If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Introducing the new Kinetics client portal
We’re very excited, and it’s a the result of a significant investment and a massive piece of work led by our CTO, Bill Lunam, over the last 4 months. Our new client portal has gone live. At this time, it is available for the main IT contact for our KARE clients. One...
Thank You
As we navigate through these troubling and challenging times, the team at Kinetics and I wanted to take a moment to express our heartfelt gratitude for your unwavering support and loyalty. Times are tough and many businesses are struggling. We've seen the...
Urgent Security Advisory (from Microsoft)
We have been alerted to an issue with some Microsoft Office products. The vulnerability is reported to be actively exploited and we expect Microsoft will expedite the release of fixes. Zero-day means that this is an immediate high risk and we are advised that it is...
FREE AI and Microsoft Copilot Workshop (Christchurch)
Why Attend? Exclusive Content: Gain access to insider knowledge and practical tips directly from our Copilot experts. Networking Opportunity: Connect with like-minded professionals. Please note this event is limited to only 3 client organisations. Strategic...
Microsoft Service Outage 1 August
The frustration of being unable to connect, login and work on our machines is a reminder of how reliant we are on IT. It has also become so infrequent that when major disruption does occur, it is more confronting than ever. While we’ve all found Microsoft 365 and...
Free resource: Business Cloud Security Checklist
Essential Business Cloud Security Checklist for 2024 In today’s digital age, securing your business’s cloud environment is more critical than ever. With cyber threats evolving rapidly, it’s essential to have a robust cloud security strategy. Here’s a checklist to help...
Cost Reduction?
We've been partnering with Vorco for telecommunications for some time. They reminded us that they are good at helping our clients save money on their calling and internet costs. Simply take a current telecommunication bill, and redact the costs. Redact your business...
Connecting NZ’s internet to the world
In the aftermath of the global Crowdstrike outage, one question got us thinking "What other supply chain risks could threaten our IT-dependent daily lives?" The answer may lie beneath the waves, in the form of the very cables that connect us to the digital world....
What does “The Largest IT Outage in History” mean for KARE subscribers?
You may be aware of the Global IT issues that started late on Friday 19th. It has been called the "largest global IT outage in history". We appreciate that many services were impacted, and this has caused disruption and stress to many in our communities. Issues being...
Webinar replay: Being Ready for Copilot in M365: Navigating the Data Landscape
Free Webinar Replay : Being Ready for Copilot in M365: Navigating the Data LandscapeAI has the power to transform our working day. Are you ready to leverage AI and Microsoft Copilot in your daily work? If so, you need to make sure your data is ready too.Data is the...