Daryl Daniels, Author at HCS
Data Loss Prevention – Human Error, Threats & More

Data Loss Prevention – Human Error, Threats & More

Do you remember the first or last time you found a user had shared sensitive information with the wrong people?

Companies dedicate large amounts of resources and money towards establishing an air tight DLP policy to detect and protect company data and prevent it from getting into the wrong hands, whether deliberately or by mistake. But no matter how good the technology, or how vigilant the security team, there is always a wildcard – end users.

“A company can often detect or control when an outsider (non-employee) tries to access company data either physically or electronically and can mitigate the threat of an outsider stealing company property. However, the thief who is harder to detect and who could cause the most damage is the insider—the employee with legitimate access. That insider may steal solely for personal gain, or that insider may be a “spy”—someone who is stealing company information or products in order to benefit another organization or country.”
Introductory guide to identifying malicious insiders, U.S. Federal Bureau of Investigation (FBI)

In this post we’ll discuss how regular users can expose sensitive data by wrongly classifying documents, how malicious users can take advantage of the encryption to exfiltrate data, and how Microsoft Cloud App Security’s new capability of scanning content in encrypted files, as well as the wider Microsoft Information Protection offering, can help organizations mitigate these risks.

The innocent mistake
While employees in the modern workplace are getting increasingly technologically savvy, and are finding new tools to improve their productivity, they aren’t always aware of the security implications of their actions.

Many of our customers are leveraging Microsoft Information Protection solutions to classify, label and protect their data. To minimize the impact on end users and their ability to be productive, these organizations often choose to empower their users to label documents themselves, by providing automatic suggestions but not auto-labelling or -protecting documents.

A user can inadvertently label a document containing highly confidential information with a low sensitivity label that applies minimal access restrictions. Since the file is already encrypted, it will not be scanned by the DLP solution, but might still be accessible to unauthorized people.

The malicious insider
A bigger threat with a much higher potential for damage is the malicious insider. A malicious insider who is actively working on exfiltrating sensitive information from the organization, whether for personal gain, corporate espionage or other reasons.

This malicious user might exploit the ability to encrypt files to purposefully classify a file as low sensitivity while inserting highly sensitive data and then sharing it externally. As in the “mistake” scenario, this will allow the file to pass the scanning of the DLP solution.

How does Microsoft Cloud App Security handle these risks?
Microsoft Cloud App Security has a wide set of tools targeted at handling insider threats. These include user behaviour anomaly detections, cloud discovery anomaly detections, and the newly released ability to scan content of encrypted documents.

User anomaly detection
Microsoft Cloud App Security comes with a wide set of out-of-the-box anomaly detection policies that are activated by default as soon as the product is enabled. These detections look at the activities performed by users in sanctioned apps and define a usage baseline, leveraging UEBA capabilities to automatically identify any anomalous behaviours going forward.

An example of these types of detections, aimed at insider threats, is “Unusual file download activity by user”. This detection will create an alert whenever a user performs file downloads that differ from their usual pattern – a potential indicator of a data exfiltration attempt.

Cloud anomaly detection
In addition to the user anomaly detections for sanctioned apps, Cloud App Security also offers detections aimed at identifying suspicious behaviour of users in unsanctioned applications. These detections are based on the data we get and analyze as part of our Cloud Discovery capabilities.

An example for such detection is “Data exfiltration to unsanctioned apps”, which looks at the amount of data being uploaded by users to unsanctioned applications – one of the most common scenarios of insider threat data exfiltration.

Content inspection of encrypted files
Microsoft have recently released the ability for an admin to allow MCAS to scan the content of files that are protected by Azure Information Protection. After enabling this functionality, the admin can define MCAS file policies to inspect the content of encrypted files, and generate an alert, or take an action based on the match.

This functionality ensures that files are handled according to their actual content, even if they are labelled incorrectly; thus, preventing sensitive data from leaving the organization – both by mistake and by design.

