Employee Awareness of Phishing & Social Engineering Attacks

As written by Rob Walker.

Employee behavior is considered one of the main reasons why phishing attacks can be effective. With proper education your staff can be made aware of how to spot phishing attacks and stop them in their tracks.

Red Flags

Alert your staff to look for these red flags when they receive e-mails that are requesting some form of payment, account password authentications, or account deletions:

Tips & Ground Rules

Alert your staff to follow these rules when it comes to suspicious activity:

In addition to these tips, it could be a good idea to put Microsoft Defender to use company-wide. It is a part of Office 365 that can protect your staff from malware attached emails as well as unsafe links embedded in emails.

Certified Security Awareness Training

It is also a good idea for you to obtain certified security awareness training. A reputable company that provides this service is KnowBe4 and they provide the following:

Educating your staff is key. They are often the only line of defense when it comes to sophisticated phishing attacks. Contact us to learn more about getting your users fortified with the knowledge and support they need.

If you’d like to read more on phishing and cyber security, read our blog on How to Prevent, Detect, and Protect Yourself from Phishing Attacks.

How to Use Microsoft Secure Score to Tell if You’re Secure

Image source: https://www.microsoft.com/en-us/us-partner-blog/2017/02/21/office-365-partners-office-365-secure-score/

Security issues are becoming an ever growing concern across the digital landscape. As such, numerous security solutions have been developed as a means of counteracting these threats. Unfortunately, however, leveraging these solutions and configuring their controls, coupled with a lack of knowledge around these controls, many security teams are having difficulty balancing security and productivity, while remaining on top of developing trends.

With Microsoft Secure Score, however, companies can have far better control and visibility over their security posture. The platform offers integration with other Microsoft products, Microsoft 365 identities, data, apps, devices, and infrastructure. It also provides a comparison score to other companies and score tracking, taking into account when third-party solutions tackle recommended solutions.

Microsoft Secure Score gives you points every time you configure recommended security settings and features, take important actions, and perform security-related tasks, even when implementing them with third-party software.

How To Improve Your Security Score

Security recommendations to help streamline the process are organized into groups as follows:

Your current score and available points will be divided among these groups. On the overview page, you'll also get a historical trend and benchmark comparisons of your security score, helping you to make better decisions down the line.

Whenever you decide to take action on any of these groups, you will be presented with four options:

Extra Information About Microsoft Secure Score

It's important to note that some improvement actions will be scored in a binary fashion, meaning that you'll get all of the points once the operation is performed. Other actions, however, you will only get a percentage of the points of the overall configuration. So, if the action of protecting all of your users with multi-factor authentication, for instance, is worth 30 points, but you only protect half of your employees, you will only get 15 points.

You can also view your company's score over time in the history tab, which includes a global and industry average, as well as all the actions taken within any given time frame. Lastly, you should keep in mind that the Microsoft Secure Score is not an absolute measurement of your digital safety since no online service is immune from security breaches. It is more of a summary of your security posture based on the measures you've implemented in your Microsoft environment. This tool will help you have a better chance of not being breached.

Phishing Attacks Can Now Bypass Multi-Factor Authentication

The healthcare industry has been steadily moving towards consumerization. It means that, as the industry moves towards value-based care and patients demand easier access to their data, cyber threats are also increasing. With greater patient access such as telemedicine, mobile, patient portals, and remote platforms, the threat surface has also increased.

To decrease this threat, two-factor or multi-factor authentication (2FA), was introduced. A 2FA is a method of confirming a user's identity by using a combination of two different factors. One such example is when a person wants to withdraw money from an ATM by using a combination of their bank card and PIN. Similar is the use of a password and generated code.

Nevertheless, a security researcher has recently released a hacking tool that can automate phishing attacks and break through multi-factor authentication with relative ease.

What Does This Hacking Tool Look Like?

Developed by Piotr Duszynski, Modlishka is a reverse proxy tool designed to handle traffic from both login pages and phishing attacks. The device is launched between the user and the target website, where the user is connected to the Modlishka server through a phishing domain.

Traditionally, phishing campaigns are disguised to resemble the target website as close as possible. It can include sent emails that look nearly identical to the corporate address. But with Modlishka, users are brought through all the legitimate site passes, where it records their information.

What this means is that all passwords and credentials inputted by the user will automatically record into the hacking tool's backend. At the same time, the tool will request users to enter their two-factor authentication. If the hacker monitors and collects this information in real-time, they can use it to log into the system and the victim's account. All that hackers need to leverage this tool is a phishing domain to host the server and a valid TLS certificate.

