How to Secure Remote Access?

Categories

Secure remote access safeguards sensitive data transmission when applications are accessed from devices outside of the corporate network. It also enhances cybersecurity by introducing complexities for threat actors. In many cases, vulnerabilities in software applications, especially critical ones, may become harder to exploit as the configuration of the service begins to move away from the generic default to a more customized configuration.

What is Secure Remote Access?

Secure remote access is an umbrella under which a number of security strategies reside. It can refer to any security policy or solution that prevents unauthorized access to your network or sensitive data.

With more remote workers, different techniques may include the use of both VPN and RDP together (using different authentication mechanisms), implementation of multi-factor authentication (MFA), restrictions on which accounts may use remote access, during what times, with what password strength, and internal operating system controls that manage and protect passwords and authentication processes.

Why is Secure Remote Access Important?

If an organization does not implement any other layers of authentication besides the standard login with a username and password, there is a higher probability of a successful ransomware attack which could result in encryption and exfiltration of data, demands for payment, damage to reputation as well as lost data and revenue.

Read our Ransomware Best Practices eBook for insights on security threats and steps that you can take to mitigate your risk and rapidly recover from an attack.

Remote Access Risk Mitigation While Keeping it Simple

Some of the most effective ways to potentially reduce the risks associated with remote access systems are also some of the simplest:

  1. Disable remote access technologies if not absolutely required for the business.
  2. Restrict remote access to only the users that require such access, and restrict individual user access to only the services/systems that such users may require.
  3. Use current versions of operating systems and applications, and regularly update and patch. Critical patches should be applied to remote access systems within 3-7 days.
  4. Enforce a strong password policy with regular password changes. Strong password policy means both strength of the password but also complexity, lock-out policies and similar settings.
  5. Restrict and segment remote access services based on data classification.
  6. Use a VPN with MFA if you do use RDP.
  7. Where possible use multiple account login credentials as opposed to configuring all layers to authenticate via the same active directory.
  8. Implement internal monitoring tools to ensure that access is being used correctly and that systems are not being accessed outside of normal parameters.

Storagepipe Can Help

Old access security measures are no longer enough to ensure that your cybersecurity strategy is protecting your data and business continuity, and must be replaced with safeguards that allow employees and other verified users safe and secure access from anywhere, at any time, from any device.

We can provide your business with a suite of customized options to safeguard your business. Contact us now to get started.

Storagepipe to the Rescue

Your Backup and Disaster Recovery Heroes

Storagepipe is a trusted global provider of comprehensive cloud, data protection and security services.

Since 2001, Storagepipe has provided these robust and secure managed cloud and disaster recovery solutions from a scalable multi-tenant infrastructure, supported by our first-class in-house technical team. Storagepipe delivers highly flexible and responsive solutions with outstanding value and service, using state-of-the-art technology to offer ultimate protection and peace of mind.

We are driven to be your trusted partner and to ensure that we deliver a Storagepipe Experience that meets your business requirements with the reliability, scalability and support that your business demands.

Contact us today to discover your options around data loss prevention and rapid ransomware recovery with services such as DRaaS Veeam managed appliance for VMWare and HyperVDRaaS physical server replication, and other Storagepipe DR services. Ensure your business continuity by meeting your operational demands while protecting and recovering your most valuable asset – your data.

Questions? Ask Our Experts!

Get Ready to Remove Adobe Flash: End of Life Cybersecurity Threats

Categories

Adobe has announced that the Flash Player and its respective components will no longer be distributed or updated as of December 31, 2020. While security patches will still be updated as Adobe winds down their management of Flash, it is prudent for businesses and IT professionals to anticipate longer timelines for their deployment, with the exception of critical concerns. Organizations worldwide are being advised to prepare to remove Adobe Flash before the end of life date to mitigate data cybersecurity risks.

Please note that into November and December, there is a good chance that threat actors will take advantage of the less frequent security patch releases and that attacks against Flash will increase following EOL situations. With the discontinuation after December 31, these attacks are predicted to escalate into 2021.

Follow these steps to remove Adobe Flash and ensure a smooth transition:

Perform an inventory.

Understand what systems have Flash currently installed using your software inventory system. Software inventory systems are critical to supporting security patches, pragmatic updates and end of life systems. If an inventory does not exist, security or inventory scanning applications can be used.

Establish a cut-off date.

For example, you may decide to remove Adobe Flash by end of September 2020 to ensure that you have enough time to test your systems post-removal, implement any replacement solution, troubleshoot issues, and acclimatize your end users to the transition before the end of life date forces an abrupt and disruptive change. Examine your calendar for an appropriate day and send a message to all staff that:

  • Flash will be removed from all systems
  • The reason why
  • That it will be black listed
  • If you use sites with Adobe Flash – let IT know
  • The date of removal

Determine any systems that use Adobe Flash.

This might be a cumbersome task, but it’s important to know if any of your business systems and applications use Flash. You may be surprised by how many do, and by how many have not removed it yet. For each of these systems and applications, contact the provider and ask what their timeline is for removal and what they plan to roll out in its place. Make sure to check your network gear and servers especially.

Remove Adobe Flash.

Remove Flash from all systems using your inventory control or services automation solution. Centralized removal of software followed by blacklisting is critical to ensure continued security. Make sure to run an inventory check before and after the removal of Flash to confirm that your systems are clean, and then validate every thirty days for 90-days to check for rogue installations. Add this validation to your routine blacklist inventory scanning practice.

