Inside Secure-IT

What are we doing to stop the exploitation of Managed Service Providers like us?

Based on a recent notice from the United States Computer Emergency Readiness Team (US-CERT) regarding threats on network systems, we wanted to take a moment to open the door to how our business functions. So, we will be writing about our security here at Lighthouse IT and the best practices associated with each topic. We want to be very focused on how security is used to protect our clients and how we internally protect their data from being compromised.

An alert posted on October 2018 stated that the National Cyber Security and Communications Integration Center (NCCIC) is aware of an ongoing Advanced Persistent Threat (ATP) attempting to infiltrate the networks of global managed service providers (MSPs).

Get Our Business Security Checklist

 

A nearby MSP in Toledo recently was involved in a hack of their data. A lot of their client data was compromised because of weak points in their security. We want to do everything we can to combat the exploitation of MSPs.

Here is the link to the US-CERT post about the NCCIC's ongoing report. https://why.mymsp.rocks/ThreatsExploitingMSPs

Below are some articles where we discuss how we handle our client's security. (We will be posting them once a week for two months. So, if you see one without a link, just wait! It'll be there soon.)

Inside Secure-IT:

 

Backups and Recovery

In this day and age, it is easier than ever to store a large amount of data. Computers provide a compact manageable way to keep all your photos, recipes, reports and more. However just as easily as you could misplace an important paper, computers are susceptible to data loss as well. From accidental deletion, malware or hardware failure, there are numerous ways in which your data could be lost.

 

Physical Security

Physical Security is the act of securing the machines that keep businesses running. We like to make sure that there are several fail-safe’s in place to make sure nothing happens to the servers. Some steps we take are to make sure that the building itself is secure, that the servers are in a locked server-cabinet or in a locked closet and plugging the servers into surge protectors and uninterruptible power supplies.

 

WPA2-Enterprise, Scheduled Wireless, and Isolated Guest

Wireless Security is the act of using encryption, scheduled times, isolated wireless, and VPN’s to create an environment that is hard for attackers to intrude upon. If a hacker is able to guess a Wi-Fi password, they are able to get to everything. Using these methods makes it extremely hard for them to brute force their way into a network. We use a mixture of Datto and Meraki for wireless security. Each one being able to create secure networks and manage wireless permissions without breaking a sweat.

 

Advanced Endpoint, Edge Protection, Firewall and IDS

Advanced Endpoint protection is a proactive form of defense against Malware and other threats. Any device with endpoint protection is able to protect itself from anywhere and against threats that anti-virus may not detect. At Lighthouse IT we use Sophos Intercept X, built off military-grade software, infused with deep learning, and combined with other leading security solutions. We stand by the power that Intercept X offers.

 

Mobile Device Encryption

Mobile Device Encryption works by using a cipher to make data unreadable without proper authentication or a key. Sensitive data that’s on an encrypted computer would be useless to anyone who may intercept the traffic coming from the computer or those who may come into possession of the computer. At Lighthouse we use Sophos SafeGuard, a program that encrypts data as soon as it’s created.

 

Generated Passwords

Instead of trying to create a password that may not be all that great, generated passwords make passwords that are tough for humans and machines to crack. Instead of trying to create hundreds of passwords or falling into the pit of using the same password for everything, we wanted a program that made strong passwords for all our most sensitive accounts. IT-Glue answered our calls by providing not only a platform for generating the passwords, but also saving them documentation software with role-based permissions.

 

Role-Based Permissions

Being able to define what your users have access to is very powerful. With role-based permissions, members or staff (or other system users) are assigned particular roles and through those role assignments, acquire the permissions needed to perform particular system functions. The permissions to perform certain operations are assigned to specific roles. If someone needs something, they should have that authority.

 

Multi-factor Authentication

Two Step Authentication is a security measure when you must sign in using both your password and an external code method. Multi-factor acts as a double line of security if a password is compromised the code is still needed. It is a way of confirming a user's claimed identity in which access is only granted after presenting two+ pieces of evidence to an authentication mechanism: knowledge, possession, and inherence.