facebookpixel

What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics

Best Practices

By now, almost everyone has heard of the disastrous SolarWinds hack . To re-cap, in March 2020, hackers stealthily installed malwareinto SolarWinds Orion, a network-monitoring software used for IT infrastructure management. This allowed the hackers to gain access to highly sensitive data via a covertly inserted backdoor. The attack went undetected for months and was first publicly reported in December 2020 after being spotted by cybersecurity firm FireEye. Over a period of eight months, at least 24 organizations installed the SolarWinds software laced with malicious code, including various federal, state and local governments and private sector companies

When Microsoft found out they were among those compromised in the hack, they made quick work to remove the digital certificates that the Trojaned files used, announced that it was updating Microsoft Windows Defender, moved to a sinkhole domain and changed Windows Defender’s default action for Solorigate from “Alert” to “Quarantine.” Microsoft’s quick actions lead to neutralizing and killing the malware while gaining control over the malware’s infrastructure from the attackers. 

The SolarWinds hack highlights the devastating impact of software supply chain attacks and underscores the fact that most organizations are unprepared to prevent and detect such threats. When a security breach happens, speed is a critical factor in remediation, but you also need granular insights into software delivery to understand overall system health. 

Best Practices to Avoid and Respond to a Cyber Security Attack 

According to a Cisco report , “Major incidents and losses can be avoided by proactively refreshing the technology used and by learning from prior incidents, through prompt disaster recovery, sufficient security tech, timely incident response and accurate threat detection.”  

You can help defend your company from a cyber-attack by conducting risk assessments, mitigating against risks that cannot be removed, preparing and implementing a breach response plan and implementing cyber security best practices. In addition to scanning your systems on a continuous basis, Gurpreet Dhillon, Ph.D of Virginia Commonwealth University , recommends organizations to 

  1. Install sensors or mechanisms to collect potential hazards  
  2. Conduct automatic searches at regular intervals for potential flaws  
  3. Collect results from different divisions and/or stakeholder groups  
  4. Triage and analyze results on an ongoing basis  
  5. Fix the most critical issues first and develop a priority list  
  6. Report progress and continuously improve  

If your organization falls victim to a cyber-attack despite all of the security measures you’ve taken to prevent it, after you discover the breach: 

  1. Survey: Identify the attacker and find out where the attacker entered 
  2. Limit: Filter traffic and isolate system  
  3. Record: Find effects and identify disruptions  
  4. Engage: Connect with District Attorney and engage with FBI Infragard 
  5. Notify: Notify affected persons and seek legal counsel 
  6. Learn: Document learning points and proactively ensure learning moving forward 

Even when taking the upmost security measures, a data breach can happen to any organization. Reduce your risk of a cyber-attack by implementing and following your organization’s best practices, and if a breach does occur, follow your security response plan.  

Managing Network Health via Security Analytics 

Security reporting leverages a combination of software, algorithms and analytics processes to detect potential threats to IT systems, not just sniff out hacks as they occur.    

“Many organizations do not use security analytics to its full capabilities; often the analysis is relegated simply to identifying network attacks. However, this is only one subset of the types of security analytics that should be deployed. Security analytics provides insights into how well security programs are working. It can also help identify problem areas and can warn of imminent or active attacks” says privacy and security expert Rebecca Herold . 

Ian McClarty, President ofPhoenixNAP Global IT Services , elaborates, Analytics are key to security.As the complexity of IT networks has grown, the inventiveness and sophistication of cyber security threats and attacks has grown just as quickly.” 

Endpoint analytics can also give clues to security breakdowns and help identify policies or hardware issues that may be slowing down devices, so you can proactively make changes without disrupting end users 

Paired together, security reporting and endpoint analytics can help an IT department understand the data flowing in to and out of its network, detect potential threats and monitor user experience and hardware. The safety of an organization’s data and IT systems increasingly depends on having an effective, real-time monitoring security and endpoint analytics solution. 

