Tag: IT Security

10 Apr 2019

One Must Have From your Chicago IT Support Provider

Network Security
SECURITY OPERATIONS CENTER FROM YOUR CHICAGO IT SUPPORT PROVIDER

The single most important thing your Chicago IT Support plan needs

If you are making a decision related to IT and your Chicago company you are faced with a ton of options, technologies, costs, software, platforms, etc. But, currently the single most important focus of your Chicago IT support strategy needs to be IT Cyber Security. You’ve probably heard this from any reputable IT Company or one of the better IT Companies in Chicago. Don’t ignore this message. Sometimes executive leadership tends to tune out the constant sky is falling messages about information technology. But IT Cyber Security is one area that can’t be ignored.

Your Data is Under Attack

Your data is your company. All your accounting records, sales records, human resources records are today’s most valuable assets. And hackers want this data, and spend enormous amounts of time trying to get it. Cyber threats are becoming more common and extremely sophisticated. And as one of Chicago’s leading IT Companies we see more and more attacks happening to smaller companies. That’s why even as a small business or mid-size business IT Cyber-Security must play a huge part in your IT Support plan. The threats include Malware attacks, that can penetrate your systems through emails, web site visits, downloaded files. Other threats may include hacking, insider attacks and of course ransomware. Well the majority of these threats can not be stopped by typical firewall and perimeter security technologies.

Why Firewalls aren’t enough!

The problem is many Chicago IT Companies have relied on firewalls and perimeter technologies to protect your company’s data from hacking. Perimeter technologies are systems that act like a fence or gate. They protect intruders from getting in from outside your network. Imagine a house, your yard fence, windows, locks and doors, these would be considered perimeter defense technologies. However, these technologies alone will no longer protect you. The reason is most attacks these days come from inside your network. So what would you do to protect your house if someone was already inside? Well your security and home defenses would be much different. Then you would need to look more at solutions that allow you to respond and eliminate the threat from the inside. Now your Chicago IT Support plan needs a Managed IT Cyber Security service to keep your data safe from the inside. What does that mean? Well it means that your systems, network and its data are monitored 24/7 to make sure no one is hacking or compromising your data from the outside and inside.

Protection Detection and Response

Lets continue with the home analogy. To protect your home you may install a fence, locks on your doors and windows, or even gates on your windows. In the IT security and support world, gates, locks and doors would be the firewalls, and endpoint protection technologies. This is the first step towards a proper IT Security plan. Protection! Next let’s think about burglar alarms, and what they consist of in your home. They would have motion sensors, movement detectors and cameras. In IT Security solutions and IT Support technologies this would be the Detection piece of your IT Security solution. You need a platform that detects an intrusion, similar to burglar alarms. These are referred to as intrusion detection solutions. And lastly, and perhaps most important is what happens when an intruder is detected? Well 911 is called. This is Response! Well in IT Security how you respond to an intrusion is what will save you from an attack. You need all three pieces, Protection, Detection and Response to have a successful IT Security plan.

The Glue that holds everything together

OK well now you know you need an IT security solution that provides Protection, Detection and Response. That is great, but finally there is a something that keeps all of this working, and that’s a SOC. The Security Operations Center is the glue that holds everything together. All successful Managed Security services must provide a Security Operations center or SOC. You must work with a Chicago IT support company that offers IT Managed Security Services and that has a SOC that provides 24/7 monitoring of your systems. And I am not talking about a SOC that is run inside some small IT company. I am talking about a SOC that meets compliance requirements and the platform is maintained in a HIPPA, PCI. SSAE 16 compliant data center.  The SOC is the cornerstone to a successful Chicago IT Support strategy. And as a small business you can not afford to implement your own SOC. A good SOC Cyber Security Platform from a good IT support company will do the following:

It will monitor the inbound and outbound data and network traffic of all your network devices. This will allow the traffic to be evaluated as being from good sources or from bad sources. Action based on the different traffic behaviors can then be evaluated to see if a threat pattern exists. The threat pattern may be related to ransomware attacks, insider attacks, botnets and other threats that slip past the firewall. This is what Managed IT Security is.