Storagepipe to the Rescue

Your Backup and Disaster Recovery Heroes

Storagepipe is a trusted global provider of comprehensive cloud, data protection and security services.

Since 2001, Storagepipe has provided these robust and secure managed cloud and disaster recovery solutions from a scalable multi-tenant infrastructure, supported by our first-class in-house technical team. Storagepipe delivers highly flexible and responsive solutions with outstanding value and service, using state-of-the-art technology to offer ultimate protection and peace of mind.

We are driven to be your trusted partner and to ensure that we deliver a Storagepipe Experience that meets your business requirements with the reliability, scalability and support that your business demands.

Contact us today to discover your options around data loss prevention and rapid ransomware recovery with services such as DRaaS Veeam managed appliance for VMWare and HyperVDRaaS physical server replication, and other Storagepipe DR services. Ensure your business continuity by meeting your operational demands while protecting and recovering your most valuable asset – your data.

Questions? Ask Our Experts!

Cloud Backups for Ransomware Attack Protection and Recovery

Categories

As technology becomes more sophisticated, so do cyber criminals and the tactics that they employ. As a result, the frequency of ransomware is becoming more prevalent and increasingly expensive for businesses to prevent, mitigate, and recover from when they don’t have cloud backups.

The question of how to best protect against ransomware attacks is rapidly gaining urgency in organizations of all shapes and sizes. Keeping recent, reliable, and ready to deploy local backups of your systems and files is one of the preferred ways to recover from attacks that make it through traditional security defenses. Unfortunately, this standalone tactic is rapidly becoming insufficient.

The new challenge facing IT and security industries is the arrival of insidious forms of ransomware that in addition to attacking the live production environment, also target and infect backups. This type of ransomware comes in a variety of deployments and entry points, and can corrupt or infect the backup environment in such a way that malware is still present when the backup is used for recovery. As a result, the live production environment is re-infected, and the attacker can attempt to re-ransom the victimized company.

The very real possibility that you will never actually recover your compromised data or return to business as usual is driving businesses to identify the best way to secure their entire backup process and systems.

Best of breed cloud backup solutions have adapted to include additional security processes to protect against sophisticated ransomware, identify intrusions, and recover data despite attackers’ best efforts to corrupt your information and hold you hostage in perpetuity.

How is Your Data Protected?

Investing some time in understanding how your data is currently protected will pay you back in dividends. Knowing the current state of your security and backup protection will help you identify the gaps and develop practical strategies for fighting ransomware threats.

When evaluating, find out:

How often is my data backed up?
Recognize that a ransomware attack will usually result in the loss of all of your data dating back to your last clean backup. What is the value of the data generated by your business during the delta between that last backup point, and the moment of malware infection? How would the loss of that data affect your business?

How much would it cost to restore my system in the event of a Crypto type attack?
How long would my office be down for? What data would we likely lose? What would it cost to restore our systems? How could we make our data more resistant to attack or loss?

Have the computer users in my office received any type of computer security training?
Can they recognize the difference between valid and malicious email attachments or web links? Most computer infections are brought into an office by poorly trained users that click on a malicious attachment or install a “freeware” program onto their system.

General Recommendations for Data Backup and Protection

Run two forms of backup, ideally a cloud based and internal backup system and then add archiving for air-gapped protection to media such as tape.
It is critical to run two forms of backup, especially if one backup method fails temporarily – you must have an additional solution in place to maintain protection for your data.

Run some form of continuous backup or replication that works to protect your data throughout the day, as your files or databases change and are updated.
Examples of this type of protection include: frequent storage drive snapshots, SQL database replicas, and periodic backup or replication to cloud with Veeam.

Avoid storing data on your end-user computers unless they are also backed up.
Typically, files saved to your ‘My Documents’ and similar local folders on your workstation aren’t included in cloud backups, procedures, or anti-fraud protections.

Advantages of Cloud Based Backup and Recovery

  • Most cloud-based backup solutions have versioning capabilities that allow for multiple cloud backups, effectively allowing the rollback of ransomware encrypted files to the pre-encrypted version.
  • These solutions may also provide data protection that automatically monitors for indicators of ransomware activity. For example, a massive number of file extension writes and renames can be a great clue that something is amiss.
  • As an added countermeasure, these solutions are not linked to the local network and don’t show up as another drive or shared folder – which are often targeted by ransomware attacks.

For more information and insights, read our Disaster Recovery Guide now to learn what you need to be prepared.

Cloud Backups and Ransomware Protection with Storagepipe

With ransomware, what you don’t know or aren’t prepared for really can hurt you. The good news is that with a little extra preparation and a nominal investment of time you can successfully assess and manage this risk.

Working with an experienced backup and disaster recovery cloud provider is one key way to ensure that your data is secure in the face of malicious activities and attempts to hold your valuable business data hostage.

Storagepipe has over 15 years of experience in data protection. We are continually advancing our solution portfolio to combat emerging threats. New features and enhancements from Veeam and Storagepipe such as “Insider Protection” and “Cloud Recycle Bins” are leading the way today in restricting data access and ensuring recoverability from ransomware and other types of sophisticated cyberattacks.

Speak with a Storagepipe data protection specialist today to learn how we can help you to safeguard your business with cloud backups and recovery.

Stay Safe in the Cloud with Storagepipe

Questions? Ask Our Experts!