[Insert Company Here] has Massive Data Breach – You Can Prevent Being A Headline

TechTarget Pete Downing Xentegra News
XenTegra’s Pete Downing Now Being Featured on brainmadden.com
March 20, 2018
IGEL UDC: Why Toss When You Can Revive Those Old Devices
April 4, 2018

I have said it before, and I will say it again, the end-user is your most significant threat to your company. Let’s take a look at some fun statistics:

Let’s highlight two recent attacks that have happened and are very preventable!

City of Atlanta

According to Barkly, the city of Atlanta was targeted by ‘SamSam’ which attacks servers exposed to the internet via brute force attacks on RDP or other exploits. ‘SamSam’ has logged eight attacks in 2018 with the primary targets being healthcare and government organizations. The interesting thing about ‘SamSam’ is it is NOT spread by emails or an employee clicking a link, instead the ransomware targets servers on the internet with weak or stolen credentials. The error and question that needs to be asked is, why expose critical servers to the internet?

Lord & Taylor, Saks Fifth Avenue Data Breach

According to the New York Times Saks was targeted by a Russian group known as Fin7 or JokerStack. This breach resulted in 5 million records stolen. It is not clear on how the records where obtained but is suspected via phishing emails sent to employees. A phishing email is simple; a user gets a seemingly legitimate email that encourages them to click on a link. When a user falls for this tactic, the link unknowingly installs software onto the computer giving the hackers a backdoor into the systems. The question that needs to be asked is, how can we prevent phishing attacks?

The Solutions

The great thing about being a ‘Valued Added Reseller’ (VAR) and consulting partner is I can propose the best solution stack for my customers. Let’s take a look at some technologies that can help mitigate these attacks:

  1. Offload insecure web browsing by letting someone else assume the risk. Citrix Secure Browser Service is a simple way to offload unsafe browsing to isolated, cloud hosted, and throw-away web browser session. Essentially whitelist only the URLs that you want running on your network and offload the bad. This integration is clientless via HTLM5.
  2. Exposing your servers to the internet is so 1990s; front-end them with a NetScaler leveraging Secure Web and Unified Gateway. Gain insight into the traffic while securing it. No more exposing RDP ports to the internet!
  3. Whitelisting should be top of mind and Ivanti’s Endpoint Protection takes a user centric approach to securing the endpoint. Prevent, detect, respond and remediate with one product stack which includes Invanti’s Application Control and Patch for Windows.
  4. Consider a next generation antivirus solution such as Bitdefender’s Gravityzone Ultra Suite and take prevention and remediation to the next level! Bitdefender has the first ‘Anti-ransomware Vaccine’ which works by exploiting flaws in ransomware and stopping the encryption process.
  5. Think beyond your network by considering a Secure Web Gateway like Zscaler so users cannot circumvent security controls and have to put ALL business-related web traffic through a central gateway securing ALL applications on and off premises.

I have heard it all from “SaaS application X can never be hacked,” to “Why do I need to secure web sessions,” to “I cannot prevent users from clicking the wrong thing”. While these statements are true in a perfect world, the truth is, most hacks can be prevented. The question is, how seriously does your organization take it and do they want to be a headline!

Pete Downing
Pete Downing
Joining Xentegra with over 15 years of software and IT experience from leading high technology organizations, Pete is the new Director of the Northeast Region. Prior to Xentegra, Pete has held various positions in IT, sales and product management. Recently, Pete was Director of Product Management for RES ONE Workspace/Security and directly responsible for defining the product direction, ensuring a successful code rewrite, the roadmap and ultimately played a role in RES’s recent exit and acquisition by Ivanti. Prior to RES, Pete held various product management roles at Citrix, BMC Software and Imprivata. He also has a deep knowledge of various Citrix products, where he was involved with Citrix’s cloud platform and cloud networking initiatives working specifically on Citrix NetScaler, bringing to market Citrix’s CloudBridge Connector and other strategic cloud initiatives. Pete joined Citrix via the Ardence acquisition, integrating Provisioning Server in to XenDesktop and XenApp. Pete is passionate about giving back where he is a board member for Three Squares New England, a Boston area non-profit focused on food insecurity. Parallel, he is very involved with his town and local schools where he is an elected town meeting member. He holds a bachelor’s degree in Sociology from University of Massachusetts Dartmouth and an MBA from Babson College. In his spare time, aside from enjoying time with family and being an avid pit master (BBQ), his hobbies include CrossFit, road cycling, mountain biking, carpentry and home DIY projects.

Leave a Reply

Your email address will not be published. Required fields are marked *