Hidden Ransomware as a VM Valentine (Video)

by Brad Feakes | May 27, 2020 | Managed IT Services, Network Security, Security

Apparently ransomware is now installing a virtual machine inside the hacked computer in order to avoid detection. We’ve entered a new phase of devious behavior! How will your company avoid the new forms of ransomware hidden in your system’s shadows?

Hackers Exploit Your Pixie Dust Trust

Please make sure your users are safe! I think the only way to avoid all this malefic malware is to adopt a Zero Trust attitude, bringing in an IT expert with a Zero Trust philosophy if necessary. Think of it this way — do you let a technician into your home to work on the AC unit, just because they have the right shirt on? Did you call them? Are they “safe”? Do they take their shoes off and keep their N95 masks on? Some of us will allow them in, some will not. At this time, I have immune-compromised folks at home, and that technician isn’t coming in. I’ll live with a busted AC unit for now — it’s not worth the risk.

Is your PC worth the risk to allow untrusted software in and run whatever, wherever it wants, with whatever bugs it brings with it? I think not. When it comes to the technology that enables your business, it can be easy to trust your users because you see them as good people, as your helpful team. But the magical thinking of an IT fairy tale will not protect your team from hidden ransomware dangers, especially those that appear deceptively dressed in a VM. You can trust your team without trusting their machines or their software.

Made in the Shade

Are your systems safe from ransomware hidden in the shadow of a VM? Companies enabling remote connectivity for their teams may have put their data at significant risk by taking shortcuts to ensure business continuity. Rushed IT policy often creates vulnerabilities that hackers can easily exploit. Malware can get into your network by posing as something friendly to your system. Hidden ransomware, now lurking as an amicable virtual machine, creates troublesome tenements for remote teams.

Ghosting the Hackers

Hidden malware is only one challenge you have when connecting your teams to company data. Fortunately, remote access and remote control utilities, when done properly, are tools that allow companies to connect home users to corporate data securely and efficiently. You can keep your team safe from malicious valentines, even when they appear in the form of a friendly VM. With protective IT policies in place, including a Zero Trust approach to the machines that make your business run, you can ghost the bad guys trying to unlock your data and prevent their hidden ransomware from accessing your system.

To learn more about remote access and remote control utilities, please watch one of our IT strategy videos here:

IT Strategies for Remote Teams (Video)

by EstesCloud | May 26, 2020 | Leadership, Managed IT Services, Network Security, Security, Software

Brad Feakes

SVP Epicor Services, Professional Services

Daryl Sirota

Technical Services Director

Brad and Daryl talk about IT strategies for remote teams

Brad and Daryl sit down this week for a Q&A style chat to unravel a few of the complex IT issues in today’s work from home (WFH) environment. At a high level, Daryl emphasizes how we should not make the mistake of trying to plug pieces of cloud software together expecting them to work properly. That is almost impossible to do effectively without the appropriate policy to guide the technology. You will need to understand how you will provide guidance to your end users faced with a variety of remote work environments (working for a cafe, home office, etc) and the new tools you will use to manage staff.

They move on to talking about some of the end-user WFH problems from asking the question “what does work from home mean?” to discussing what technology can be used to help get users up and running while also creating business efficiencies.

Throughout the discussion, Daryl covers a variety of other topics such as data security, public vs. home wifi, two-factor authentication, remote access vs. remote control utilities, data access, machine vulnerabilities and many other topics.

Brad and Daryl do an excellent job of taking some big, complex issues around WFH and explain the issues that every business owner needs to be aware of as they navigate moving their staff into the cloud and potentially hiring a company like EstesGroup to help them with their remote IT management.

Of course, you can always reach out to our managed IT services team. We’ll help you throughout the entire process of moving your company into the cloud and help you avoid the costly mistakes that can put your entire business at risk.

Are you having issues with or have questions about your current IT management? Contact us today.

