What Is The 3-2-1 Backup Rule?

Just about everyone has dealt with data loss at some point, from a USB drive that accidentally went through the washing machine to large scale cyber security threats knocking on the door.

One of the simplest ways to prevent data loss is to back up your data. I know, it’s one of the most common refrains you’ll hear from IT security professionals, but for good reason.

It’s simple math, really. If you have one copy of something, you have a single point of failure. If that thing, whatever it is, is damaged or destroyed due to fire, flood, hurricane, earthquake, or some other form of neglect or malice, you’re out of luck.

But if you have a backup copy, you’re twice as safe. Two backup copies? You’re three times as safe.

And so on.

But how exactly does one back up their data? It’s fine for me to sit here and tell you what to do, but what’s the best way to do it?

The answer lies in something called the “3-2-1 backup rule.”

What Is The 3-2-1 Backup Rule?

The 3-2-1 backup rule is a simple concept with three different points.

  • Have THREE copies of your data
  • Keep those copies on at least TWO different media
  • Store one of these copies off-site

It was conceived by Peter Krogh who was, of all things, a photographer. Wanting to preserve his work as safely as possible, he wrote in his book The DAM Book: Digital Asset Management For Photographers about the 3-2-1 backup rule.

Since then it’s become so popular that even the United States government recommends its use.

Following these points is simple too. Keep reading to find out how.

Have THREE Copies Of Your Data

It should be noted that three isn’t a hard and fast number, but rather a minimum. There’s certainly no harm in having four, five, or even twenty copies of your data out there.

The more redundancies you have, the safer you’ll be.

But let’s start with three.

The first copy is of course, your original data, and the other two are your backups.

Why two backups?

First off, people with only a single backup often store it in the same location as their original data. This will help protect you if your computer dies or you’re hit by ransomware, but a natural disaster, break-in, or some other sort of accident will claim both your original data and your backup.

But the reason for three backups is simply because three is a manageable number for most companies to deal with, while providing enough redundancies to protect you.

Keep Those Copies On At Least TWO Different Media

If your data is stored on the same medium – say, on three different SSDs, for example – you’re running a risk.

First off, a disk failure can sometimes be caused by an issue with your computer itself, not the disk. So swapping out one disk for another can sometimes cause the backup disk to crash as well.

Furthermore, if you have multiple copies of a certain type of data storage device, chances are you bought them around the same time from the same vendor. This means they likely came from the same factory in the same batch, so if there were any errors with that batch of drives they may affect both of your backups.

Use different types of storage – USB drives, internal or external SSDs or HDDs, CDs, cloud storage, or even tapes.

Store One Of These Copies Off-Site

The point of creating these backups is so we can eliminate a single point of failure, right?

So if that’s the case, why would you store all your data in the same facility?

If you happen to be in a geographic location that’s prone to a certain type of natural disaster, your data is at its mercy.

Whether it’s wildfires, earthquakes, tornadoes, hurricanes, volcanic eruptions, typhoons, or something equally destructive, you need to make sure you have redundancies in place to avoid losing your data to these natural monsters.

And if your facility is destroyed due to neglect or malice, you’re in the same situation.

Storing your data in more than one geographic location helps with this.

Is The 3-2-1 Backup Rule A Perfect Solution?

The truth is, your data is always at risk, no matter how many redundancies you have in place. But by taking the proper precautions, you can greatly reduce the risk of data loss and keep your company running as efficiently as possible despite hardware failures.

But the 3-2-1 backup rule is just the beginning. If your backups are going through insecure channels online, you could still be at risk for data loss.

To find out more about how you can implement a secure backup system, keep your data systems safe, and continue running your business efficiently and effectively, contact 1st Secure IT today.

 

Continue reading
445 Hits
0 Comments

5 Ways To Protect Yourself From Ransomware

DLA Piper is one of the world’s largest law firms, employing more than 4,000 attorneys in more than 40 countries. They have a wide range of branches, including, among others, intellectual property, real estate, finance, insurance, natural resources, and finally, IT security.

For a business to suffer a cyber attack is bad enough. For a business with an entire company branch specializing in IT security and data loss prevention to suffer a cyber attack... yikes.

And that’s what happened to DLA Piper earlier this year.

The company’s entire email and phone systems were wiped out for two days, meaning its thousands of lawyers and support staff were unable to communicate with their clients or each other. Nine days later, the company was still struggling to get its systems back up and running.

