Recent Blog Posts
Why Backup Your Data with Office 365 Office 365 offers some great data protection, but it doesn’t actually provide for all personal data storage needs -and does not come close to all business data archiving needs. Why back up your data when working with Office 365? Office 365 Backups Only Last 30 Days The first and most important reason is that Office 365 only backs up data for 30 days, typically, or 90 days in some circumstances. This is a long time for collaboration, but not long at all for backups and archiving. 30 days means that you can’t restore backups or rollback changes made over 30 days ago. It also means that mistakes and accidental deletions that aren’t noticed for over 30 days are lost. There is no restoring data that Office 365 drops after 30 days. This includes version control from recent and old changes and the archives. Working with Hybrid Storage Hybrid storage is when you store some of your project assets in Office 365, and some on local computers or servers. This is very common for business usage where not all your data is used in Office 365 or you work with file types and editing software outside if Microsoft Office. If you are using hybrid storage, anything stored locally should also be backed up locally. After all, Office 365 can’t create cloud backups if your files aren’t within its duplicated file system. Likewise, if you set up One Drive to back up a specific local folder, this can get tricky. Changes to the cloud folder and the local folder will need to sync, including deletions, which can result in lost data. In general, if you are working with a hybrid workflow with files inside and outside cloud syncing, then backing up everything is the best way to avoid data aberrations between the two file storage systems. Compliance Archiving Office 365’s backup system also does not prepare you for compliance archiving. Many regulations require a business to keep certain documents archived for potential audits in the future. This includes things like payroll and certain employee records. Having these documents available and properly stored is essential, should they ever be needed. Every now and then, an audit will mean pulling out all of your archives for review. With Office 365 alone, there’s no guarantee that all those historical backups will still be available. Fortunately, there are other ways. Landmark Version Control You may also want to be able to roll back your projects to specific landmark points – before certain decisions and changes were made to the design and stages along the way. This is not doable with Office 365 temporary backups, but can easily be done by taking your own backups at landmark points in each project. How to Backup Your Data Alongside Office 365 How can and should you handle data backups while working with Office 365? Microsoft 365 Cloud Drive Backups The best solution is to pair your cloud-based Office software with Microsoft’s cloud storage solution. Microsoft 365 is inheriting the system from Office 365 and also offers specialized Microsoft Cloud storage. From Microsoft 365 Backup, you can choose the amount of cloud storage you need and rely on Microsoft to keep the backups in your separate cloud storage readily available for […]
Restrict Access Based on Authorization and Location The first step to safe sensitive data handling in the workplace is to restrict access. It’s probably true that only a handful of specific employees need direct access to a company’s stored sensitive data. Likewise, only a few processes and programs run on company computer systems might have a legitimate reason to directly access sensitive data. In many circumstances, there’s no need for sensitive data to ever be accessed or transported outside a physical space. So close all other points of access. Only give employee authorization to those who need access. Limit access only to specific monitored workstations inside the office. Or only permit a specific program with decryption codes to access the data under any circumstances. Create a List of Approved Uses for Sensitive Day What is sensitive data being used for in your company? For example, you would use a customer’s financial data to bill them and possibly to build analysis models for trend-spotting. You might use a customer’s home address to geo-target advertisements, or you might use a customer’s IP address to provide better local online services. But the number of things your company does with sensitive data can be written in a finite list. Determine all the approved uses of sensitive data inside the company and make that your White List. Prevent and ban all other uses of sensitive data and excuses to access it. Prevent Unauthorized Copies of the Information Copying sensitive data is a huge risk. Whether employees make a digital or printed copy or even jot down notes on a scratch pad, this is now sensitive information that could leave the secured and encrypted confines of the company. An employee with a copy of information can lose that copy in public or give it to another person who will misuse the sensitive data. So don’t allow copies unless through an approved data use process. Prevent anyone from copy-pasting text, block digital file copies from being made without authorization, and do not allow printing by default. Trigger Notifications When Sensitive Data is Accessed One of the best ways to prevent accidents is with constant oversight. Create a log for routine and approved sensitive data access. And if any sensitive data is accessed outside of 100% expected