Cloud Security

Cyber Security : Be Prepared and Prevent Disaster

The threat landscape is becoming more incessant, dangerous, and high stakes for businesses. The sheer quantity of attacks has been increasing at an alarming rate. The complexity and ingenuity of these attacks are frightening.   Almost all these attacks are identity-based; they start as phishing emails or password spray attacks. Once they gain access to a user account in your environment, you have officially been owned. If you are lucky, they will use the compromised account(s) to send out more phishing emails to your global address list and contacts from the owned account. This will result in a lot of embarrassment, organizational risk, potential blacklisting of your domain, and untold negative business impacts. If you are unlucky, they will encrypt your sensitive data with ransomware, exploit you for money with a socially engineered scheme, or exfiltrate sensitive data such as employee tax forms or proprietary intellectual property. This can potentially result in your company or organization ceasing to exist.  To [...]

Ransomware attacks are on the rise: 15 ways to protect your company

Recent ransomware attacks and security breaches are detrimental to an organization's business data, and reputation.   Ransomware attacks are not new, but the rate at which they are occurring in the United States is radically increasing. Ransomware attacks are up 365% according to TechRepublic. What are ransomware attacks? Ransomware is a type of cyberattack wherein an organization or individual threatened for money. The attacker threatens to publish the victim's personal or corporate data or permanently block access to it until a ransom is paid—usually via a cryptocurrency like Bitcoin. Other recent variants include cutting off access to utilities, internet access, oil pipelines, and corporate intranets. Can you refuse to pay ransomware? The US government prefers you to refuse to pay cybercriminals. [...]

2021-08-17T13:26:52+00:00By |Cloud Security, Ransomware|

Cloud Security, Part II: BYOD, and Remote Workers

In the first part of this series, we talked about many of the areas where cloud computing can be affected by employees and some of the major security issues. In this part, we will explore two overlapping areas of concern in cloud security: Remote working Bring your own devices to work (BYOD) Remote Workers After the first pandemic lockdowns, many organizations invested in secure equipment for their employees; others did not and put the onus on their employees. Those organizations did themselves a disservice. Employees should not be expected to be security experts 80% of IT business leaders believe employees need mobile devices to do their jobs —TechRepublic The pandemic may have forced most office workers into becoming remote workers, [...]

2021-08-17T13:25:34+00:00By |Cloud Security|

Cloud Security, Part I: Employee Risk

While the COVID-19 pandemic closed down much of society and work environments, one area that was blown wide open was security—in particular, cloud security. In this two-part series, we will examine risks to (and solutions for) businesses. This first part covers employee risk; because it can be the largest and most sensitive topic related to cloud security. Malware delivery continues to shift into the cloud, with 61% of all malware delivered via a cloud app. 36% of phishing campaigns target cloud app passwords and 13% of campaigns use phishing methods hosted in the cloud. Malicious Office documents increased by 58% in 2020 and now comprise 27% of all malware downloads, using cloud app delivery to avoid email and web security. [...]