EstesGroup and Alliance Machine Interview (Video)

by Brad Feakes | May 11, 2020 | Epicor, Leadership, Managed IT Services, Software

Bryan Provo, President

Alliance Machine, Inc.

Bruce Grant, President & CEO

EstesGroup

Bryan Provo explains why working with EstesGroup is critical to his success

Alliance Machine’s Bryan Provo is President of his family’s 2^nd generation manufacturing business based in Elk River, MN, north of the Twin Cities. For 30 years, his company has delivered high-value solutions to the aerospace, defense, medical and technology industries.

When EstesGroup originally engaged with him over 5 years ago, Bryan’s mind was fixed on having hardware on-site (exactly where cybercriminals could access it). In conversation with Bruce Grant, Bryan explained his transition from wanting full access to his own hardware to wanting complete IT and security management from EstesGroup experts.

Bryan explained the challenging times that brought on his IT change: “I felt it was too difficult to manage the hardware portion.”

After a nasty ransomware experience two years ago, Bryan set out to find a managed IT service provider and, after many phone calls and after reaching out to multiple vendors, he partnered with EstesGroup. He realized, in his own words, “They had exactly what I was looking for.”

Bryan summarized the success of bringing EstesGroup fully aboard for his IT needs: “It’s been an absolute heaven-sent.”

As you will hear in the interview, Bryan has experienced, and thoroughly knows, how difficult server crashes were before EstesGroup began managing his IT. Please listen to Bryan Provo explain various strengths of his partnership with EstesGroup in the following short videos, taken from the full interview with Bruce Grant:

Why EstesGroup Managed IT?

Why EstesGroup Cybersecurity?

Need help with your ERP or IT systems? Contact us today.

IT Security Gone “WFH” – Now What?

by Brad Feakes | Apr 28, 2020 | Managed IT Services, Network Security, Security

Recent “Work From Home” (WFH) mandates have quickly pushed manufacturing and distribution employees out of the familiarity of their work offices and into a new realm of IT security needs. Currently, statistics are saying that 70% of the workforce that can work from home is and, after this crisis is over, more than 40% will STAY at home. With this transition, IT security principles become part of a critical conversation, especially for companies with remote workers supporting on-site manufacturing or distribution activities.

What is your WFH IT security policy?

Many distributed businesses have responded to the telecommute directive without many changes, especially those companies with data residing in the cloud. These companies have already established work-at-home policies and invested in the remote access/remote desktop technology to enable telecommuting with IT security in place. Folks who invested fully in the Office 365 space are feeling little pain, but businesses with legacy on-premise servers, workstations and printers are probably still scrambling.

Don’t be fooled—the hackers have followed you home! The increase in suspicious emails, bad websites, and malicious advertisements has skyrocketed, and the cybercrime community is just waiting for your users to click on something to ransom your hard-earned data away.

Without a written and agreed upon IT security policy, you are at the mercy of your users’ good intentions. Imagine a home PC with a saved password left on the VPN all day while the kids are stuck at home from school. The amount of data that could be lost or compromised is staggering! At a minimum, make sure you have a document that instructs your WFH users to lock the keyboard when they step away (or implement a screen saver with a password). Ensure your users don’t download documents to their local hard drive or USB drives. The list goes on, but the human element is the riskiest of all!

If a home user gets infected on the VPN, their malware is the company’s malware! Let me write that again: If a home user gets infected on the VPN, their malware is the company’s malware.

How to connect securely to your enterprise data?

Many businesses have NOT invested in expensive VPN or Remote Desktop solutions, and now it might seem either too late or too expensive. You need a low-cost, secure, and easy-to-deploy strategy to connect your home users with their corporate data: desktops, servers, and printers at the office. Many options exist, but without a budget and a vision, you’ll get lost in the storm.

Keeping your home PC safe!

