If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
You probably have a cyber-insurance problem, but don’t know it
Good practice last year isn’t good enough anymore. Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims. With the number of claims skyrocketing insurers are increasingly asking, "What did you do to...
Are all (cheap) phone and laptop chargers safe?
Finding the best deal This news scared me! I'm always looking for slimmer, lighter and more powerful phone chargers. As someone who likes to travel light, but be ready for anything, I always have an eye out for small chargers that can power not just my phone, but...
Improved Dictation Tool in Word and Outlook
This whole article was written using the dictation tool! **** **** ********. We all know Microsoft are constantly updating and evolving their products. This includes the dictation tool in Word and Outlook. Recently there have been improvements including Auto...
Why you need to know all the cloud services that your organisation uses – part 2 – (US DoD Nuclear Secrets!)
People are the weakest link This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’ It is alleged...
Should it be illegal to pay ransomware in NZ?
The Trillion dollar industry At the time of writing, the Waikato DHB cyber-attack is ongoing. The government is refusing to pay the ransom as a point of principle, and it looks like every possible tool at their disposal is being used to try to recover the situation....
What’s a WiFi Booster and how else can I speed up my WiFi?
Ever seen an online ad for WiFi boosters? What are they and do they work? The first technique to improve WiFi performance is to consider the location of the wireless access points. They need to be in the middle of the group of people using them, not tucked in a...
Celebrating 25 years of Kinetics!
Back in 1996... Jim Bolger is Prime Minister, Les Mills is Mayor of Auckland. OMC's 'How Bizarre' is music single of the year. The All Blacks beat the British Lions 3-0, Danyon Loader wins two golds at the Olymics in Atlanta. There is no Google. But we do have "Ask...
Teams at Lightspeed
Learn why use of Teams is growing at lightspeed: In this webinar we will look at what new capabilities are driving increased usage We then discuss which are most applicable to kiwi businesses, to help you shortcut your learning on which you can apply in your...
Stepping up your cybersecurity in 2021 – Watch the recording of our Webinar
Do I really need more cyber-security protection? What’s new in 2021?We’ve been warning about cyber-security risks for years and telling everyone that it’s getting more and more adverse. The protections that seemed excessive a year ago are now inadequate! What’s the...
Where’s my new laptop?
While stocks last! What is happening to supplies right now? We're experiencing an unprecedented shortage in new IT equipment. At this rate, they seem a prime candidate for 2021's 'toilet paper.' Never has "while stocks last" been so apt! Global supply chains are...