The Importance of Infrastructure Support

You have decided to purchase or subscribe to Microsoft Office 365 based on an educated decision about what will best suit your business needs. What about your infrastructure support? While the Microsoft Office 365 price tag is cheaper it doesn’t offer the infrastructure support and security that many companies need. In this case, there is a risk involved especially in, say a legal organization setting. For example, legal companies often have customizations, Word macros, Word templates and automated processes to make their work more efficient. While the most basic version of Office 365 comes with the ability to save data using Microsoft’s cloud storage, the challenge is that it is somewhat convoluted.

Microsoft has a very unclear process of what is shared storage and what is private storage. Much of that is left up to the person who is using Office 365. It’s a mass solution that will serve the needs of a percentage of people, but if you have specific requirements about security of your information and wanting to have all of your applications, data, and line of business applications in one place, then Office 365 alone is not the right solution.

Another Option: A Private Cloud Solution

Frontier Solutions points its clients or prospects in the direction of Office 365, but warns users that thinking it’s a full replacement for in-house infrastructure is a total misconception. Microsoft Office 365 is not an all-encompassing solution because it does not have the capability, even though you’ve got your productivity applications, for running your line of business applications and your accounting software, etc… There is limited administration of where documents are stored.

A private cloud solution is basically your Office infrastructure in the cloud. We do an assessment of all of the applications that you use which typically includes Microsoft Office as well as your line of business applications. We then install the Office applications, accounting software, document management systems, and any other productivity tools that you use on a hosted server. We provide access to each of your users to the cloud solution, so there’s a workspace that can be accessed from anywhere from any device.

Benefits of a Private Cloud Solution Provider

As a hosting provider and Microsoft Partner, a private cloud solution can offer Microsoft Office via SPLA (Service Provider Licensing Agreement). We provide Office on a subscription basis but in a different means. The business does not have to outright purchase Office and there are no capital expenditures. There’s a monthly charge for each Microsoft product used without the one year commitment that Microsoft usually enforces. For example, if your company signs up 30 people using Office 365, you pay monthly but there’s a one-year commitment. With private cloud solution, we report usage to Microsoft each month, so even if we signed up a business for 30 users today and next month they had to let five people go, they’re not committed to paying for those additional five people. It’s very scalable.

It is a solution that can grow with your business. As an example, we took on a startup law firm a little over a year ago that started with two people and now they have seven or eight. They contacted us and said, “Hey, we’ve hired a new person.” It’s just an incremental charge as they add people. As business grows, they are able to add additional seats without having a capital expense for licensing.

100% Uptime, 24/7, 365 Days per Year

With Frontier Solutions private cloud solution, aside from being provided with a modular Office software environment, you get all of the advantages of a secure data centre with redundant internet, redundant power, and security. It provides as close to 100% uptime, 24/7, 365 days per year as can be attained. Your business can run without interruption and your employees always have access to information. People don’t just work from 8:00 am to 5:00 pm anymore.

Freedom from frustrations.

There are a number of key frustrations that businesses experience in terms of IT. They vary from, “Who do I call when I have a problem, why is my technology not functioning? To “I invested all this money in IT and now it’s not performing” or a common one is  “My help desk or my IT support person is not getting back to me in a timely fashion,”

Due to lack of IT expertise, businesses don’t know what to do or who to turn to when these questions arise.

Why are these problems frustrating?

These issues are frustrating because they translate to downtime for the business, resulting in loss of work hours, lack of productivity and often loss of money. A business’ biggest expense is payroll. If you have employees sitting there twiddling their thumbs whilst waiting for systems to be back up and running and they can’t perform their jobs, then you’re losing money. Issues with IT can also cause businesses to lose clients and leave them vulnerable to cyber attacks.

What causes the frustrations?

These frustrations would mostly come from poor design, not choosing the right technology to begin with. Also not having a company that is well-versed in the way that technology works together, how different applications work, and not having that proactive approach to how systems need to be configured to perform optimally.

The source of frustration will come from a lack of understanding of how IT works. Business owners will often be experts in their field, not in IT. It can be very frustrating to not have control over such an important aspect of your business. It is important to understand that you need a service provider that you can turn to, that is invested in your business success and will help you achieve your goals.

How can I be free of these frustrations?

A Business owner needs to understand that even though you’re a business owner and you like to wear many hats, there are certain things that you’re just not equipped to do. Often, IT is one of those. Technology is an ever-changing thing, there are a lot of advancements made on a regular basis. IT requires in-depth knowledge and experience and exposure on a day-to-day basis to perform a successful IT function.

The best way to rid yourself of IT frustrations is to partner with a reputable managed IT services provider that has experience. That experience may be in their particular industry and the type of applications and technology that is prevalent in that industry. However it may be in general, a company that has IT support experience and has invested in their people and their processes to stay ahead of the game. They should be proactive about how the systems are configured to begin with and monitor the systems so that the support company is aware of problems before the end user is, and can respond accordingly.