Kollective for Software Delivery Accelerates Patching & Provides Insight into System Health with Intelligent Analytics Reporting 

According to IBM Cost of a Data Breach Report 2020 , the average cost of a corporate data breach is $3,860,000. Extensive cloud migrations are the number one cause of data breach, with 24% occurring at the end point, 19% due to a system misconfiguration and 16% because of a vulnerability in third-party software. To help avoid a costly breach, increase your endpoint security by reducing network risk with Kollective for Software Delivery .  

Kollective helps minimize the risk of data breach by ensuring 100% delivery of software updates and security patches when distributing content via Microsoft System Center Configuration Manager (SCCM). By leveraging the scale and flexibility of the cloud, Kollective optimizes software updates and patch delivery to minimize downloads and vulnerabilities with faster and more reliable patch distribution. 

Kollective’s solution delivers: 

  • 70% faster software deployment 
  • No impact to network bandwidth 
  • Analytics that provide a full view of your network 

Want to make your SCCM more powerful? Kollective IQ is an advanced analytics platform that gives you deeper insight into all your endpoints. It allows you to easily create dashboards and reports, providing the metrics your organization needs to better understand network performance and verify the success of deliveries.  

With Kollective for Software Delivery you can achieve greater than 95% peering efficiency, and significantly reduce your Wide Area Network (WAN) bandwidth utilization. This means faster and more reliable delivery of ConfigMgr content to the edge of your network. Kollective IQ provides the analytics you need to ensure your network environment is secure and fully optimized.  

To learn more about Kollective for Software Delivery, request to speak with an expert today. 

The post What the SolarWinds Hack Taught Us About the Need for Endpoint Security Reporting & Software Delivery Analytics appeared first on Kollective Technology .

To view our Partner blog, click here

Why Your Business Is Like A Loaf Of Bread

CMMA Blog

It’s an easy enough analogy to draw. A business is like a loaf of bread because it has several component parts that all need to come together into one cohesive mix, all according to the right recipe, otherwise the final product is unpalatable.

But the analogy runs deeper than batter and baking.

In the new age of data-driven business (that we are so fond of calling ‘digital transformation ’) on the road to cloud-based services-centric computing, it is insight into the specific detail of what’s happening inside any given operations base that is now required.

It’s not just a question of flour, yeast and water anymore; creating the modern business loaf is only possible if we can get granular (pun deliberately intended) and look at what’s really happening on the inside.

We need to know the size and quality of the grains we make our flour mix with. We need to know the strength and provenance of the yeast being used. We need to know how thick the slices are going to be, who is going to consume them and how much topping or filling they might have to support.

It’s no longer just a loaf of bread or a basis for business; it’s now a dynamically optimised and orchestrated foundation for content — and that content can be peanut butter or enterprise applications, it’s your choice.


Behavioural analytics

Bakery analogies aside then, what this proposition means in business technology terms still comes down to delivery i.e. we need to know who needs what, when and where they need it… and if we know why, then that helps too.

We can look for routes that will help us examine user requirements if we take a this more granular approach.

If we plug user machine data log files and application workload demands into our total analysis of systems orchestration then we can arguably form an even more accurate view of the way we need to plan IT management responsibilities for the future. This kind of behavioural analytics can help us create a higher bar for total systems management on the road to digital transformation.

Staying granular (and wholegrain organic if you wish), if we are prepared to look inside application and data delivery requirements, then we can start to build networks that are capable of handling potentially massive content delivery challenges.


Business lifeblood

Sustaining the lifeblood of business today depends upon an enterprise’s ability to serve thousands of end points around the world. Contemporary enterprise Service Level Agreements (SLAs) today typically require a network substrate that can delivery functional, up-to-date and securely patched software across a complex distribution network.

If you want to go back to loaves of bread… then think about a consumer base that needs fresh, wholesome and appealing products in multiple locations, all streamed in exactly when they need it.

Think of it like a 4th of July picnic (or insert the holiday of your choice) but instead of burger buns and ketchup, the enterprise needs operating system updates, live video streaming, security provisioning execution controls and the ability to fulfill all manner of special user requests at any moment in time.

