On May 5, 2022, the agricultural manufacturing giant, AGCO, was hit by a ransomware attack…
In the digital animation anthology Love, Death & Robots, one memorable episode tells the story of a couple who finds a miniature civilization growing in an old freezer.
The tiny citizens go from ice age to stone age to iron age in a matter of minutes, evolving from prehistoric to futuristic before the viewer’s eyes. Before the couple even has time to process the fact that a microscopic world is blooming in their kitchen, generations of miniature humans pass in the blink of an eye, planning and mounting an attack on their “giant” onlookers.
Today, security and productivity can feel just as disorienting – new generations of security threats evolve before companies have even acknowledged their predecessors, leaving businesses scrambling to catch up with each new evolution.
Thankfully, modern businesses don’t have to leave security and productivity up to chance. Terminal B is paving the way for new generations of cybersecurity tools to address new generations of cybersecurity threats.
In this interview with Terminal B founder and CEO Greg Bibeau, he shares four critical concepts for security and productivity. Mastering these concepts can’t protect you from tiny universes in your freezer, but it can help keep you safer from cybersecurity threats like malware, hackers, and phishers.
1. Remote Management and Monitoring (RMM)
RMM, PSA, MSP, EDR… IT loves a good abbreviation. In the case of RMM, this abbreviation stands for “Remote Management and Monitoring,” and it encompasses a wide range of capabilities, ranging from compiling performance data to remote desktop access.
For security and productivity, the essential function that Greg highlights is RMM’s ability to remotely implement software updates and reconfigurations. There are two alternatives to using RMM to keep software up to date:
- Manual updates. Performing manual updates requires a human user to physically update the software of every machine. While this may be feasible for very small or very low-tech organizations, it doesn’t take long for this to scale out of control. The more systems your IT environment contains, the less workable manual updates are.
- Default update settings. For organizations with limited budgets, Greg recommends using the default update settings of your devices. This is less performant than RMM but has certain advantages over manual updates. The advantage of using default settings is that it saves the labor of manual updates, but the disadvantage is that a scheduled update can interrupt and even break your key processes – a side effect of default settings that RMM can sidestep.
While manual updates and default update settings can help mitigate some security risks, RMM has several important advantages. The most important advantage is that RMM can vet and schedule updates. This means that IT service providers can use RMM to implement security patches as soon as they’re available, vet a patch before implementing it, or schedule an update for a convenient time that won’t interrupt a key process.
The downside of RMM software is simply the cost, but with a wide variety of RMM tools available to businesses, most organizations will be able to find a solution that fits their budget.
2. Dual-Factor Authentication
In military operations, the two-person concept is a control method that splits responsibility and control between two individuals. For example, a single person cannot launch a nuclear warhead (accidentally OR maliciously) because a second person with their own unique key has to jointly operate the launch. That means that a malicious actor can’t simply steal the key or passcode since both operators have to be present.
In cybersecurity and IT, dual-factor authentication performs a similar function: If a password becomes compromised, dual-factor authentication prevents the malicious actor from accessing your accounts with a single device or piece of information.
Instead, Greg explains that dual-factor authentication requires two components: something you have and something you know.
- Something you have can be a fob, keycard, mobile device, or biometric data, like fingerprint or faceprint.
- Something you know can be a password, passcode, or security question.
For example, imagine that you’ve secured your account with your mobile device and password. If somebody gains access to your password (through a brute-force guess, malware like a keylogger, or a phishing attempt), they won’t be able to access your account without your mobile device. If a malicious actor steals your mobile device, they won’t be able to access your accounts without your password.
Dual-factor authentication multiplies the security of your account by creating a second barrier to entry.
In the past, dual-factor authentication was optional, but Greg shares that in today’s security climate, it’s no longer an option – it’s an essential. Dual-factor authentication is a bare minimum standard for businesses to keep their data safe, but the good news for companies is that you can implement dual-factor authentication for free on major platforms like Microsoft and Google.
