,

Aggressive Patching is the New Normal

I recall a time when IT professionals adopted the “if it’s not broken, don’t fix it” approach to patching. To be sure, there was a time when patching firmware and software might have introduced more problems. That time is long gone. Aggressive patching is the new normal. Gone too are the days when a diligent IT person might go around to all the computers, servers, firewalls, switches, and other network attached devices and get them patched. That manual approach is no longer feasible and adhering to a manual patching plan is foolish. The nature of the modern cybersecurity landscape requires a platform which identifies patches that are needed, facilitates automated patching, and provides reporting & alerting to uncover anomalies.

Look no further than the Intel chip security vulnerabilities (Meltdown & Spectre) publicized this first week of 2018 for evidence of this new norm. When Operating System patches are released to mitigate this newly divulged flaw it will be critical that the patches are applied as quickly as possible.

Go West IT offers managed service plans that utilize state of the art remote monitoring and management platforms designed to keep systems updated and rapidly apply patches when new vulnerabilities are divulged. Stand on our shoulders and use the systems we have already built to keep your business ahead of the curve. Please contact us today at 303.795.2200 or info@gowestit.com.

David Lewien – President

Office 365 Multi-Factor Authentication

Something You Know + Something You Have

One of the easiest ways to increase your security profile is to utilize multi-factor authentication (MFA).  MFA is just like it sounds, more than one form of authentication is required to access a system.  In most cases this is your normal login credentials (username & password), as well as an additional form of authentication such as the use of a randomly generated passcode or hardware token.

This is a vital form of additional security for Office 365 users, as access to your O365 login credentials opens the door for someone to not only gain access to your email but also potentially your documents (OneDrive), file sharing (SharePoint) and perhaps your entire VOIP phone system (Skype for Business).  If MFA is enabled, despite the criminal having your login credentials, they would most likely not have access to the additional device containing the MFA passcode.

The best part?  It’s free!  Basic MFA is included with your Office 365 licensing at no extra charge but must be enabled.

Please watch the following presentation by David Lewien, President of Go West IT, to learn more about Office 365 MFA, view examples of how it works and additional considerations to keep in mind.  If you are interested in enabling MFA please contact us today at 303.795.2200 or info@gowestit.com.

Need to get onboard this train

Leveraging the Cloud – 

Many businesses today use cloud services of some kind, but not every business has committed to moving to the cloud or is leveraging cloud services to their advantage.  Cloud services aren’t right for every situation but it is important for businesses to consider cloud options whenever IT changes are at hand.  Go West IT can help cut through the buzzwords and show you when and how to leverage the cloud to benefit your business. This includes everything from SaaS solutions, such as hosted Exchange with Microsoft Office 365, to comprehensive IaaS (Infrastructure as a Service) solutions in the Microsoft Azure, private white-label or Go West IT cloud environments.

Leveraging our extensive experience and strong vendor relationships, Go West IT was uniquely positioned to be on the forefront of the cloud services movement.  As a Gold Microsoft Cloud Solution Provider, Go West IT provides end to end management of your Microsoft cloud services.  Go West IT was recognized as the 2017 US SMB Azure West Region Partner of the year at this year’s Microsoft Inspire event.  Click here to watch the video to hear more about Go West’s cloud adoption story.

Contact us today to begin charting a course to meet your cloud services objectives.  303.795.2200 or info@gowestit.com

Go West IT named 2017 US SMB Azure West Region Partner of the Year by Microsoft

Go West IT today announced it has been named 2017 US SMB Azure West Region Partner of the Year by Microsoft’s US Small and Mid-sized Business (SMB) Group. The award recognizes the US SMB partner that has demonstrated key competitive Azure wins achieved in the West Region. Members of the US SMB Partner Program have shown dedication to arming the small business community with the right technology and services they need to be successful.

Go West IT, founded in 2010, is a managed service provider and information technology leader servicing small and medium sized businesses that use technology to deliver products and services to their customers.  The majority of customers have 10-200 employees with information technology infrastructure housed on-premise, in the cloud, or both.  Offerings include managed service plans, cloud infrastructure, network administration and cybersecurity.  Go West IT has quickly grown to be one of the premier IT service firms in Colorado, supporting over 150 businesses and thousands of users on a daily basis.  The company adheres to a set of strong values and believes in the opportunity to facilitate excellence every day for both customers and team members.

“This award provides recognition of the hard work of our dedicated and talented team here at Go West.” – David Lewien, President

Go West IT along with winners in six other categories were recognized during the Microsoft US SMB Partner Award Reception in Washington, D.C. on July 10, 2017.

