Mar 31, 2016 | Cybersecurity Advice, Network Security, Social Media, Web Filtering
There are a number of ways for managed service providers to increase cash flow and boost profits. Efficiency can be improved, staff productivity can be increased, better margins achieved, and new in-house products could be developed. Unfortunately, all of these are easier said than done.
The main ways to increase profits by a significant amount is to attract new customers and increase the amount each existing client is spending.
If only there was a secret ingredient that MSPs are missing that could help them help to win more business and get each client to spend more! The good news is that for many MSPs, there is such a product.
Any MSP that has yet to include a web filtering service into their product portfolio could be missing out on substantial profits.
Web Filtering – An Easy Way for MSPs to Increase Profits
Filtering the Internet is now essential for many enterprises. In certain Industries it is mandatory for companies to filter the Internet. They need to ensure sensitive data are protected and risk is effectively managed. Networks must be protected from attacks by hackers and with an increasing number of web-borne threats, Internet usage policies alone are not sufficient to keep organizations protected. Those policies need to be enforced and a web filter is the natural choice.
In some industries, education for example, it is mandatory for the Internet to be filtered. Minors must be prevented from accessing obscene website content or other material that could be harmful. Even when it is not mandatory to filter the Internet it is often desirable. Hotels, restaurants, transport networks, airports, cafes, and coffee shops are choosing to implement controls to ensure all users enjoy a safe browsing experience.
In business, productivity losses from Internet abuse can be considerable. If every employee wasted an hour each day on personal Internet use, the losses to a medium-sized company would be substantial. Some studies suggest even more time is wasted by employees each day on non-work related Internet activities.
Failure to filter the Internet can prove costly in many ways. For example, the accessing of adult content in the workplace can lead to the development of a hostile working environment, which affects morale, productivity, and can cause all manner of HR headaches. The use of torrent sites and the downloading of pirated films, music, TV shows, and software can cause organizations legal headaches as well as placing pressure on bandwidth.
Many websites are unsafe and accessing those sites places organizations at a greater risk of a malware infection. A single compromised computer can cause an incredible amount of damage. The latest ransomware attack on Medstar Health is a good example. A computer virus was inadvertently downloaded which resulted in the shutdown of the health system’s email for its entire workforce, as well as its electronic medical record system.
Hollywood Presbyterian Medical Center was attacked with ransomware and had to pay $17,000 to obtain security keys to unlock its data. It is not only healthcare organizations that are having to deal with ransomware. U.S Police Departments have been forced to pay attackers after their computers have been locked by file-encrypting software, and many organizations have fallen victim to ransomware, keyloggers, viruses, and other malicious software. These infections are a drain on productivity and take a considerable amount of time and resources to fix.
A web filtering solution can protect against web-borne threats, can be used to tackle productivity losses, and prevent illegal or unsuitable website content from being accessed. Web filtering is now less of an option for many businesses and more of a requirement. MSPs offering such a service can fine it is an easy sell and a great way to boost profits.
What to Look for in a Web Filtering Product
In order for a third-party product to be included in an MSPs existing portfolio it should have a number of features. MSPs therefore need to find a web filtering product that:
- Has generous margins
- Is easy for sales teams to sell to clients
- Has a low management overhead
- Is easy to install
- Appeals to a wide range of clients
- Can be easily incorporated into existing product offerings
- Can be easily incorporated into back-office systems
There is a product that ticks all of these boxes, and that is WebTitan Cloud.
WebTitan Cloud and WebTitan Cloud for WiFi – Ideal Web Filtering Solutions for MSPs
WebTitan Cloud is a 100% cloud-based DNS filtering solution that has been designed to be easy to implement, maintain, manage, and sell to clients. WebTitan Cloud a no-brainer for many organizations, allowing thousands of dollars to be saved.
WebTitan Cloud can help organizations increase productivity of the workforce, improve security posture to prevent malware infections, and highly competitive pricing means considerable savings can be made by organizations looking to switch web filtering providers.
WebTitan can be implemented without any effect on Internet speed, there is no need for any additional hardware, no software downloads are required. Our product is easy to use and management is straightforward and not labor-intensive.
Key Features and Benefits of WebTitan Cloud that will Appeal to MSPs
WebTitan Cloud and WebTitan Cloud for WiFi have been developed to be appealing to MSPs and their clients. To make it as easy as possible for our web filtering solutions to be incorporated into existing client packages and allow MSPs to boost profits, we offer the following:
White labelling – Allows MSPs to add their own branding and color schemes.
Hosting choices – We can host on our servers, provide private cloud hosting, or you can run our solution within your own infrastructure.
Generous margins for MSPs and highly competitive pricing – An easy way to boost profits.
Usage-based Monthly billing – Makes WebTitan Cloud more affordable for clients.