Since the 1960s, business software has steadily increased in volume and complexity. Today, employees face an unprecedented breadth of business software. To reconcile with this newfound diversity of technology, businesses should engage in comprehensive and ongoing training across all levels of their organization.
Not only is training beneficial for productivity and security, but many insurance providers require proof of training before they’ll underwrite your company’s cyber liability policy.
In this interview, Greg says that the #1 priority of your training program should be security proficiency. While technological tools can go a long way toward preventing security breaches, no technology can completely mitigate the risks posed by social engineering and human error. When employees are proficient in security concepts, they’re more likely to recognize phishing attempts, follow appropriate password controls, and avoid risky behavior.
While the main goal of training should be security proficiency, an added benefit of ongoing training is that it develops expertise. When you make on-demand training available to your employees, you encourage continued development and produce knowledge experts in your field. In addition to on-demand and scheduled training, you should also implement ongoing testing, including simulated phishing attacks and formal evaluations.
Both accidental and malicious employee activity can result in security breaches, but your employees aren’t your only vulnerability – many organizations require their upstream vendors to participate in ongoing training as well.
4. Endpoint Detection and Response (EDR)
Before the mid-2010s, anti-virus software was a key component of most businesses’ and individuals’ security systems. In the last decade, endpoint detection and response (EDR) has gradually replaced anti-virus software as the next generation of security tools.
Endpoint detection and response monitors computing devices that are part of an interconnected network. Each of these computing devices (standard devices like laptops, desktops, and mobile devices along with IoT devices and workstations) is an endpoint. Since these endpoints are the point of entry for legitimate users to access your network, they’re also an attractive target for illegitimate users.
Anti-virus software was the best solution for businesses at one point in time, but EDR has surpassed anti-virus software as the standard best tool for network protection. Anti-virus software’s limitation is that it can only check for a known list of threats, and as Greg explains, by the time the software recognizes new threats, malicious actors may have already exploited the vulnerability. Anti-virus software is reactive rather than proactive.
As opposed to anti-virus software, EDR doesn’t just monitor for a limited list of known threats, it monitors for a wider variety of anomalies, which ultimately keeps your company safer and more productive.
The downside to EDR is that the added security comes at a price, making it potentially cost-prohibitive for smaller businesses. A Security Operation Center (SOC) monitors the best EDR solutions around the clock, which keeps you secure and productive in the middle of the workday and the middle of the night. With 24/7 monitoring, malicious entities are less likely to get the drop on you, allowing you to maintain a high level of security even while you’re away.
Steps to Implement Critical Security and Productivity Concepts
Are you excited to start increasing your security and productivity, but not sure how to start implementing these four crucial concepts?
Greg shared the ideal order you should follow:
- Start with dual-factor authentication on as many platforms as possible. Since many platforms allow you to implement dual-factor authentication for no additional cost, this added protection is a no-brainer. In today’s security climate, this safeguard isn’t a luxury, it’s the bare minimum.
- Your next priority should be Training solutions vary by price, and you should consider requiring ongoing training not only for your own employees but also for the vendors you work with. Most insurance companies require training as a condition for underwriting a cyber liability insurance policy.
- Remote Management and Monitoring (RMM) should be your next priority. This service keeps your devices up to date with the most current security patches without requiring physical maintenance or breaking any of your key processes. While RMM comes at a cost, it’s well worth it to keep your devices up to date.
- Finally, Endpoint Detection and Response (EDR) is an essential component of cybersecurity that replaces anti-virus software by monitoring for unusual activity in network endpoints, such as desktops and mobile devices. This solution is your fourth priority because of its higher cost, but companies should invest in EDR as soon as it’s feasible.
Stay Secure and Productive with Terminal B
What’s the next step for you? Get help from the cybersecurity experts at Terminal B. Greg and his team of experts have been helping companies stay secure, compliant, and productive for over 15 years, which is why we’re one of the only Microsoft Direct Gold Cloud Service Providers in the United States.
As a locally owned managed service provider since 2004, let our experience be your competitive advantage.
To experience a worry-free IT ecosystem, schedule a discovery session to learn how we can help.