16 Jan 2018

New ransomware attack on cloud data

A new ransomware attack has appeared to start the new year.  This new attack specifically targets cloud email and cloud data.  Once the attack has gained access it will encrypt all data in the account. At present there is no way to decrypt data except to pay the ransom.  We are advising our clients to alert their users to be more vigilant for these attacks.  BANG has several solutions to help protect your users, please see the details at the bottom of the message.

Users are tricked into providing credentials with a social engineering attacks, or phishing attacks, that may appear like the ones below. These simple emails try to fool users into providing access to their accounts.
Email Attack

If a user is fooled into clicking on the link in the message, they will be redirected to a site. Once there, they will be prompted to enter the credentials, thus granting the attacker full access to their cloud data.  Once the attacker has access to the cloud data they are able to encrypt the data and lock the user out.

BANG recommends that you do not pay the ransom. You should restore from backup or other sources, after removing access for the attacker. User education is the first line of defense, so make sure to advise your users of this new threat.

What can you do?

BANG offers the following solutions to our clients to mitigate this and other threats.

    • CONTINUIT® O365 backs up users mailboxes, OneDrive and SharePoint data
      Sign up for a free trial on our site at bang.ca/continuit
    • PRODUCTIVITTM Training teaches users to recognize phishing attacks, SPAM, and other malware attacks through a simulated attacks and gives administrators information on how they react. Contact our sales group for more details sales@bang.ca
    • For our SIMPLICIT® clients we can add tags to emails received from external sources to aid users in identifying emails that have more likely hood of being threats. Contact your account manager to submit this request
    • Lastly if you just aren’t sure forward the email to our support group at support@bang.ca and our technicians will validate if it is safe or not.
Share this
04 Aug 2016

When is it right to move to cloud services?

The other day I was out, after watching a game with a few friends, having a cool beverage. As it inevitably does, the conversation turned to business. Since most of us around the table are business owners, the big question came up “When should I start to use cloud services?”

I can’t count how many times clients ask me this, but when this group of guys asked, me I was a little shocked. All of these guys are running successful businesses, and in my opinion are pretty smart, and forward thinking.  So I couldn’t believe that none of them were using the cloud, or at least didn’t realize it.

After talking some more, I finally pulled out, that all of them had some sort of cloud service running today.  All of them without realizing, already had some aspect of their business in the cloud, the integration was seamless or didn’t impact daily operations, so they hadn’t even realized.  After I left my friends I thought about this more.  Why are my clients, and my friends, not ready to move ahead with cloud services?

Microsoft bets big on cloud services

Canadian Cloud ServicesMicrosoft says that 87% of Canadian SMBs have yet to move to the cloud.  Now this statistic reflects usage of Microsoft’s Office 365 and Azure, but still is a staggering number.  They expect 25-30% growth in cloud usage this year in Canada, which is why Microsoft is betting big on Canada.  In May Microsoft announced the opening of two new Canadian datacenters for Azure and Office 365 in Toronto and Quebec City.

SMBs need to be agile and flexible.  The ability to adapt and change quickly in a market makes SMBs great partners to work with.  Cloud services allow this and provide an excellent service value.  Most SMBs without realizing are already moving to adopt cloud services; backups, accounting, payroll, and sales tools are just a few areas where cloud services are already pervasive.  When I grilled my friends most of them already had some system running in the cloud and just didn’t think of it like that.

Why are SMBs wary about adopting cloud services?

When asked, most business owners are thinking about their primary systems, email, ERP and other systems as the workloads they would move.  Many view moving these primary systems, that touch every aspect of their businesses, as risky.  The old adage “If it ain’t broke don’t fix it” always comes to mind.

The reality is that it already is broken and they just haven’t realized.  Many SMBs run their business on systems that are outdated, running on platforms that need updates, have security vulnerabilities, or are just plan not functional for today’s business.  Consequently their systems are already broken or in need of updates that are will require significant investments.  Critical systems, like email or ERP, need to be up and running 24/7, yet the average downtime for an on premise exchange server is 40 hours per year.  That is in the enterprise space, at the SMB level this number is even higher.  Do you really want to have over a week of downtime per year for your email?imgs2

Recently I did an analysis of the costs of buying on premise exchange versus Office 365.  I knew going in that the advantage was going to be with Office 365.  However when it revealed the cost of hosting exchange on premise, over a 5 year period, is almost 3x the cost of Office 365, I was surprised.  This is especially true when we consider the management and support costs as well.  Email is probably the easiest system to move too, yet many SMBs are spending more for on-premise systems.

What is an SMB to do?

