White House Security Recommendations
On Monday, March 21, 2022, White House issued a warning of new potential cyber-attacks (https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/fact-sheet-act-now-to-protect-against-potential-cyberattacks/). As part of the warning, the white house came up with a list of steps and recommendations for every company.
To help our clients understand the alert, we have summarized the recommendations on our site and added notes on everything ECS is doing for each request.
Here is the summary of the recommendations from the white house and what ECS is doing:
WH: Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
ECS: We highly recommend that all clients who use email systems have multi-factor authentication enabled for every employee.
WH: Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
ECS: We uses modern security tools to protect, prevent, and mitigate security risks. Some of the tools we use are:
- Centrally Managed Antivirus
- Centrally Managed Antivirus + EDR
- ThreatLocker – Zero Trush Platform.
- 24/7 Cyber Security Monitoring.
- Email Filtering, Sandboxing, and Isolation
WH: Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
ECS: Our standard policy is to update workstations every week. Servers are updated every month or on an emergency basis if a critical security patch is released. ECS Offers Dark Web Monitoring Service to monitor for any passwords that are compromised and immediately notify our clients.
WH: Back up your data and ensure you have offline backups beyond the reach of malicious actors;
ECS: We recommend Backup and Disaster Appliance Service. Client servers are backed up every hour to an on-site backup server. The backup server does not share any credentials with your servers to reduce the risk of a compromise. Once a day, the daily backups are combined, encrypted, and uploaded to the cloud. Client data is always stored in 3 separate locations (On the client server, on the backup server, in the cloud). In case of disaster, ECS can restore from the cloud or operate from the cloud to continue business operations.
WH: Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
ECS: We developed an incident response plan to prepare ourselves and our clients. An incident response plan is a procedure we follow should there ever be an incident. Click the link to read ECS Incident Response Plan.pdf
WH: Encrypt your data so it cannot be used if it is stolen;
ECS: We recommend encryption of any sensitive information. Sensitive data should be encrypted when sent via email, stored on the server, or in the cloud.
WH: Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly; and
ECS: We offer Employee Awareness Training. The service provides online interactive training to all employees on identifying phishing/scams. As part of the service, ECS conducts simulating phishing attacks. An employee who clicks on simulated phishing links is asked to attend additional training.
WH: Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents. Please encourage your IT and Security leadership to visit the websites of CISA and the FBI where they will find technical information and other useful resources.
ECS: has closely monitored CISA alerts and notifications and NIST best practices. ECS has also built relationships with FBI, Breach Council, Ransomware Negotiators, Cyber Security experts, and Cyber Security Insurance providers ro offer the best service we can to our clients.
ECS Security Recommendations
Here are the top security recommendations to our clients, friends, and prospects based on what we have seen in the last few months.
Additional Email Protection – With email being one of the primary entrée methods for a compromise, investment in additional email protection is highly recommended. This includes implementing Multi-Factor Authentication and using 3rd party tools to filter out a malicious email before it gets to your inbox.
Cyber Security Monitoring – ECS partners with RocketCyber to offer 24/7 cyber security monitoring. This means that a live person is constantly reviewing logs, connection attempts, and activity that may look suspicious on your email, servers, and network. We observed how this system had helped detect unauthorized activity and prevent a compromise before any damage was inflicted.
Zero-Trust Security Approach – Implementing Zero trust involves locking down your computers. Only approved software can be installed even if the installer has admin rights. While this approach may sound strict to some, we have seen this approach protect organizations when all other protection methods fail.
Employee Awareness Training – Educate your employees on phishing, vishing, and email compromise. If you currently have Employee Awareness Training consider sending out refresh training to all of your employees. If you do not have formal training, send out emails with examples of what phishing looks like and what employees need to watch out for. Make sure employees do not disclose their passwords unless they are 100% confident the website is legitimate. Compromised email is the number one method of how hackers get into your system.
Office 365 CyberSecurity Monitoring
To help lower the risk of security to our clients, ECS is offering 30 days free trial of our 24/7 Cyber Security Monitoring Service for your Office 365 system. The service monitors for any suspicious activity on office 365 and is designed to take proactive action should someone gain unauthorized access to any of your employee emails.
Do you have questions about the cyber security posture of your company?
Let’s talk! Click on this link to schedule a time convenient to you.