,

Petya Ransomware Threat is Very Serious

A new and aggressive ransomware using a variant malicious code known as “Petya” is spreading at an alarming rate.

Petya comes on the heals of WannaCry just a few weeks ago and is getting a great deal of publicity because of the rate of infections and the well known victims. Petya is a very serious threat.  The frequency and velocity of these types of attacks will continue to increase.

Risk mitigation actions include the following:

1.  Patch, patch, patch… Patch all applications (OS, Adobe, Java, Flash, Mac), not just Windows Operating Systems.
2. Implement a solid backup solution (including offsite backups) for critical data so you can recover quickly from ransomware without paying a ransom.
3. Use a good business class firewall that scans for viruses and intrusion attempts.  Go West uses and recommends FortiGate firewalls.  FortiGate firewalls with UTM features enabled are helping to mitigate this particular threat.
4. Use good business class antivirus software on all of your devices.
5. Train yourselves and your people how to identify phishing emails.  Go West recommends and resells KnowBe4 phishing testing and security training for this purpose.
6. Employ a third-party email filter to scan inbound and outbound email.

Open RDP (Terminal Server) access is particularly vulnerable to this threat.  RDP access should be restricted to VPN and/or SSL gateway connections only.

Go West IT customers using our Go Proactive and Go Comprehensive managed services benefit from routine Microsoft and third party application (e.g., Adobe, Java, Flash) patching, managed antivirus, and managed backups to mitigate the current Petya threat and those that will follow.

If you are a Go West IT customer and are not yet using our Go Proactive or Go Comprehensive managed services we strongly recommend engaging Go West in this regard to help protect from this particular threat and those that will follow.

Please visit our website and click on Solutions, the Cybersecurity to watch a short video for more information on how tot protect you and your business from cyber threats.

“To photograph is to frame, and to frame is to exclude” Susan Sontag – What are you excluding from your cyber risk mitigation?

Andrew Lanning, Co-Founder of Integrated Security Technologies and chair of the PSA Security Cybersecurity Committee, forwarded me a great article in the Harvard Business Review regarding the behavioral economics of why executives underinvest in cybersecurity.  This is a must read for executives who have ultimate responsibility for protecting shareholders, employees, customers, and data.  This is also a great read for anyone to whom an executive has delegated the tasks of protecting shareholders, employees, customers, and data.

https://hbr.org/2017/06/the-behavioral-economics-of-why-executives-underinvest-in-cybersecurity

 

 

Cyber criminals are targeting small businesses. Watch this short video to prioritize your cyber risk mitigation tasks!

Cyber criminals are targeting small and medium sized businesses for one reason, it produces results for the criminals.  I know that cybersecurity is a big topic and small businesses can become quickly overwhelmed by the scope of the issue but doing nothing is not an option.  Please take seven minutes to watch this important video from Go West IT to help you cut through the clutter and prioritize your cyber risk mitigation task list.

Go West IT Cyber Risk Mitigation Tasks

Cybersecurity briefing from the FBI and Secret Service reveals no new information!

I was recently invited by a customer to attend a cybersecurity briefing at the Federal Reserve Bank where agents from the FBI and Secret Service discussed the current cybersecurity landscape. The information provided was alarming and valuable and as I reviewed my notes and prepared a summary for our customer I felt compelled to share the information with the balance of our customers and the business community at large.  However, while not a classified briefing, the FBI and Secret Service agents were very clear that they did not want the information from the briefing shared with the public at large.

Then I realized, NOTHING HAS CHANGED.  Sure, the details they discussed were new but as I considered how small businesses might use the information and what we can do to help our customers, I realized that nothing had changed.  In fact, the Cybersecurity section on the recently updated Go West IT website is a perfect blueprint for what steps businesses should take to avoid falling victim to a cybersecurity attack.

All you need to know is that that small businesses are the best targets for cyber criminals because they are an easy target, the most likely to pay a ransom, they hold a treasure of valuable data, and they are the most likely to fall victim to a social engineering attack.  Take steps now to make sure your business isn’t an easy target.

Last but not least, if your business does not have a regulatory burden to develop comprehensive policies to cover cybersecurity, disaster recovery, and business continuity, I encourage you to shore up your systems and controls before you spend a lot of money on policies.  I have seen a number of businesses that have hired cybersecurity “experts” who do little more than produce volumes of policies with which the business can’t or doesn’t comply.  Policies are great, plans are important, but only if you can live up to them.

