Microsoft's security vulnerabilities reached a critical point recently, exposing U.S. and U.K. government customers in a series of high-profile attacks. Notably, a 2023 incident by Storm-0558 compromised sensitive government accounts across 22 organizations, impacting over 500 individuals and tens of thousands of emails. This breach triggered a scathing report from the Department of Homeland Security's Cyber Safety Review Board (CSRB). The report exposed a chain reaction of security failures and a corporate culture that downplayed both enterprise security investments and rigorous risk management.

Further amplifying concerns, a separate high-profile incident involved state-backed cyber actors known as Midnight Blizzard. This group successfully compromised Microsoft corporate email accounts, enabling them to steal email exchanges between Federal Civilian Executive Branch (FCEB) agencies and Microsoft. This critical breach prompted the Cybersecurity and Infrastructure Security Agency (CISA) to issue Emergency Directive ED 24-02.

It's pretty obvious now that government agencies are a prime target for cyberattacks due to their sensitive data and many other factors. Most agencies heavily rely on Microsoft products. In a 2022 Google survey, 84% of all Washington, D.C. metro area employees use Microsoft products. Furthermore a broader survey from Omdia found 85% of all federal government employees use Microsoft.

Google Workspace has sizable market share in the business, education, and healthcare sectors - largely due to its ease of use, simple and intuitive interface, comprehensive billing, and most importantly advanced cybersecurity protections built-in. 

Does that mean bad actors are targeting customers of Microsoft or going after specific targets of interest? That remains to be seen but likely a little of both. If the target is interesting enough it doesn't matter what platform or systems are used. 

Another important question might be: if the tables were turned, Google happened to have higher market share in government, would the "scathing report" be about them? Of course Google doesn't think so. 

No one is suggesting you haul off and switch you entire business or government agency from Microsoft to Google (oh, wait... no, that is exactly what Google is hoping for!) but, it might be a good opportunity for a deeper inspection and even a thorough evaluation/comparison of the two. At the least to see what the other has to offer. At least the whitepaper is compelling enough for customers to probe for more. 

Considering such a decision is so big and impactful for everyone involved, consider outside help. A technology adviser or IT consultant can guide you through the process and introduce you to the right experts and partners. 

Google is certainly an option, and a pretty good one at that. Microsoft has made announcements addressing some of the concerns outlined in the report. They are making efforts to change the behavior and culture within Microsoft ranks. A recent Dark Reading article reports that at least a portion of executive compensation will be tied to meeting security goals. 

Anyone remember the pipeline incident waaaaay back in May? Many leaders realize it and some have elected to investigate and subscribe to cybersecurity/ransomware insurance. However, before any insurance company will cover you, they need to have assurances. They each have their own checklist of requirements. Those requirements are, as you may have guessed, cybersecurity technology related (in addition to people, policies, and procedures). Undoubtedly, MFA is on every one of those checklists. Two-Factor Authentication (2FA) is also a variant of MFA. 

Multi-Factor Authentication is an important identity management and access control measure requiring users to verify their identity even after the proper credentials have been entered. This extra verification is done through a second device or other method, typically via smartphone, after attempting to login to company apps and resources. 

There are quite a few options and ways to implement MFA and other identity & access management (IAM). Rather than having IT try and figure out the best solution, software, and methods to set up MFA properly on your own, consider a seasoned expert service provider (and let IT continue to do what they do best). 

Such services are sometimes referred to as IDaaS, Identity as a Service, and these services can manage user identities across simple, and the most complex, interconnected environments protecting critical data and applications no matter where they reside– public, private, hyper cloud, hosted, on-premises; here or on the other side of the world.

Identity as a Service (IDaaS) is ideal for organizations wrestling with making network access easy for staff, without compromising security. Let your IT team focus on driving business objectives, instead of solving end-user identity needs and issues.

Why IDaaS?

As ransomware and cyberthreats increase in prevalence and sophistication identity and access control, as a part of an overall security program, have become even more important within IT landscapes to preserve the sanctity of business data and applications.

What MFA, 2FA, or other IAM methods are employed for your business?

What challenges did you face?

Are your users satisfied with the ease of access, or do they simply put up with it?

Never Trust and Always Verify. Hmm, doesn't sound very productive in most business situations, but if you're talking about technology and security, I think we might be on to something.

"The traditional perimeter-based security model is dead. It has been overtaken by an era of cloud, mobility, and BYOD that requires a new approach to network access control."

The Zero Trust Network Access (ZTNA) model is a new method of access control that considers all network connections untrusted. This is a shift from the traditional concept of an inside/outside network where only some connections were considered trusted. The ZTNA model requires organizations to consider all traffic as potential threats, which means security controls must be in place at every stage of the attack lifecycle and beyond the firewall layer into your environment.

Never Trust and Always Verify is the general premise behind Zero Trust Network Access (ZTNA). A strong proponent for the replacement of traditional remote access like Virtual Private Networking (VPN), where a secure tunnel straight into the corporate network is created and anything that goes through that tunnel is presumed "safe" and "trusted". There are a number of "faith-based" assumptions that take place when using  VPN. One big one being the remote device creating the tunnel is still a trusted device. ZTNA takes a different approach: nothing is trusted and everything must be verified. This might seem laborious, but the user experience is minimally affected and security benefits are significant.

ZTNA is starting to turn heads with IT for its protection of applications, data, and networks, easier control, and innate simplicity allowing access to remote staff, suppliers, and contractors. Some providers offer client and clientless versions for far greater flexibility and no need to constantly update Active Directory just to let a supplier in for two hours worth of work. And even provided secure access to users' personal devices without the typically required "big brother'"intrusions. 

The real power of ZTNA comes when its combined with the power of a Secure Access Service Edge (SASE) solution. These two put together forms a full security barrier and flexible perimeter thoroughly protecting endpoints and users. 