Having a proactive provider that prevents issues from happening in the first place can be much more cost effective. Do you want to pay an IT provider for downtime or uptime? The advantage of a proactive provider is where your managed service IT provider is approaching things from the perspective of minimizing downtime and minimizing problems, it affords the opportunity to start looking at things other than just being in a reactive mode. Therefore you can start looking at increasing efficiencies and scoping for products.  They can look into how they would integrate your IT infrastructure to further increase productivity such as implementing a document management system to improve on what you’re already doing. If you’re constantly in a fire-fighting mode, you’ll never have the opportunity to look at those other options.

 

Top 10 IT frustrations

 

Or …

How getting the right IT provider can help you deal with your top 10 IT frustrations.

IT is an essential part of any business, however as a business owner the likelihood is that your specialism is in your business sector not IT. Getting your IT services right is essential to the productivity and security of your business.

Terry Rowsell from Frontier Solutions takes us through the top 10 IT frustrations experienced by business and how a good IT provider can combat them with expertise and a proactive approach.

1. Repeat problems. Problems that occur time and again or problems not fixed properly the first time can be a major frustration in the workplace.

Your IT provider needs to clearly define the problem. You need to take the time to fully explain the issue to your support provider as well as how the system worked in the first place.

Another way to avoid frustration in that particular situation is a cooperative approach to the problem.  The help desk person needs to be able to understand that if it’s not a two-minute fix that is going to need a little bit more time, then this needs to be communicated to the end user; “Is it possible that we could have access to your system over the lunch hour or is there a period of the day when you are less busy” would go a long way. The support provider needs to be working in a way that will minimise disruption to your business.

2. Response time. A long response time from IT support on a technical problem can cause frustration and a lack of trust between the business and provider.

Your IT provider should provide you with a service level agreement to include things like a guarantee of a 1 hour response time, or if it’s deemed as an emergency, then a 15-minute response time. This should all be drawn up before the contract is agreed, to manage expectations. The provider should ensure to adhere to this agreement to maintain trust between the provider and client.

3. Limited onsite time. Businesses will often have IT support only available onsite for a limited time. Having full time onsite IT services can be costly and not practical for small and medium sized businesses. What do you do if you have an IT problem on Monday and onsite time isn’t until Wednesday?

This frustration would be highly typical in a break-fix scenario where the tech support is only available on a specific day or morning of the week when someone comes in to address the issues that have risen. This is becoming less and less common, because a lot of businesses are moving to managed services. Some companies have both solutions but they find employees will still wait until the onsite day and the tech support will be faced with a long list when they come into the office. The solution is to have a Managed IT service to cover the business every day and to educate employees about the service that is provided.

4 Remote Access. Accessing emails or files outside the office can cause a big frustration if the remote service is not working and can cause many lost hours of working time.

To solve this issue the employee needs to work with the service provider. The best way to reduce the stress caused by this issue is to plan ahead. If you know you’re going to be working from home or going to be out-of-town and need to work remotely, work with the IT provider or contact the relevant person within your firm to ensure that you have remote access functionality on your system, and that it’s tested in advance to ensure that it works. Of course, not all problems can be foreseen so you should work with a provider who can provide good out of hours support regarding remote access as well.

5. Spam. Lots of businesses find that their email inboxes are getting inundated with spam. This can be at best annoying and at worst cause a big cyber security issue.

The solution to this would be a two-tiered approach. Firstly there is the need to have a proper e-mail filtering system in place from a reputable provider to ensure that spam is minimized. However there is also an education component where the responsibility falls on the IT provider to explain the challenges of filtering e-mail and how hackers or cyber criminals are able to create very suspicious-looking e-mails that a lot of spam filtering systems will still deem legitimate. Caution is still the order of the day.

6. Slow running computers. Some days it just seems that your computer is running slow but you don’t know what the issue is.

This falls under proactive maintenance. Your IT service should be running regular checks on the systems. You should look for Managed Service providers that provide functions such as using a malware protection agent that runs on each system.  It scans the systems after hours to ensure that if there’s malware, which is typically the biggest culprit for causing a computer to slow down, then it’s reported and we respond accordingly to clean up the system and ensure that it’s running efficiently. Your provider should be taking a proactive approach to issues by tracking all reported issues, looking for patterns and acting accordingly. They should also be up to date with all your systems and be keeping your organisation informed if anything is out of warranty, updates are needed or replacements are due.

7. Restoring deleted or updated files. This problem is extremely common; most people have deleted a file accidently or saved over a document by mistake but how can an offsite provider help you with this?

