Faronics Tech Roundup – October in Review

Although scary costumes might be the highlight of October, cyber security is the most frightening prospect for any business. Let’s take a look back at some of the biggest cyber incidents and outcomes that occurred this month.

Rallying Around NCSAM

Federal agencies have acknowledged the damage that cyber incidents can cause to their own bodies as well as businesses and consumers. National Cybersecurity Awareness Month was created to better inform the public and enterprises of the dangers they face. However, as Jon Oltsik noted for CSO, a number of leading cyber security technology vendors made one small reference or didn’t even mention NCSAM on their websites and blogs. To make this effort a true success, vendors and employers alike must promote cyber security awareness throughout the year and ensure there are ample opportunities to receive the message.


Organizations must rally behind the NCSAM message

Companies Still Unprepared for Attacks

Despite all the headlines that cyber incidents have received lately, organizations are still slow to protect themselves. The 2018 Global State of Information Security Survey by PricewaterhouseCoopers found that less than half of respondents have adopted key processes, such as information security intelligence, penetration tests, threat assessments and vulnerability assessments, used for uncovering cyber risks. Without these tools, organizations remain vulnerable to the consequences of an attack on their critical systems. Some leaders didn’t even know how many incidents they had suffered in the past year or how they were targeted. This

Enabling Enterprise Mobility : How to Implement a Successful BYOD Program

The bring-your-own-device or BYOD trend has surged in recent years as hardware becomes more sophisticated and omnipresent within everyday life. Smartphone advancements have driven the consumerization of IT and potential for remote work opportunities. Company leaders are starting to understand that using mobile devices can enable staff members to be productive outside of the office, allowing workers to operate in the field and fulfill work tasks.

Organizations increasingly recognize BYOD as a necessity for future growth rather than a luxury. According to a 2016 report by Gartner, more than half of employees use personal mobile devices in the workplace, and an additional 23 percent of workers have received an employer-issued smartphone. The survey found that respondents are generally happy using this equipment over desktops and laptops. Even in workplaces that don’t enable BYOD, employees still use their own equipment as a matter of convenience. It’s in your business’s best interest to get ahead of the trend and support BYOD appropriately.

There are four major aspects that should be taken into account when implementing a BYOD program:

1. Create and Enforce a Formal Policy

BYOD isn’t something that organizations can just leave up to employee discretion; it requires considerable forethought and planning to ensure that it’s implemented effectively. A 2015 survey found that 53 percent of businesses didn’t have a formal BYOD policy in place, ComputerWorld reported. While more companies are starting to realize the importance of an established document, there are still likely many that are approaching BYOD in a

Bad Rabbit Ransomware : What You Need To Know To Protect Yourself

Bad Rabbit Strikes

On October 24th, 2017, there were news reports about zero-day attacks with a ransomware called Bad Rabbit, targeting organizations and consumers, mostly in Russia. There were reports of a number of compromised websites, all of which were news or media websites.


What Is the ‘Bad Rabbit’ Ransomware?

This new strain of ransomware that struck a number of high profile institutions in Russia and Ukraine, such as the Russian news agency Interfax, the Kiev metro system and the Odessa airport. Bad Rabbit appears to target critical infrastructure and high profile entities in Ukraine and Russia. This new strain comes bundled with several open source tools that are leveraged for data encryption and lateral movement.

The following ransom message is displayed to unsuspecting victims:


How Does It Operate?

The malware dropper is distributed with the help of drive-by attacks. While the target is visiting a legitimate website, a dropper is downloaded onto the system. The victim manually executes the malware dropper, which pretends to be an Adobe Flash installer.

  • The infection process starts with a fake Adobe Flash installer, downloaded from compromised websites.
  • This fake Flash installer holds the actual ransomware payload in an overlay.
  • Once decrypted, it drops and executes the actual ransomware (identified as b14d8faf7f0cbcfad051cefe5f39645f).
  • The ransomware payload holds over 6 different tools (as ZLIB-compressed resources) used for encryption purposes, as well as for spreading the malware laterally.


Some Key Findings

Bad Rabbit is highly

BYOD vs COBO vs COPE vs CYOD: What’s the Difference? Which is Right For Your Organization?

Technology has drastically changed the business world. Employees rely on devices to complete everyday tasks and deliver high-quality services and products for a solid bottom line. Now, the average worker uses 2.3 devices for his or her job, according to Small Business Trends. This could include leveraging a laptop, smartphone and tablet, among other hardware options. The point is that these devices allow staff members to stay connected from anywhere and be productive when not in the office.

As with any new technology, mobile devices come with a set of considerations and concerns over how to manage them effectively. Organizations want to ensure that any investment yields value and meets critical operational pain points. There are currently four main mobile strategies that companies can leverage, but it will be important to know what each approach entails to determine which one is right for your mobile efforts.

Bring Your Own Device (BYOD)

When the iPhone debuted in 2007, it kicked off consumerization of IT to an unprecedented level. People have become increasingly connected and utilized their smart devices for a wide range of purposes. It’s no wonder that employees would seek to use hardware that they are familiar with for work purposes. A BYOD plan ensures that staff members don’t need to carry an additional device and can be productive from virtually anywhere. A 2016 industry survey found that 72 percent of organizations support BYOD for some or all of their employees, reflecting the rising demand and potential for this technology.

Application Control: 5 Best Practices for Effective Implementation

Hackers are increasingly making convincing applications containing malicious code to infiltrate devices and steal pertinent user or business information. Access to sensitive data without moderation, could possibly cause a major damage to the enterprise.

The state of shadow IT is likely much deeper than most tech departments realize. A 2015 survey by Cloud Security Alliance found that 72 percent of executives don’t know how many shadow IT applications are being leveraged, and that only 8 percent of respondents know the true scope of shadow IT at their organization. Application control is absolutely essential to regain governance and reinstate security. Let’s take a look at five best practices to leverage for effective application control:

1. Blacklist Wisely

Blacklisting an application isn’t always feasible, particularly when considering employee-owned devices. Organizations want to ensure that staff members are focused on working and enable them to use the hardware effectively. Leaders should block different programs based on the time of day through their application control portal. By creating an operating schedule, businesses can block games and other undesirable applications and create policies regarding when staff can access this software. Scheduling authorizations in this way will help keep employees on task and prevent the misuse of business files.

Application control can be useful in upholding security. In a similar instance, perhaps only certain users need to access a particular application for work purposes. To ensure that these individuals can do their job effectively, application control can be used to allow an application for a specific