Blog

Layered Security

Posted by on Jul 25, 2016 in News | Comments Off on Layered Security

Layered Security

We will match common real life scenarios with IT scenarios so you can grasp the concept of layered security.


Scenario 1.
You protect your home from intruders by:multiple security protection
Fences, alarm beams and/or outdoor cameras and/or dogs, iron frameworks behind windows and doors and the last obstacle would be the actual doors and windows themselves.
In this scenario the thief would need to go through all these obstacles to be able to enter your home.
The same concept applies for layered security.
Protect the arrival of malicious content via email and/or web by implementing email and/or web protection.
Have a Unified Tread Management system in place that scans for viruses and spam while passing through the device.
Have a quality antivirus and malware endpoint protection.
Have the operating system and software in use patch regularly.
Use an account with standard user rights.


Scenario 2.web protection
A tourist arrives at our island.
You advise him to not to go to xxx neighborhood.
Again the same concepts applies to IT.
We know which websites are known for having botnets and other viruses.
We also know that websites with “free” stuff may also contain free viruses 🙂
By blocking access to known websites with malicious content, we are already limiting risks of infections.


Scenario 3.
You are not an electrician so a handyman comes in your house to fix the electrical circuity and then some jewels disappear.USB Virus Alert
Our IT equivalent would be that you plug in an usb stick and it just happens to have a virus on it.
By having a professional graded endpoint security software we can prevent infections that originates on the local pc/network.
An antivirus system that works solely on virus definitions is not enough, signature based systems can block only 30-50% of known viruses.
In addition since you are working with standards rights, which per default limits software installs, the virus may not install (or does not install fully).


Scenario 4.secured protocol
At the airport you are go through the metal detector door and or the security guards may set you apart and scan you with a manual metal detector to check for weapons.
Our comparison.
Having a firewall in place works like the security guard.
It scans all incoming and outgoing traffic (of the allowed ports that you configured) to see if they are allowed to go through.
It blocks the traffic of the ports that are not allowed to go through.
It detects if a hacker is trying to use their hackers’ tools to compromise your system. (for example, trying to hack into your website).
Note that an Unified Threath Management system will provide the above mentioned functions and more in one device.


Scenario 5.
You take a vaccine in order to prevent contagious diseases.patching multiple os
5 Star Technology’s comparison would be:
We know that beside the operating system and Microsoft products, there are lots of other software ( examples: Adobe Systems Incorporated, mozilla and google family products, etc ) that also do have vulnerabilities that can be leveraged to deliver a malicious payload.
By having your software up to date (the antibodies), you minimize the risk that the bad guys can use your non-patched software to install their malware on your system.


Summary.
As you noticed we have systems in place that.
A: prevent you from even accessing the infected content.
B: scan the internet traffic before the traffic arrives at your workstation.
C: protects the local pc/network


Just like your home security system which provides you with camera’s to monitor your home environment, 5 Star Technology does provide you with dashboard access to your own unique network so you can check the status of the devices yourself.
Also you will receive weekly and monthly reports on the key checkpoints for your environment.


Contact 5 Star Technology to help you secure your network just as you secure your home.

Preventing Ransomware

Posted by on Jul 19, 2016 in News | Comments Off on Preventing Ransomware

Preventing Ransomware

Preventing Ransomware


To summarize;

The lesser your attack surface is, the less likely you will get hit by malware and virus infections.

Contact 5 Star Technology to implement a multi layer defense approach for your business environment.


A couple of things stand out in the several ransomware infections in Curacao.

 

  • Companies are still relying solely on a locally installed antivirus solution.

The reason why you cannot rely on only ONE solution to protect the network environment is that for example if the payload comes via an email as a pdf attachment and that pdf attachment has a link to a malicious website, the antivirus protection will not be able to protect you.