Your IT service should have a backup solution in place that takes regular interval snapshots of your system. A recommended solution is that backups are done every 15 minutes so you are always able to go back to that point in time and restore any accidentally deleted or overwritten files. That also comes into play if there’s been a buffers attack, if files have been encrypted due to ransomware, your IT provider is able to go back to that backup from as early as 15 minutes ago to restore files.

8. Repeating the problem. If you have a problem that is persisting or needs a longer time to resolve, you don’t want to have to repeat the problem again and again every time you call your IT provider.

This can be easily solved by ensuring your IT provider has a good ticketing system with well trained staff. Staff should be putting great detail into the resolution for each support request that they work with. This is so that if there is a follow-up problem placed by the company or the end user, any staff member at the IT helpdesk is able to go back and take a look at what the issue was and what was done to resolve it, negating the need for repetition.

9. Lack of support when IT specialists are away or sick.  If you have a dedicated in house IT person or an outsourced provider gives you dedicated staff member to your account, when they are absent it can be very frustrating when something goes wrong.

Having outsourced IT support that provides a good sized team of individuals is key to solving this issue. If you have a team of individuals supporting you, you are never left in the position of crossing your fingers and hoping that something bad doesn’t happen because someone is always available.

10. Programs not working as expected. If Word or Excel keeps freezing or your accounting program takes forever to load this can be extremely frustrating for businesses.

You need to ensure that you have a support company that is well-versed and experienced in understanding how applications work together, and has the troubleshooting experience with similar issues. The company you choose needs to have knowledge of the applications you use in your business and are able to quickly isolate issues and solve them as quickly as possible. You need to avoid the  “Let’s try this, let’s try that” type of mentality.

Legal Admins visit frontiersolutions.ca/legal-IT-frustrations/

Accounting Admins visit frontiersolutions.ca/accounting-IT-frustrations/

The Consequences of Losing Your Business Data

Data loss is a major challenge to the business world. Everyone is at risk. Even if you haven’t been affected, you are not safe.  If you didn’t know, hundreds of businesses are closed each year owing to data loss. A Gartner report estimates that 70% of small businesses that experience data loss close their doors permanently within 12 months. This is a big number. But it’s even worse in medium-sized companies where 94% of businesses that encounter serious data loss usually go out of business, 43% never open again, and 51% close down within two years of the incident.  The above report also indicates that of all businesses that lose data for more than 10 days, 93% end up filing for bankruptcy within just a year of the loss. Half of those companies are usually forced to file for bankruptcy almost immediately especially if the company didn’t have a solid corporate data management strategy.

The Consequences of Losing Your Business Data

The Consequences of Losing Your Business Data

The question you might be asking is why data loss is so serious. Why would so many businesses close down after experiencing data loss?  The answer lies in the following five points that, together, constitute the real cost of data loss:

Data Loss Impacts on Business Operations

Data loss can impact business operations in three main ways. First, the lost data may be unrecoverable. If this happens, critical business records might be lost forever. Any business process that depends on such records might thus be impeded.

Secondly, the lost data might be recoverable but might take a lot of time to restore. This is the most common scenario in companies that back up data in an outside location, separate from the primary source. The problem is that sometimes not all data may be recovered.

And third, data loss can also result in unavailability of data, temporarily or permanently. When this happens, applications directly dependent on the unavailable data may fail. This is especially the case in relational databases. For instance, if the central database containing customer information becomes unavailable, then the sales system might also fail.

Data Loss Impact on Sales

A business can also suffer significant harm when data loss makes it impossible to interact with customers, sometimes resulting in lost sales and, by extension, lost revenue.

In the digital economy, email has become the primary channel of communication between businesses and customers. This is especially true in Business-to-Business (B2B) relationships where business trade directly with other businesses. Losing a business-critical email attachment may mean a lost lead/prospect which in essence might count as a lost sales opportunity. For instance, if there is a hard drive crash, a company may fail to submit a bid in time, resulting in a lost sale.

The same applies when a data breach is directed at a call center or CRM provider. An increasing number of small businesses have been turning to independent call centers for customer support assistance and Customer Relationship Management (CRM) providers for help in managing customer relationships. In a worst-case scenario, the harm resulting from an attack on either of these two might be enough to propel a small business into bankruptcy.

When Data Loss Completely Cripples Business Operations

In the event of extreme data loss such as the loss of an entire database, even temporarily, it isn’t uncommon for the affected business to fail at multiple levels. The company may be rendered helpless, unable to fulfill orders and struggling to update employee records. Producing financial records and providing customer services may also be impossible.

This is because technology has become the backbone of most business operations and most of the operations are usually tied together through a central IT system. Therefore, a disruption to the IT system might even affect the phone system and manufacturing processes. As a result, employees may be idled for long periods while the lost data is recovered, thus affecting productivity.