conditions, then create a notification for the security admin. This quick heads-up that sensitive data is being accessed might be enough to detect and prevent a major breach. Any time your servers containing sensitive information are accessed without the right authorization, decryption, timing, etc. will create a security incident that will need to be checked out and cleared. This concept is much like when Google alerts you to a new device login. Just in case it’s a hacker in another state. Automate Complete and Audited User Removal A critical element of sensitive data security is data deletion. When a customer deletes their account or asks for data to be destroyed, it must be destroyed completely. This means removing all lingering sensitive, personal, and possibly public information about that account-user from your servers. No identifying information can remain when an account is closed. To do this, build a system of combined automation and auditing. Start with an automated clearing and complete deletion of all known information about […]
The benefits and risks of cloud services Almost every organization with a significant amount of data entrusts some of it to the cloud. On-site systems for data require constant maintenance and upgrading. An unexpected server failure disrupts operations. Increased data requirements force the company to get more hardware. A cloud service handles the maintenance for a predictable monthly cost, and good services have redundant hardware that minimizes downtime. At the same time, cloud usage involves some risks. These considerations apply not only to services that store data, but to file syncing services. Even if data is only on the cloud server temporarily, many of the same considerations apply. Entrusting data to a service, with no fallback, can lead to catastrophic data loss if it ceases to be available. Handing data which someone else owns to a third-party service may violate contracts or legal requirements. There may be restrictions on what country information can be stored in, or the service may require certification. The uncoordinated proliferation of cloud usage by different departments may lead to redundant and inconsistent sets of data. Different cloud services may not hold the same types of information, and they could diverge over time. Besides, having two services to hold the same data is an unnecessary expense and takes more work. External and internal security risks could arise. A carelessly maintained service could be breached. Criminals using phishing and other techniques try to steal passwords. A poor setup of accounts may give access to employees who aren’t supposed to have it. The limitations of free services Free cloud services with good reputations may be a good choice for non-critical situations, However, they aren’t suited for highly sensitive data. They don’t give you a service level agreement (SLA), and they’re geared more toward ease of use than security. They can terminate or change their offerings without any obligation to you. Without an SLA, a service isn’t suitable for situations that require formal guarantees. When a business receives a copy of a partner’s confidential data, it promises to protect its security and integrity. It can hand the data only to a cloud service that makes the same promise. The same applies to information that falls under regulations or standards such as PCI, HIPAA, or GDPR. The terms and conditions of free services usually say, in effect, “You can’t hold us responsible for anything bad.” Sensitive data should be entrusted to a cloud service only if it guarantees adequate protection in writing. Written, enforceable guarantees come only with paid services. Drawing up a cloud policy These are some provisions that you may want to include when creating a policy for cloud usage. Have a lawyer review your policy before putting it into effect. Cloud usage must comply with all applicable laws and regulations. When in doubt, employees should seek confirmation that there are no legal problems. The choice of vendors must follow any company-specific restrictions. The company might have a list of approved vendors or require that data be stored only in its home country. It may require specific contractual language. The handling of data belonging to others must follow the conditions set by the owner. Data from a business partner may come with handling requirements that limit or exclude the use of cloud services. Information sets must be […]
What are the signs of a breach? The first indications that your network’s security is compromised may come in several different ways. These are the most common: Unusual network activity. If you have network monitoring in place, it will alert you if there’s a sudden change in the quantity or kind of data transfers. The alert could mean that your data is being sent to an unauthorized system. Changes in accounts. If employees are locked out of their accounts or see unexplained changes in their account status, it’s often a sign of trouble. If the account in question has administrative powers, that’s especially concerning and needs to be investigated immediately. Suddenly slower performance. An abrupt drop in performance could indicate unauthorized access, malware, and data transfers to an outside system. Anomalies in system logs. Log analysis tools will let you know if suspicious activity, such as logins from unexpected places, has been happening. Data integrity problems. Application error messages may tell you something is wrong with your data. Whether it’s a