Flexible pricing – Our product can easily be included in your pricing models.
Multi-tenanted solution – Advanced customer management features makes it easy to add new clients.
API-Driven – Easy integration into back-end billing and reporting systems.
Highly scalable – Our web filtering solution is suitable for businesses of all sizes.
Excellent Support – Industry leading customer service and technical support. If you have a problem, it will be rapidly resolved.
To find out more about how easy it is to incorporate WebTitan Cloud into your existing portfolio and boost profits contact our sales team today.
Mar 25, 2016 | Cybersecurity Advice, Cybersecurity News, Network Security
Web-borne attacks on enterprises are increasing, although it is important not to forget to protect against email attacks, as shown by a recent campaign using the Olympic Vision keylogger.
Olympic Vision Keylogger Used in Recent Business Email Compromise Attacks
The attackers behind the latest campaign are using the Olympic Vision keylogger to gain access to business email accounts. Trend Micro discovered the latest campaign and was able to trace the attacks and link them to two Nigerian cybercriminals. Trend Micro determined that the current campaign has been conducted in 18 different countries including the United States.
Business email accounts contain a wealth of data, which in the wrong hands, could result in considerable damage being caused to an enterprise. However, it is not only data stored in the email accounts that hackers want to obtain. The cybercriminal gang behind the latest attacks have a different purpose. Attacks are being conducted to gain access to business email accounts to use them to send emails to account department employees instructing them to make bank transfers to the attackers’ accounts. Large transfers are often made following a business email compromise (BEC) attack.
If hackers can gain access to the email account of a senior executive, they can use that account to send messages to members of staff in the accounts or billing departments requesting transfers be made to their bank accounts. BEC is a highly effective attack strategy. If an email is sent from a CEO to the accounts department requesting an urgent transfer be made, many employees would not think twice before making the transfer as instructed.
This social engineering technique takes advantage of the fact that many employees would not question a direct request from a CEO or senior account executive. A transfer is made and the attacker receives the funds, withdraws the money, and closes the account. This often occurs before any red flags are raised, even when the transfer is for tens or hundreds of thousands of dollars.
Sophisticated Attacks Being Conducted Using Unsophisticated Malware
The Olympic Vision keylogger is not a sophisticated malware. Once installed on a device it will steal information including the computer name, Windows product keys, keystrokes, network information, clipboard text, and data saved in browsers, messaging clients, FTP clients, and email clients. It is also capable of taking screenshots.
Those data are then encrypted and are sent via email, FTP, or other means to the attacker. The Olympic Vision keylogger is capable of displaying fake error messages, and can disable computer functions to evade detection – Task Manager for example can be blocked as can registry editing tools. The Olympic Vision keylogger is capable of terminating programs that may detect it, and uses anti-emulation to prevent it running in a sandbox.
With the information collected, attackers are not only able to gain access to business email accounts, they can search for other computers, study workflows, and gather intelligence. The intel is used to construct convincing emails and ensure they are sent to individuals in the account department authorized to make bank transfers.
The attacks can be incredibly lucrative. The FBI reported recently that BEC attacks have been used by cybercriminals to obtain around $800 million dollars from businesses in the past year.
How to Protect Against BEC Attacks
There are a number of strategies that can be used to prevent BEC attacks from taking place. Software solutions can be used to prevent malware such as the Olympic Vision keylogger from being installed. SpamTitan spam filtering software can be used to block emails containing malicious attachments to prevent them from being sent to end users. If malicious emails are blocked, this places less reliance on end users not to open infected email attachments. SpamTitan can also block phishing emails, which are also used to gain access to login credentials via links to malicious websites.
Staff training is also essential. End users should receive basic security training and be advised of best practices to adopt to reduce risk. With software solutions and a culture of security awareness, the majority of attacks can be prevented.
However, it is also essential to introduce policies and procedures to prevent fraudulent bank transfers being made. A wise precaution is to introduce policies that require bank transfer requests to be authorized by a supervisor. This additional control can help to ensure fraudulent transfer requests are identified.
Any atypical request for a transfer from a senior account executive, especially those that require large sums to be transferred to accounts not previously used by the company, should be verified with the person who made the request prior to the transfer being made.
Mar 19, 2016 | Cybersecurity News, Internet Security News, Web Filtering
Cybercriminals are moving away from email attacks and are concentrating on web-based exploits to deliver malware. Email remains a major source of malware, but web-based attacks are now much more prevalent.
Web-Based Exploits Increasingly Used to Deliver Malware
A recent report from Palo Alto Networks showed that out of just over 68,000 malware samples collected, 25% were delivered via email, whereas 68% were delivered during web-browsing. Those figures were for known malware. When it comes to undetected samples, the figures for web-browsing rose to 90% compared to just 2% delivered via email. Undetected malware samples are those which are not detected by traditional anti-malware and anti-virus solutions.