Loss of data can also make it nearly impossible for business owners/manages to measure performance. Most modern businesses rely on innovative technologies such as time tracking tools to measure the performance of employees. Any data loss that affects the data collected using devices may therefore make it very difficult to measure employee performance. Destroyed, damaged, or altered financial, market, and manufacturing data can also skew data and by doing so disrupt decision making.

Potential Theft of Information

Data loss can also take the form of data theft where a hacker knowingly breaks into a computer or network and steals business secrets. These secrets may include business plans, product designs, and computer source code among others. The economic impact of information theft is difficult to measure because, in most cases, the harm can manifest itself over a long period.

However, such theft usually causes three known effects; lawsuits, breach of regulator contract, and loss of business. Lawsuits have been covered in depth in the next point. As for breach of contract, every industry has regulators. In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) states clearly that it is the duty of private businesses to “protect though appropriate security measures” all personal information collected from customers. When a hack results in loss of personal data, the affected organization will have breached the PIPEDA agreement.

Loss of business, on the other hand, isn’t uncommon after data loss incidents especially if the loss was a result of a preventable event such as a security breach. Customers may feel that the company didn’t take adequate measures to safeguard their information and may therefore choose to discontinue doing business with the company for fear of a similar event reoccurring in the future.

Costs Resulting from Lawsuits and Fines

Finally, there is always the likelihood of a lawsuit and hefty fines when a company experiences data loss. In Canada, these lawsuits aren’t unusual. For instance, in 2011, an Ontario Superior Court granted a certification of class action against Durham Regional Health when the health facility lost health records belonging to 83,500 patients. In the suit, the plaintiff sought $40 million in damages. In a different case, Honda Canada was forced to pay $200 million in damages and faults after the personal information including names, addresses and financial account numbers of more than 283,000 customers were accessed by hackers.

These might be examples of bigger companies but they nonetheless show us that any business can end up in the corridors of justice and face hefty penalties in the event of loss of data belonging to customers.

However, it’s usually not just customer information. Even shareholders can sue you. And you can also be sued and forced to pay untold amounts in fines for failure to perform duties outlined in a contract. A lost order can easily result in a customer suing you for direct and collateral damages.

Summary

The main take away from these five costly consequences of data loss is that businesses bear huge responsibility in protecting the data in their ownership. They must fix all loopholes to improve data security, otherwise they can face serious operational and legal ramifications.  If you are serious about protecting your business data, select an IT Services company to help you double-check your systems, recommend solutions to potential weak links in your security chain, and help you develop an organization-wide policy to help prevent data loss.

Frontier Solutions is Calgary’s outsourced IT services provider. Contact us to set up training to educate your staff about data backup and protection, or to help you with your corporate IT needs.

Free Cloud Storage Services are a Security Risk

Free Cloud Storage Services are a Security Risk to Businesses

Recently, there have been reports indicating that free cloud storage solutions such as Dropbox and Google Drive may contain security risks, especially if used in the workplace, or for business purposes. One particular report by Black Hat, published in mid-2015, reveals that a man-in-the-cloud attack can allow unauthorized access to a user’s Dropbox or Google Drive account, allowing a hacker to steal data without the user noticing. Hackers can exploit similar loopholes to infect users with malware and viruses, posing serious security and data breach risks to businesses.

Cloud storage security concept. Security and safety of cloud computing data storage. Protecting gesture of safety data management specialist and cloud icon with padlock.

Cloud storage security concept. Security and safety of cloud computing data storage. Protecting gesture of safety data management specialist and cloud icon with a padlock.

How “Man in the Cloud” Attacks Work

A man-in-the-cloud (MitC) attack is a form of eavesdropping in which an attacker intercepts and relays messages between a user and a cloud solution. Most MitC attacks exploit sync tokens – a well-known vulnerability in the design of file sharing solutions.

To sync files between the endpoint (user’s machine/device) and the cloud, the user is required to authenticate the synchronization. The cloud company provides the user with a synchronization token which is usually stored on the endpoint and can be used on multiple devices.

As such, all the attacker needs to do is steal a copy of the sync token. To avoid raising a red flag, MitC attackers use social engineering techniques to fool the user into installing a new synchronization token designed to sync the user’s legitimate account with the hacker’s account, granting the hacker access to the legitimate user’s account.
The worst part is that account owners are almost powerless in these kinds of attacks. Since the token is tied to the user’s device, even if the user changed their password, the token remains accessible to the hacker.

Free Cloud Storage Risks for Businesses

But it’s not just the possibility of hacking that makes free cloud solutions a delicate subject for businesses. The following are a few other things that could go wrong with free cloud storage:

• Data theft
Data theft mainly arises from a lack of oversight. In most organizations, IT departments and business owners aren’t aware of product installations and are therefore unable to control devices that can sync with corporate shares. As files are replicated on multiple personal devices, there is a chance the organization could lose control over the information which increases the risk of data theft.
• Silent data corruption
Data corruption is also a real possibility. Most businesses trust cloud providers to keep their most recent and correct data. But this doesn’t always happen as promised. In fact, very few cloud solutions provide protection against data corruption.

