A recent Data Breach Investigation Report (DBIR) from Verizon notes that 98% of data breaches stemmed from external sources using hacking techniques (81%) and malware (69%). About 79% of the data breaches were directed at “targets of opportunity”, typically smaller organizations that are vulnerable through an “exploitable weakness”; most attacks were performed using relatively unsophisticated methods.
Of the breaches investigated, 94% involved computer-network servers; 85% took weeks or longer to discover. Of those discovered, “97% were avoidable through simple or intermediate controls”.
Wade Baker, Verizon’s security research director, told London’s The Inquirer that cyber-criminals target small and mid-sized organizations since larger enterprises are well defended.
- Scan emails for malware and threats
- Require complex passwords that change frequently
- Restrict access-control and review event logs periodically
- Deploy a physical firewall and maintain/update it periodically
- Restrict web-surfing, especially on computers with access to sensitive data
- Install malware-prevention software, update it continuously, and scan often
- Train employees on proper security policies and common threats
(Note: These are areas where Bryley Systems can help; please call us at 978.562.6077 or email Info@Bryley.com.)
See CSO’s Thwarted by Security at enterprises, cyber criminals target SMBs for comments and suggestions.
As mentioned in our August 2012 Bryley Tips and Information, Google has moved Google Message Security (GMS)/Postini into Google Apps for Business and will migrate all GMS/Postini customers to Google Apps for Business by the end of 2013.
Google will migrate GMS/Postini users gradually, focusing initially on its large, direct-billed customers and eventually tackling those customers purchasing through GMS/Postini resellers (Bryley Systems is a GMS/Postini reseller.). By December 31, 2013, all former GMS/Postini customers should be migrated.
Google has not yet disclosed significant details about this migration process, but we believe that it will require, at a minimum, these steps for each customer:
- Setup a Google Apps for Business account
- Export GMS/Postini rules and import them into Google Apps for Business
- Migrate user accounts from GMS/Postini to Google Apps for Business
- Change the MX Record for the email-server address
If you use Microsoft Exchange or Lotus Notes for your email, the email-protection-and-filtering component of Google Apps for Business will be available at the same price through your agreement term. However, your price could increase if you add any other Google Apps for Business features to your account.
McAfee, a security company owned by Intel Corporation, offers an alternative to those that do not wish to migrate to Google Apps for Business. Their service is McAfee® SaaS Email Protection and Continuity(MEPC). (Bryley Systems is a long-term reseller of MEPC and other McAfee security products.)
MEPC features include:
- Spam filtering,
- Protection against malware and SMTP-based attacks, and
- Continuity. (Continuity provides web-based access to email, both receiving as well as sending, when your email server is down. Also, once your email server is running, your web-based emails automatically resynchronize with your email server.)
McAfee also offers:
- McAfee® SaaS Web Protection – Web-content filtering
- McAfee® SaaS Email Archiving – Stand-along email archiving
- McAfee® SaaS Email Encryption Service – Email encryption add-on to MEPC
For details, please call us at 978.562.6077. Or, email Sales@Bryley.com.