If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
We’re going to be hearing about data privacy for a lot longer yet!
I don't know about you, but every day I open emails and articles about data security and our obligations in business. It's feeling a little overwhelming, but on closer inspection, most of the conversation is pretty sensible. The headlines have been the data breach...
Overloading in Outlook? Focussed Inbox is the answer!
Is your inbox overflowing? Once things move down the page, do they disappear, accompanied by the nagging guilt that you should have done something? You need a focussed inbox. For many people, their inbox becomes part of their filing cabinet, and that's obviously not...
Letter from Microsoft Inspire – Vegas 2018
It wasn’t just the weather that was hot. Microsoft is hot right now, and given how much we all rely on them for the tools to run our businesses, that's an exciting prospect. While there weren't specific announcements, what I found encouraging was the consistent...
The best new thing in Office that no one knows about (Shush – don’t tell)
Spoiler alert- you have to read the full article - and good news alert – the article is really short! Office 365 keeps changing. Updates and upgrades happen when you aren’t looking. While many of them are pretty trivial and only impact a few people, some updates are...
When does Windows 10 become Windows 11?
When Microsoft released Windows 10, they said it would be the last version – but that hasn’t stopped them enhancing it. The updates available in the April 2018 (Version “1803”) release continue to refine it in small but useful ways that add up to a significant...
What’s in an Antivirus? ( or, when is ‘free’ the most expensive option?)
It is not uncommon for us to be asked why a business needs to purchase antivirus when Windows 10 already includes antivirus. It's true - Windows comes with a 'free' antivirus - Windows Defender is free with Windows and has been for some time. [header2 text="It...
Sneaky devils – how insecure email led to a $150K loss
Recently I was lucky enough to spend some time with a group of my Ozzie peers. One of the things we did was share problems and solutions. During those discussions, I heard of the following hack. [header2 text="This is not a made-up story. It is true and I know of...
Keeping up with One Note
I reckon that OneNote's being used by about a third of the people I see in meetings. And that means that about two-thirds of people are missing out! I've been a big OneNote fan for ages because OneNote conquered my personal chaos of unstructured notes and paper...
South Pacific Pictures – Case Study
"Working with Kinetics has helped us align our IT systems with the businesses need for streamlined systems and business continuity, as well as the comfort of compliance and reassurance from an industry specialist." - Kelly Martin, CEO, South Pacific Pictures...
Beware (again) – The Phishermen are after you.
The deluge of clever phishing emails continues. This one caught our eye, because it looks so authentic. Given that we look after Office 365 for this customer, it left us wondering how we'd have missed 'verifying' their account. Well, only a for a moment! When we...