Home computers are more vulnerable than corporate PCs. Home PCs tend to fall behind on patches and updates. Moreover, the computer might get repurposed for things like the kids’ Xbox. Home firewalls never measure up to those provided by your IT department. Most have no web filtering to speak of, and bad websites abound! You’ll need that enterprise class security in a mobile-friendly package.

Productivity

Another blog could certainly be written about home offices, with a good webcam and a quiet space, but that’s for another page. People are people, and the distractions from working from home are numerous and easy to fall prey to. We recommend easy-to-deploy software to ensure that your users arrive to their home office on time and ready to work (even if it’s in their PJ’s), ensuring that they are productive and not on YouTube or getting the latest Amazon order completed.

Looking to provide IT security for your remote workers? Deploy the EstesCloud PC Security Stack on your home users’ PCs and rest easily, knowing that your WFH users are protected and productive!

Private Cloud Owners Regress with Egress Expense

by Brad Feakes | Apr 26, 2020 | Cloud, Hosting, Managed IT Services

Private cloud deployment is changing the way manufacturing and distribution companies install applications and store information. While this is an exciting move for any business, the step from on-premise to cloud infrastructure can come with unexpected costs. Many companies expect, and easily budget for, typical costs associated with the move to private cloud, but hidden expenses often blur into the fine print of the original pricing model. Thus, it’s important for a manufacturing or distribution business to budget wisely when moving from on-premise to private cloud infrastructure.

Cloud costs vary according to several different factors, and data comes into play at all levels. A company is its historical data applied to its future, or potential, data. Private cloud protects the data of a business while also utilizing it in real-time, and this cloud data normally exists in one of three states:

Data moving in. This is data as it moves into the storage location or as it is being uploaded. This process is also known as data ingress.
Data moving out. This is data as it moves out of the storage location or as it is being downloaded. This is sometimes referred to as data egress.
Data “at rest.” This can be data residing in a static manner in the storage location and not in transit on the network.

Data In, Data Out

Not surprisingly, costs are tailored around these types of data. Storage budgets are related to the costs of data that is physically being held at a location. Normally, the storage of “at rest” data receives the most attention, as cloud providers offer various pricing structures based on how much data is stored, where the data is located, how often it needs a backup, how often it tends to be accessed, and how quickly it needs to be retrieved.

Many cloud providers do not charge customers for data upload or ingress, and the reasoning is obvious: the more data you upload, the more you get charged for “data at rest.” But one of the most significant hidden costs of the cloud relates to data egress charges—the charges leveled by your cloud provider for accessing your own data.

Think of your old phone bill before the cell phone revolution—each call outside the local area was billable, and the costs varied according to the duration of the call and the location to which the call was made. Egress charges work similarly and are based primarily on the amount of data transferred. Over time, this becomes a matter of dialing for dollars. Should the data transfer increase, the charges will follow.

At its worst, this could become a situation of data rationing, where users are instructed to minimize their pulls from the data source, to minimize costs. This is akin to a mother in the 1980s locking up her new push button phone, out of fear that her toddler, enamored with the button tones, might mistakenly dial Hawaii.

Data rationing is hardly the outcome that one would expect from a move to the cloud, yet egress pricing models put companies in a precarious position. This poses a challenge for companies new to the cloud. Customers accustomed to comprehensive local area networks do not always realize the amount of data that leaves one area of the network to be consumed by another, and thus may be unaware of their ultimate egress requirements. Also, companies may have difficulty in predicting spikes in usage. Without understanding when data use may increase, manufacturing and distribution companies will have trouble predicting expenses.

Data Grows on Trees

Companies using applications that operate in a client-server manner may be similarly challenged when they choose to host their server in the cloud. The data requirements of private cloud can be as surprising as they are significant. A client-server application like Epicor ERP, for instance, is a rather chatty application, as it frequently performs “get” calls to refresh data, in relation to other transactions. In such a case, each “get” would entail a “give” in the form of cold hard cash. For companies utilizing manufacturing execution systems in which users are routinely downloading work instructions and product schematics, in support of manufacturing operations, the costs would further compound.