In his blog, Duszynski said that “I hope that this software will reinforce the fact that social engineering is a serious threat, and cannot be treated lightly. So the question arises: is 2FA broken? Not at all, but with a right reverse proxy targeting your domain over an encrypted, browser trusted, communication channel one can really have serious difficulties in noticing that something is seriously wrong.” 

He also went on to say that “Include lack of user awareness, and it literally means giving away your most valuable assets to your adversaries on a silver plate. At the end, even the most sophisticated security defense systems can fail if there is no sufficient user awareness and vice versa for that matter.”

How to Protect Against Modlishka

The best method to protect your organization against this threat is by using hardware two-factor authentication, based on the U2F protocol. The next step of the process should include raising awareness of the danger of reverse proxy phishing attacks among staff members and other users.

Also, a good password management solution may also be required, as they continue to be a strong defense against phishing attacks. Such a solution will not prompt you to enter your password on a domain it doesn't recognize, meaning that you won't end up giving up your credentials unless the URL is safe.

Takeaway

When it comes to the healthcare industry, user authentication is at the highest risk of cybercrime. And with the introduction of this new tool, as well as others that may exist, this risk is further increased.

Health organizations can reduce this risk by leveraging the right types of technologies and by supporting their employees to meet security best practices. If you need any help Managed Solution is at your service. Our specialists will determine the best solution that will fit your needs.

Revolutionizing the Financial Sector With Artificial Intelligence

Today's many technological revolutions are changing the business environment, almost beyond recognition. When it comes to the financial sector, artificial intelligence (AI) is finally addressing some long-pressing compliance issues.

Out of the $35.8 billion projected expenditures on AI across all industries in 2019, banks and other financial institutions are investing $5.6 billion in AI. This sum will go into things such as prevention systems, fraud analysis, investigations, and automated threat intelligence. Alongside retail, manufacturing, and healthcare providers, the banking sector is the top spender in AI.

This investment isn't without merit either, as the McKinsey Global Institute estimates that the financial sector could generate more than $250 billion over the coming years. It will be a result of improved decision making, better risk management, and personalized services. Despite these projections, many financial firms are cautious when it comes to implementing AI. But those that want a competitive advantage need to overcome this instinct and benefit from what artificial intelligence has to offer.

Improving the Sales Process

When it comes to lead handling and distribution, most banks employ a "round robin"-type system where every lead officer is assigned an equal number of leads in circular order and without any priority. But NBKC Bank, a midsized financial institution based in Kansas, introduced AI into the process.

They realized that some loan officers performed better in the morning while others in the evenings. To that end, they've implemented a platform that distributes leads based on the officers' peak efficiency times. While a quarter of leads are assigned randomly, the rest are assigned based on this intelligent system. And while it still takes into account individual workloads so that everyone gets an equal number, NBKC Bank managed to improve their loan officers' performance by 65% and their closing rates by 10 to 15%.

Better Risk Analysis

Various statistical models have been used to evaluate risk by financial institutions for some time now. The most significant difference today, however, is that the use of such algorithms is much more extensive than it was in the past. Likewise, the amount and type of data available are also much more considerable than in previous years. All of these put together, coupled with the introduction of AI and machine learning (ML) will result in solving many problems.

Fraud analysis is one such example. By using AI, banks and other financial institutions will be able to spot frauds faster by detecting unusual activity in real-time. Similarly, AI can detect and filter out fraudulent or, otherwise, high-risk applications. Agents will, thus, only have to review those that have made it past the system, significantly increasing their overall effectiveness.

Alternatively, AI can use alternative sources of data, allowing banks to offer lending products to new groups of people. In the future, AI is predicted to take on even more complex tasks such as deal organization or Financial contract reviews.

Enhancing Customer Service

Sumitomo Mitsui Banking Corp (SMBC), a global financial organization, is one institution that's deploying AI for its customer service. It makes use of IBM Watson, a question-answering computer system, that's able to monitor all call center conversations, automatically recognizing questions and providing operators with real-time answers.

The introduction of Watson into the mix, the cost of each call reduced 60 cents, with equates to over $100,000 in annual savings for the bank. The system also managed to increase customer satisfaction by 8.4%.

SMBC also uses IBM Watson for employee-facing interactions, answering questions that staff members may have about internal operations. The AI system is also used to deal with a variety of cybersecurity issues.

Takeaway

Investing in AI should be on every financial institution's priority list going forward. Nevertheless, knowing how to navigate all implementations and compliance issues can prove to be a challenge. With Managed Solution, you can find the application that will best suit your needs. Contact us today for more information.

