Community Synergy: iCorps Hosts Cybersecurity Panel for ALA Boston
iCorps kicked off spring with a cybersecurity lunch and learn for our partners at the Association of Legal Administrators, Boston Chapter. As an international organization, ALA members are as diverse as the regulations that shape how they drive their businesses forward. As such, iCorps brought partners from Datto and Sophos to discuss how cloud technologies are shaping the way the legal industry operates, and the most persistent threats in today's cybersecurity landscape. The experts from iCorps, the event host and Managed Services Provider; Datto, a data backup and disaster recovery solution; Sophos, a firewall and security expert discuss the importance of cloud security and standards for implementation.
Jeffery Lauria, VP of Technology, iCorps: The average user has seven devices, between their laptops and home, and you need to manage those. You do need to be aware. I'd strongly recommend you use a mobile device management system. So, if anything is touching your network, it should be under some form of management. I think that managing devices is a very important factor, but also keeping in mind that if I had 10,000 devices or one, if I still use my username and password incorrectly, it doesn't matter.
And, what happens when you lose that device? Ensure that your devices are encrypted. I may be out $800-900 for my laptop, but my data is encrypted. Just plan on losing them. Now, the number of devices becomes less important, per se.
Justin Walker, Senior Channel Sales Engineer, Sophos: The expensive part of the loss is the data that's on there, more than the laptop itself. It's pennies in comparison to a data breach. The damage to the brand, and all things that go along with that. There's a really staggering number from a mobile loss perspective - 200,000 phones are left in London taxis alone, every year. If you have sensitive data out there, you need to have restrictions on where it can be, and what devices people can access that data from.
Lauria: Consider this, most state reporting laws, if the data's encrypted and the keys aren't compromised, it's not an event. So, encrypting is very important as well.
Lauren Looney, Channel Development Manager, Datto: There was a story that came out, last year, about a casino in Vegas that was hacked through their fish tank. Hackers were able to access their firewall through the [tank's] smart thermometer. They were able to get everyone's information in that casino and take it with them. It goes back to the question earlier - when they have it, do we know? Maybe we can find out, but at that point, they went through the server and up into the cloud. It's in the dark web somewhere, and somebody had a really good day.
Lauria: The funny part is that a lot of these breaches are just because people didn't use best practices. The fish [tank] should have been on an isolated network, it's as easy as that. But if you think about this, even at home, there are these IoT devices. All those things are on your network, and they're all very exploitable. Once you buy that refrigerator with a camera in it - no one catches it. It doesn't get updated. These are just best practices - separating the IoT from the network, changing passwords. Leveraging that common sense too, it may be difficult or take a little work, but it pays off.
Attendee: As we've been moving more and more to the cloud to save money, improve efficiencies, and engage with other companies, where does security play in the cloud space versus on-prem? I may have Fort Knox built for me behind the firewall, but most of the world that we are now engaging is on the cloud. And pieces of our network are, so to speak, on the cloud. Where does that put us on track as far as security?
Walker: So, the interesting thing about moving things up to the cloud is that the cloud itself is very secure. The problem is when we're talking about Microsoft or Azure, whatever cloud provider it might be, the responsibility is the security of the cloud itself. For the things that you're putting into the cloud, that is your responsibility. The infrastructure, the back-end of what builds Azure and AWS is really strong, and built on really successful architecture. But when you start to put assets up there, it's only as well guarded as you choose to guard it. If you have weak passwords, unpatched systems, poorly implemented third party applications, there's a lot of vulnerabilities that can still be inherent in what the end users, the company, is putting up there in the cloud. So that's where we come into play. We treat the cloud like any other endpoint. It shouldn't be treated any different from an asset that you have on site.
Lauria: At the end of the day the data that sits in the cloud, be it Office365, GoogleApps, Salesforce, doesn't matter. Those companies back up their information, not yours.
Moderator: How are ransomware, phishing, things like that, handled in the cloud? Are they handled differently than on-site?
Walker: I don't think it's any different. We treat it exactly the same, it's exactly the same risks. Ransomware actually makes up a really small percentage of actual infections - less than 2% globally of all the malware out there - is actual ransomware infections. But they are so disruptive and damaging they are all that you think about. They also make a ton of money. In 2016, a single family of ransomware made over a billion dollars. Just one variant of ransomware. It's where the money is, and that's why there are incentives to have technical support behind it.
Lauria: I agree, and the other part of that is, thankfully these platforms, SharePoint, OneDrive, Google Docs, they all have roll back features. That said, it doesn't necessarily mean that ransomware doesn't affect your machine. You could get locked out. So, if you have cloud data, fair enough, you can treat them the same way.
Looney: No matter what industry you're in, no matter how smart your folks are, no matter how up to date you think you are, there are actual companies out there now with 24/7 hotlines bad guys can call for support on their end.
Attendee: Fake call centers?
Looney: Real call centers. Ransomware is a business now. They have actual brick and mortar stores. Sometimes, [their employees] don't know that they are working for [a ransomware company] so people are really the biggest thing. We're all susceptible.