Security Improvements for Free Cloud Services

While the criticism is deserved, free cloud providers, particularly Dropbox and Google Drive, have been making an effort to make their services more secure.
Dropbox, for example, has fixed several loopholes in the cloud service since the 2012 security incident, in which a compromised password was used to access a Dropbox employee’s account and access the company’s user email list to send spam. Shortly after the incident, Dropbox worked on its login system, introducing an optional two-step verification process that added an extra layer of security to user accounts.

Google Drive has also made some adjustments to make the cloud service safer. The main security challenge in Google Drive lies in the fact that it uses the same logins to access multiple accounts. To mitigate the risk, Google now uses HTTPS on all its services.

Why Paid Cloud Services are a Better Option

For businesses that take data security very seriously, a safer and more reliable alternative is to purchase professional paid cloud storage. Unlike free cloud services, paid solutions allow:

• Secure access to all licensed programs your business runs
• Secure access to all base software needed to run the business
• Hosted exchange for employee email, contact, and calendar activities
• Access to multiple devices – PCs, laptops, tablets, and smartphones

Clients also benefit from continuous server monitoring which means that malicious activities are likely to be quickly identified and dealt with. Since paid cloud service providers have professional customer support on standby at all times, their clients also benefit from timely resolution of any arising issues.

At Frontier Solutions, our cloud servers reside in our world-class data center and are monitored for security and performance 24/7/365. Providing clients with the ability to work and access from anywhere means that local office disruptions or outages no longer need to affect productivity. Our trained professionals ensure problems are resolved quickly and easily.

Frontier Solutions is Calgary’s outsourced IT solution. Contact us to get more information about our Secure Cloud Platform, set up a complimentary IT security training session, or help you with your corporate IT needs.

Pokémon Go Exposes Businesses to Malware Attacks

Over the past few weeks, Pokémon Go has invaded the world. The outrageously popular augmented reality game has already surpassed dating app Tinder in number of downloads and is close to eclipsing Twitter in number of daily users.  Pokémon Go was developed by Niantic, a former Google startup, and is currently owned by Nintendo. It was first launched in the USA on July 6, 2016 and became available in Canada four days later, on July 10, 2016. Incredibly, within just 24 hours of its entry into the country, more than 6% of Canadian android users had installed it.  However, there is another side of Pokémon Go that a lot of users may not be aware of. Security experts warn that players are exposing their devices to significant risk whenever they sign up for the game using Google. Pokémon Go also exposes businesses to malware attacks.

Pokemon Go Exposes Businesses to Malware Attacks

Pokemon Go Exposes Businesses to Malware Attacks

Personal Information Concerns

Pokémon Go collects plenty of personal information during signup. On Android, for example, applicants are asked for access to their GPS location, contacts, camera, and to modify and delete storage contents.

Considering that some of these users are likely to be employees, businesses need to be very cautious with the app. With such information at their disposal, third parties could easily read and send emails on the user’s behalf. They can also access and modify a user’s Google Drive documents, access the user’s search and location history, and much more.

Although Nintendo itself might not be planning a massive data breach, such permissions are extremely risky in the current environment where cybercrimes have become rampant. Leaked data can quickly find its way to file-sharing websites and eventually end up in the hands of hackers who might use it to break into user accounts.

Pokemon Go Security Policy Loopholes

There’s also an issue with Niantic’s Privacy Policy. The policy gives the company exclusive rights to hand over personally identifiable information (PII) to law enforcement agencies, sell off the information, share it with third parties, and even store it abroad.

According to data security experts, this should be a major security concern, especially for businesses. First, Niantic hasn’t explained how it plans on storing the huge amounts of data it receives from users. The only thing they mention is that they have the right to store it abroad. Will the data be safe wherever it is eventually stored?

Second, the exclusive right to “share” or “sell off” user information is just baffling. Essentially, it means that Niantic can decide to give the user’s information to anyone they wish and the user would have NO rights to complain about it. What if they share an employee’s personally identifiable information with the wrong people? The policy clearly states that they can share the information with third parties “who may have not agreed to abide by the terms of the Privacy Policy” meaning they can share it even with potential hackers!

In organizations where Bring Your Own Device (BYOD) is practiced, such “unrestricted” access to a user’s information is a major risk. This is because the Pokémon Go players, in this case staff members, probably also use the same devices to access the organization’s resources.

Pokemon Go Exposes Businesses to Malware Attacks

Another major problem is whether or not the downloaded app is the official Pokémon Go. Various sources indicate that the staggered release of the game forced impatient gamers to resort to copycat apps.