So again why are SMBs not ready to move to cloud services when we have tried and tested options available.  The biggest arguments I hear

“I don’t want to lose control of my data.”
“The cloud is not as secure.”

Both of these are really common misconceptions.  The reality is that your data always remains your data, it’s in the contract.  Security is better and more controlled in the cloud then in your network.  So take a day and educate yourself on the cloud and cloud services.  BANG is a Microsoft 1-Tier Cloud Provider and Gold Cloud Partner so I would be happy to help anyone understand why the cloud is great.  Finally, I posted a few links to articles and on Office 365 and Azure.  Read them – and if you have question reach out I will be glad to answer them.  You can also attend one of our upcoming lunch and learns and find out why NOW is the time to move to the cloud.

  1. Top 10 Cloud security questions
  2. Cloud security controls
  3. Top Privacy questions to ask your cloud provider
  4. What are the benefits of Microsoft Canadian Datacenters
Share this
25 Jul 2016

Going for Microsoft Cloud Gold

Canada Rio OlympicsWith the Olympics in Rio on the horizon, Canadian athletes will be on the hunt for Gold.  Athletes have spent months, and even years training for this moment.  Winning a gold medal at the Olympics is the pinnacle of an athletes career.  It demonstrates their level of commitment and excellence to a sport.

BANG has been on the hunt for gold too.  Over the past several months the team at BANG have been working to achieve our gold certification from Microsoft.  Finally, at the start of July we reached that goal.  BANG has obtained Gold Small and Midmarket Cloud Solutions Competency, putting BANG at the forefront of cloud providers in Canada.Microsoft Gold Partner Logo

This new attainment makes BANG an “elite” Gold Cloud Partner

BANG is now one of 30 resellers, out of 3400 in Canada, to reach this level of certification. This clearly shows our expertise on Office 365 and its supporting technologies.  Over the past several months our techs have been studying hard.  Many techs have earned their certifications in Office 365 in order to achieve this competency.  With this hard earned knowledge, we have completed many successful migrations to Office 365 for our clients.

Microsoft competencies require 3 things: demonstration of knowledge, deployment of the technologies, and recognition from clients.  Our team certified on Office 365, we had to sell and deploy Office 365, and we had to do it so well, that our clients would be willing to tell Microsoft that we are the greatest.

This particular competency shows our commitment to the SMB market, and demonstrates our level of expertise and experience within this market.  BANG specializes in offering services to SMBs, and now we have even better tools and resources.

With the cloud becoming so important to businesses this certification couldn’t be more timely, and it just further shows the level of commitment BANG has to new technologies.

I am proud that our team achieved all this, it’s a great accomplishment for the company.  Working together,  our sales, project and support teams delivered the results to bring this home, I congratulate them all for their hard work and dedication.

Share this
06 May 2016

Enabling Productivity with O365 and the Cloud

JS Assurance

Since 1896, Montreal-based Jolicoeur Savard Assurance Inc. (JSA) has been helping individuals and businesses secure outstanding insurance coverage. As one of Canada’s oldest insurance brokerages, JSA leverages its knowledge and contacts to negotiate commercial and consumer policies with all of the major insurance companies on behalf of its 3,000 commercial and 8,000 consumer clients. While the company works across many industry verticals, its team of 50 employees has earned an exceptionally strong reputation for great customer service and its deep expertise in commercial auto insurance and tourism, leisure and sports.

THE CHALLENGE

JSA’s IT had fallen behind the times. The company’s aging fleet of computers, on-premises servers, outdated software systems, lack of mobility device management and even its Internet accessibility were seriously hampering its productivity and had become costly and frustrating. In short, almost everything IT had to go—the company needed a new, end-to-end, modern technology solution to stay competitive.

THE SOLUTION

A change in ownership ushered in new management at JSA and, with it, a new philosophy about the role of technology at the company. Instead of trying to do everything itself internally, JSA Vice President and General Manager Daniel Forget called on Microsoft Certified Partner and cloud services provider BANG Industries (www.bang.ca) to reboot the company’s IT mix with productivity, reliability, security and mobility top-of-mind.
“The challenge was do a 180 shift. As an insurance broker JSA did not want to manage IT any longer. They also realized that looking at IT as a cost centre instead of an investment was hurting them. The key was to make their transition to the cloud as smooth as possible and to help JSA’s employees embrace this transition through training and support.”