 

  • Emailemail-virus

While it’s cheaper to use the email service of your registrar (ie godaddy etc), they do not provide the additional mail security that you require. Our own mail solution, Office365 and google apps for work will scan for spam, virus and malware and will stop most malicious emails dead in their tracks so that they do not ever reach your organization.

 

Companies are not yet fully aware of the extent of damage that can be done when the company files are encrypted.

Yes, files of users are being encrypted by the malware. The malware encrypts mostly Microsoft office documents. But did you know that Microsoft access databases also get encrypted by the malware and this would render the database useless. An example for Curacao would be our payroll administration programs that use Microsoft Access database. While it’s a nice job for IT staff to try to recover or in some cases even to rebuilt a system, it’s much better to actually protect your organization against 3rd party attacks.

 

 

  • Backup.3-2-1 backup 300x225

If you simply assume that the backup that has been setup years ago, is simply still working, without ever checking if the backup has ran recently, you might as well as close your business. Backup has evolved during the last years with lots of new technologies, for example backup with true delta technology. You have to periodically make sure that you can at least recover your data from backup.

5 Star Technology will provide you with weekly and monthly reports of your pc’s and server (including the backup) so you can be confident that we can recover your data.

Also consider to use the 3-2-1 backup methodology.

 

 

  • There is no patch management.patching multiple os

Microsoft does provide monthly windows updates to patch security issues of their products, but did you know that you need to patch third party software as well? Java, flash player, iTtunes, realplayer , adobe reader just  to name a few of the hundreds programs that are out there. Attackers are increasingly leveraging 3rd party programs to deliver their malicious payload to you.

By leveraging patch management into your multi-layer defense strategy you will reduce your attack surface from 85%-95%.

 

 

  • Routers/Firewalls/UTMutm-1

Some companies use a wireless router which is designed for a home network to protect their business environment. While obviously a router is unable to protect a business against modern treats, businesses do not understand the value that a (properly) configured Next Generation Firewall or an Unified Threat Management can provide to their network. With a UTM you can scan on all traffic for malicious programs, have web protection, intrusion protection system , use VPN tunneling to access your network remotely,  allow only known traffic to the internet and to the inside of your network.

 

  • Disaster Recovery

Just like the backup technology has evolved during the years, so has the technology regarding Disaster recovery. Even in the case that you have a backup available of your data, it may still takes days, and in some cases weeks to (re)built a new system, during which time your server/data is not available to you or to your customers.

 

  • DNS based protection.dns-comprehensive-dns-protection

Since DNS servers are the middlemen between your browser and website content, there are many third-party DNS services that offer additional functionality for both users and network administrators. These tools can include:

  • Content filtering – This can be conveniently implemented to block adult sites and other unwanted content, while requiring no software on the computers and devices.
  • Malware and phishing blocking – This can be performed by the content filtering tool also, to block sites containing viruses, scams and other dangerous content.
  • Protection against botnets – This blocks communication with known botnet servers so your computer isn’t taken over.
  • Advertisement blocking – This is another type of content filtering, which some DNS services specifically concentrate on.

If the malware somehow managed to install themselves on your network, but you have added an additional defense layer that the malware won’t be able to contact it’s server to download the payload, you would have effective blocked them to further infect your systems.


Protecting your company is not a trivial thing. As the article demonstrates, there are many ways your network can get compromised. It’s only by using a defense in depth approach that covers all aspects, you can minimize the risk that your network can be breached. And as mentioned, in the case that your network is compromised, only a backup and/or disaster recovery system can help you get back up and running.


Article Written by 5 Star Technology and Zion Tech.

 

Reduce spam and email with malware content

Posted by on Jun 12, 2016 in News | Comments Off on Reduce spam and email with malware content

Reduce spam and email with malware content

Tips on how to reduce spam and email with malware content.

There are 2 things you can do to reduce spam and email with a virus.


You can configure some settings at the endpoint (your pc) level or you start the protection at the email server.

