IT & SECURITY
With newsfeeds being filled with headlines about data breaches, hacked networks and encrypted data held at ransom, its little wonder businesses are seeking ways to better secure their networks — and rightly so.
Businesses large and small are actively seeking ways to be more secure.
The implementation of better password practices, document shredding policies, network user education, new back up and disaster recovery systems and multifactor authentication (or MFA), just to name a few. In this article, we are going to look at MFA.
Why multifactor authentication?
While passwords are great at limiting network access and providing some security, these days they are too easily thwarted. That’s why there is multifactor authentication — to make sure that though in the wrong hands, a password will not allow unauthorized network access.
What is multifactor authentication?
MFA works by requiring users logging into a network/application/system to not only provide a password, but to provide additional verification through another medium (text, phone call or a mobile app … etc.).
Let’s look at an example of MFA. In this example, we will be using a mobile device as the secondary level of user verification. After a user enters a valid password, they are prompted to enter a code from an application or text message delivered to the mobile device they set up when they initially created their account. Only after the valid code is entered will the user gain access to the system they are attempting to log into. Please note: There are other ways, a phone call for example, by which this secondary authentication can be accomplished. However, the most common seems to be through a mobile app/text.
The key to understanding MFA, as you can see from the above example, is in the M (multi) in MFA. By requiring multiple levels of authentication, we are creating a new level of complexity to keep out those bad actors/hackers and ensure the safety of our internal systems and data.
While the above example is a case of two-factor authentication, using a password and a mobile device as two separate factors, other factors can be added, such as PINs or personal facts only known to you, the presence of a key fob or an access card, or the use of your fingerprint, retinal pattern, voice and so on.
Conclusion
Any of these factors in conjunction with a password ensure far more network security than just a password. That’s why MFA is increasingly common as a cybersecurity measure.
Contact us! We’re here to help!
If you have any questions about MFA or any other network security measures or anything IT, give us a call! We provide office technology solutions to businesses of all sizes and we are here to help you.
If you would like any information on how to secure your network and data as described above, let us know. We’d be glad to help in any way we can.
About R.K. Black, Inc.
R.K. Black, Inc. is an Oklahoma City-based, family-owned leading provider of office technology solutions to businesses in Oklahoma and Kansas. We specialize in everything business technology from copier, fax, printer and scanner technology to document management, onsite paper shredding services, VoIP phone systems and managed IT support to video surveillance solutions.
If you want to learn more about us, feel free to explore the website, read our other blogs or click the button below to be contacted by one of our reps and tell you! Also, be sure to keep watching our social media channels on Facebook and Twitter for more business tips from our blog.
SHREDDING
Sometimes in the document shredding business, certain questions come up — good questions that need to be answered. One of those inquiries is about how small the documents should be shredded.
There is no standard
The answer is, other than those set forth for governmental classified documents, there is no real standard. Government-approved high-security shredders, created for destroying top secret and classified documents, render an 8.5” x 11” sheet to 15,000 particles.
While impressive, this kind of destruction is rarely needed for business use, especially in the case of mobile shredding. Why? Because not only is compliance with such standards expensive and unnecessary, there are some other reasons — unique to mobile shredding.
Other points to think of when considering mobile shredding
First, regulations for document security only require confidential information to be destroyed to make it reasonably inaccessible and not able to be reconstructed.
With mobile shredding units, while each page may not be transformed into 15,000 pieces of paper, whatever is shredded is mixed with shredded material from other clients, resulting in the documents being “reasonably inaccessible” and irretrievable.
Second, government regulations on shredding specifications assume the shredded materials are not protected or controlled after the documents are destroyed.
Mobile shredding units, however, maintain control of all shredded materials until they are brought to a facility where they are combined and mixed with even more destroyed papers from other sources, and then baled and recycled, rendered these documents utterly unusable for purposes of data collection.
Furthermore, if a mobile document destruction service provider is NAID AAA Certified, as part of that certification the service provider is required to exhibit secure handling and control of the material after it is destroyed.
Summing Up
Considering the points above, for most organizations, the government standard for particle size for shredded documents is unnecessary and irrelevant — and grossly expensive, potentially costing more as much as 10 times the cost of a standard mobile shredding service.
Additionally, as RK Black Shredding is NAID AAA Certified, you can be sure your shredded documents are safe once placed in our custody and shredded at your location as you witness. Plus, as your documents will eventually be recycled into other paper products, you can be confident your information will be destroyed to pulp and fiber. You can’t really get any smaller than that.
If you would like any information on document shredding or our mobile shredding services, let us know.
IT & SECURITY
May has seemingly stolen October’s designation as Cyber Security Awareness Month as two crippling cyberattacks have placed cybersecurity in the spotlight once again.