Human error and malicious intent will forever be a part of organizational lifecycles. While they cannot be eliminated completely, it’s our goal to enable IT and Security admins to minimize this risk. With its advanced capabilities and unique set of insights, Microsoft Cloud App Security and the wider Microsoft Information Protection offering help organizations to protect their sensitive information – wherever it lives or travels.

Wow At Your Next Presentation – Add Music To Your Slides!

Wow At Your Next Presentation – Add Music To Your Slides!

There are several ways to improve your next presentation using PowerPoint. Adding objects, customising styles, and themes can all improve how well people engage with your presentation. In addition to all of these, you can also add music to your presentation slides.

Add Music To PowerPoint

PowerPoint makes it easier than ever to add music to your presentation. Adding music to a presentation can be a great idea, it can help you keep your audience’s attention or to emphasise a certain point.

So… how do you actually add music to slides? 

Go to the “Insert” tab and then click the “Audio” button

A menu will then appear, giving you the option to either upload music from your PC or record your own track.

If you would like to record your own audio, select “Record Audio” and a “Record Sound” window will appear. Simply name your audio then click “Record”.

Once the “Record” icon is selected, a timer will start which will tell you the total length of the sound being recorded. Once you’re finished and ready to stop recording, press the “Stop” icon. To listen to your recording, you can press the “Play” icon. If you’re happy with your recording, select “Ok” to insert it into your presentation.

If you would rather upload music from your computer, go to the audio options and select “Audio On My PC”. This will open your files library. SImply locate the audio file you’d like to use, then choose “Insert” at the bottom-right of the window. PowerPoint supports several popular formats, like MP3, MP4, WAV and AAC.

Now you’ll see a speaker icon appear in your presentation. This is where you can play the audio and edit the volume, etc.

The “Playback” tab will appear automatically. By default, the “Audio Style” is automatically set to “No Style”. This means that the audio will only play on the slide where you insert it. The icon will appear in the presentation, and the audio will only begin when you click the icon.

However, this can be changed in the settings. You can choose options that will adjust the default playback volume, whether the music automatically starts or whether your music plays across other slides, etc.

To change this, select “Play in Background” in the “Audio Styles” section.

There are more options available to you also. You can add/remove bookmarks for specific times in your audio clip, trim parts of the audio or give your audio a fade in/out effect.

To learn more about Microsoft Office 365 and its capabilities, click here!

Almost 60,000 Data Breaches Reported Under GDPR

Almost 60,000 Data Breaches Reported Under GDPR

Just over 59,000 data breaches have been reported across Europe in the eight months since GDPR has come into force.

GDPR came into effect on May 25th 2018, this set out the new rules on how businesses, organisations and government bodies can collect and handle data. Under GDPR legislation, Data Controllers must report breaches within 72 hours of discovery.

Just eight months on, new statistics from a UK law firm have suggested that over 59,000 breaches have been reported since the legislation was enacted. This survey, conducted by DLA Piper, looked at breach reports from 23 of the 28 EU Member States from 25th May 2018 to 28th January 2019. Of the results, the Netherlands was found to have the most breaches (15,400), followed by Germany (12,600), and the UK (10,600).

The countries with the lowest reported breaches were Cyprus (35), Iceland (25), and Liechtenstein (15). The Netherlands leads the way as the country with the most breaches notified per capita, followed then by Ireland and Denmark.

Under GDPR, the Data Protection Body within the EU can fine a company up to 4% of their global annual turnover for breaches. It should be noted that 9% of these breaches reported relate to breaches predating GDPR. Due to this DLA Piper claim that these statistics are “best approximations”.

The study stated: “It is still very early days for GDPR enforcement with only a handful of fines reported across the EU.

“With the exception of the recent €50 million fine imposed on Google, so far the level of fines have been low, certainly when compared to the maximum fines regulators now have the power to impose.

“However, we anticipate that 2019 will see more fines for tens and potentially even hundreds of millions of Euros as regulators deal with the backlog of GDPR data breach notifications.”

So far, Google is one of the most widely recognised brands to be found to be in breach of GDPR. Google was fined €50 million by French regulator CNIL.

