If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Webinar : Winning with real-world Digital Business Transformation
As a result of Covid-19, many organisations have become a lot leaner and the new normal means doing more with fewer resources. What if your organisation could quickly achieve the following: Save money on IT expenditure – while baking in a future proof IT strategy...
Researchers Find New Calendar-Based Phishing Campaign
The latest email scam looks like a calendar attachment. It’s a phishing attack intended to get you to click on something that isn’t what it seems to be – in this case an ICS calendar invitation. It is the same kind of thing as before, except rather than being a DOC...
Need to manage and minimise your Microsoft 365 costs?
In these uncertain times, everyone is reviewing their costs. Kinetics is very pleased to say that we are now able to help you quickly review your Microsoft 365 licensing. As Microsoft has improved the availability and quality of information Kinetics can access, we...
No one is completely immune!
Hackers can strike anyone. If well-resourced organisations like Honda, Lion NZ and Fisher & Paykel Appliances can fall victim to hackers, then anyone can. I don’t have specific knowledge of what happened at these organisations, but it’s a safe bet they are well...
Maximum Power in Windows (aka extending battery life)
Many of us now rely on laptops and we are used to finding the battery runs out of charge all to quickly. Windows pops up a warning saying the battery is running low, and the pressure goes on you to finish up your work before the battery expires. Inevitably when this...
Stay COVID safe (or what COVID taught us about IT security)
Coronavirus isn’t the only virus causing harm. Hackers have been busy trying to trick us into clicking on their fake websites and getting infected with Malware. They’ve had fake donation sites, particularly a fake World Health Organisation fund, fake COVID-19 maps...
New in Microsoft TEAMS
Imagine trying to survive lockdown without tools like Teams? Necessity has made us all experts in video-calling, and it’s left us wanting more! During lockdown, we got the ability to change the video call background so other participants couldn’t see where you were...
How does the post-COVID19 lockdown impact your IT planning?
Every business webinar is talking about the rush to get businesses back up to speed quickly, and test new business models to be more resilient over the coming weeks and months. In the same breath, they tell us things will never be the same again - whether its the risk...
What can you expect to see as Office 365 becomes Microsoft 365?
Whenever Microsoft say they are changing something to make it less confusing, most of us get a little cynical. The reality is that there are so many Microsoft tools we use every day, that it can be confusing, From Windows to Office to Teams to Dynamics and Azure,...
What’s in the latest version of Windows 10 – 2004 (aka 2020h1)
Coming – ready or not – while we cope with the challenges of the pandemic and changes to how we work, we also get changes to Windows. Is there anything to be excited about? Firstly, be aware this is effectively a new load of Windows – its much more than a service...