  • The first option is to configure some settings at the endpoint. In this example we are going to use outlook 2007 to show you where we can configure the settings.internet minefield

This can be done by following the 10 tips on how to reduce spam.

A lot of organizations are using the email server that the domain registrar (for example godaddy, networksolutions, etc.) provided to them. While using the email server of the registrar is convenient, their email server does not filter out spam and viruses.

The drawback on this method is that you are relying that the outlook and your antivirus solution is updated and capable to block the malware from executing its content.

This means your pc/pc’s needs to be updated with all the required updates of the operating system that you are using, updates of all the programs that you are using, (office, java, adobe flashplayer to name a few, an educated user that can recognize spam and email with suspicious content so he/she click and open those emails, and finally the antivirus program and anti malware program that you are using to protect you in case the content of the email gets executed.

  • A better option is to start the protection at the email server.

 

unprotected vs unprotected email delivery

The office365 plan, which uses the Exchange Online Protection (EOP), provides 98% protection against spam and 100% protection against all known viruses.

One drawback of the Office 365 E3 plan is that it leaves the organization exposed to unknown malware — also known as zero-day threats. Advanced Threat Protection (ATP).

To increase the protection against spam email you either use the 5 Star Technology managed email solution or you can use the Office365 E5 plan which both scans for hidden treads in email, attachments and links. The managed email solution of 5 Star Technology does provide additional features and even an alternative way to view email when the office365 outages occur. The managed email is part of 5 Star Technology’s layered security model, which will be outlined in another article.

 

If you have switched to the Office365 plans, you still have to customize the system and the EOP to your organization’s configuration specifications to further reduce spam and malware.

 

The options on which you can customize your settings are:

  • Exchange Online Protection – IP Block List
  • Exchange Online Protection – International SPAM
  • Exchange Online Protection – Content Filter Advanced Options
  • Exchange Online – Mail Flow – Rules

As with any IT solution although the initial standard implementation may be easy, there may be some additional configuration and maintenance to be done behind the scene. You need a Certified IT Professional to help you install, configure, and monitor the solution that you want to use. Contact 5 Star Technology to help you with your IT infrastructure.

The 3-2-1 backup rule

Posted by on Jun 4, 2016 in News | Comments Off on The 3-2-1 backup rule

The 3-2-1 backup rule

One of the timeless rules that can effectively address any failure scenario is called the 3-2-1 backup rule.

The 3-2-1 rule is very general and it works for all data types (individual and corporate) and all environment types (physical and virtual).

This approach helps to answer two important questions: how many backup files should I have and where should I store them?
In other words, the 3-2-1 backup rule means you should:

 

  1. Have at least three copies of your data.3-2-1 backup - Copy
    2. Store the copies on two different media.
    1. Keep one backup copy offsite.

 

Let’s consider these statements one by one in more details.

 

  1. Have at least three copies of data

By three copies, I mean that in addition to your primary data, you should also have at least two more backups. Why isn’t one backup enough? Imagine that you keep your original data on device #1 and its backup is on device #2. Both devices have the same characteristics, and their failures are statistically independent (they have no common failure causes). For example, if device #1 has a probability of failure that’s 1/100 (and the same is true for device #2), then the probability of failure of both devices at the same time is:
1/100 * 1/100 = 1/10,000
This means that if you have your primary data (on device #1) and two backups of it (on devices #2 and #3, correspondingly), and if all devices have the same characteristics and no common failure causes, then the probability of failure of all three devices at the same time will be:
1/100 * 1/100 * 1/100 = 1/1,000,000
This is why having more copies of your data means you will have less risk of losing data during a disaster. In short, if your data is important to you, be sure to make at least two backup copies.
Note: Another reason to create more than two copies of data is to avoid the situation when the primary copy and its backup are stored in the same physical location.

 

  1. Store the copies on two different media

In the section above, we assumed that there were no common failure causes for all of the devices where you store your data copies. Obviously, this requirement cannot be fulfilled if you save your primary data and its backup in the same place. (For example, disks from the same RAID aren’t statistically independent.) Moreover, it is not uncommon after one disk failure, to experience failure of another disk from the same storage around the same time.
That’s why the 3-2-1 rule suggests that you keep copies of your data on at least two different storage types, such as internal hard disk drives AND removable storage media (tapes, external hard drives, USB drives, SD-cards, CDs, DVDs, or even floppy disks), or on two internal hard disk drives in different storage locations.

 

  1. Keep one backup copy offsite

Physical separation between copies is important. It’s really not a good idea to keep your external storage device in the same room as your production storage. If there was a fire (knock on wood!), you would lose all of your data.
If you work for a company that’s an SMB with no remote or branch offices (ROBO), storing your backups to the cloud might also be an option. And tapes taken offsite are still popular among all company sizes.

 

Contact 5 Star Technology to implement a backup strategy, whether the backup is only for the data, for physical machines or for virtual machines we can help you keep the backup safe.

Only with 5 Star Technology you will receive weekly and monthly reports on the status of your devices (including the backup).

 

2016 roadmap for 5 Star Technology

Posted by on Jun 4, 2016 in News | Comments Off on 2016 roadmap for 5 Star Technology

2016 roadmap for 5 Star Technology

Here we will outline the 2016 roadmap for 5 Star Technology.

 

In the past 5 Star technology could help secure your business environment by combining 5 services.

  1. Managed antivirus
  2. Managed web protection
  3. Managed patch management for Microsoft and 3rd party programs.
  4. Managed email (including mail archiving)
  5. Managed online backup

 

 

In the course of 2015:

  • We introduced a new and improved antivirus engine.
  • We enhanced the web protection solution
  • We added more support for the patch management of the 3rd party programs.
  • We enhanced all backup components and adding support new os platforms and applications protection and more.

 

Now on 2016 we are expanding our services with following new additions.

 

  • Automated vulnerability scanning to help prioritize threat mitigation strategies based directly on business costs.
  • Active network scanning, to detect new devices and being able to automatically onboard them into the secure business
  • Adding patch management for osx systems.
  • A new monthly report called executive summary report: a 2 page report for the managers.
  • Adding granular and disaster recovery options within the managed online backup.
  • The launch of a data-driven platform that uses collective intelligence and machine learning to make smarter decisions: prescriptive analytics. This enables 5 Star Technology to identify and prevent issues before they even start and moves us to a truly proactive position.

 

 

As you can see 5 Star Technology is continuously improving it’s services to serve and protect you better against all threads.

Contact us to to start implementing our services.

Implement web protection to secure your network

Posted by on Jun 2, 2016 in News | Comments Off on Implement web protection to secure your network

Implement web protection to secure your network

Web protection

Failing to put controls on employee web access causes multiple risks and cost problems:

 

 

Security

    • End-users are allowed to frequent unsafe sites – thus exposing company endpoints to malware via drive-by downloads, and related exploits.
    • No protection against end-users who fall for phishing attacks and click on links to malicious websites.
    • Increased exposure to watering hole attacks.
    • Increased exposure to compromised endpoints succeeding in contacting command and control servers and/or exfiltration of data.

 

Productivity

    • End-users doing productive work on the Internet are slowed down by non-work related usage.
    • End-users spending hours on personal social media and online shopping – especially during holiday seasons.

 

Bandwidth-related

    • Internet related business processes such as backups, synchronization, use of cloud-based services suffer because bandwidth is being eaten up by non-business related content including bandwidth hungry video, streaming music and social media.
    • Telecommunication costs grow in order to buy more bandwidth to address above issue.

 

 

 

 

 

Legal

 

 

To address these risks you need to be able to:

  • Tie Internet traffic to application/service
  • Measure bandwidth by end-user
  • Measure usage time by end-user
  • Accurately categorize web-sites
  • Gain visibility into SSL encrypted traffic
  • Implement network rules and restrictions based on groups and other identity information in Active Directory
  • Understand and analyze traffic at a much deeper level than traditional firewalls
  • Take into account time of day, day of week and even season.