GDPR Compliance is mandatory for all businesses operating within the EU. Ensure your business is GDPR complaint with our GDPR Compliance Training and rest assured your employees are GDPR compliant in all of their activities.

 

British MPs’ Phone and Email Contacts Have Been Hacked in Phishing Attempt.

British MPs’ Phone and Email Contacts Have Been Hacked in Phishing Attempt.

Authorities within the British Parliment are investigating after MPs were targeted by an attempt to hack their email and phone contact lists on Monday.

Deputy chief whip Christopher Pincher warned colleagues in an email to ignore text messages and emails asking them to “provide overseas contact details” or to “download a secure message app”.

Pincher said: “This is a malicious hack that accesses your contacts list and sends texts and emails to all of your private contacts.” He also said that the Parliamentary Digital Service, which advises MPs on security, had been informed.

Concerns were raised after at least one Tory MP was caught out by the apparent phishing attempt

Dozens of MPs were added to a WhatsApp group named “Hack warning 1” on Monday afternoon by the personal phone number of government whip Mike Freer.

MPs, including several cabinet ministers, immediately left the group.

The MP told friends on Facebook that he had been hacked and that they should ignore “any email suggestion [he] need[s] overseas contacts for government payment”. One recipient of an email purportedly from Freer said it asked for contacts in China.

It is not yet clear how many MPs’ contact details have been compromised or who is responsible for this hacking attempt.

Security breaches can happen to any business. The safest way to protect your sensitive data is to ensure it is protected appropriately. Multi-Factor Authentication is an effective way of protecting your business’ data. Cyber Security Training is also an essential part of preventing attacks. Ensure your team have the tools and knowledge to proactively protect your business and data.

Its strength lies in its multiple authentication factors, even if your password is compromised, it is useless without the other authentication factors. You can protect your business’ essential data from Brute Force and Spear Phishing attempts. To learn more about Multi-Factor Authentication or how best to secure your business, contact sales@hcs.ie or call or Waterford office on 051-595 200 or our Dublin office on 01 – 873 4120.

Why Your Business Should Adopt Multi-Factor Authentication

Why Your Business Should Adopt Multi-Factor Authentication

The password is arguably the most popular and most common security measure available and most of the time it is also the most vulnerable. In the case of a data breach, many companies simply have their employees change their passwords.

Multi-Factor Authentication data protection data security

However, the password has a lot of shortcomings. Primarily, passwords do not provide strong enough identity checks. Anyone who obtains your password can access your accounts easily. In addition to this, the security of the account is purely based on the strength of the password, which is generally not strong enough.

This is one of the many reasons why companies are adopting Multi-Factor Authentication (MFA) to supplement the password as a means of access control, or in some cases an actual alternative to passwords.

What Is MFA?

Multi-Factor Authentication (MFA) is a secure method of logging in to your account. Authentication methods that rely on more than one ‘proof of identity’ are more likely to hinder any attempt at accessing data through illegal methods. An appropriately designed Multi-Factor Authentication process is much more effective in deterring hackers when compared to traditional single factor authentication methods.

Why Are Businesses Using Multi-Factor Authentication?

Strengthen Security
The core principle of MFA is that each factor compensates for the weaknesses of the other factors, e.g. if a password is compromised it is useless without the other authentication factors. Unless a hacker has all of the authentication factors required by your system, they will not be granted access to your accounts.

Simplify The Login Process
Many people assume that having multiple authentication factors would make logging in a difficult process. However, MFA is a quick and easy process. When logging in to your account, you will receive a verification code to your mobile phone. Once you enter this code you will be granted access to your account.

MFA Has Become An Essential Cybersecurity Component
Many companies are recognising the threat of data breaches and the level of damage that these can cause. MFA gives you peace of mind knowing your data is protected, which in turn allowed you to focus on your business goals.

HCS Business Solutions can help you secure your business with Multi-Factor Authentication from just €5.10 per user per month. To learn more about Multi-Factor Authentication email sales@hcs.ie or click here!

Request a Call Back
close

Request a Call Back