A good SOC offering will also provide your business with regulatory compliance reporting to deal with HIPAA, OCI, SOX and other regulatory bodies. This will minimize your exposure to fines, penalties and remediation costs. Regulatory compliance is a key benefit of a good Managed IT Security offering.

And to pull this all together Log Capture and Management has to play a roll. This is where the information is evaluated and data investigated to discover breeches, anomalies, and other malicious behavior.

In conclusion your IT Support plan must have a IT Cyber Security solution or SIEM (security information and event management) solution that leverages a Security Operations Center to succeed and protect your comapny’s data, network and systems.

If you have further questions related to Chicago IT Support or IT Security Solutions for your business feel free to call Rick Bolda at 630-918-7370 or email info@itriskmgrs.com.

 

08 May 2018

What Kind of Data Do Hackers Want to Steal?

Making sure you protect the right data is key to a good Cyber Security and Network Security Plan

Cyber Security Plans and your Data

As you build your cyber security defenses and determine your network security priorities you need to start by knowing what data hackers want to steal. With a better idea of what data hackers want to steal, you can be more careful with this data.  You can also design your cyber security plan to protect this data. Hackers want to steal almost every kind of sensitive data imaginable, but there is also a lot of data they want that you wouldn’t commonly think of.

Here is a list of the kinds of data hackers are after:

Personal Information

This is probably the first kind of data you think of when you think of what kind of data hackers want to steal. And if you collect other people’s personal information it is extremely important your cyber security plan and cyber security strategy be designed to protect this data. The most common forms of personal information include passwords, credit card numbers, account information, social security information, trading information, and intellectual property. However, this also includes less common information such as your favorite sports team, your pet’s name, where you were born, your parent’s full names, and what schools you attended. Random information like this can also be used to gain access to your accounts, so be just as careful with this kind of information as you are with the rest.

Once hackers gain access to this data, it can be used in a vast multitude of ways. Of course, social security numbers can be used for identity theft, and credit card and banking info can be used for financial theft. Account information can be used for phishing, spam, and scams, and social media information can be used for dirty data mining for yet more phishing, spam, and scams.

Trade Secrets

This is also another kind of data you probably think of when you think of what kind of data hackers want to steal. Your business methods, business plans, business forecasts, market analysis, marketing plans, and other details about how you do business could possibly be useful information to sell to one of your competitors. However, the biggest threat may not come from the outside but from the inside – an employee may turn out to be the one who steals this sensitive information. Make sure you are taking necessary precautions to keep this information from leaving your building in the hands of any employees as well as hackers. Good cyber security plans and strategies consider threats from both the inside of your company and outside attackers.

Healthcare Information

This isn’t commonly thought as data hackers may want to steal, but it is just as valuable to them as trade secrets or other personal information. Healthcare information is commonly used in identity theft involving healthcare insurance fraud and abuse, which is more lucrative than simply selling social security numbers. The FBI said recently criminals can sell healthcare information for as much as $50 a record. So, if you have any healthcare information on employees and/or clients, make sure you are keeping that information secure with the latest state-of-the-art security protocols. You may also need to follow HIPAA guidelines when developing your network security and cyber security plans.

Hackers May Want to Steal ALL Your Data

This also isn’t commonly thought of as data hackers may want to steal, but ransomware is a common threat to business in which ALL your data is held ransom for an exorbitant fee via encryption. The best way to keep your data safe from this is to keep your own regularly encrypted backups both online and offline. And one of the most important pieces to a successful cyber security strategy is having the ability to recover in the event of an attack. Off-site back-ups are critical in being able to recover from a cyber-attack.

Standing Your Ground is Tricky Business

Staying safe from all these sensitive data theft threats is a tricky business and can harm your business. that isn’t recommended you try to do yourself or trust just anyone to do for you. You need to trust a professional IT Cyber Security firm that is fully certified and has a proven track record in setting businesses up to successfully stay protected against all these Cyber Security threats to their data. The first thing to consider is having the right cyber security and network security plan put in place, with experts that know what data hackers want and how to protect it.

 

Go here to see 8 ways your employees enable hackers!

https://www.itriskmgrs.com/8-ways-your-employees-enable-hackers