According to Cyber Security provider RiskIQ, as of July 19, just 13 days after it was first released in the USA, there were more than 215 rogue versions of Pokémon Go on the Google Play app store. With these mirror apps, there is usually a greater risk of malware being built into the app.

Already, security firm Proofpoint has discovered a version of Pokémon Go that contains a remote access tool, or RAT, called DroidJack. This exploit primarily targets Android users, and once installed, can access anything on the device including contacts, email, text messages, photos, and videos. If some of these resources contains or even occasionally accesses sensitive business information, then it can cause a huge problem.

Mitigating the App’s Security Risks

Aside from encouraging employees to avoid Pokémon Go at work, there are three steps managers should take to mitigate the game’s risk:

First, organizations need effective information security policies and disaster response plans in case an attack happens. Second, corporate policies should be updated to address mobile device and BYOD security issues. Third, businesses should invest in malware protection and data security training for their staff.  Building awareness is the key component to fight today’s security and malware issues.

Frontier Solutions is Calgary’s outsourced IT solution. Contact us to set up training to educate your staff about malware protection, corporate data security, or to help you with your corporate IT needs.

 

Macro viruses are recently making a comeback, often in the shape of ransomware attacks. Here's how you can protect yourself from malicious macro viruses.

Macros Viruses are Back – How to Protect Yourself

What are Macros?

“Warning: This document contains macros.” If you started using computers back in the 90s, then you must have come across this message quite often.  A macro is a series of commands and actions that help to automate some tasks. These commands aren’t dangerous themselves. This explains why they are quite common in top-level organizations where they are used to automate repetitive tasks.  It saves these organizations time and money. Microsoft uses macros in its software, especially Word and Excel.  However, in spite of their time-saving potential, macros can also be extremely dangerous. Technically, anyone can write a macro to run malicious software on another person’s computer. When used this way, they become macro malware or a macro viruses.

How do Macro Viruses Infect?

The path to broad-based macro malware system infection typically starts with an email attachment. A worker in an office will receive an email that appears to be legitimate, even socially engineered to suit the user’s profile. Common subject lines include; resume, courier notification, payment request, donation confirmation, and sales invoice to name just a few. The text in the email often matches the subject line and you’ll even find official-looking logos and rubber stamps to make the attachment appear legitimate.

Microsoft Office solutions come with security features that will warn you about opening attachments. You will be cautioned that the document you’re trying to open contains macros and that it might be unsafe to open such documents.

There are usually different warning messages depending on the type of document a person is using (Word, Excel, etc). The most common one appears against a yellow background just at the top of the document, but below the toolbar, and reads: “SECURITY WARNING Macros have been disabled”.  A rectangular button to the right of that warning reads: “Enable Content.”

If “Enable Content” is chosen, the malicious code will execute, installing a malware downloader at the same time. It is this malware downloader that will then take over the task of filling your computer (and even local network) with viruses. Then the downloader may just disappear!Macro Infographic

Another type of warning may appear as: “PROTECTED VIEW Be careful – files from the internet may contain viruses. Unless you need to edit, it’s safer to stay in Protected View.” There will be a button with the words: “Enable Editing”,  which can be clicked.  And as soon as it’s clicked, the malicious file will begin its work.

The malware can embed itself in other documents and templates, corrupting other parts of the computing system. When an infected document is shared with unprotected users, these users’ computer and networks are also infected.

Melissa Virus – the Perfect Macro Malware Example

You may be asking: So what? What exactly do they do? How can they harm me? Well, you only need to read about Melissa to understand the potential damage of macro viruses.

The Melissa macro virus first made its appearance on March 26th, 1999. Like most macros, it came in the form of an email – socially engineered with the subject line: “Important Message From [name of sender].” In those days most people who used Microsoft software programs also used the Microsoft Outlook email program. Upon opening an infected file, Melissa first disabled a number of safeguards in Word 97 and Word 2000. Next, if Microsoft Outlook email was installed, the malware would proceed to automatically resend itself to the first 50 contacts on the email list.

Melissa itself wasn’t dangerous. However, you can imagine the effect it had as the emails continued to pile. Within a short time, mail servers were crashing left right and center out of email overload! Indeed, it only took hours before the likes of Microsoft and Intel shut down incoming email to prevent further damages. Smaller organizations reportedly lost email connectivity for several hours to clean the virus from their servers.

By the time it was done, this malicious macro malware had caused over $80 million worth of damage in North America alone. Worldwide, the damage was estimated to be about $1.1 billion. The developer of the malware pleaded guilty in December 1999 and was sentenced to 20 months in prison.

Beware, Malicious Macros are Coming Back

Between 2000 and 2014, there wasn’t much talk about macro viruses.  There simply wasn’t anything similar to Melissa within that period.

