Whether it’s malware or hackers or viruses, they pose significant threats to businesses and companies around the world, and rightfully so. These continue to evolve – and get smarter – making risk management a consuming task for IT teams and MSPs. According to the AV Test Institute, there were over 700 million known malware instances in 2017 and that number continues to rise year over year. What’s even scarier is how commonplace breaches and attacks are – almost 60% of IT teams have experienced a breach or attack at some point.
But rather than becoming more skilled at handling these threats, IT teams are more challenged by them now than ever before. And there are plenty of reasons for that. With the proliferation of devices such as laptops, smartphones, tablets, and the rise of account-based information that lives in the cloud, employees and companies are more at risk than ever, and IT teams are scrambling to keep up with rapidly-changing tech behaviors.
In our research study, we heard from 500 IT professionals on everything related to anti-virus and security management – their current processes, challenges, and overall take on the overwhelming task of protecting their computers and customers from threats. Check out the infographic below to learn the 4 trends we uncovered in the current state of IT security.
Technology is a double-edged sword for IT. On one hand, it makes life easier with instant access to information, eliminates traditionally manual tasks, and allows us to better protect and manage the IT environment. On the other hand, it’s given a new life to rogue employees who can sign up for accounts and conduct business completely outside of IT’s line of sight and certainly out of their control.
You can’t protect what you can’t see. That is the elusive problem known as shadow IT. The challenge is gaining visibility into this hidden world, knowing the applications that are in use, and protecting company data without impacting the employee’s productivity.
This problem is largely based on the use of employee-introduced, non-sanctioned cloud apps. Last October, Ovum released research finding that 78% of IT executives say they do not control all the cloud apps their employees use for work, and a quarter say they only control half of the cloud apps being used through the organization.
With no oversight of these apps, there is little protection against the exposure of sensitive corporate data, with an unknown quantity of touch points and security behaviors outside the control of the IT team. Companies must put the right policies and technology in place to address password problems, without becoming the enemy of the employees.
Almost 68% of those surveyed by Ovum acknowledged that these open doors open the company to significant risk, whether that’s a phishing attack, ransomware, or social engineering attack. However, the challenge is how to address these risks without taking up even more time of the IT team’s already full plate.
How IT Can Take Back Control
While it can appear overwhelming to tackle the problem of shadow IT within your business, it doesn’t have to be. To help you approach this problem, we’ve provided three critical steps to get you started on taking back control of the apps and security of your organization:
Audit your employees’ cloud apps – As we said before, you can’t protect what you can’t see, and the first step to seeing all the apps in use is to ask. Do an audit of all the apps and tools that employees are using through a survey. Even if you don’t capture everything, you’ll learn about many of the tools in use and raise awareness with employees that IT needs to be in the loop as they bring in new apps. Once you have a clearer picture of your business’ app ecosystem, start to consider Single Sign-On and password management tools to give you management over those apps that give you visibility into usage and allow you to enforce policies that keep those accounts more secure.
Setup automated software updates – Don’t get caught with outdated software, which was the catalyst for the Equifax breach back in September 2017. This is an easy fix. Leverage endpoint management technology like LogMeIn Central, which enables you to pair the ability to push patch updates, with the ability to automate the process and setup alerts so a service is never outdated for long.
Require multi-factor authentication (MFA) – If you haven’t already, introduce your employees to multi-factor authentication. Start with your user directory, whether it’s Active Directory, Azure or G-Suite, and require employees to add this second layer of protection to the account. Once employees are comfortable with MFA on their email, they’ll be more comfortable adding it to other apps as well.
We at LogMeIn traveled to Chicago, Illinois to visit with Dan and co. at the Chicago Symphony Orchestra (CSO), where they’ve been using Central for nearly a decade.
What we love about Dan and the CSO (other than the fact that they’re long-time users of Central) is how they embody that behind every great company, organization, or even performance, is an IT team, working at all hours from wherever they might be to keep everything up and running. As outsiders, we usually don’t see all that goes on behind the scenes and the CSO is a great example of what goes into ensuring an entire orchestra is able to perform night after night.
Dan and his team use Central on a daily basis to ensure that all of their computers and servers around the orchestra are up and running. With Central, they’ve made impressive improvements to their IT processes, including cost savings on licensing and hardware, decreased IT time spent on support requests, and increased proactive identification of critical software updates and machine health.
News coverage of recent cybersecurity attacks shines a glaring spotlight on the vulnerability of our endpoint infrastructure in this increasingly technology-dependent world.
Exploits in the News
When the WannaCry ransomware infected more than 300,000 computers in over 74 countries in May 2017, it forced the UK National Health Service to turn patients away, resulted in a two-day shut down of LG self-service kiosks in South Korea, affected more than 40,000 businesses in China and threatened thousands of individual systems.
According to a New York Times article, the hackers behind the attack leveraged a hacking tool they stole from the National Security Association (N.S.A.) called “Eternal Blue.” Eternal Blue enabled the rapid spread of WannaCry by exploiting a vulnerability in Microsoft Windows servers. Even though Microsoft had addressed the vulnerability via a patch in a March software update, large volumes of computers weren’t up-to-date to defend against this attack.
The incident was quickly followed up by other global ransomware attacks including Petya ransomware initiated in June, and the series of Equifax data breaches which started in May and were discovered in July before being reported to the public 6 weeks later. The Equifax breaches, like the WannaCry attack, were enacted by exploiting a software vulnerability that the firm attempted to patch months prior to the attack.
Costs of Exploits
Incidents like these are more common than you might think. According to a study conducted by Ponemon Institute and sponsored by IBM security, the probability of experiencing a data breach is 1 in 4 and costs around $141 per record on average. If your company or the clients you serve have as few as 20k records, that’s equivalent to $2.8 million dollars at risk.
Protecting systems from costly exploits, like just the few we mentioned, falls on IT. It’s imperative to have a centralized approach to maintaining machines and keeping them up-to-date with the latest software patches that are vital to protecting your overall network. Automating updates and patch deployment will ensure that your systems aren’t left unprotected and can save hours of time over updating each endpoint manually.