TTI | Network Security Insights

August 2017: Latest Trends in IT Solutions

Written by Craig Badrick | Aug 15, 2017 8:00:00 AM

IT solutions seem to evolve at an unprecedented rate. The top network and security trends this month aren’t what they were last month (let alone last year!). So, how are organizations and enterprises expected to keep up with the most current updates and emerging concepts? In today’s business climate, falling behind with your technology solutions simply isn’t an option. That’s why Turn-key Technologies is launching this new series on the latest trends in IT solutions.

As we move forward in the second half of 2017, there’s much to be thinking about this time of year. Whether your business has been experiencing peaks or dips in productivity through these summer months, it’s critical to keep IT at the forefront of your priorities. From new security breach alerts to the hottest solutions, here’s what you need to know this month.

Breach Report: Lessons Learned from U.S. Power Plant Attacks

Last month, the media reported on a streak of foreign cyber attacks affecting numerous U.S. power plants, including those that operate nuclear power stations. Though investigations are still underway, a report issued by the Department of Homeland Security and the Federal Bureau of Investigation carried an urgent amber warning, the second-highest rating for threat sensitivity.

According to a recent New York Times article:

“The two people familiar with the investigation say that, while it is still in its early stages, the hackers’ techniques mimicked those of the organization known to cybersecurity specialists as ‘Energetic Bear,’ the Russian hacking group that researchers have tied to attacks on the energy sector since at least 2012.

Hackers wrote highly targeted email messages containing fake résumés for control engineering jobs and sent them to the senior industrial control engineers who maintain broad access to critical industrial control systems, the government report said.

The fake résumés were Microsoft Word documents that were laced with malicious code. Once the recipients clicked on those documents, attackers could steal their credentials and proceed to other machines on a network.”

This tactic is not unlike many of the phishing scams that hackers continue to deploy against all types of businesses and organizations — which is why it’s essential to take all necessary measures to safeguard your company. Scams like these become more advanced by the day, as hackers devise more innovative ways to lure users into initiating a security breach. Therefore, your defense should comprise a two-pronged approach:

  1. Partner with an expert in network security solutions, one with the experience and skills to fortify your systems.
  2. Implement a dynamic training program that instills a strong sense of security awareness among your users.

All it takes is one mistake from a targeted employee to put the entire network at risk of a breach that leaves your operations open to all kinds of potentially devastating security risks. Learn from the recent attacks on U.S. power plants by taking these important steps to secure your own technology systems.

Crowdsourced Security Scene: Bug Bounty Programs on the Rise

The popularity of security crowdsourcing is increasing, according to Bugcrowd’s 2017 State of Bug Bounty Report. If you’re not familiar with this trend, it’s certainly something to consider, especially as the average cost of a security breach continues to escalate.

Organizations that implement a bug bounty program offer incentives for individuals to identify and report on security bugs before they become widespread issues. Major technology-driven companies like Google, Facebook and Microsoft have utilized this option to stay ahead of security concerns.

The State of Bug Bounty Report, which collects data from more than 600 managed programs, has provided some of the following key findings for 2017:

  • Program adoption by enterprises is up 300%.
  • The number of critical bugs found is up 25%, as is the overall average criticality across submissions.
  • The time to triage of submissions has gone down.

Perhaps the idea of inviting people to break into your systems and rewarding them to do so feels concerning. But think about the benefits gleaned from having those individuals find your vulnerabilities and alert you to them before a malicious intruder uses these security gaps against you.

A bug bounty program can be a worthwhile investment, especially when supported by a team of certified security professionals that counter cyber-security threats by inspecting all traffic, talking with and educating users, adding security layers and authorizing user access to only what’s needed on an individual basis.

Food for Thought: How Is the Cloud Affecting Networks?

The cloud is certainly not news. Its use for all types of services and applications has become commonplace in pretty much every industry. This is because the cloud features flexibility through anytime-anywhere access. The advantages that organizations reap from the cloud make it invaluable in many cases. But in order to garner true value from this solution, it’s important to understand the effects of cloud implementation on your network:

  • Due to the increasing popularity of cloud computing in the workplace, “shadow IT” (the use of IT systems without explicit organizational approval) is becoming more commonplace, which can cause huge information security risks. If you’re turning to cloud computing as a way to share files and store valuable documents, it is of the utmost importance to find a solution with strong security features, fortify your password policies and execute a dynamic security plan that mitigates the occurrence of shadow IT.
  • With the flexibility of the cloud, Internet connectivity must be constant and reliable. As the amount of devices connected to your network increases — all clamoring for connectivity — the demands on your network intensify. Without proper network design and support, you may end up dealing with issues like sluggish performance and user frustration. It’s important to work with a network expert to establish an infrastructure that delivers high availability and performance.
  • In many organizations, cloud computing allows for BYOD, which can save the company a lot of money. But it also opens the network up to significant threats. When personal devices are used to access sensitive files and information, there’s a real need to develop smart BYOD policies and enforce the rules rigorously. You must also be sure that your IT department has the technical capabilities to manage BYOD, like wiping a device that’s been lost or stolen, remotely monitoring user devices and tracking access across the network.

As more trends in IT solutions come to light, we’ll be here to keep you informed, so stay tuned for the next installment of our new series. And don’t forget the importance of partnering with an expert IT solutions provider. For information on how to select the ideal provider, download your free guide now.
View full post