Robert Helie, BANG Industries President

Through an intense six-month collaborative engagement, BANG leveraged its expertise, infrastructure and partnerships to provide JSA with a complete solution, from initial planning and deployment, to employee training and on/offsite support. This solution involved:

* Moving from a fleet of old PCs running Windows XP to modern dual monitor workstations running state-of-the-art broker management software: sigXP® by Keal (www.keal.com)

* From having extremely limited Internet access to being connected anywhere, at any time, complete with a redundant access solution in place to guarantee reliability.

* From maintaining an aging fleet of servers on premises to a private IaaS cloud solution using virtual machines to host all of JSA’s business-critical applications and data securely.

*Migrating to Office 365, including OneDrive for file sharing and storage, to provide employees with the latest productivity apps and easy email and file access across devices.

*End-user training and support on the new platforms by BANG and through online training programs provided by Microsoft and Keal.

“The adoption of a modern technology solution in the cloud has changed our business for the better in almost every way imaginable. We’re a hugely more efficient and productive team. We’ve empowered our staff to collaborate and work remotely, on any device. Our security is top class. We have predictable IT costs and no maintenance headaches. Our employees are happier and have modernized their skills, as well. And as a result all of these things, we’ve vastly improved our competitiveness, profitability and best of all, customer experience.”
Daniel Forget, JSA Vice President and General Manager

THE BENEFITS

Productivity – introducing new PCs, best-in-class broker management software as well as modern productivity apps, email, calendar and file sharing through Office 365 has dramatically accelerated workflows, empowering employees to get a lot more done with better results.
Cost Management – JSA no longer invests in maintaining outdated server hardware and software and instead benefits from fixed and predictable operational IT expenses.
Reliability – Frustrating issues with Internet access, file sharing, scheduling meetings and accessing email on mobility devices have disappeared. The company now enjoys 99.9% uptime.
Better Security – With a private IaaS solution in place, JSA benefits from state-of-the-art security measures to protect data, applications and customer privacy—a must for its line of business.
Mobility – JSA’s cloud solution enables employees to work from home and its salesforce to work on the go, at any time, on virtually any device—easily, securely and seamlessly.

THE LEARNING

The JSA story offers us some great insights for small and medium-sized businesses concerned about the perceived costs of upgrading their technology:

* Rethink IT. By changing the way they thought about IT (from a cost-centre to an investment), JSA unlocked its potential and empowered its team to compete at an unprecedented level.
* Partner up! By partnering with BANG, an expert Microsoft Certified Partner, JSA was able to modernize its entire IT system with a minimum of disruption, in just six months.
* Embrace the cloud. With a modern cloud solution, JSA now benefits from powerful productivity tools, advanced security, 99.9% uptime and much more—all cost-effectively.

LINKS
Jolicoeur Savard Assurance: http://www.jsassurance.ca/
BANG Industries: http://www.bang.ca/
Office 365 for Business: https://products.office.com/en-ca/business/office

Share this
04 May 2015

7 Security Risks from Consumer-Grade File Sync Services

Consumer-grade file sync solutions (referred to as CGFS solutions) pose many challenges to businesses that care about control and visibility over company data. Below are seven of the biggest risks that these solutions pose in a business environment.*

 

  1. Data theft

Most of the problems with CGFS solutions emanate from a lack of oversight. Business owners are not privy to when an instance is installed and are unable to control which employee devices can or cannot sync with a corporate PC. Use of CFGS solutions can open the door to company data being synced (without approval) across personal devices. These personal devices, which accompany employees on public transit, at coffee shops, and with friends, exponentially increase the chance of data being stolen or shared with the wrong parties.

  1. Data loss

Lacking visibility over the movement of files or file versions across endpoints, CFGS solutions improperly backup (or do not backup at all) files that were modified on an employee device. If an endpoint is compromised or lost, this lack of visibility can result in the inability to restore the most current version of a file or any version for that matter.

  1. Corrupted data

In a study by CERN, silent data corruption was observed in 1 out of every 1500 files. While many businesses trust their cloud solution providers to make sure that stored data maintains its integrity year after year, most CGFS solutions don’t implement data integrity assurance systems to ensure that any bit-rot or corrupted data is replaced with a redundant copy of the original.

  1. Lawsuits

CGFS solutions give carte blanche power to end-users over the ability to permanently delete and share files. This can result in the permanent loss of critical business documents as well as the sharing of confidential information that can break privacy agreements in place with clients and third-parties.

  1. Compliance violations

Since CGFS solutions have loose (or non-existent) file retention and file access controls, you could be setting yourself up for a compliance violation. Many compliance policies require that files be held for a specific duration and only be accessed by certain people; in these cases, it is imperative to employ strict controls over how long files are kept and who can access them.