It is easy to see why web-based exploits are being favored by cybercriminals. It takes much longer for web-based exploits to be detected by anti-virus software than email-based attacks. Palo Alto reports that it takes four times as long to detect web-based exploits as it does email-based attacks. Attackers are also able to tweak web-based malware in real-time. Email-based malware needs to be sent out and changes can only be made for each new campaign.
In the case of email-based malware attacks, the malicious software is relatively easy to detect by AV companies. They are able to give each malware sample a signature, which makes it much easier to block attacks. In the case of web-based malware this is a much harder task. The malware can be tweaked in real-time, making it harder for AV companies to capture and create a signature. A web server on which malware is hosted can be configured to re-code the malware automatically and generate many thousands of unique malware. Capturing and adding a signature to each simple takes too long.
There are many methods that can be employed to reduce the risk of malware infections from web browsing, although one of the easiest preventative steps to take is to use a web filtering solution such as WebTitan. WebTitan allows organizations to carefully control the websites that can be accessed by end users.
Palo Alto reported that HTTP proxies were frequently used in malware delivery. The blocking of HTTP proxies and web anonymizers can help to improve security posture and reduce the risk of malware downloads. P2P networks are also commonly used to deliver malware, and these can also be easily blocked with WebTitan web filtering solutions.
Social media websites are a common source of malware infections. A recent survey conducted by the Ponemon Institute revealed that 18% of respondents had experienced a malware attack via social media websites. Blocking access to social media networks, or blocking the file-transfer function of Facebook for example, can help to reduce the risk of malware downloads.
The threat landscape is constantly changing; however, by carefully controlling the actions that can be performed by end users with a web filter, the risk of malware infections can be greatly reduced.
Mar 18, 2016 | Cybersecurity News, Internet Security News
A recent study conducted by the Ponemon Institute on behalf of IBM investigated web application security visibility. The report revealed for the majority of organizations there is none. When it comes to application security, many companies are in the dark and either do not test the apps they use, or do not address the vulnerabilities they discover when they do.
640 application development and security professionals were asked questions about application security and the steps being taken to secure apps. The study also aimed to get an answer to the question, how much do organizations know about the security of the applications they are using on a day to day basis?
The results of the survey are worrying. More than a third of companies (35%) perform no application security testing. Consequently, they are unaware if the apps they use have security vulnerabilities. Worse still, 69% of respondents said they were not aware of all of the apps and databases that were in use in their organization.
Application Security Visibility Needs to be Improved
The study also revealed that more than two thirds (67%) of organizations do not have overall visibility into the state of application security in their respective companies. Out of the organizations that do perform application security testing, more than half do not take steps to address security vulnerabilities they discover. 34% of respondents said urgent security vulnerabilities are not being fixed and 43% said web application security was not a priority in their organization.
When asked why thorough testing of applications does not take place, 56% of respondents said it was due to time constraints and organizational pressure to release applications quickly. 55% said that their organization’s developers are too busy to work on application security issues and 70% said they believed their organization invested too little in securing web applications and that insufficient resources were allocated to the task.
Developers do not feel that it is their job to ensure applications are secure, and that this task should be conducted by information security professionals employed by their organizations. Another issue is web application security vulnerabilities take a long time to resolve. When asked how long, 38% said that each vulnerability takes around 20 hours to address.
There is, unfortunately, not enough time to make applications secure. However, there is no shortage of attackers willing to take advantage of security vulnerabilities that remain in web applications. Unless the security of web applications is improved, those vulnerabilities could well be exploited.
Mar 17, 2016 | Cybersecurity Advice, Cybersecurity News, Social Media, Web Filtering
Enterprise social media usage policies have only been introduced by 54% of organizations according to a recent social media research study conducted by Osterman Research.
Social media use in the workplace has grown significantly in recent years, both personal use of social media sites as well as the use of the platforms for business purposes. However, just over half of enterprises have implemented policies that limit or restrict use of the websites.
Enterprises face a choice. Allow the use of the sites and accept that a considerable amount of each employee’s day will be devoted to personal social media site use, or place controls to limit use. These can be restrictions on the times that the sites can be accessed, the amount of time each employee is “allowed” to take as Facetime, or the actions that can be performed on social media sites.
There are good reasons for not introducing social media usage policies. Some employers believe social media site use can improve collaboration between employees and departments. Some employers believe social media use can help improve corporate culture and even lead to faster decision making capabilities.
However, some studies suggest that employers lose more than an hour each day per employee to social media networks. If that figure is multiplied by the 500 or more employees in an organization, it represents a considerable productivity loss.
Many employers do not mind a little time on social media sites each day, provided that usage is kept within reasonable limits. An employee cannot be expected to work productively for a full 8 hours a day, so allowing some social media time can help employees recharge before they get back to working at full speed. If an employee takes 5 minutes every hour to check their Facebook feed, it could actually help to increase the work that they perform each day.
