Missing the Forest for the Trees: How Cyberattacks in the News Can Mask the Threat to SMBs [VIDEO]

Cyberattacks and data breaches have been making headlines more and more these last few years. Whether it was the 40 million customer credit and debit cards stolen from Target in 2013, the major email leak at Sony Pictures Entertainment in 2014 or the 22 million personnel records compromised in the federal Office of Personnel Management this year, it’s hard to deny we’re seeing an already troubling trend grow even bigger. But perhaps there’s an even more worrisome trend at play that is not only suffering a lack of media exposure, but is actually being exacerbated by that lack of coverage. Because while all of the above victims and plenty more – including Home Depot, Anthem, P.F. Chang’s and JPMorgan Chase – represented serious and major breaches of consumer or corporate information, they’re also all major enterprises. And you would be remiss to believe that only the biggest companies get taken down by cyberattackers, when, in fact, it’s the smaller businesses that often prove the most frequent and fruitful targets for hackers. A survey released by Nationwide Insurance revealed that approximately 80 percent of all small- to mid-sized businesses in the U.S. don’t have a cyberattack response plan in place. Additionally, 60 percent of all cyberattacks are targeted at these same SMBs. If this seems grossly disproportionate with the amount of news coverage given to hacked enterprises over SMBs, that’s because it is – and that’s exactly what cyberthieves are banking on. Because SMBs have fewer resources to work with, and are less likely to learn about cyberthreats to their business from the news, they end up lacking the tools...

As the Dust Settles: The Value of Secure Remote Access in the Hours After a Cyberattack

The first 24 hours after a cyberattack are chaotic. The investigations and conclusions will come far down the road, but in the immediate aftermath of an attack, the entire organization is in reaction mode. The public relations team will update media members hungry for additional details. If an attack affects an organization’s own employees, the human resources department will issue alerts internally. The legal team will remain on standby to ensure regulatory requirements are met, offer counsel and guide the organization through the first few days of what is likely to be a process lasting many years. For the IT department, meanwhile, those first few hours are all about containment – discovering the origin of an attack, isolating or stopping its harmful effects, and securing IT systems to assure continuity. Yet, in many cases, victims of cyberattacks aren’t taking these critical first steps. According to a new survey by the SANS Institute, only 59 percent of organizations are able to contain attacks within 24 hours and more than half claim to be dissatisfied with the length of time it takes for them to contain and recover from an attack. Even the federal government doesn’t really have a perfectly coordinated strategy for responding to these events. As last summer’s hack of the Office of Personnel Management (OPM) showed, the government isn’t well equipped to react quickly to emerging threats and successful attacks, and individual agencies don’t always take ownership of a coordinated response. Fortunately, most businesses don’t have such a burden. Most are more agile than the government, and therefore better positioned to respond quickly, even if the findings of...

Google’s ‘Android for Work’ BYOD Solution Requires VPN

Although Bring Your Own Device (BYOD) is not hitting the front page on a weekly basis anymore, it is still relevant. The hype may be over, but enterprises are now working to find practical remote access solutions for managing the variety of mobile devices utilized by employees at home and at work. BYOD policies often classify mobile devices according to their operating systems. Thus, administrators have to work with one of the following: Apple iOS, Google Android, Windows and BlackBerry. With Android for Work, Google is helping enterprises that deploy Android devices by offering a mix of apps, technologies and designs to separate and control business and personal use on mobile devices. Google uses elements of Samsung KNOX, specifically, mobile device management (MDM) and containerization technology, to separate work from personal data and apps within the device, similar to what BlackBerry 10 has been providing for some time. Android for Work also includes an enterprise version of Google Play, allowing employees to install only those apps that have been authorized by the network administrator. Personal and business use is separated by users logging in through different profiles. Once an application has been designated as a business app by the network administrator, it is possible to control data traffic and access rights. This does not affect other applications, since business apps are in their own separate area. Google devices with Android 5 (Lollipop) already have Android for Work integrated. Older versions of the operating system can be upgraded by downloading the app, available through the Google Play Store. Android uses the multiuser support in Lollipop, standard encryption and SELinux security...

