5. Blindsided by the COVID
In a mad dash to work from home, security was largely overlooked. It's understandable when the world is falling apart, but it's time to step back and take a closer look at how you have exposed your organization to data breaches, hacking, and ransomware. Some have already learned the hard way. Don't let it happen to you!
Subscribe to Stupid or Irresponsible Podcast
Spotify | Apple Podcasts | Google Podcasts
Please to take a second and go to: www.master-computing.com/discovery and book a 10-Minute Call with me, Justin Shelley, and we will make sure that you guys are properly protected. We’ll make sure you have a plan in place. And that you will be able to sleep at night knowing that your company is safe, your data is safe, and your people are safe.
Here we are. Today as we record this it is June 30th, 2020 and it has been a hell of a year, am I wrong?
- "Initially when the COVID lock down hit everybody just did this mad dash to work from home… Our clients all wanted to work from home immediately, and many of them are still doing it." (1:40)
- "Nobody saw this coming – so it’s not that we couldn’t have done a better job at pushing people into the home, working environment. It’s that there wasn’t TIME. And a lot of time there wasn’t resources – cameras for example you still can’t buy a webcam – not a good one." (2:33)
- " We’re going to break down the ramifications of this massive migration to a work from home environment" (3:10)
- We are a security company! It’s we eat, breath, and sleep this stuff. We’re always talking about it. We record podcasts on it, and listen… When we do this, we’re taking our own notes, improving our own security every day. At least every week we’re meeting about it, talking about it.
[6:35] - Step 1: What are the events that led up to this thing, what happened when it did Blue Screen, and is that something that we need to patch fix, repair?
- Port Scanning – looking for holes and exploit vulnerabilities.
- Geo-blocking: We generally Geo-block meaning we can block separate countries with our firewall, we have an enterprise grade firewall that can block stuff from Russia, block stuff from the known perpetrators. [9:02]
- So, I just wanted to point that out. And I wanted to publicly thank you, for taking this seriously and digging in and protecting, not only our network and our business but the work you do behind the scenes for our clients. So that, people can rest at night knowing that this has been taken care of" (11:00)
[12:04] - DDoS: Stands for Distributed Denial-of-Services
- DDoS: When you have a large collection of computers (very large – that’s what makes it a DDoS vs just a DoS) a large number of computers that just try to ask your server or network questions – they just ask billion and billions of questions until your computer can not handle any more. There are vulnerabilities when something is at MAX capacities.
- Botnet Attack: a large collection of computers that are trying to just, you know, bug us. And trying to slam our systems.
[14:30] – Vulnerabilities in your networks:
- Turns out there WAS a vulnerability – call a “zero-day patch” – meaning it’s exploitable today, it’s known, and it’s out in the wild in production. This very well could be going on with Office 365. Any of your normal day-to-day applications.
- "Any of your normal day-to-day applications. They could just throw a new update out on the web, expecting you to look at it. But, if you don’t and have no idea about it then you now become the most vulnerable target in the world just because of that. " (16:30)
- You can definitely imagine that a freeware version – maybe Google Chrome, Firefox, any of those kinds of things. Keep your eyes open!
Justin: I’m just going to make this point really quick. I know technology to some extent, I own the company, I started off as a technician, I’ve got the background. I still don’t do my own IT work because I don’t have time.
- I cannot put the time, energy and focus into doing what you do Joe, because of all the distractions I have.
- When I’m out talking to business owners who tell me they do their own IT… Guys THAT is stupid.
- (17:50) - "You do not have the time, the ability, the experience, the day-to-day, in the trenches, knowledge. To be able to do this on your own. You just don’t!
[18:05] – Example of an Attorney and why you CAN'T mess around when it comes to Security. The guy is $400/hr is his billing rate and he does his own IT work. That’s stupid. I’m sorry, that’s just flat stupid.
- (18:05) "What’s smart: hire us, hire somebody (like Joe!) who is always in the trenches, sleeves rolled up, preventing this kind of attack.
- This could’ve been bad had it gotten through. It could’ve been life ending for the business if it weren't for Joe.
When you’re invested in good IT security, you shouldn’t even know it’s there. It runs in the background like a quiet but powerful electric motor. It’s there when you need it, and it’s there when you’re not even thinking about it.
[19:30] –Today we’re leaning on an article that we read that supports this theory that is was not really the best move to push everybody to the work from home environment so quickly even though there wasn’t much of an option. But there was a company that did this and they were hit.. Financial management company
(21:05) – What happened to this company?
- They got ransomwared.
- Employee working from home clicked a link...
(22:08) - A big thing about Breaches is being transparent about it
- Companies don't want to let people know about the fact that it happened to they. They don’t want to be caught with their pants down and show the world that they did it.
- Unfortunately, just letting everybody know that, increases everybody’s security all together.
- If you know, you can have a guard up.
- As opposed to somebody gets breached then the next person over is now breached also because of you, but it’s only because they didn’t have their guard up.
[23:00] - Why working from home with a VPN is NOT safe and secure:
A VPN tunnel right into that corporate network. Everybody thinks now you’ve got VPN, now you’re safe and secured. Wrong!
- You’re definitely a lot more vulnerable on your corporate network than you ever were now.
- Because now you’ve got home computers, that don’t have the same security installed and continually watched by your IT Provider or your Managed Service Provider.
- Somebody had a VPN connection directly to internal servers (which is exactly what happened to this company)
- The employee working from home clicked a link or did whatever they did (the part they aren't telling us)
we build this secure fortress around data - a VPN pokes a whole
When you are home, working from home, and you have a VPN back to the network you just poked a great big hole into the fortress wall. When you have 1 employee doing it, it’s bad. When you have hundreds of employees doing it, you’ve effectively whipped out the entire security of your network.
[25:45] – The solution to this Fortess Wall - build a fortess in everyone's home too!
(25:45) Working from home is now becoming a permanent option for a lot of companies - here are some tips:
Tips for working from home: (26:00)
- The biggest thing Joe has seen lately - again, with the VPN - get those computers that are work from home computers and make sure it is a corporate device.
- Have your company’s security sweet on their work from home computer
- Bandwidth - We’ve noticed a lot of these people working from home they just don’t have the bandwidth to deal with their day to day operations.
- If you are looking to upgrade bandwidth it is at least 30 days so tip there will be a delay
- Hosting your data in the cloud: Anything you can do to prevent having a home user connect directly into your most vulnerable servers is a BIG asset. Cloud hosted servers maintain security on that side. But you still have your company's security sweet on remote computers.
- Long term – considering getting everybody on laptops, so if you do want to take it home when you leave the office it has the security suite on it, already have VPN tunnel in there for increased security, you know it's domain login, you know the admin are keeping an eye on it, if your nephew tries to download some videos or play video games - it is going to block them. This blocks and prevents any kind of malicious payloads from reaching not only your computer you take from home but your corporate network!
[29:23] – Main Points:
- Point #1: No matter who you are, no matter how good you are (and Master Computing is good guys!) we’re all still targets. And this illustrates the point that we CAN’T take this lightly. We cannot have the head-in-the-sand approach to security that I see countless times as I’m out talking to people.
- (9:45) Point #2: Many of us are working from home these days - Do the following:
Slow down, take a breath and make sure your strategy is the RIGHT strategy. That not only is it productive for your people but that it’s still protecting the entire corporate network.
[30:15] – Joe’s Key Takeaway:
Stupid today: not taking a breath, slowing down, and making sure you’ve done the right things and of course correcting where you haven’t.
[30:40] - Please take a second and go to: www.master-computing.com/discovery and Book a 10-Minute call with me, Justin Shelley, and we will make sure that you guys are properly protected. We’ll make sure you have a plan in place. And that you will be able to sleep at night knowing that your company is safe, your data is safe, and your people are safe.