If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
New cool stuff in your Office 365
[header2 text="New stuff, all the time" align="left" color="#336A40" margintop=""] Microsoft are continually updating Office 365 with awesome new tools and more efficient ways of working. Keeping up with these and learning how to use them is a big challenge, which is...
Macs are the latest victims of ransomware
According to Veeam the number of ransomware attacks has jumped 6000% since 2015-16. There is an interesting correlation between the increase in ransom attacks and the increase in value of bitcoins! Bitcoin value in NZ dollars. Source Google Finance Now we...
Seamless migration to cloud file storage
"We've been very fortunate to have them on board. Our transition went very smoothly. There was a great sense of comfort about them and they are very professional in what they do." - Jeremy Sole, CEO SharePoint migration Making the change from local file storage to...
Member training for the EMA
"For anyone thinking of using Kinetics for training : you're going to get value for money, on topic training. Definitely thumbs up." - David Foley, EMA Learning Manager Member IT training The EMA turned to Kinetics when they wanted to provide members...
No excuses for ugly PowerPoint slides
Add a design eye to give some pizzazz to your PowerPoint Not everyone has an eye for design – particularly when it comes to PowerPoint. Now you can get PowerPoint to design your slides for you. 1. Add the text and content you wish to display on your slide. The...
Sensing your office Vibe
As Kinetics had grown, our ability to understand what everyone in the team is feeling or thinking has diminished. The distance that growth brings between staff and managers creates doubts and misunderstandings that can be hard to see. More and more we have...
BEWARE THE FAKE LOGIN
Most people will be familiar with the concept of linking something to your Facebook login. Many sites offer you the opportunity to login using your Facebook account. Scammers use this concept to farm credentials for other sites. One we have started seeing more...
Microsoft 2017 Country Partner of the year!
[header2 text="THE SECRET TO OUR SUCCESS... IS OUR CLIENTS" align="left" color="#336A40" margintop=""] On top of our recent Cloud Productivity award, Microsoft have just announced Kinetics as their overall New Zealand 2017 Partner of the Year. We love doing what we...
A simple but effective hack is back
[header2 text="We've seen this several times in the last few weeks" align="left" color="#336A40" margintop=""] A classic phishing technique has been updated and is reaping rewards for hackers. Delivery is by email or web popup. You are asked to take a survey (often...
Security Alert – WannaCry
There is currently a worldwide security alert associated with the latest ransomware attack - 'WannaCry'. Media coverage has been heightened as the exploit itself was originally discovered by the NSA in the US. Further newsworthiness was added when the first notified...