If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
What’s coming to Windows next?
The Windows 11 changes keep coming. Some are big and some are small. Some need additional licenses (like Copilot) and others are there for everyone. These are 'rolling out' so we can't tell you exactly when you will see them on your screen.1. Start Talking to...
CHRISTCHURCH IN-PERSON Hands-on Copilot skills workshop
Join us for an interactive free session About the Workshop This workshop is designed to provide you with an in-depth understanding of Copilot and its myriad applications. Ben Fish, our in-house Copilot expert, will guide you through practical exercises and real-world...
AUCKLAND IN-PERSON Hands-on Copilot skills workshop
Join us for an interactive free session About the Workshop This workshop is designed to provide you with an in-depth understanding of Copilot and its myriad applications. Dinesh Raj, from our in-house Copilot team, will guide you through practical exercises and...
Webinar Replay – 5 mistakes people often make with passwords and how to overcome them
Passwords are the first line of defence against cyber threats. However, many people still make common mistakes that leave their accounts vulnerable. Watch this video for a 30-minute webinar where we will discuss the most frequent password pitfalls and how to avoid...
How can you use Microsoft Secure Score to protect your organisation?
Enhancing Your Security Posture with Microsoft Secure Score Microsoft Secure Score is a powerful tool designed to help businesses assess and improve their security across Microsoft 365 workloads. With over a million organisations worldwide using Microsoft software,...
Are (Software) Easter Eggs still used?
Reminder - What's an Easter Egg? The concept of Easter Eggs in software began with Warren Robinett, the developer of the Atari 2600 game "Adventure." Frustrated by the lack of recognition for game designers, Robinett secretly included a hidden room in the game that...
Welcome OutSource IT
Welcoming OutSource IT to the Kinetics GroupWe’re excited to share some great news - on April 1, OutSource IT officially joined the Kinetics Group of companies. This is a fantastic step forward, not just for Outsource IT and Kinetics, but most importantly for you -...
Introducing the Windows 11 Roadmap
Windows 11 keeps changing. Regular updates that roll out every 6 months result in different features. We frequently highlight the most obvious of those in this news platform, and we will continue to do so.But you don’t need to wait for us! A few days ago, Microsoft...
Who’s been paying attention?
We’re really proud of our clients! Last week, these little pieces of ill-intentioned mischief popped up for a couple of the businesses we look after.They were smart enough to evade anti-spam software but not the cyber-training. Although the emails look legitimate,...
March AI Digest
Here are a few of the headlines that caught our eye in the world of AI in March. Nvidia's share price fell after DeepSeek's rise but soon rebounded, backed by $39.33 billion in revenue, exceeding forecasts. Nevertheless, new chip tech from Meta, Google, and...