The first major attack happened on May 7, when a ransomware attack on Colonial Pipeline forced the company to shut down its operations and IT systems, creating a fuel shortage in the southeastern United States.
Only after reportedly paying nearly $5 million to the ransomware group responsible for the attack was Colonial Pipeline able to regain access to its files and systems again.
The second attack occurred a week later, on May 14, but this time on the other side of the Atlantic — the victim being Ireland’s health service operator. The reportedly “significant” ransomware attack forced the organization to shut down its IT systems, which in turn lead to disruptions in diagnostic services, COVID-19 testing and hospital systems. (https://www.reuters.com/technology/irish-health-service-hit-by-ransomware-attack-vaccine-rollout-unaffected-2021-05-14/)
According to the Reuters article, Irish officials reportedly said they will not pay any ransom and that it will likely take “some days” to gradually reopen the network and services.
Ransomware attacks: What are they?
Ransomware attacks typically occur when malicious software finds its way into an organization’s network. More often than not, a user clicking on a link or opening an attachment is the catalyst for an attack. Once on the network, the software encrypts and locks files forcing users or corporations to pay a “ransom” to unlock these files.
Not only are such attacks costly due to the ransoms, but they are exorbitant in the damage in downtime caused to affected organizations, to their clients and related systems but also in potential fines due to HIPAA regulation non-compliance — especially for organization handling medical information.
Increased cybersecurity risk in the wake of the pandemic
Sadly, these and other kinds of cyber-attacks are not only becoming more sophisticated and increasingly prevalent, thanks to COVID-19 and the rapid move by many organizations toward remote-working, cybersecurity risks have only but increased.
Why is remote working such a risk? Traditional networks typically set up their defense by limiting potential targets, typically requiring users to access work networks by either already being within the protective walls of a network or, if the worker is remote, by allowing the worker access through a VPN. Where this system fails though is it assumes the user is to be trusted where in fact, the user in many cases is the weakest link to the network security.
With this kind of traditional security, one click by a network user on a malicious link, whether from within the office or remotely, and the whole network system is compromised — especially as bad actors, once behind the defenses, will often be able to move laterally through many systems.
Further, according to one study in 2020, only 53 percent of workers reported using a VPN when accessing their employer’s systems from home, exposing these networks to even greater risk — not even mentioning the security of the remote internet access points they used or if they used ever-vulnerable personal devices for gaining network access.
What To Do: 4 Defensive solutions against cyber attacks
This is why organizations today must shift away from perimeter-based, traditional network security to employ user-specific, zero trust defense architectures coupled with a robust back-up and recovery system to ensure minimal vulnerabilities, even down to the user level — the goal being ultimately to minimize the chance for infection and to ensure minimal downtime and damage if a breach occurs.
How does one do this?
Available these days through many managed network services (MNS) providers is a suite of solutions that together provide the protection needed in the face of increasing today’s ever-increasing cyber-attacks and their sophistication.
Here are some of those solutions:
Software Defined Perimeter (SDP)
This new solution replaces VPNs to provide protected, user-specific and monitored access for network users to access cloud-based environments, applications and services, all in a way that is flexible and easily scalable.
End-point Detection Response Solutions (EDR)
EDR software replaces traditional anti-virus by monitoring and analyzing activity to assess whether it is malicious. If any activity appears suspicious and is deemed to be a threat, the EDR software identifies and removes the offending malware while notifying network administrators.
This allows network security teams to rapidly identify and respond to threats, limiting and resulting in damage and downtime.
Email Filtering
Cloud-based email systems offer filtering solutions that work off an organization’s active directory coupled with AI to monitor user’s behavior and activities to detect anomalies or anything indicative of malicious or unusual activities. — So for example, emails sent by associates at 3 a.m. requesting wire transfers would be flagged, , not sent out, quarantine and a notification sent to network administrators.
Backup and Disaster Recovery (BDR) System
The purpose of a BDR system is to automatically backup your data to an onsite appliance and to the cloud. With a properly configured BDR system in place, an organization hit by a ransomware attack is more likely to avoid downtime and costs because the BDR allows them to simply restore from a backup in a temporary virtual environment and then resume working there until the infected production environment can be scrubbed and restored. Also, some BDR systems feature a ransomware scanning option that once turned on looks suspicious activity indicating files being encrypted. This utility, once it detects such activity, alerts network administrators so they can stop the process before it gets too far. This is a handy ability as often organizations infected by ransomware don’t know until some days later.
Wrapping up
So, while cyber-attacks have become more sophisticated, so have the solutions developed to defend against them — so take heart.
For organizations seeking to avoid making the news for another cyber attack … or to simply protect themselves from costly ransom fees, fines and downtime, the solution is easy — contact a managed network services provider to see how they can help you.
Talk to us. We can help.
