If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Kinetics KARE clients – we’ve just added a layer of security
With the latest news of yet another local New Zealand high-profile cyber attack, it must be obvious that cyber-threats are real. EVERYONE is at risk of cyber attack! This latest incident is particularly close to home for me, because I chair the board of one of the...
Christmas Hours 2022 (and a timely warning)
Thank you! Thanks to our wonderful clients, staff and partners for your support through 2022 It has been another challenging 12 months as we emerge from the pandemic and find a new normal. We know many of our clients, partners, suppliers, friends and family have had...
Multifactor Authentication (MFA) gets even more secure!
Microsoft are making their authenticator even safer! Most of us will have experienced random pop-ups on authenticator asking us to approve access to our systems. We will have wondered what triggered it. Is it a hacker? Now we'll be able to get more information. Your...
IT Industry Trends
Conferences are back. Learning is back in-person! We’re taking the opportunity to reconnect with the thought leaders in our industry, with key partners, and with peers. Last week a couple of us attended “IT Nation Connect” in Florida, and this week we also have...
In case you missed it.. 5 new features in Office / Microsoft 365 to look forward to :
1. Cloud Signatures Coming Soon to Outlook for Windows Launching soon: Your email signature will now be shared across all the Windows (Microsoft 365) or Web Outlook screens that you use. You will no longer need to reconfigure your signatures when getting a new...
Will your email etc. still work when you travel?
There's nothing worse than having to muck around with your 365 access, especially when different time zones are involved. Currently, the majority of companies have their Microsoft 365 login restricted to NZ and Australian IP addresses. That's working well to...
Digital Transformation – asking the right questions….
Cloud applications and services have proved invaluable over the last few years. They've enabled us to operate our businesses and look after our clients during various states of lockdown and social distancing restrictions. For example, nearly every legal firm we...
Is your cyber-insurer testing your business?
Over the last month, we’d heard about this happening in the US and now it seems to be happening in NZ as well. Cyber insurers are working hard to mitigate their risk and that includes stepping up their testing of their clients. Right now, that appears to be more...
We’re moving in Christchurch
We’ve moved! Our shiny new offices are only about 150m from the old ones and move us from Tower Junction to be a little closer to Riccarton. As of the start of October, we're now at 11 Leslie Hills Drive. Come and visit and check out the new space!The...
We love Law!
While Kinetics works across several industries, from retail to manufacturing, distribution to design, and many amazing not-for-profit organisations, it is professional services and especially legal that are our largest sector. We really understand IT for mid-size law...