Smaller Scale Is No Defense: Why SMBs Should Assume They’re Already Targets of Cyberattackers

You would be hard pressed to go a month without hearing about a new data breach or major cyberattack in the headlines. These incidents occur with such regularity nowadays that seemingly every industry has been affected – healthcare, education, retail and even amusement parks. There are variations across all these attacks, from the threat vectors themselves to the protections that may have faltered. But, the common thread is that these companies are generally big names with targets on their backs. This trend also tends to overshadow an even more worrisome one: data breaches occurring at small and medium-sized businesses. While SMBs may exist on a relatively small scale, they certainly don’t go unnoticed by hackers. The numbers actually show that three out of four attacks occur at businesses with fewer than 100 employees, and that each incident carries an average price tag of $20,752, according to the National Small Business Association (NSBA). The NSBA’s Jason Oxman elaborated further in comments to the Los Angeles Times last year: “We are absolutely facing an epidemic of attacks on our nation’s infrastructure and attempts to gain access to information. But smaller merchants tend to be easier and more attractive targets for cyber criminals.” This is because SMBs are less likely to be well-versed in security protocols and because they won’t get much attention from the media, thereby allowing the attacks to continue under relative quiet. Compared to enterprises, SMBs may also lack the resources to detect and respond quickly to attacks. The fallout can result in broken websites, bad customer reviews and narrower profit margins – all consequences that can completely devastate...

Seamless Roaming or Always On: The Remote Access VPN Feature Digital Nomads May Be Missing

In remote working environments, the Digital Nomad isn’t tied to a desk or cubicle, but he has close relationships with his coworkers. The Digital Nomad works exclusively from mobile devices that connect wirelessly to the Internet, and she’s still able to finish all her tasks on time. For now, these workers are generally the exception to the rule, but that may not be the case for much longer. One-third of business leaders anticipate that by 2020, more than half of their full-time workforce will be working remotely. It’s not difficult to see why remote work is so popular. Today, Digital Nomads can be more nomadic than ever, setting up new mobile “offices” wherever there’s a network connection. They don’t even need a hard surface to put their device on or an outlet to plug into. But, what they do need for security purposes is a remote access VPN to enable a secure connection back to the corporate network. VPNs are reliable, but the problem is, network interruptions have long seemed inevitable. They get in the way and disrupt the user’s computing session. That’s when a VPN feature known as seamless roaming or always on comes into play, allowing a user to move between different networks without losing the connection. The Value of Seamless Roaming Whether you’re a finance executive fighting dead zones as you work on your laptop from a train, or a sales professional working from an airport across a spotty Wi-Fi connection, each time there’s a network disruption, the user has to manually restart the VPN connection to continue working. This is why seamless roaming is no...

NCP engineering Earns ‘Champion’ Rating in techconsult Report

This year, cyberattacks are expected to rain down at a rate of more than 117,000 per day, adding up to more than 42.8 million total incidents. As these attacks are launched and subsequently investigated, the root cause of many of them will turn out to be the result of employee action – basic human error – such as accidentally violating a remote access policy. With these figures in mind, the new report “Security Solution Vendors 2015,” conducted by German analyst firm techconsult, analyzes the entire network, data, storage and endpoint security landscape, while identifying top providers and solutions that are on the front lines protecting businesses from these 42.8 million attacks. The report bodes well for NCP engineering and our remote access VPN solutions. Techconsult found that NCP “dominates” the network security space, while highlighting how NCP’s Secure Enterprise Solution “win…clearly against the competition” from other VPN solution providers. This assessment is reflected by NCP’s presence in the “Champion” quadrant, comprising all security solution vendors, based on evaluations from the market and users, as well as experts. NCP also earns a “Champion” rating when only network security vendors – those with VPN, external firewalls and Unified Threat Management (UTM) solutions – are assessed. NCP is the top solution provider in this quadrant, and we stand out for our 100 percent user satisfaction rating. In the Virtual Private Network quadrant, NCP again earns top marks and a “Champion” rating, with the report noting, “NCP has been able to set itself above the rest with the experts’ evaluations based on its excellent solution assessment as well as its company-specific framework conditions.”...