As an office technology provider, we are also managed network services provider able to help your organization implement the defensive measures listed above and more. Need help? Have questions? Let us know.
SHREDDING
Not all that has come out of the COVID pandemic has been bad. Businesses in the struggle to survive and adapt amid the challenges have been quite creative.
We’ve seen businesses implement new virtual conferencing technologies, new infrastructure supporting remote work, process automations and, of course, drive-thru and curb-side services.
As an office technology provider, during this time we’ve been busy helping businesses in making many of these business technology-related changes, setting up networks, adding VoIP services and so on.
But also in the interest of limiting physical contact, promoting social distancing and upping the client experience during this time, we’ve made some changes ourselves — changes we will stick with even post COVID — as they just seem to be better practices.
Here are two of those changes:
Curb-side toner pick-up
The convenience of Scooter’s Coffee, Chic-fil-a, Sonic and … well … any other drive-thru or curb-side fast food and drink is now available at RK Black. No, we aren’t serving coffee or chicken sandwiches, but as your local office technology provider, we are providing drive-up, curb-side toner delivery.
No longer do you have to park, get out of your car, come into our offices, talk to a person at a desk and wait for them to reach out to a person in the warehouse and wait some more for someone to come out from the back and hand you your toner.
If you are a client of RK Black, and are not on a managed print services contract and need toner, just call or email our dispatch team to arrange for your pickup! Upon your communication, we’ll create an order, and according to your preference, we will email you a location pin by which you can navigate to us via your smartphone’s GPS app.
Once you’re parked in the marked pick-up location, just call us letting us know you are here and “Viola!” you have your toner. That easy!
Curb-side shredding drop-off
Our mobile shred services sure are convenient as they can come to your offices or wherever you have shredding needs and can destroy your sensitive documents right before your eyes, either on a regularly scheduled or one-time basis.
But knowing some folks may only have a few boxes or bags of documents and only want to drop them off without having to go into an office, wait and such, we now have curbside shredding dropoff.
Just simply contact us, let us know you are coming, and once you are there, let us know. We’ll come out, collect your material and you can be on your way knowing you have yet another item on your to-do list checked off.
See? Not all that came out of COVID was bad. Better service and better client experience is always good in our book as that is what we are all about.
IT & SECURITY
Remote working, once thought mostly a nice idea, and perhaps largely only practiced in the tech sector, is now quite common thanks to Covid 19. In fact, according to one Forbes article, over the course of the pandemic, 45 percent of both large and small businesses in the U.S. moved part of their staff to work remotely.
While during COVID many remote workers plugged away from home, as businesses reopened, mandates eased and vaccines were administered, many workers have returned to the office while others to coffee shops, airport waiting areas, client locations and so on.
Sadly though, as worries of coronavirus infection gradually wane, the increased mobility of remote workforces has opened up many businesses for potential network intrusions and data breaches as many of these roving workers are using unsecured free Wi-Fi networks.
Remote work from unsecured, public Wi-Fi — a recipe for disaster
While convenient, these wireless “hot spots” offer little to no protection for individuals conducting confidential activity online, placing themselves, their workstations, their associates and the businesses they work for at risk.
With the right equipment, software and connections, any malicious user on the same network can capture information shared via the hotspot, much like how in legacy home phone systems, a person can simply lift a receiver to listen to another person on the same line. That means personal information, business and client data and more can easily be fair game.
The solution once was VPN, or virtual private network access, whereby users could connect to their work networks via an encrypted connection, not allowing others to use the same wireless access point to “snoop” on their activity. However, as bad actors have become more sophisticated in their schemes, technology has changed and services are increasingly cloud-based, VPN is no longer the best solution.
So what is?
Introducing SDP
The new solution is a network access that provides protected, user-specific and monitored access to cloud-based environments, applications and services called Software-Defined Perimeter (SDP).
Over the years, SDP has been replacing VPN-based access solutions as virtual private networks have been shown to be inadequate for today’s working environments.
Here are five reasons many businesses these days are replacing their VPNs with SDP.
VPNs are not tailorable to the user
Just like how your custodian may have keys to the cleaning supplies closet but not to the human resources file cabinets, your network users need access only to the aspects involved in their respective job roles. Legacy VPNs do not allow you to easily customize levels of access for different users. Essentially with VPNs, once in the network, a user has the keys to the closet, the cabinet and the company car.
SDPs, on the other hand, allow you to tailor access to the user, only handing the user the keys to the closets, cabinets or whatever they need to do their job. Not only can you configure access based the on user, but on device or service as well.