Social Media Usage Policies Can Help Employers Manage Security Risk
Use of social media platforms is not only about time not spent working. There is a security risk associated with the use of social media networks. That security risk is considerable and the risk is growing. The Osterman Research study revealed the risk of malware delivery via social media networks is considerable. 18% of respondents said that they had had malware installed as a result of social media site use. 25% said they had experienced a malware attack where they could not determine the origin. Some of those incidents may have also resulted from social media site use.
Social media site use may have benefits, but it is important for enterprises to manage the risks. To do that, social media usage policies are likely to be required along with technological controls to help enforce those policies.
Osterman Research suggested a three step approach should be taken. Before enterprises implement social media usage policies it is important to find out why social media platforms are being used and how often they are being accessed. An audit should be conducted to determine the extent to which sites are accessed, the tools that are being used by employees, the time spent on the sites, and the activities that take place.
This will allow organizations to determine the benefits they get from social media site use and weigh these up against the risks. Appropriate social media usage policies can then be developed.
Employees will need to be trained on appropriate social media usage. Employers have the right to monitor Internet activity at work. The use of Facebook, Twitter, LinkedIn and other social platforms is therefore not private. Employers should explain that they have the right to monitor social media usage at work and take action against individuals who violate social media usage policies.
Osterman suggests that technologies should be implemented to control social media usage to help mitigate the risk of malware downloads and other social media threats.
Controlling Social Media Usage at Work
WebTitan Gateway – and WebTitan Cloud for WiFi – can help in this regard. Both web filtering solutions can help organizations control the use of social media sites at work and both solutions can be used to enforce social media usage policies. Controls can be placed on when social media sites can be accessed: Outside working hours or during lunch hours for example. Controls can also be set by user group. The marketing department will require a different set of rules to the billing department for example.
Controls can also be implemented to manage risk from malware. The downloading of risky files can be blocked: .exe, .scr, .zip, or .bat for example. Links to malicious websites are often uploaded to social media networks. WebTitan can be configured to prevent those sites from being accessed. WebTitan also allows Internet usage to be carefully monitored.
Many organizations prefer to take a reactive approach to social media use at work, and only introduce controls when there has been a malware attack, a breach of confidentiality, or when site usage has reached unacceptable levels. Taking a more proactive approach can prevent problems before they occur.
Mar 12, 2016 | Internet Security News, Network Security
Effective enterprise patch management policies can greatly improve security posture and prevent cyberattacks; however, many enterprise IT staff are confused about patch management.
A new survey conducted by Tripwire suggests that InfoSec staff often confuse patch management with vulnerability mitigation. The complexity of enterprise patch management also leaves many security professionals unsure about when patches should be applied and the impact of applying patches.
The Complexity of Enterprise Patch Management Causes Problems for Many IT Security Professionals
The Tripwire survey was conducted on 480 IT security professionals and asked questions about enterprise patch management policies at their organizations.
The results show that IT staff are struggling to ensure that all systems are maintained in a fully patched state. 67% of respondents said that at least some of the time, they are unsure about which patches need to be applied to certain systems.
The complexity of enterprise patch management is a problem. For instance, a patch may be issued to address Adobe Flash vulnerabilities, but it comes bundled with Google Chrome updates. It addresses Flash vulnerabilities in Chrome, where Adobe Flash is embedded, but does not address standalone installations or Flash vulnerabilities in other browsers. 86% of respondents said that issues such as this mean they find it difficult to understand the impact of a patch. It is all too easy for security vulnerabilities to remain after a patch has been applied.
Patches are released that address multiple security vulnerabilities, but they do not address those vulnerabilities across all systems. The application of a patch will not necessarily remediate a security vulnerability entirely. According to Tripwire, ““The relationship between patches and vulnerabilities is far more complex than most people think.”
There is also considerable confusion between patches and software upgrades. When it comes to addressing security vulnerabilities, a patch may address some, an upgrade may address others, and there is often some overlap. Because of this, organizations struggle to ensure that all software is properly patched and fully up to date.
The survey revealed that half of enterprises do not know the difference between applying patches and remediating security vulnerabilities. 7% of respondents didn’t realize there was a difference between applying a patch and resolving a security vulnerability, while 43% said their staff had trouble understanding the difference.
Patches are now being issued regularly and many enterprises find it difficult to cope with the sheer number of patches being released. Before the survey was conducted, Tripwire expected only a small number of organizations to be experiencing “patch fatigue.” However, it is clear from the results of the survey that this is a widespread problem. 50% of respondents said that patches are now being released at an unmanageable rate.
Enterprise patch management may be one of the most basic security measures, but effective patch management is anything but simple.
