The woes of password management

Posted by Brent Fairbanks on Mar 20, 2017 12:00:00 PM

If you’re like anybody who uses computers today, you’re dealing with passwords. I alone have more than 58 just for the websites I use on a regular basis. That doesn’t include any hardware passwords,  Wi-Fi passwords, computer logins, or clients’ passwords. We all have too many to remember, and nobody is exactly sure who is responsible for something we all love to hate.

Passwords enable us to restrict access to only those who are permitted. Restriction of access is nothing new. It has been used for thousands of years, such as sentries in Roman times requiring someone to have special knowledge to pass. One thing we do know is that the minute we attempt to restrict access it invites abuse by both those with access and those without.

Read More

Topics: Cyber Security

Ask Intronis: How to create firewall policies for a company

Posted by Lauren Beliveau on Mar 20, 2017 8:33:00 AM

Q: With today’s evolving cyber threats, my IT service company is trying to offer our customers more proactive security measures beyond anti-malware and anti-spam filters. To really protect our customers, we want to offer a more sophisticated firewall solution. Once we choose a solution, how should we determine what policies we need to create for our SMBs?

Offering new solutions to protect customers from today’s evolving cyber threats is a smart way to both safeguard their business-critical data and grow your business. While every SMB may require different policies within their organization, there are certainly a few policies you can standardize on.

To help you determine which policies to put in place for your SMBs, we consulted Mark Ballegeer one of our systems engineers at Intronis MSP Solutions by Barracuda. Based on his extensive background in and knowledge of firewalls, Mark offered these tips on how to easily define policies within your customers’ businesses.

Read More

Topics: Cyber Security, Ask Intronis

Threat Watch: Resume Files containing Advanced Persistent Threats

Posted by Lindsay Faria on Mar 14, 2017 8:59:32 AM

As cybercriminals become more duplicitous by the day, businesses and individuals alike need to be more aware than ever of their digital surroundings. One example of this was recently highlighted on the Barracuda blog: Resume files containing Advanced Persistent Threats (APTs).  

This threat counts on unsuspecting email recipients to open a .doc file supposedly containing a resume from a job applicant. From there, chaos ensues.

Read More

Topics: Cyber Security

Lessons from XChange University: Even the best security guard needs backup

Posted by Michelle Burke on Mar 9, 2017 9:13:03 PM

In the security space, you’re always on guard, working hard to prevent the next big disaster. Aside from mitigating risk internally — whether that means deciding which vendor will be best to partner with next or which BDR solution could make or break your business — you now need to carefully consider risk from an external perspective.

This past Sunday morning at The Channel Company’s XChange University event, keynote speaker Robert Westervelt of IDC's Data Security practice shared some interesting stats with the audience of MSPs. For example, a recent IDC study revealed that 99 percent of hackers hit already-known vulnerabilities in platforms like Adobe, Microsoft, and Internet browsers.

Read More

Topics: Cyber Security

Quiz: How much do you really know about ransomware?

Posted by Lauren Beliveau on Feb 20, 2017 11:15:00 AM

Ransomware has quickly evolved from simply blocking users from gaining access to their files to encrypting files and even attacking servers. Cybercriminals are also becoming savvier when it comes to disguising attacks, making it harder for businesses to avoid them. A recent report from IBM security found that one in two business executives have experienced a ransomware attack, and 70 percent admitted to paying the ransom to regain access to their data.

Read More

Topics: Cyber Security

Growing IT security fatigue bodes well for MSSPs

Posted by Mike Vizard on Feb 14, 2017 2:23:35 PM

The size of the opportunity for managed security service providers (MSSPs) has always been constrained by one dominant factor. Far too many IT organizations believe they can adequately defend their organizations despite all evidence to the contrary.

But, a new report from the Information Systems Audit and Control Association (ISACA), which counts more than 140,000 security and IT professionals among its members, suggests large amounts of “security fatigue” are starting to take a toll on internal IT organizations.

Read More

Topics: Cyber Security

New deployment options for Barracuda NextGen Firewall – Intronis MSP Edition

Posted by Anne Campbell on Jan 23, 2017 10:57:48 AM

As today’s IT environments get more advanced and threats become more sophisticated, managed service providers need to secure their SMB customers’ networks no matter where those networks are running. Some businesses are transitioning to public cloud deployments, while others are opting moving to fully virtualized environments. As an MSP, you need to be able to offer these types of customers that same level of protection as more traditional on-premise networks.

That’s why we’re introducing two new deployment options for Barracuda NextGen Firewall – Intronis MSP Edition: a virtual firewall that is compatible with VMware, XenServer, KVM, and Hyper-V; and public cloud options designed to protect your customers’ digital assets in Amazon Web Services (AWS), Azure, or Google Cloud Platform deployments.

Read the Press Release


To give you a closer look at these new offerings, their benefits, and use cases, we sat down with Nathan Bradbury, manager of systems engineering here at Intronis MSP Solutions by Barracuda.

Read More

Topics: Announcements, Cyber Security

What MSPs can do to help customers avoid the new Gmail phishing scam

Posted by Michelle Burke on Jan 19, 2017 2:45:12 PM

Even the most security-conscious email account holders have been falling for the new Gmail phishing scam. This advanced hack involves phishing for user email authentication information by tricking recipients into clicking on an attachment and re-entering their Google login credentials.

It works like this: Once someone has fallen for the attack, hackers scan the victim’s account and find the best attachment to email to others from that address. For example, the attachment could be an update on a document you were collaborating on earlier that week with a co-worker. This type of advanced attack works so well because the attachment seems legitimate.

Read More

Topics: Cyber Security

What MSPs can learn from malware found at a Vermont utility company

Posted by Michelle Burke on Jan 3, 2017 11:58:01 AM

As we were ringing in 2017 this past weekend, government officials were announcing that they found evidence of malware on a computer belonging to Burlington Electric Department (BED), a local electric utility provider located in Burlington, Vt. Thanks to quick detection, BED was able to isolate the malware to one computer before it could attack the company’s entire grid system.

While this particular situation was resolved quickly, the attack brings up new threats that MSPs can’t ignore. The malware found on a single BED computer shows the destructive new intentions of malicious hackers, who, in this case, could potentially have shut down an entire community’s power during the cold winter season.

Read More

Topics: Cyber Security

Time to resolve to review IT security processes

Posted by Mike Vizard on Dec 15, 2016 12:00:20 PM

There’s no doubt that most IT security professionals were left shaking their heads this week when it was revealed that the Federal Bureau of Investigation tried to inform the Hillary Clinton presidential campaign as far back as September of 2015 that their IT systems had been hacked. Alas, for a variety of issues relating mainly to a lack of IT security skills and flawed communications processes, it would take several more months for senior-level Clinton campaign officials to become aware of the true extent of the security breach.

Unfortunately, what occurred in the Clinton campaign is not an exception. A new study published this week by the McAfee Labs unit of Intel Security find that 93 percent of the 391 IT professionals surveyed acknowledged being unable to triage all potential cyber threats. The study finds that on average organizations are unable to sufficiently investigate 25 percent of security alerts.

But the most troubling aspect of the McAfee report is that 64 percent of the organizations surveyed said they rely on managed service providers to one degree or another for security operations assistance.

Read More

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment