Tag: cloud security

  • Zero trust or zero effort, how does your businesses security stack measure up?

    Zero trust or zero effort, how does your businesses security stack measure up?

    Have you been working on strengthening your cyber security stack in your business or crossing your fingers and hoping for the best? How much protection is really enough?

    There are a lot of remedies for improving cyber security out there, but which ones present the best value for your business, and what constitutes a “zero trust” environment?

    If you’re just starting out, these 10 items will greatly improve your business’s cyber security safety in a short amount of time (we call these “best practices”):

    1. Use multi-factor authentication. This one is obvious, but we still see it not being employed regularly. Multi-factor authentication is generally extremely easy to enable (often times just a checkbox) and it greatly improves the safety of that account. When we’re talking about accounts like your business email, or your banking account it’s a no brainer.
    2. Use a password manager. This is another easy one to employ but people still ignore it, or even worse they use the password manager built into their browser. We’re not saying that’s completely wrong, especially if you’ve started using stronger passwords because of it. It’s still a good idea, however, to use a password manager that’s not directly connected to your system. Often times the same password or biometric you use to log onto your computer is the one used to unlock your browsers password database, so if someone has breached the device all those passwords will be available to them too.
    3. Employ Biometrics. Speaking of biometrics, they can be an improvement over passwords when it comes to a physical devices security. Especially for mobile devices, most of us access our work emails, banking accounts, etc. through our phones. It’s very easy to lose a phone, so making that phone unusable to whoever finds it (or has taken it) is a good idea.
    4. Don’t give everyone admin privileges. Not every employee needs all the keys to your kingdom, limit admin access only to those who really need it so if you do have a breach the damage can be limited as well. This is a key component of a zero trust environment (which we describe in the chart below).
    5. Communicate your goals and train your employees. Loop employees into your increased cyber security efforts and provide training, no one wants to be responsible for a cyber-attack in their workplace but without training employees can become unknowing and unwilling threat vectors.
    6. Monitor network activity. Now we’re starting to get into the more challenging topics, monitoring your network activity can be a very effective way of noticing early when something is amiss. There are tools out there that can do this monitoring for you and provide warnings if suspicious behavior is detected (like a device being logged in after hours when it never usually is).
    7. Use encryption. It’s pretty easy to use encryption in email or with sensitive documents (again often just a checkbox) but it’s an effective way to make sure sensitive data doesn’t fall into the wrong hands.
    8. Use backups. Again, in the same vein of protecting your data having automatic backups will greatly increase your chances of recovering after a cyber-attack. Especially if those backups were stored offsite (such as cloud backups). We wrote an article on the best ways to manage your OneDrive storage (which is included in your Microsoft 365 subscription) here.
    9. Regularly patch your devices. Many of your vendors actually provide security protections for you via their patches, which more often than not are addressing specific security concerns that have been identified. Patching costs nothing but your time and the benefits are ten-fold compared to the costs of a security breach in your business.
    10. Have a security audit performed. The best way to address the holes in your security plan is to have a reputable IT company perform a security audit. Valley Techlogic is a provider of these audits in the Central Valley and you can request a consultation here.

    Performing these ten activities in your business will greatly improve your cybersecurity effectiveness across the board, but if you’ve reached the bottom of this article and have realized you do all of these you may be wondering what’s next? Or perhaps you’ve heard of zero trust but aren’t sure what that entails, here are the key components to having a zero-trust cybersecurity environment:

    We address ALL of these topics in our new book, Cyber Security Essentials, which covers all the components of a cybersecurity framework and how to implement them in your business. You can see a preview of the book in the video below.

    [youtube https://youtu.be/jlBAoq4tLNc]

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • AWS vs Azure, what is your best option when choosing a cloud platform?

    AWS vs Azure, what is your best option when choosing a cloud platform?

    We’ve had articles in the past about why you should consider making the move from on-premises to the cloud, but we’ve never specifically addressed which provider you should consider when making this move.

    For many, AWS (Amazon Web Services) and Azure are the main players that they look to when making the jump the cloud. Brand recognition is obviously there for both choices, as well as a history of impeccable uptime. Uptime is a very important factor, obviously you want your data to be available when and how you need it, but there are more things to consider.

    First, let’s look at the players. AWS has been around since 2006 and offers a “pay as you go” model, which means you pay only for the data you actually use. Many of us are familiar with the webstore Amazon, and you’d probably be surprised to learn AWS is a much bigger venture for Amazon, with 74% of their profit coming from AWS.

    Azure was launched in 2010 and is also pay as you go. However, how they differ is that Azure actually lets users access their data through a virtual machine on a Virtual Hard Desk (VHD). This means their interface is slightly more user friendly from the start. For a similar interface in AWS you must rent an EC2 (their version of a virtual machine). EC2 is more customizable but Azures Virtual Machine may more easily work with existing Cloud computing tools.

    Both are similar in that they offer scalable storage solutions; however, their object size restrictions vary slightly, with AWS having a 5 TB object size limit and Azure having a 4.75 TB limit. For most of our customers this would be a very negligible difference, however.

    Both do an excellent job of securing your data, in AWS you customize your security settings on setup. With Azure, they use Microsoft’s Cloud Defender services which are similar to the Windows Defender services you probably already utilize.

    AWS has a dashboard that may be easier to use if it’s your first-time using cloud services when it comes to looking for documentation on how to use the service. Where Azure has them beat though is that Azure keeps all of your user account and information in one place. So, depending on which kind of information you’re looking for, you may prefer one over the other.

    If customizing your cloud experience via code is something you’re after, you probably want to stick with AWS. Through their SageMaker system you can utilize their artificial intelligence (AI) tools to develop a very specific and unique experience when it comes to tracking data, making modifications, and applying updates.

    Azure on the other hand has opted for a “Codeless” interface, even someone with zero coding knowledge can drag and drop pieces to customize their cloud’s AI interface.

    Of course, from a base level you can look at what operating system these are compatible with. AWS is more compatible with Linux while Azure offers compatibility through .net with Linux, Windows and MacOS.

    In a nutshell, these two cloud behemoths are more alike than different but there are some factors that depending on your particular business sector or goals may lead you to shift one way or the other. We also want to spend a moment addressing a pricing breakdown for both AWS and Azure. You can see their pricing models in the chart below. We also want to note that both provide a free introductory period so you can test their services before committing to a plan.

    Are you considering a move to the cloud and aren’t sure which provider to go with, or even how to make it happen? Valley Techlogic can help. We’re experts in cloud computing and have managed many customer cloud migrations. Reach out today to schedule a free consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Google blocked the largest DDoS attack ever, peaking at 46 million requests per second

    Google blocked the largest DDoS attack ever, peaking at 46 million requests per second

    While it’s just now being reported on, the DDoS attack on Google Cloud occurred on June 1st and lasted for 69 minutes – reaching a peak of 46 million requests per second.

    Source: Google Cloud

    We’ve covered Distributed Denial of Service (DDoS) attacks before in this blog, but the scale of this one is mind boggling. It’s nearly twice the size of Cloudflare DDoS attack from last year around this same time, which peaked at 26 million requests per second (sent from just over 5000 devices).

    If you’re wondering where the devices used in these attacks originate from, the answer in this case is unsecured devices. Specifically compromised Mikrotik routers.

    There’s been a number of articles regarding possible compromises to the Mikrotik brand of router including one instance that involved over 200,000 devices. Many in the security space wondered if there would be a fallout from that and now, we have our answer.

    However, what’s more impressive is not the scale of this attack, but the fact that it was successfully blocked by Google.

    Botnet attacks of this nature are not rare, it’s difficult to say exactly how many attacks occur per day but it has been noted they’re on the rise since the Russian invasion of Ukraine. A botnet is essentially an assembly of compromised devices that are used to attack a target. DDoS attacks are one of the most common uses, but they’re also used for phishing, cryptomining, or to bruteforce passwords just to name a few. The largest botnet ever recorded belonged to Russian BredoLab and consisted of 30,000,000 devices.

    Would be bad actors can even purchase DDoS as a service for as little as $5 per hour which should give you an indication how prevalent and common they are as an attack vector.

    Google blocked this attack by leveraging their Cloud Armor product, a network security service directly aimed at preventing DDoS attacks. If they were looking for a powerful case study for the effectiveness of this product, we can think of no better example then effectively blocking the largest DDoS attack in history (so far).

    Part of blocking a DDoS attack is early detection. DDoS attacks ramp up, if you can detect an incoming flux of peculiar traffic to your network you can block the attack before it’s able to scale up and cripple your network.

    Besides blocking potential attacks, the other side of the coin is not becoming an unwilling participant in a botnet through a compromised device in your home or business.

    The sinister part of it is you may not even be aware your device is compromised and it’s not just mobile devices and personal computers that can be affected, even IoT (Internet of Things) devices can be hacked. There are a few things you can do to prevent your devices from being taken over by hackers as we outline in the chart below:

    If your business needs assistance with protecting from any potential attacks or making sure your devices stay uncompromised, Valley Techlogic can help. All of our plans include robust cybersecurity protections at no additional charge, including assisting in your cyber security training goals (after all, human error is the #1 cause of data breaches). Schedule a consultation today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.