And while the company claimed not to have lost any client data, this was considered a significant blow to their business.

So what happened to DLA Piper? And are your systems vulnerable in the same manner? Keep reading on to find out.

What Happened To DLA Piper?

It appears as though DLA Piper was the victim of the ransomware security threat Petya we’ve written about before. Petya takes control of your systems and holds them hostage for a sum of money, generally paid out in Bitcoin. For more information on Petya, read the article linked above.

Unfortunately, this attack has hit a large number of companies, including FedEx, which we talked about in the last article. Each of these companies is headed by well-meaning people who believe they’re doing their best to keep their clients safe, but sadly they’re falling short.

As a result, these companies face a heavy burden. The ransom itself is secondary, however damaging it may be. The real fallout comes in the form of damage to the company’s brand itself. DLA Piper and FedEx will likely recover, but for a small or medium-sized business, the damage in lost clients and lost confidence can be difficult to recover from.

How Can You Protect Your Business?

It’s virtually impossible to run a business in the modern world that doesn’t make use of electronic data and record keeping in some fashion.

As a result, IT security risks are an unfortunate reality for just about every business in existence today.

Here are a few simple ways you can step up your own IT security to protect yourself against Petya and other forms of ransomware.

1. Back up your data

The number one largest, most important thing you can do to protect yourself from a ransomware attack is to perform regular backups of your data.

IT professionals have been saying this since people first began using the internet in a widespread fashion, but it bears repeating, again and again and again.

Ransomware attacks take control of your system and hold your data ransom. And if you have multiple copies of your data, the ransom threat loses its teeth. Sure, you might lose the document you were working on this morning, but that’s a small price to pay to avoid having to pay out a ransom.

Of course, many backup services work through the internet, so even these aren’t perfectly secure. Ransomware hackers who gain access to your system will sometimes explore it manually first to figure out which system you’re using to back up your data. They then know to compromise it as well so you lose access to both copies of your data. As a result, it helps to keep your data backed up offline as well, on machines where attackers can’t reach them.

2. Don’t click that link

If you receive an email with a link in it that seems unfamiliar, don’t click it.

You’ve probably received emails like this before – the famous Nigerian prince email is one of them – and disregarded them. Most people do.

Automated email systems are becoming more and more advanced every day, and an unscrupulous hacker can use them to scan the web for email addresses and send out thousands at a time to every single email address your company has. It only takes one person to click the wrong link, and hackers will have complete unfettered access to your systems.

Educating yourself and your staff on the risks of these spam emails can go a long way toward protecting you from these malicious ransomware attacks.

If you do feel the need to click on a link, try copying them and pasting them into your browser manually. HTML emails can sometimes hide the true destination of a URL. It’s simple enough to do. For example, try clicking on this link: <a href="http://www.bing.com" rel="nofollow">http://www.google.com</a>. While the link may look like it’s going to take you to Google, you’ll notice it takes you somewhere else. Now imagine that link took you to a malicious site designed to steal your information and drop ransomware on your machine. You might not notice the difference until it’s too late.

For this reason, we recommend disabling HTML emails. This will make malicious links appear much more obvious.

And while we’re on the subject of emails...

3. Block .EXE files in emails

A .EXE file is a file designed to execute a program of some type. Most of the programs you interact with on a daily basis, from your web browser to your word processor to your video games, launch using .EXE files.

While you can attach most file types to an email, there are very few legitimate reasons to send .EXE files via email. Configuring your gateway mail scanner to filter out .EXE files can help you avoid some of these malicious attacks.

If you actually do need to send a .EXE file via email, you can either do so via cloud storage, or by compressing it in a .ZIP or .RAR folder.

4. Change Your File Associations

.EXE files are not the only files that can put your computer at risk, though they’re some of the most common. But there is an entire collection of other risky file types as well.

Fortunately, many of these file types can be run using Notepad. And by setting your machine to run them in Notepad instead of executing their code, you can thwart any attack made using these file types. It will just open a .txt document with their code in it, rendering the attack completely harmless. It’s kind of like magically turning a bullet fired at you into a piece of paper once it reaches you.

To do this, open Control Panel, click on “Programs”, then click on “Set your default programs”. The window that appears will list all the file types your computer recognizes and the programs associated with them. Find the following list of file extensions, and set them to open with Notepad:

  • .JS
  • .JSE
  • .HTA
  • .WSC
  • .WS
  • .WSH
  • .WSF
  • .VBS

Doing this will foil 90% of the ways the bad guys can get into your systems.