Why End User Security Training Is Important in Today's Digital Environment

Over the past several years, cybercrime has hit record highs. And as businesses become ever more technological and interconnected, digital crime is only set to rise. The cybersecurity of every organization relies heavily on its digital infrastructure as well as a good IT team ready and able to support it.

Nevertheless, cybercrime isn't only about complicated pieces of software that hackers use to infiltrate organizations. The bulk of what's considered digital crime doesn't exploit technical vulnerabilities within a system, but rather the end users that utilize these systems daily.

So, when we talk about end-user security training, we are referring to raising awareness among your staff members who can become easy targets for hackers. Anyone who is using the internet daily can inadvertently provide access to your company's sensitive data. They need to receive the proper training to spot and avoid these threats, in the first place.

Phishing Attacks

There are many security threats that end users are exposed to. One of the most common, the most devastating, and ironically enough, one of the easiest to defend against are phishing attacks. Phishing attacks are nothing more than ploys designed to solicit sensitive information from end-users (passwords, user names, social security numbers, etc.), by pretending to be an authority figure, colleague, or a familiar person.

Once someone provides their password, for instance, the cybercriminal will have access to that user's information and email list. Accessing a low-level employee's inbox may not seem like such a big deal, but they can use it to phish their way up the corporate ladder and gain access to the entire company's database. Hackers will, for a time, be able to impersonate their victim without anyone knowing it. And the frustrating part about all of this is that, with the proper knowledge, phishing attacks are easy to defend against.

The Importance of End User Security Training

Providing the training and raising awareness among staff members about the types of security threats that target them directly, should be at the top of every security investment. Unfortunately, however, this is rarely the case, with personal training seldom finding its way into the budget.

A company's IT security is more dependent on its end-users that most realize. With healthcare, finance, biotech, and other industries becoming more dependent on IT solutions, security training needs to be a priority for both managers and employees alike. Without them, internal threats are only set to increase over time. Many employees use unmonitored systems or have access to the systems they do not need.

The reality of the matter is that end-user security training will increase your employees' ability to keep your organization secure, keep up with the changes in system updates, company policies, and new threats. By helping your staff members recognize these dangers and handle various security incidents, many cyber-attacks will be circumvented.

The security and future success of any digital-dependent organization may depend on their employees being able to know what a security threat looks like and report it to the IT team. It can be that simple. And with the right training, this process can be a lot simpler and more cost-effective for your entire workforce.

Together with Managed Solution, you will be able to keep your data and systems secure from any internal or external threats. Contact us today to figure out a personalized solution for your organization.

5 Cyber Security Training Tools and Resources

When it comes to data breaches, in particular, cybercrime is at an all-time high. According to the statistics, over 21% of all files are not protected in any way. Also, 41% of organizations have over 1,000 unprotected and sensitive files such as credit card numbers, health records, SSNs, etc. What's more, 7 out of 10 organizations have said that their security risk has increased significantly since 2017, with ransomware growing by as much as 350% annually, and IoT-oriented attacks by 600%.

The healthcare industry has seen the most significant number of ransomware attacks, which are believed to quadruple by 2020. The financial service industry, on the other hand, suffers the highest costs related to cybercrime, with an average of $18.3 million in losses per company.

Based on all of these figures presented here, plus many others like them that exist, it would only stand to reason that businesses should invest as much as they can in their security. Training staff members to recognize and avoid security threats is one of the most effective ways of achieving a desired level of protection. It is for this reason why we've compiled a list of five tools and resources to help you prepare for the road ahead.

Udemy

Udemy is a training portal designed to help organizations and individuals learn about cybersecurity. It provides classes on several other fields such as development, design, marketing, etc., but also in terms of IT security. Many courses are free, while others cost somewhere around $15.

Cybrary

Another resource in terms of cybersecurity training is Cybrary. As a freemium service, Cybrary provides numerous classes for employees and job seekers, particularly CISSP, CCNA, CompTIA A+, and CompTIA Security+, among other such entry-level security certifications. There are also paid courses to be had on the platform, providing further knowledge in the field of cybersecurity. Also, Cybrary offers per-seat basis enterprise subscriptions, making it more cost-effective for organizations with hundreds of employees to learn junior-level cybersecurity roles.

BrightTALK Webinar Stream

With BrightTALK’s comprehensive stream of cybersecurity webinars, you will have access to thousands of IT security related videos. These are continually updated and are particularly useful for professionals looking to further their cybersecurity careers. BrightTALK also provides options for non-English speakers.