breach or some other kind of system issue, it needs investigation. Notifications from outside. You may get a message from law enforcement, from customers, or even from the perpetrators telling you your data has been compromised. How to be prepared It’s easier to deal with these signs if your people know their responsibilities and have a plan of action. Many small businesses find the best approach is to outsource data protection to a managed system provider or managed security provider. It’s difficult for a small company to justify a full-time security specialist, and giving the job to an experienced outside team is often more cost-effective. Either way, the important thing is to have someone who’s familiar with the network and knows how to deal with security issues. The people with this task should know the network architecture and the software that runs on it. If something looks wrong, they’ll investigate it quickly and decide whether it represents a danger to the business’s data. They’ll know what steps to take and whom to notify. Your business needs a breach response plan. It will specify who needs to be notified and what steps have to be taken. This means less panic and a more coordinated response. How to act on a suspected breach Whether you’ve laid out a plan in advance or not, you need to take a step-by-step approach when something looks wrong. Identify and analyze the signs of trouble. Do they indicate a significant chance of a breach, or is some other explanation more likely? Sometimes a slow system is just an overloaded system. But a breach that isn’t stopped will be expensive, so be sure there isn’t one before closing the investigation. Document and report the signs of the problem. If the breach looks real, the security team needs to let management know what’s happening and what they plan to do. They won’t have all the answers at this point, and their report should say that more details will follow. Take immediate damage control measures. There should be some quick ways to limit the damage. Dubious IP addresses can be blocked. Infected machines can be quarantined from the network. Nonessential accounts can be disabled. Identify the kind and extent of the compromised data. Subsequent actions will depend […]
What are the Cyber Risks of Remote Workers Returning? So, what are the specific security risks associated with remote workers returning to the office. A few issues to consider: Dormant malware. For the last few months, very few employees have been connecting to company networks. In particular, the habit of walking into the office and switching their phone to company Wi-Fi is likely to be a problem. Why? Because there has been a significant increase in campaigns distributing malware to devices, and this malware may stay dormant until the device is connected to a major network. IT may not have been able to monitor devices as much as they would like with workers absent. Instruct employees to run malware scans and similar on devices before coming back to the office. Company equipment might not be properly inventoried and, in some cases, may be mislaid. Employees might, in the rush, have grabbed extra monitors, keyboards, webcams, etc, and not told IT they were taking them. Enlist everyone’s help in tracking down errant equipment, in a non-judgmental manner. Stranded machines, such as desktops, left in the office for the duration were probably not booted up. This might result in them not having been updated or patched. Run all patches and updates on these systems before returning them to service. Employees violating app policies. Not everyone was ready to provide their employees with all the tools they needed to work remotely. Check devices for unauthorized apps and programs. Company devices may have picked up malware from the lack of protection that comes from being behind a consumer-grade, rather than enterprise-grade firewall. Some businesses ran out of VPN bandwidth, with the inevitable result of employees connecting “naked” to company networks. A sudden rush back to work could overwhelm IT, resulting in not enough staffing to cover the demand, run scans on devices, etc. Over the work from home period, employees may have become stressed and sloppy, or forgotten protocols that were once second nature. The return to work, thus, results in a spike in cybersecurity risk that needs to be addressed. What Should Companies Do? Thankfully, there are things companies can and should do to mitigate the issues caused by what is likely to be a somewhat chaotic return to work. It’s important to involve employees in the process and to understand that the problems created by the sudden departure are not anyone’s fault. Companies should: Make use of the phased return. Although servicing both remote and on-site employees could be a challenge for IT teams not used to doing so, phased returns allow for a certain number of devices to be checked at a time. Ideally, have IT come into the office early and go through the stranded machines, applying patches and making sure everything still boots up and runs. Run endpoint detection each device as the worker returns. (Again, make use of the phased return so you aren’t trying to do this all at once). This includes personal devices included in a BYOD policy. Limit phones and other personal devices to the guest network until they can be checked. Run all updates that need to be run. Mobile device management can help limit the access unchecked devices have to the network. Audit apps found on devices and either validate them or […]