5. Update your software

As we mentioned before, Petya gains access to systems via the EternalBlue exploit in Windows. That exploit has since been patched, but unless you apply that patch to your own system you’ll remain vulnerable to EternalBlue, and Petya by extension.

EternalBlue is, of course, only one of the many exploits and vulnerabilities found in computer systems. And while these new vulnerabilities are being discovered, software developers are releasing patches to safeguard against them.

This goes for your operating system as well as any software you use. Keeping your system updated might not protect you against brand new vulnerabilities discovered, but you’re certainly more secure implementing them than not.

5. Consult With An IT Security Company

While the above tips will help you keep your systems securer, they will only take you so far.

Once your company’s systems enter the scope of clever hackers and cyber criminals, you’ll need to call in someone who knows what they’re doing to protect you.

Contact 1st Secure IT today to speak with one of our experienced IT security consultants. We’ll take you by the hand and show you how to protect yourself against ransomware and other cyber security concerns. You’ll walk away with the peace of mind in knowing you’re receiving best-in-class security systems implementation, so you can focus on serving your clients and running your business.

Contact 1st Secure IT today.

 

Continue reading
373 Hits
0 Comments

Deloitte’s Security Breach And The Importance Of 2-Factor Authentication

Deloitte’s Security Breach And The Importance Of 2-Factor Authentication

Deloitte, one of the world’s largest accounting firms, was recently hit by a cyber security breach. As one of the “big four” accounting firms, a significant breach could affect businesses in sectors as diverse as energy, financial services, healthcare, government, and real estate, among others with names like Metlife, Boeing, General Motors, Berkshire Hathaway, and Microsoft. And with reported revenue of $37 billion last year, this could have a huge impact. So just how significant was this attack, and what sort of data was compromised? And what is Deloitte doing about it?

What Happened?

Surprisingly, the breach itself actually occurred at some point during the final quarter of 2016, but wasn’t discovered until March of this year. It turns out Deloitte was hosting their email on Microsoft’s Azure cloud service. Because this service wasn’t protected by 2-factor authentication, attackers were able to access an administrator account. This breach could have exposed a wide range of data, including IP addresses, usernames and passwords, confidential data, and a range of other private information from Deloitte’s clients, not to mention the emails themselves. Deloitte, for their part, has downplayed the attack, saying most of their clients were safe. The details of the attack, though, including whether the attacker was a lone wolf, a rival, or another party, are still being investigated. They did, however, mention the affected companies were all based in the United States.

How Deloitte Responded

First, they’ve implemented an extensive review of their own systems, to plug the gap mentioned above and mitigate any other issues. They’ve contracted external services to shore up their internal team as well. Next, they’ve contacted the relevant authorities within government to take care of things, and retained the services of the law firm Hogan Lovells to deal with any fallout. Finally, they’ve informed each of their affected clients of the breach, and, assumingly, contacted the unaffected clients as well.

1st Secure IT data loss prevention cyber and IT security services risk management protection firm

The Importance Of 2-Factor Authentication

The details behind this attack are still being investigated, so it’s hard to speculate on what Deloitte’s security team could have done differently to ensure this attack never took place. However, based on what we know right now, one of the big security gaps was the lack of 2-factor authentication. In a world of increasing digital crime and security risks, especially for an organization as large as Deloitte, security leaks often come in the form of something simple like a weak password or a lack of 2-factor authentication. The standard username and password system of authentication is no longer enough when dealing with sensitive documents and information. After all, these sensitive documents could create a trail of breadcrumbs which could lead an unscrupulous attacker down a path that leads to information like your mother’s maiden name, the name of your public school, your favourite book, or other tidbits commonly used as the answer for security questions. This is why many security experts suggest using fake answers to these questions, which is advice many people don’t take. All 2-factor authentication does is add an additional layer of security to access an account, using something only those who should have access should have. This can be in the form of a physical token (like a bank card or key fob), a text message or email, or a random number generated using a service like Google Authenticator. But this additional layer can help thwart a number of different security risks. 2-factor authentication has been shown to help reduce email-based phishing attacks as well, since criminals end up needing more than just a username and password. The downside is that it can slow things down and cause difficulty when new users need to have access to an account, but this is a small price to pay to ensure your security. Compare this with the inconvenience of locking the door of your home. It would be easier not to lock your door, and it would save you time when you’re trying to get inside with several bags of groceries in your hands. But that doesn’t stop you from locking your door anyway, and the same should be true with 2-factor authentication.

