{"id":8000,"date":"2022-03-22T15:56:56","date_gmt":"2022-03-22T15:56:56","guid":{"rendered":"https:\/\/www.ecsoffice.com\/?p=8000"},"modified":"2022-03-31T16:15:57","modified_gmt":"2022-03-31T16:15:57","slug":"white-house-security-recommendations","status":"publish","type":"post","link":"https:\/\/www.ecsoffice.com\/white-house-security-recommendations\/","title":{"rendered":"Security Update \u2013 March 2022"},"content":{"rendered":"
On Monday, March 21, 2022, White House issued a warning of new potential cyber-attacks (https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2022\/03\/21\/fact-sheet-act-now-to-protect-against-potential-cyberattacks\/<\/a>). As part of the warning, the white house came up with a list of steps and recommendations for every company.<\/p>\n To help our clients understand the alert, we have summarized the recommendations on our site and added notes on everything ECS is doing for each request.<\/p>\n Here is the summary of the recommendations from the white house and what ECS is doing:<\/strong><\/span><\/p>\n WH:<\/span><\/b> Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;<\/span>\u00a0<\/span><\/p>\n ECS: <\/span><\/b>We highly recommend that all clients who use email systems have multi-factor authentication enabled for every employee.<\/p>\n WH:<\/span><\/b> Deploy modern security tools on your computers and devices to continuously look for and mitigate threats<\/span>\u00a0<\/span><\/p>\n ECS: <\/span><\/b>We uses modern security tools to protect, prevent, and mitigate security risks. Some of the tools we use are:<\/p>\n WH:<\/span><\/b> Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;<\/span>\u00a0<\/span><\/p>\n ECS: <\/span><\/b>Our standard policy is to update workstations every week. Servers are updated every month or on an emergency basis if a critical security patch is released. ECS Offers Dark Web Monitoring Service to monitor for any passwords that are compromised and immediately notify our clients.<\/p>\n WH:<\/span><\/b> Back up your data and ensure you have offline backups beyond the reach of malicious actors;<\/span>\u00a0<\/span><\/p>\n ECS: <\/span><\/b>We recommend Backup and Disaster Appliance Service. Client servers are backed up every hour to an on-site backup server. The backup server does not share any credentials with your servers to reduce the risk of a compromise. Once a day, the daily backups are combined, encrypted, and uploaded to the cloud. Client data is always stored in 3 separate locations (On the client server, on the backup server, in the cloud). In case of disaster, ECS can restore from the cloud or operate from the cloud to continue business operations.<\/p>\n\n