  1. Loss of accountability

Without detailed reports and alerts over system-level activity, CGFS solutions can result in loss of accountability over changes to user accounts, organizations, passwords, and other entities. If a malicious admin gains access to the system, hundreds of hours of configuration time can be undone if no alerting system is in place to notify other admins of these changes.

  1. Loss of file access

Consumer-grade solutions don’t track which users and machines touched a file and at which times. This can be a big problem if you’re trying to determine the events leading up to a file’s creation, modification, or deletion. Additionally, many solutions track and associate a small set of file events which can result in a broken access trail if a file is renamed, for example.

 

Consumer-grade file sync solutions pose many challenges to businesses that care about control and visibility over company data. Allowing employees to utilize CFGS solutions can lead to massive data leaks and security breaches.

Many companies have formal policies or discourage employees from using their own accounts. But while blacklisting common CFGS solutions may curtail the security risks in the short term, employees will ultimately find ways to get around company firewalls.

The best way for businesses to handle this is to deploy a company-approved application that will allow IT to control the data, yet grants employees the access and functionality they feel they need to be productive.

Share this
24 Apr 2014

How many licks does it take to get to your data

Is your network protected?

When I talk to many of our prospects, and even some of our existing clients about security, most of them think they have protected their networks completely.

They have installed and even updated their desktop AV, they have a firewall at the network perimeter, and even do their windows updates. They feel safe because they are being ‘pro-active’ with patching and endpoint security and their firewall is keeping all the bad things on the internet out. The truth is they are
not safe. Basic patching and endpoint protection with a standard perimeter firewall no longer offers the protection required. Security holes exist in every software application, some of the latest threats to emerge exploit Adobe Flash and Java, software that exists on every corporate network and in many cases is required to do business. Not only is the focus of attacks moving away from the OS but the number of zero-day attacks is increasing and spreading even faster through the internet.

Most of these attacks and exploits are used as footholds to injects other malicious software into the machine and in most cases the goal is to extract information. At the end of 2013 a slew of Crypto locker attacks generated an estimated 27M$ for the attackers. The attackers made millions of dollars by holding personal and corporate data hostage, forcing people to pay to get their data back. A single unpatched or infected machine on your network could turn all your corporate data to useless ones and zeroes, hopelessly encrypted and inaccessible unless you paid the ransom, which many people did. The success of these attackers has only emboldened others to come up with new ways to infect and disrupt corporate and personal machines.

How many licks does it take to get to the center?

tootsie_pop_layers_of_securityUsing a layered security model is a best practice, I like to use the Tootsie Pop as an analogy for this security model because it immediately makes me think of the commercial “how many licks does it take to get to the center of a Tootsie Pop”. This is how businesses have to think about security too. Create multiple layers of security to protect corporate data and make it difficult for attackers. Layers of security can be added at the corporate firewall, endpoints (mobile and workstations), servers, and even the physical network. The corporate firewall is one of the easiest and best places to add security layers, as this is the chokepoint for traffic entering and leaving the corporate network, so it becomes a great spot to filter and block traffic. Most firewalls today support the addition of services that will scan traffic for viruses, malware, spyware and known attacks. SonicWALL appliances call these types of services UTM or Unified Threat Management, which uses packet scanning technology to identify threats at the gateway as they pass through the firewall. SonicWALL bundles these services into their Comprehensive Gateway Security Suite or CGSS as a yearly subscription.

How does an extra service like CGSS create a new protective layer?

With recent threats like the Heartbleed flaw, SonicWALL released a new signature they day it was announced that picked up and blocked the activity generated by an attacker exploiting the flaw. This means that even if your server or application was vulnerable, the SonicWALL Intrusion Prevention Services were able to block the traffic and prevent the attack. Another example is the Crypto viruses and their variants, they require access to a certificate server where they can download a certificate to use in encrypting data. Even though the virus might bypass the desktop anti-virus and infect the system, a packet scanning service like SonicWALL IPS can prevent the virus from completing the process and essentially neutralize it. Utilizing the chokepoint of the network to scan for and block attacks, as they enter and leave the company creates a new checkpoint in the network that will augment the basic protection that is offered by a desktop anti-virus. These services are automatically updated and maintained by the manufacturer so the intervention required is minimal.

Adding this service layer at the firewall is by no means the only spot where additional protective layers can be added but it is probably the easiest and most cost effective. I always recommend to our clients that they add these services, some agree and others don’t, but clients that do have the services active have seen the benefits.

So I ask you this question. How many licks does it take?

Share this

© 2016 Industries Bang Inc. All rights reserved.

Click Me