Information Assurance Support Environment (IASE)

IASE is a web portal, part of the US Department of Defense. It offers over 30 free online cyber security courses, mostly in the form of web-based training. And even though the portal focuses on the Department of Defense users, the topics can still be used as generalized cybersecurity training for both beginners and professionals.

Security Now Podcast

Security Now is a weekly podcast available in both video and audio formats. The podcast is hosted by Steve Gibson and Leo Laporte, the TWiT Netcast Network founder and who also invented the first anti-spyware program. The show runs for about two hours and focuses on helping the audience increase their personal security with topics such as firewalls, password security, and VPNs.

Takeaway

These resources will hopefully help you increase your organizational security and help your staff members become more knowledgeable about the issue. For more information, contact us directly.

is-your-network-fast

Tools like Active Directory and Azure Site Recovery Work Together To Prevent and Recover from Disaster

active directory large - managed solution
Active Directory Isn't Enough

Identity and Access Management goes way beyond just Active Directory these days. Do you have the tools in place to empower the "always on" worker, the co-mingling of company and personal business, compliancy, access and data loss? It's time to think about your overall Identity & Access Management Strategy and we can help.

Microsoft's Identity & Access Management Stack

Let’s talk  Microsoft’s stack of tools including ADFS, SSO, Advanced Threat Protection, Multi Factor Authentication, etc. all part of Microsoft Identity Management Strategy. Whether it’s on premise or hybrid cloud we can create and manage identities to create secure environments that are also compliant.

 

[vc_row font_color="#ffffff" css=".vc_custom_1471641930410{background-color: #6994bf !important;}"][vc_column][vc_column_text css_animation="appear"]

Learn more about professional services provided by Managed Solution


[/vc_column_text][/vc_column][/vc_row]

 

To Learn More about Professional Services, contact us at 800-208-3617

Keep Company Data Safe During Summer Concert Season With Mobile Device Management

[vc_row][vc_column][vc_column_text]

coachella - managed solution

How can you keep data safe during festival season?

Mobile Device Management

Protect at the “front door”

Our solution starts with identity protection capabilities to secure access at the “front door” of your company’s apps and data. Azure Active Directory Identity Protection leverages billions of signals to provide risk-based conditional access to your applications and critical company data, including the option of multi-factor authentication. We also help you manage and protect privileged accounts with Azure Active Directory Privileged Identity Management so you can discover, restrict and monitor privileged identities and their access to resources.

Protect your data from user mistakes

We provide deep visibility into user and data activity, so you can protect your company when users make poor choices as they work with critical company data. Microsoft Cloud App Security provides visibility and controls for cloud apps, including popular SaaS apps like Box, Salesforce, ServiceNow, and of course Office 365. With the new Azure Information Protection, we have brought together classification and labeling with persistent data protection to enable secure file sharing, internally and externally. Finally, Microsoft Intune Mobile App Management (MAM) helps you prevent data loss on mobile devices, with the unique ability to manage the Office mobile apps without requiring device enrollment.

While your employees are out taking pictures by a giant ferris wheel, take control of your IT. A backup and disaster recovery plan is a must-do for any company these days. Downtime can cost companies way too much money. Make sure your company doesn't fall victim by establishing your BDR plan.

Detect attacks before they cause damage

As more organizations move to an assume breach posture, we help you identify attackers in your organization using innovative behavioral analytics and anomaly detection technologies―on-premises with Microsoft Advanced Threat Analytics and in the cloud with Azure Active Directory and Cloud App Security. Our threat intelligence is enhanced with the Microsoft Intelligent Security Graph driven by vast datasets and machine learning in the cloud.
With the addition and expansion of these innovative and holistic security solutions, we are renaming the Enterprise Mobility Suite (EMS) to Microsoft Enterprise Mobility + Security (EMS) to more accurately communicate its value. We are also announcing a new expanded EMS E5 plan. This is described in the graphic below and will be available in Q4 calendar year 2016 in line with the new Secure Productive Enterprise plans announced today.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text][vc_cta_button2 h2="Looking for a technology partner to assist with a specific project or services?" title="Managed Services Quote" position="bottom" link="url:http%3A%2F%2Fwww.managedsolution.com%2Fmanaged-services-quote-request%2F||"]

As one of the biggest, brightest and friendliest IT companies in Southern California we want you to take advantage of our free security assessment or just request a quote for managed services. We can even work on your behalf to get appropriate projects funded by Microsoft. Call Managed Solution at 800-790-1524.

[/vc_cta_button2][/vc_column_text][/vc_column][/vc_row]