VPN traffic is not monitorable or identifiable
If a network is like a country, a VPN is like an unmonitored bridge or tunnel through your border into your homeland. You may have a border, a fence, security and all sorts of defense measures in place, but if someone finds your bridge or tunnel and gains access, none of your security measures will matter. Likewise, while VPNs do allow for access and traffic between your remote users and your network, they do not regulate the kind of traffic or the user in how that connection can be used.
Using the same analogy, SDPs are like a border crossing with border control. Yes, while access is allowed to your country, parameters you put in place regulate who goes in and out, what they transport, how much and how often. Plus, just like how there are cameras at such crossings, with SDPs, you can not only regulate traffic flowing through the access point, but you can also monitor it too.
VPNs lack onsite user security
Using the example above, with legacy VPN systems, bad actors gaining access to your network can wreak havoc on your onsite users, their systems and your data as once in, they can move about freely on your network. They are essentially like a spy or saboteur that used the unmonitored, uncontrolled bridge to come into your country and foul utility systems to cause brown and blackouts.
SDPs stop such threats at the border, if you will, never allowing them to get anywhere near your network, its users or your data, keeping you secure.SDPs stop such threats at the border — and with VPNs, the border is not around the network perimeter, it’s placed around the device and its user. While VPNs focus more on securing the network perimeter, an SDP agent essentially secures each device, user and application on your network individually, no matter the location of the user or device — whether remote or in-office — prohibiting any unauthorized agent or activity from moving laterally within the network access its users or your data.
VPNs lack Wi-Fi security
While traditional VPNs can provide a measure of protection for remote workers accessing your network through public Wi-Fi, the weakness is both in the user and in their devices. Often, users for one reason or another may fail to use a VPN, opening up your network to be compromised, or the device itself may automatically connect to an unsecured network, without a VPN, or may automatically disconnect from the VPN, putting your network at risk. While VPNs though some effort may be configured to some degree to minimize these vulnerabilities, the result will still lack traffic visibility as discussed above, or the flexibility to work with cloud-based services.
Whereas users and devices can pose risks with legacy VPN systems, SDPs are zero trust platforms. This means they don’t assume users, devices or services accessing or operating the network are to be automatically trusted and as such, analyze everything and anything requesting network access before allowing that connection.
Not only does SDP take security down to the device level, not allowing any device to connect to your network unless approved by the SDP, but this system can also be configured to automatically connect your mobile workforce devices to the SDP, regardless of location or Internet access or user intentions — eliminating the risk posed by devices or users.
VPNs are not flexible
Unless you’re talking about vending machines, but especially in business, change is inevitable, As businesses grow, new locations open, equipment burns out, workforces increase, users go mobile and so on. Traditional VPNs, being perimeter-centric, do not adjust to such changes easily and require constant resources in time, maintenance and hardware to keep up.
Again, as SDPs are user-oriented, they are flexible and easily adapt and grow to meet the needs of today’s network environments, even integrating with the ever-proliferating cloud-based applications.
Summary
To sum it up, SDPs not only better protect your network users, business assets and data, but coupled with remote desktop server technology, can give your remote force better access to business applications with faster functionality.
If you would like more information about these solutions, contact us. We’ll be happy to help.
COPIERS & PRINTERS
In today’s world of multifunction printers, the words “copier” and “printer” are often used interchangeably, but they are not necessarily the same thing — though admittedly there’s a lot of crossover.
The difference.
So what’s the difference between a copier and a printer? Here’s a quick explanation.
Simply put, a printer takes an electronic text file or picture file from a device such as a computer, smartphone or tablet and sets that information on paper.
These days, you may see printers, with no other functionality besides printing, in home settings, school computer labs, classrooms, libraries and business offices. These may be inkjets or they may be laser — toner-based— printers, but all they do is print.
A copier, on the other hand, literally copies information from original documents, pictures, graphics and so on and produces exact duplicates. Copiers, though, as single-function devices, once commonly seen are becoming rarer creatures, largely being replaced by multifunction machines.
Copiers and printers: Loose terminology
Nowadays, seen often in the business office, computer labs and homes are (multi-function printers) MFPs — often loosely called “copiers” or “printers” because they copy and print, as well as scan, fax and make coffee … well, not yet on the last one, but one can always hope, right?
The reason MFPs are so popular is obviously because they consolidate what used to be four different devices — copiers, printers, fax machines and scanners — into one neat package that can do everything. This meant less space, less maintenance and fewer consumables to keep track of and to stock. This is why copiers and printers, to a lesser extent, as standalone devices are gradually going the way of the dinosaur.
Summary
While true copiers (devices that only copy) and printers (devices that only print) are becoming fewer and fewer, generally, if someone says “copier” or “printer,” we recommend considering the context. It’s likely they are referring to whatever device completes that function, whether that be copying or printing.
Hopefully, this answered your question. Thank you for reading. If you have any more questions about copiers or printers or any other office technology, send it to us!
