  4. Up-to-Date Technology MSPs have the budget and the business plans to purchase high-quality products from specialized vendors in the cybersecurity space. As a result, MSPs can offer SMBs a top-grade solution that would otherwise be unattainable for them.  Next-generation firewalls, backup and recovery, endpoint detection and reporting are all tools that are now available to SMBs through MSPs at a fraction of the cost of implementation.

By working with an MSP, your business can reduce the costs of downtime and business interruption, while spending less on salaries and minimizing turnover. You’ll also save on related costs like training, education, and specialized equipment and services which come with the MSP’s extensive in-house teams.

Ready to see how TPx can help you stay protected while cutting costs? Talk to a TPx specialist today.

 

About the Author

Adam Weber leads the development of TPx’s security product offerings. He has more than 15 years of experience in security and cybersecurity, both in the public and private sectors. He is a 12-year U.S. Army veteran in communications and was deployed to two combat zones. He has also worked with U.S. government agencies like U.S. Transcom (U.S. Military Transportation Command), DISA (Defense Information Systems Agency), and NGA (National Geospatial Agency). In his spare time, he is a computer and technology hobbyist who enjoys building his own networks, servers, labs, and security infrastructure. Adam holds an MBA from McKendree University and CISSP, CASP, CEH, and Security+ certifications.

 

How to avoid ransomware

Did you know that ransomware attacks worldwide rose 350 percent in 2017? Ransomware continues to be a scourge for businesses and individuals alike, as cybercriminals cast a wide extortion net in hopes of snagging a lucrative payday.

Made (in)famous around the world by the global Wannacry strike in 2017, the premise is simple: Crooks infect machines with malware that locks up all the files on a computer or business network, and then they demand a ransom (usually in the form of Bitcoin) in exchange for releasing the hostage documents.

The good news is that defenses are improving, giving businesses a host of great options for combatting the threat – which means that keeping current with the latest security tools is critical. Ransomware authors are hardly slinking away in the night: Instead, they’re evolving their tactics, using clever, targeted social-engineering techniques to get malware onto targeted machines and changing up their encryption schemes to make it more difficult for companies to unlock impacted files.

If you’re a victim, the conventional wisdom (which we agree with) is to not pay up – there’s no guarantee that the files will be released after the payment is made, plus it only encourages and funds the threat actors. But ransomware cleanup isn’t easy nor cheap – even after decryption (more and more tools are available to clean the compromised files).  Securing the integrity of the network post-attack is a lengthy process.

The best thing to do is avoid becoming a victim in the first place. Managed security from TPx automatically keeps your defenses up-to-date with the latest state-of-the-art technology to combat the latest threats. That provides real peace of mind, but here are some best practices that every business should always adopt to protect themselves.

1. Educate and Inform Users About Ransomware

Training staff to recognize fake emails and to be wary of unsolicited mails is critical in the fight against ransomware. Malware generally arrives in the form of an email attachment or a malicious link. These scam messages will come in many guises.

Sometimes, the email will purport to be sending an important invoice or information on a shipped package. In other cases, the mail will claim to be sending HR information or other business-critical data. As attacks become more targeted, attackers are even doing reconnaissance on the business before sending the emails, tailoring the message to make it seem legitimate. In all cases, the point is to encourage users to open the attachment or click on a link, after which the ransomware is downloaded and then starts spreading through the organization.

If you think you can easily spot fraudulent emails, think again. The success rate in targeting the average human worker can be almost 20% in some cases, depending on the lure. Also, often the sender’s address will appear to be an internal address; or, the sender may even be someone in a user’s address book. The best course of action is to pick up the phone and verify that an unsolicited message is legitimate before clicking on anything.

2. Use a Good Backup Solution

Back up your systems and data both locally and offsite. Today’s leading hybrid local/cloud backup solutions, such as TPx’s MSx Managed Backups service, can significantly improve the performance and reliability of backing up and restoring important data. They offer the ability to back up systems multiple times per day to minimize the impact of a disaster. Advanced security technology available in some systems can also help you identify and recover from ransomware attacks without having to pay a ransom.

3. Keep Systems Patched and Updated

A critical method for preventing ransomware attacks is to make sure to keep operating system and software updates current. Installing a system or security update doesn’t have to be a hassle or an annoyance and take you offline for a few minutes if you leverage an automated patching software.  And, it’s far better than the alternative: being open to a host of security threats, including ransomware.

That’s because attackers often deliver ransomware by exploiting unpatched security holes on a victim’s machine. When a visitor lands on a compromised website or opens a certain kind of file, the malicious code launches in the background to find these holes and infiltrate the system.

It’s also critical to note that Windows XP devices are no longer supported by Microsoft with security updates, so migrating off this platform to a more current form of Windows should be a priority.

4. Use a Good Antivirus/Anti-Malware Solution

Business-grade antivirus programs have the ability to scan files to see if they might contain ransomware or other threats. It’s critical to make use of them before downloading files or programs.

5. Consider Managed Security and Backup

While implementing user awareness training is up to you, you can implement other best practices with managed services.

The TPx managed security suite is designed to keep up with the latest protections. Gateway AV thwarts downloads of viruses, worms or other malicious content by checking all content for malicious code embedded within the payload and by blocking access to infected sites. The gateway security service also includes web content filtering and application control as well as intrusion detection/prevention (IDS/IPS), which uses SSL deep packet inspection to analyze even encrypted traffic which attackers now use in an attempt to circumvent firewalls. Two 24/7/365 Security Operations Centers staffed by A-list experts are always working to anticipate, prevent and respond to any attack.

TPx’s managed backup service, meanwhile, allows companies to back up complete systems locally and to the cloud on a continuous basis. That means you can resolve a ransomware attack by simply rolling back the affected systems to an earlier timestamp, to make it as if it never happened. This point in time rollback makes file restoration a breeze, and we’ll even work with you to get your backups restored.

We also offer help with system updates and patching with a managed endpoint service.  Our automated patching service ensures that key servers and workstations stay up-to-date with recommended security patches available for the Windows OS and supported third-party applications.

These tips are a good place to start, but of course it’s not an exhaustive list of precautions your business should take. Reach out to your TPx representative today to see how we can deliver peace of mind when it comes to ransomware and other threats.

 

About the Author

Jared Martin has been in the Information Technology world for more than 20 years. He co-founded a managed services voice and Internet service provider in 2001 and grew the business to significant revenue. In 2008, that company was sold to Tel West Communications, which in turn was acquired by TPx in 2012. Jared has been a technology leader in driving change and adoption of new technologies, such as Software-Defined Wide Area Networking. He is always looking for new ways to use technologies that are outside of the box and to influence TPx to innovate and to be on the cutting edge. In 2016, Jared took charge of TPx’s new MSx line of business, formed as a result of the merger of TelePacific and DSCI. This brought Jared back to his roots of providing managed services and a consultative sales approach to customers.