I am re-posting the pertinent content of the Cybersecurity section of our website here.  Take this information, take action, and don’t be a victim.

Cybersecurity

Go West IT specializes in delivering cybersecurity solutions and consulting services to small and medium sized businesses.

Cybersecurity is important to every business.  Gone are the days when you can bury your head and hope that your business, your customers, your employees, your data, and your contractors will not be the target of an attack.  In fact, there is ample evidence to suggest bottom feeder cybercriminals are shifting their focus from banks, retailers, and big business to small businesses that are easy targets.

Go West can help you protect your business by leveraging our extensive experience protecting highly regulated businesses.  The first step is to make a committment to constantly improving your cypersecurity posture.  Go West will work with you to identify solutions that will deliver the best value for your business and then work with you to develop a roadmap so you know what will be the next step when you’re ready to do more.

A well configured Unified Threat Management (UTM) appliance, good antivirus, and tight access/user controls is the first step.  Next consider multifactor authentication for all critical systems, routine vulnerability scanning and vulnerability remediation, IDS/IPS systems, and always have rock solid backup solutions to mitigate the risk of ransomware attacks.

Businesses should not overlook the tremendous value of low cost user awareness training.  Up to 90% of successful cyberattacks used social engineering (people) as a vector for an attack.  Go West will be happy to conduct a training meeting at your office to help your employees understand their role in cybersecurity.

You can always do more.  You better do something.  Start today by calling Go West.  We will be happy to visit with you about your current posture and how you can improve.

 

Microsoft Office 365 distribution model change outpaces customer data privacy concerns.

UPDATE – In early October, 2016, Go West IT was approved by Microsoft as a Tier One Microsoft Cloud Solution Provider (CSP) and we are actively moving Microsoft cloud customers to this new CSP model to mitigate data privacy concerns associated with 3rd party distributors being granted access to customer data.  Now customers can enjoy the benefits of Microsoft cloud services without granting data access to an undisclosed 3rd party distributor.

 

Microsoft Office 365 is a solid business platform but Microsoft’s new Cloud Solution Partner (CSP) model has a HUGE security control gap that is bad for Microsoft, bad for Microsoft Partners, and worst of all is bad for business customers.

Microsoft’s initial Office 365 (“O365”) business model was widely perceived as a threat to the Microsoft Partner community.  The traditional reseller model was scrapped.  Partners were asked to promote a relationship whereby customers contract directly with Microsoft and Partners are paid small recurring advisory fee for promoting, implementing, and supporting O365.  Partners got on board, adjusted their business models, and made it work. 

Now Microsoft is eliminating the advisory fee and forcing partners to purchase Office 365 services via a select group of distributors for resale to customers.   That’s good, right?  WRONG!  There are huge security control gaps with CSP.

Microsoft has relinquished Global Admin control of O365 tenants (customers) to their CSP distributors.  The distributors developed software that interacts directly with O365 via APIs to manage license provisioning and end user support.  This gives their front-line help desk personnel full administrative privileges to each O365 tenant they manage.  Neither Microsoft nor the distributors have been able or willing to share any information regarding security controls to mitigate this substantial risk. 

There is a simple resolution to this problem:  Microsoft, as part of a routine vendor management process, should obtain an SSAE 16 SOC II audit from the distributors that describes adequate controls and adherence to the policies and procedures that govern those controls.  The distributors should be willing to provide their SSAE 16 SOC II audit report to Partners at a minimum.  Partners should be demanding this evidence, and should retain copies of the same as evidence of their due diligence. 

Customers are largely unaware of the delegation of rights to their O365 tenant.  Without an SSAE 16 SOC II audit report, customers have no way of providing regulatory agencies, auditors, or insurance carriers evidence of controls to protect their hosted data. This renders the Microsoft CSP model infeasible for any customer organization with a regulatory burden.

Go West IT has firsthand knowledge of a CSP distributor changing a Global Admin credential for an O365 tenant without verifying the identity of the individual making the request.  Go West IT is not aware of any wrongdoing or any breaches of any kind by the CSP distributors.  We do not want that to happen.

Go West IT has proactively discussed this issue with representatives at Microsoft and two of the CSP distributors.  Microsoft, in an effort to make CSP HIPAA compliant, has published directions for how to remove the distributor as a Global Admin.  Unfortunately, doing so also removes the ability to add, change, or remove any licensing via the distributor platforms and thereby makes this “remedy” impractical at best. To date, neither Microsoft nor the distributors have provided any visibility or assurance that adequate controls are in place as Microsoft presses forward with promotion of CSP.