A topology for success

The bread maker shares a common headache with the enterprise IT architect ; they both want a network infrastructure to deliver their end product faster, more reliably and all within less bandwidth to make the whole process more efficient and profitable.

Creating this mix for digital business success in any industry vertical is never easy. Enterprises will need to look small picture as they examine granular needs at a device-specific user-specific level. Equally, they will need to look big picture and understand how operational requirements implications impact the total network topology.

Perfecting this new mix for business (or indeed bread, cakes and pastries) is a big ask, so let’s take this one bite at a time.

Adrian Bridgwater

Adrian Bridgwater

Contributor | Journalist

Adrian Bridgwater is a technology journalist with over two decades of press experience. He primarily works as a news analysis writer dedicated to a software application development ‘beat’. With his broad editorial purview, Adrian has spent much of the last ten years focusing on open source, data analytics and intelligence, cloud computing, mobile devices, data management, telecoms, unified collaboration and forward-looking opinions on offices and workers of the future.

FOLLOW KOLLECTIVE TECHNOLOGY

Looking to live stream video to more than 10k end points?

Learn more about Kollective’s Enterprise Video Solutions Now

Free Trial

Related Blog Posts

Page 1 of 1312 3 4 5 10 Last »

The post Why Your Business Is Like A Loaf Of Bread appeared first on Kollective Technology .

To view our Partner blog, click here

How To Prevent The Next Big Data Breach With Software Patching

CMMA Blog

No matter which way you measure it, 2017 will be remembered as the Year of the Data Breach. Record highs were hit for almost every type of data breach statistic available:

While it’s easy to chalk up this Breachpocalypse to the evolving sophistication of cyber criminals, the power of new hacking tools and the difficulty of fighting against an international menace, that doesn’t tell the full story. The real shock behind the numbers is exactly how many breaches could have been prevented with an effective software patching process.

According to the Online Trust Alliance’s Cyber Incident & Breach Trends Report , a stunning 93% of reported breaches were completely avoidable. Regular patching, along with paying close attention to vulnerability reports and training employees to avoid malicious emails, could have saved international businesses and their customers billions of dollars in damage.

Despite the fact that patches are freely available, businesses of all sizes continue to struggle to patch devices across their network not only in the days after a patch is release, but quite often years after. Looking back a few years, the Verizon Data Breach Report 2016 showed that most exploits in 2015 came from vulnerabilities discovered in 2007, while vulnerabilities from as far back as 1999 still accounted for a significant amount of exploits.

Looking at 2017, two of the most notable hacks could have been prevented with an effective patching process:

  • The WannaCry ransomware campaign wreaked worldwide chaos, causing more than $8 billion in losses across more than 100 countries. The patch for the vulnerability exploited by WannaCry was available 59 days before the attack.
  • Equifax exposed the data of 143 million people, resulting in an estimated $600 million loss of shareholder value, lost business, remediation costs, and fines, not to mention immeasurable brand value and customer trust. In mid-May Equifax confirmed that attackers gained access to its system through a Apache Struts web-application vulnerability that had a patch available in March.

What keeps a company from promptly patching? Often it’s a combination of prioritization coupled with the difficulty effectively distributing patches across the enterprise. But make no mistake; patching is often the only thing keeping your company secure. The more you can keep your patches up to date, the more likely you’ll be protected against the next WannaCry and less likely you’ll become the next Equifax.

READY TO ACCELERATE PATCH DEPLOYMENTS?

Keep up with Windows as a Service without sacrificing your network.

FREE TRIAL

Related Blog Posts


The State of Software Distribution 2018

The State of Software Distribution 2018

Aug 23, 2018 | Software Distribution

  Over the last five years, we have seen cyberattacks hit some of the world’s largest organizations. From data breaches at Verifone, TalkTalk and Docusign, to ransomware attacks on FedEx, Honda and the UK’s National Health Service; it’s becoming increasingly clear…

read more

Page 1 of 1512 3 4 5 10 Last »

The post How To Prevent The Next Big Data Breach With Software Patching appeared first on Kollective Technology .

To view our Partner blog, click here