Using disparate/separate SASE and ZTNA platforms can certainly be done, but should only be done so by the most adept and experience security professionals. The management interface and integration of these separated systems is highly complex. Many solutions exist  that combine both SASE and ZTNA together with a single management interface. Some providers also offer a completely managed solutions as well. 

Regardless there is a lot to consider. Contact us and we'll get you in contact with a Strategic Tech Expert to wal you through all of the options and find out who the best vendors are for your business

It's probably not surprising that remote workers outperform office workers in several key areas. Studies have shown that people working remotely are more productive, better at collaborating, and more present than their office-bound counterparts. In fact, 65% of workers say working remotely would boost their productivity. This is doubly true with the amount of time some workers spend just getting to and from the office. According to a report by Apartment List, the number of people who travel more than 90 minutes to work each way has increased by more than 31% since 2005. In contrast, the number of Americans who work from home has increased by 76% in the same period of time.

TJ Galati, CIO and thought leader who virtualized his entire company and workforce with the Effortless Suite, told Effortless, "There are many benefits to utilizing a remote workforce that companies are just starting to figure out. A few of my favorites are:

• Less cost. (Rent, desks, ergo keyboards, coffee, etc.)

• Better quality of life for employees. (No commute, time with family, flex time, etc.)

• Bigger employee pool. (Instead of finding the best local person, now you find just the best person.)"

Enabling remote work is "truly transformative for companies who have not yet ventured to think that way," said Galati. There is, however, a dark side to working from home. You've probably seen the YouTube video where a serious BBC video interview is interrupted by a silly child walking into the room followed by a baby in a walker. But children interrupting video conferences is on the lighter side of some of the issues that can come up for remote workers. Problems related to security, internet connectivity, and general communications often arise. This is where Desktop as a Service (DaaS) is an ideal solution when it comes to supporting remote workers. Here are some of the pain points of remote workers, and how DaaS relieves them:

Security Woes

There are a number of ways that remote workers have the potential to create security vulnerabilities:

• Unsecured devices left open in the home or in public spaces

• Lack of endpoint security

• Sensitive data physically leaving the company premises

With DaaS, the desktop and its assets are kept in the cloud, away from any vulnerable endpoints. Devices used by remote workers merely become access points for the desktop, rather than the desktop itself.

Internet Issues

Even the most well-equipped remote worker can run into problems with internet connectivity, whether it be a slow connection or one that is unreliable. Remote workers without access to cloud-based solutions like DaaS are left without IT support when they need it most. A good DaaS provider offers round-the-clock support, so if things go wrong, your remote workers aren't left without a connection.

Communication

This may seem like a given, but it's important that remote workers have proper communication channels set up in order to do their jobs. DaaS allows workers to retain the full functionality of their work computers no matter where they go, and on any device. Remote employees can access all the communication, conferencing, and collaboration tools they need, as long as they have an internet connection.

If your remote staff is experiencing the darker side of working from home, or worse, unable to do so because you lack the technical means, Effortless can help. With Effortless Desktop, your staff can be powered by a remote desktop that is secure, lightning-fast, and accessible from any device with an internet connection. If you're ready to build the perfect desktop and access it on any device, contact Effortless. We'll help you solve any issues being faced by your remote employees.

Simultaneously, cybersecurity company Check Point announced that crooks are registering malicious coronavirus-themed websites. Since January 2020, there are over 4,000 new sites containing words like “corona” or “covid.” Check Point estimates these new Coronavirus-themed domains are 50 percent likely to be dangerous. I’m surprised the percentage isn’t higher.

The easiest way to spot phishing messages is if they start with "Dear user” or “Dear [your email address]." Real business emails either skip a salutation or address you by your first and last names or by your business name. Any "dear user" message is from a loser.

If you can't trust your own eyes -- and with as much stress as we're now under you can't -- you need other tools to keep you safe. These include the following:

1. PC security software: Antivirus programs can help block phishing attacks. Set your program to update automatically, so it can deal with any new security threats. As I pointed out, there's a constant flood now of new coronavirus phishing sites.
   
2. Use email server anti-phishing services: These can stop bad messages before users are ever exposed to them. Among others check out GFI MailEssentials, Sophos Phish Threat and Barracuda Email Security Gateway.
   
3. Use cloud-based servicesto scan for and detect phishing: Such services include INKY and Metacert. These use white-listing approaches, which block unknown and potentially dangerous messages and sites, while letting traffic from known trustworthy sites through. 
4. Switch your Domain Name Server (DNS) setting to a DNS service which provides filtering: Some DNS systems, including CleanBrowsing, OpenDNS, SafeDNS and Quad9, automatically attempt to block questionable sites. With these, you literally can't go to a bad site.

By: Defendry, see the original article here

Defendry monitors your security cameras feeds 24/7 to automatically detect, deter, and report potential threats in seconds using its advanced AI-based software. Early detection can even automatically lock a shooter out before entering.

Detected threats are immediately verified by Defendry’s award-winning, 24/7 human verification partner, Rapid Response. False alarms are eliminated and real threats are immediately reported to first responders.

If a threat is verified, Defendry immediately sends emergency notifications with pictures, description, and location of the threat to police, onsite security teams, and anyone else who needs to know.

Artificial Intelligence is a hot buzzword right now. Every technology company wants it, and coders all over the world are learning how to create it. It’s become an ecosystem in and of itself. Defendry could have completely outsourced AI development to a team of engineers oversees and had a system built for pennies on the dollar. Our mission, however, is to save lives, and so rather than gamble with a high risk of error from inexpensive development, we have assembled a team of expert engineers who inherently understand what that takes.

AI has to be trained in something specific, in order to do something specific