The complexity involved in manufacturing and distribution requires the innovation of private cloud technology. To transition from on-premise architecture, Epicor ERP customers looking to host their application in a private cloud need predictable costs and reliable budgets—a pricing model that does not involve surprise charges linked to the amount of data traveling into or out of the cloud hosting environment. Egress can cause a budgetary mess, but you have the option to choose a pricing model that doesn’t watch your every download move. Your company can have the reliability and innovation of private cloud without any of the hidden data egress costs that currently abound in the fine print of the cloud market.

Looking for help moving your business to the cloud? Check out our private cloud environment: EstesCloud Managed Hosting (ECHO). We don’t have ingress or egress charges—your data is your data, and you are entitled to it!

Endpoint Security: A Powerful Endgame

by Brad Feakes | Apr 8, 2020 | Managed IT Services, Network Security, Security

You already know you need protection from the cybersecurity threats circulating the market, but you might not have the time to know the specifics—like what endpoint security is or why you need it. If you have devices accessing a network, then you have an endpoint that needs protection. This elusive endpoint is simply any device that interacts with your network—the touchpoint between your network’s perimeter and the outside world. The bring-your-own-device (BYOD) movement that’s currently shaping the business world makes network security challenging because it creates a high demand for comprehensive endpoint security. You need to protect your customers and your business by protecting your team, and this begins with endpoint security.

Bring Your Own Disaster

The BYOD movement introduces a number of specific challenges in securing networks. The proliferation of devices interacting with a network, both in kind and in number, increases the number of endpoints and thus also increases the potential vulnerability of a network. Each new endpoint is a potentially exploitable gateway. The propagation of vulnerabilities demands a solution that can address this new circumstance. The solution that companies are increasingly utilizing to address their evolving needs has come to be known as endpoint security. Endpoint security helps ensure that all devices interacting with a network are compliant to the necessary security standards, protecting both the network and the devices themselves.

Endpoint security differs from traditional antivirus in the way that it detects and responds to threats. Traditional antivirus operates by comparing a program’s signature to a database of known malicious programs. Programs flagged as malicious would be stopped by the antivirus agent. This method of threat prevention is, by design, a step behind the attackers. Traditional antivirus can only detect malicious programs that have already been logged in the antivirus agent’s database. This creates problems in detecting new threats—what are sometimes called zero-day attacks. This also creates problems with newer “signatureless” attack methodologies that work to obscure their signatures, to work around the known signatures that antivirus looks for.

The question here is one of prevention vs. one of detection: antivirus focuses on preventing attacks. While this sounds logical, the tools available at its disposal, as we have seen, are limited. Should a malware attack slip through, antivirus is ill-equipped to deal with it once it’s inside the network. This brings in the need for more dynamic, behavioral-based detection methodologies that can leverage artificial intelligence and machine learning to detect suspicious application behaviors and react accordingly.

Leveling Up

Modern endpoint security platforms operate in a multi-level manner, protecting networks and network devices in multiple phases of vulnerability and response.

The pre-execution phase: This level is for threats as they enter the network.
The on-execution phase: This step is for threats that have entered the network and are in the process of acting out their program logic.
The post-execution phase: This involves the steps to mollify threats that have executed.

Combining static prevention with dynamic detection, modern endpoint security platforms leverage machine learning to detect threats on execution. This becomes beneficial, not only for signatureless attacks, but also for “file-less” attacks that are operating exclusively in memory.

As part of our EstesCloud security stack, we work with several vendors to provide broad and comprehensive endpoint detection and response. AI, combined with our SOC (Security Operations Center), provides the level of endpoint security that cannot be addressed by traditional antivirus. Our cybersecurity solution comes with a strong warranty—cyber threat protection provides you with financial support of $1,000 per endpoint, or up to $1 million per company, securing you against the financial implications of a ransomware attack if your company indeed suffers an attack and our team is unable to block or remediate the effects.