However, this has been changing recently. Between mid-2014 and mid-2015, the number of reported macro viruses more than quadrupled. A certain report shows that in the last quarter of 2014, less than 10,000 new macro viruses were reported. That number tripled in Q4 of the same year with more than 30,000 new malicious macros reported in that period. In Q3 of 2015, about 44,000 new malicious macros were reported.

North America accounts for the highest number of new malicious macros (44%), with Europe (29%), Asia (13%), and Central America (12%) following in that order.

Even worse, modern macro viruses appear to be taking the shape of ransomware attacks. The newest one called Locky, for example, disguises itself as an invoice with an attached word document. When the email recipient opens the document, Locky is enabled and instantly locks files on that computer while also spreading to other computers. A ransom note then appears demanding payment before the computer can be unlocked.

How to Protect Yourself from Macro Viruses

The bottom line is that you need to protect yourself in case you become a macro virus target. Microsoft has done its part by adding numerous macro security level features to its programs. In Microsoft Office 2003, for example, only macros signed with a trusted certificate could run. Modern versions of Office suites are even more restrictive. Office 2013, for instance, is set to disable all macros by default. You’ll only receive a notification that a certain macro malware was disabled while attempting to run on your computer.

However, you also need to take steps to further protect yourself and your organization. Start by activating the macro security function in Microsoft Word and Excel.  If there is an email that is persistently urging you to download a Word/Excel file, but whose authenticity you doubt, don’t hesitate to alert your IT staff for scrutiny.

Also, if you have to enable macros, take time to double check the source of the document. Sometimes a document might be coming from a trusted source, but it could be the Melissa virus sent automatically without that party’s consent.

Last but not least, organizations need to take a multi-layered approach to cyber-security. Even the strongest antivirus program can only do so much. Therefore, it’s important to combine the strengths of all available security tools including anti-malware, antivirus, anti-spam, web reputation services, and vulnerability exploit protection. This is the only sure way to keep these threats at bay.

Frontier Solutions is Calgary’s outsourced IT solution. Contact us to set up training to educate your staff about malware protection, or help you with your corporate IT needs.

Cerber Ransomware Attacks Office 365 Users

Attention! To view this document, please turn on the Edit mode and click Enable Content Button!

If you get this message above, don’t click enable!

office-365-ransomware

A new ransomware is targeting Office 365 users by locking down important documents and demanding a ransom of 1.4 bitcoins (or about $500).  Cerber is spread mainly through phishing emails and holds photos, documents and other encrypted files hostage until you pay to have them released via a decryption key.  The Cerber ransomware was first detected on June 23, 2016.

Tips to avoid being taken hostage:

  1.  Make sure your antivirus software is updated
  2.  Educate your staff on ransomware and how to avoid phishing emails
  3.  DON’T PAY THE RANSOM!

Contact us to set up training to educate your staff or help you get access back to your documents.

 

 

5 Lessons the Panama Papers Can Teach Us

panama-1308877_960_7202

Businesses, both small and big, have been very casual about data security. Up to very recently, a majority of investors didn’t even care about the security of their data. With their investment portfolios in the hands of very “capable” lawyers, they assumed that all was fine.

Then the Panama Papers breach struck!

What might have gone wrong?

How did 2.6TB worth of data get stolen from a computer system without the gatekeepers noticing?

According to the Computer Business Review, the scandal started in early 2015 when an anonymous source contacted a popular German Newspaper offering encrypted documents from Mossack Fonseca – the implicated Panamanian law firm. Over the next year, more and more documents were leaked to the newspaper.

By April 2016, the national daily had more than 2.6 terabytes of data. This staggering amount of data provided journalists all over the world with evidence that implicated several world leaders – proving they were hiding money in offshore “tax havens” through Mossack Fonseca.

How the data might have been stolen, no one knows. Whether it was an inside job or a skilled hacker, there is no evidence. What we do know is that the leak compromised over 4.8 million emails, 3 million database files, at least 2.2 million PDF files, and 1.2 million image files, not to mention the millions of text files.

Anti-David_Cameron_protest_04

Protesters swarm in London when word spreads of Prime Minister David Cameron’s, apparent involvement.

There is evidence; however, that Mossack Fonseca’s computer system was “outdated and riddled with security flaws,” which would have made the breach an easy job.

Outdated, insecure login portals

According to wired.co.uk, the law firm showed an “astonishing” disregard for security, having failed to update its Outlook Web Access logins since 2009. Additionally, the law firm’s client login portal was last updated in 2003! The client portal was found to be running on an obsolete and insecure SS2 v2 protocol. This outdated protocol increases the vulnerability to DROWN attacks, giving the hacker access to any and all communication between the users and the server.

Outdated client information portal

On the firm’s main site, Mossack Fonseca claims that its client portal is a “secure online account” adding that customers can access corporate information anywhere and everywhere in the world safely without any security issues.

Contrarily, the version of Drupal – a common content management system – used by the law firm was found to have at least 25 different vulnerabilities. One of the identified vulnerabilities was the high-risk SQL- injection vulnerability which would have allowed anyone with an advanced understanding of the platform to remotely execute arbitrary commands.

Webmail last updated in 2009

 You’d wonder how such a major law firm that deals with wealthy investors including sitting and former presidents, prime ministers, ministers, other world leaders and wealthy celebrities would fail to update its webmail for seven years! Quite astonishing, but it’s exactly what happened.

Apparently, even their main site, which runs on a version of WordPress, was at least three months out of date at the time of the breach. This left the front end of their computing system easily penetrable.


 

5 Data security lessons from the breach

While we aren’t condoning hiding illegal activities, we do hope this can be a wake-up call for companies to better protect their valuable data.

Here are at least five key lessons we can learn from the breach;

1. Vital information should be better secured

15855489588_6c209780a9_bWhat is clear from the Panama Papers breach is that Mossack Fonseca didn’t prioritize the information the law firm was protecting. When an intruder (or insider) can secretly download millions of records from your computer systems for more than a year without anyone noticing, you can’t sugarcoat it.

The findings show that the records consisted of day-to-day emails exchanged between the investors and stakeholders. This information should have been treated as crucial and therefore secured much better. Instead, the law firm hadn’t updated its webmail for 8 years in a row. That’s calling for trouble.

2. Always monitor outgoing traffic

download (1)The only reason the law firm didn’t catch the attacker in the act is because they weren’t even actively monitoring their systems. It looks like the whole firm was in a mess management-wise with the IT department not even aware that huge chunks of information were being copied to an external network.

If you’re serious about protecting your clients’ data, you need to always monitor outgoing traffic. Data transfers or malicious communication with outside networks cannot be allowed.

3. Implement the concept of least privilege

 icons-842884_960_720Every company needs to implement the principle of least privilege (PoLP) when it comes to data access. PoPL is a concept where users are only granted the access privileges they need to accomplish their job roles.

At Mossack Fonseca, it appears that a certain insider had access to nearly every bit of data within the company for no good reason. Whenever this happens, preventing a breach becomes almost impossible. These employees can get disgruntled. Perhaps they asked for a pay rise and were turned down. Maybe the company has served them with a termination letter. Under such circumstances, they can do the unthinkable.

4. Separate and isolate your services

Windows_Blue_Screen_on_room_full_of_computers When Mossack Fonseca is running most of their programs, including web and mail services, on a single windows server, they would as well have left a “Hack Me” sign on their homepage. It’s a mistake you just can’t make. These services should be run on completely different platforms and isolated as far as possible. This way, if someone hacks the mail server, they would not access your web services.

5. And lastly, update your software

refresh-525698_960_720 Mossack Fonseca’s biggest undoing was failing to update their software. Their client login portal was out of date, the client information portal was outdated, and the webmail platform was last updated in 2009. Under those circumstances, it was only going to be so long before someone hacked their system.

Whichever business you run, no matter the size, security starts with the basics: ensuring that whatever software you use is up to date.

Let’s all learn from this. No excuses. When 2.6TB, equivalent to 11.5 million records of data, is being leaked from one of the most trusted law firms in the world, surely, no one can say they are safe.

So, don’t hesitate any longer. Don’t even assume that your systems are secure. Call in a data security expert today, allow them to evaluate your system, and then let them recommend what needs to be done. That’s the only way you’re going to be safe.

Calgary IT Security, Cyber Crime, Hacking

Safe Internet Browsing and Malware

How do you make a hacker happy?

In 2015, victims of ransom-ware paid $ 325,000,000 to cyber criminals to regain access to their critical corporate data. Small businesses are particularly vulnerable to ransomware due to ineffective security and a lack of awareness.

You need to be concerned about the security of your network. Employee work practices and lack of security awareness can be the biggest threat to your company’s most valued asset – corporate data. Malware (software designed to gather information about a user without their permission) has evolved to become a primary means of revenue for cyber criminals.

See our Infographic below

 

feels

Complimentary Security Audit

  • We rely on educating our customers and having a multi-layered security solution in place to combat malicious attacks.
  • As our infographic indicates, paying the ransom only contributes to the problem. Our “Peace of Mind” security audit is conducted by our team of security experts and provides a detailed report of vulnerabilities and recommended enhancements.

BOOK YOUR COMPLIMENTARY SECURITY AUDIT

Free training session

For our valued customers, contact us to book a free 30 minute training session on what ransomware is, how it can hurt your business and the warning signs to watch out for.

BOOK YOUR COMPLIMENTARY TRAINING SESSION