 

Some of these requirements are pretty sophisticated. For instance many companies can’t simply block access to social media altogether. There may be many employees within the company that interact with customers or publish content via Facebook and Twitter. That’s where proxy server and next generation firewall technologies come in and make it possible to do things like detect and control what users access and do inside of certain sites and applications like Facebook. Maybe you want users to be able to even check personal Facebook accounts but you draw the line at playing games inside Facebook.

 

Web protection can be implemented via an Unified Thread Management system or via the Managed Workstation solution by 5 Star Technology.

Safe Computing

Posted by on Oct 30, 2015 in News | Comments Off on Safe Computing

Safe Computing

Here’s a compilation of security practices you should follow for safe computing on your pc.

 

 

What to do The solution
Use DNS filtering Nortondns provides dns-based filtering solution that protects you from the moment you hit enter (or click a link).
Beware of Phishing and social engineering We have an article on how to recognize phishing attempts.
Do NOT use the computer with administrative rights If you are an administrator on your computer, all programs have admin rights as well, including virus and malware. Running as a limited user limits the damage that a virus and malware can cause to your system.
Keep you antivirus program up to date I have seen many home and office systems running with expired antivirus signatures without the users/company even knowing that they were not protected any more by the antivirus program.
Use a anti malware program Malware is NOT virus. Unless you use a program that has both antivirus and antimalware solutions, you need a separate antimalware program to remove the malware
Use the User Account Control Although sometimes is annoying, by having a UAC pops up, warning you that something is happening on the system
Only download and run trustworthy software Get the software from its official website.
Keep you software updated Hackers like to target people now via non-patched programs, like java, adobe reader, skype, flash player, etc.  to gain access to your system. Combining this issue and the issue that persons are using their pc with administrative rights and the risk to get a system infected multiplies.
Use strong and unique passwords, and consider using 2 factor authentication. We have articles about

1: strong passwords

2: password strategy

3: 2 factor authentication.

 

How to Recognize and Avoid Phishing Emails and Links

Posted by on Sep 30, 2015 in News | Comments Off on How to Recognize and Avoid Phishing Emails and Links

How to Recognize and Avoid Phishing Emails and Links

Today I will make only a reference on How to Recognize and Avoid Phishing Emails and Links.

The catch ?

Take the test to see if see if you can apply what you learned and really filter out the phishing attempts.

Success.

 

How to create an excellent password strategy

Posted by on Sep 21, 2015 in News | Comments Off on How to create an excellent password strategy

How to create an excellent password strategy

In this article we are going to create an excellent password strategy to have unique, strong, yet still easy to remember password for each website. (more…)

2-factor authentication

Posted by on Aug 21, 2015 in home, News | Comments Off on 2-factor authentication

2-factor authentication

I have written in the past about password strenght

The security can be strengthened by implementing 2-factor authentication.

This means that beside the password, you need authenticate yourself via a second device. The most common implementation of the 2-factor authentication is via a mobile device since we have our mobile device most of the time with us. The authentication described above can be done via a call to the cell#, a sms to the cell#, or via an authentication app.  The authentication app can be from the service that you are accessing, or it can be a general authentication app.

At 5 Star Technology we are using the google authenticator app and the Microsoft account app.

 

The caveat by using the 2-factor authentication is of course to have a backup in place in case you loose the mobile device.

(in the case you loose the mobile device we can help if you have our managed mobile service).

 

Some backup options are:

  1. Add a second telephone number (either cell or fix number) to the 2-factor authentication
  2. Save/Print the backup codes
  3. In some cases you can sent an recovery email, of course you need to be able to receive the email without the 2-factor   authentication

Conclusion: by combining password strengths, 2-factor authentication and mobile device management you have protected yourself as much as you could from unauthorized access to your account.