Contact 1st Secure IT

Implementing 2-factor authentication is, of course, just one of the many ways your company can protect itself from cyber security threats. For Deloitte, the name of the game from here will be disaster control. They will do what’s necessary to make things right with their clients, but the damage has already been done. Whatever the results of their investigation, someone will end up with egg on their face. Some people may lose their jobs over this, and Deloitte may end up losing the faith or the business of their clients. This is a harsh lesson for them to learn, but it doesn’t have to be that way for you. Contact 1st Secure IT to find out how you can mitigate any security holes in your own systems, protect your sensitive data, and give your clients the peace of mind in knowing they can rely on you to keep their sensitive information secure. Contact 1st Secure IT and take the first steps toward a safer, securer, more reliable digital presence today.

Continue reading
508 Hits
0 Comments

The Frightening Truth About Human Error In IT Security

The Frightening Truth About Human Error In IT Security


By: Orencio Cardenas The credit reporting agency Equifax, which serves millions of people around the world, was the victim of a severe security breach. Affecting more than 145 million American users, 8,000 Canadians, and likely many more European users, this security leak is one of the largest to ever affect Equifax, the world’s largest credit reporting agency. Richard Smith, Equifax’s former CEO, stepped down from his position after the breach. In a statement to the US House Committee on Energy and Commerce Subcommittee on Digital Commerce and Consumer Protection, Smith blamed “human error and technology failures” for the breach. What does “human error” mean? And what can you do to avoid human error and ensure your own cyber security? Keep reading to find out.

Human Error In IT

It’s an unfortunate reality that many of the world’s largest technological disasters have been a result of human error. The space shuttle Challenger in 1986 and Columbia in 2003, the Three Mile Island nuclear disaster in 1979, the collapse of an eight storey plaza in Bangladesh in 2013 and countless aeronautical, medical, and engineering disasters over the years have all been a result of someone who just wasn’t paying close enough attention. The world of IT security is no different. But what is human error? It refers to some sort of mistake made by a human in the equation. As opposed to technical failures, where the system is fundamentally flawed and needs to be repaired or rebuilt, human error is caused by a system that works the way it should if the person using it knows what they’re doing – but in this case, they don’t. Human errors in the IT world are all too common. While many of us have an image in our heads of hackers living in basements and poring through line after line of green code on a black screen to find a weakness, the truth is far less insidious but no less damaging. Some of the frequent examples of human error in IT include, but are not limited to:

  • Failure to implement new patches, or to take into consideration how new patches will affect connected systems
  • Poor system configuration
  • Weak usernames and passwords
  • Lost or stolen devices (often with weak or no passwords themselves)
  • Users with too many permissions than they need to do their jobs

Usernames And Passwords

One of the most obvious, and simplest to fix, is your usernames and passwords. Whichever system you may be using likely has a default username attached to it. For example, the default username for most routers is “admin”. If you leave that as the default, anyone who has ever done something as simple as configure a router already knows the username to access it. “But what about the password?” you may be thinking. “Surely, they can’t guess my password.” Maybe. But only if you have a highly secure password. And many people don’t. In fact, the password management app Keeper recently released their analysis of the most common passwords in 2016, and found that 50% of users used one of the 25 most common passwords. What were these passwords? Here are the top 10:

  • 123456
  • 123456789
  • Qwerty
  • 12345678
  • 111111
  • 1234567890
  • 1234567
  • Password
  • 123123
  • 987654321

The rest of the list has similarly simple passwords. What this means is that if someone wants to break into one of your accounts, and you’ve used the default username as well as one of these incredibly simple and common passwords, they’ll be able to get in within seconds. Because the Equifax investigation is still ongoing, it’s impossible to tell whether a weak password or username is the smoking gun. But by enforcing secure password systems, IT managers can go a long way toward plugging one of the most common holes in IT security.

Contact 1st Secure IT

Of course, this is just one of the many different possible issues that can arise as a result of human error. To find out more about how you can protect your company’s data from human error and other security risks, contact 1st Secure IT. The digital world can be dangerous. Contact 1st Secure IT to find out how you can shore up your own digital security, protect your sensitive data, and enjoy a safer, securer, more reliable digital presence.

Continue reading
559 Hits
0 Comments

If you need help getting started... Contact Us!