800-214-0957 info@blackbottleit.com
Going Beyond Boundaries. The Need to Define Access Controls   

Going Beyond Boundaries. The Need to Define Access Controls   

It is about that time of year when employees submit for their vacation. Will you allow them to take their work computer on vacation? There are two obvious reasons not to allow their workbag to travel with them. Vacations are a time for rest, relaxation, and spending time with friends and families. Second, a work computer undoubtedly contains sensitive information. A leak of any sensitive information in or out could be catastrophic to your organization.   

What are Access Controls?  

Access controls are security measures or ‘boundaries’ that regulate who can access specific resources, such as data, systems, or physical locations, what actions they can perform when they have access, and where they can access.  “Good access control rules around your tenant” specifically means that your organization must limit “who can access the account, from where, and from what device.”  

As in the illustration, access controls can limit where systems can be accessed by specific machines and even by allowed business hours. So, if a bad actor is trying to access critical systems from outside the normal geography of business (e.g., outside the U.S.), during odd times of the day (e.g., 2:00 a.m.), access would be blocked. This type of control protects sensitive data if credentials are compromised.  

 
It is important to define where company employees access systems, from what machines, and during what times of the day. If employees are doing work outside of these controls, develop a process for requesting temporary access, for example, working from the beach, and set the beginning and ending timeframes to remove access from these temporary situations.

  

Why Access Controls?  

Reducing the attack surface: Limiting access to systems and data reduces the potential attack surface for cybercriminals. Even if a malicious actor gains access to login credentials,  part of access controls can prevent them from compromising systems.

There is a lot at stake in addition to protecting sensitive data. Access controls ensure that only authorized users have access to sensitive information. While the experts at Black Bottle IT are focused on cybersecurity and limiting the potential for a cyber incident, when you limit geography, machine, and time systems can be accessed, you also reduce the risk of human errors that cause lost data.   

  

Three Reasons Why Access Controls Are Fundamental 

Compliance requirements: Many industries have strict regulations governing the protection of sensitive data, such as HIPAA in healthcare or GDPR in the European Union. Implementing access controls helps organizations comply with these regulations by demonstrating that they have measures to safeguard data.

Detecting and responding to security incidents: Access controls can also help detect and respond to security incidents. Organizations can identify suspicious activity and respond promptly to potential threats by logging access attempts and monitoring user behavior.  

Maintaining business continuity: Cybersecurity incidents can disrupt business operations and lead to significant financial losses. Access controls help maintain business continuity by minimizing the impact of security breaches and ensuring that critical systems and data remain protected. 

  

What Your Organization Must Do to Protect Company Data  

  • Heighten Cybersecurity Awareness & Phishing Training    
  • Enforce Access Controls around all cloud-based tools, i.e., AWS, Google Workspace, QuickBooks Online, Microsoft Office 365   
  • Lock down the Administrative Account to a specific IP address  
  • Monitor Tenants 24×7 — multiple organizations or individuals, referred to as “tenants,” share the same computing infrastructure, resources, and services  
  • Continuous monitoring is crucial for promptly detecting and responding to security threats and incidents as they occur, minimizing the potential impact on tenants’ data and systems.  

 

Remember: Heightening cybersecurity controls, like access controls, does not indefinitely prevent a cybercriminal from gaining access but makes it more difficult.   

Everyone deserves a vacation. We have you covered.  Contact us today for more information and how to get started with access controls. blackbottleit.com/contact-us.

Payroll Companies are a Lucrative Business for Hackers

Payroll Companies are a Lucrative Business for Hackers

Payroll professionals, CPAs, and tax preparers need high-level planning and third-party execution expertise to develop company-wide cybersecurity programs that identify new and existing risks and vulnerabilities, prioritize them, and create a plan to fix, enhance, and train staff.

A WISP, outlined in the FTC Safeguards Rule, may be required, but remember, cybersecurity is only effective with the continued execution of the best cybersecurity implementation!

Questions only you can answer about Your WISP Plan

Your WISP can’t just sit on a shelf!

  • Have you performed an Annual Risk Assessment?
  • Do you have an Incident Response Plan, and have you TESTED IT?
  • Has your organization implemented Advanced Security Controls?
  • Do you have a Cybersecurity Awareness Training Program?
  • Who is your CISO; one must be identified in WISP!
  • Do you know what systems contain sensitive client data and how it’s protected?
  • What’s your process to communicate your plan?

There’s no time for sleeping. Failure to comply could subject your organization to legal liability, penalties, and fines.

Let’s Dive a Bit Deeper with AV & EDR: A Better Core Control 

Traditional Anti-Virus or AV

  • Can only detect previously known threats
  • Minimal to no data collection
  • Minimal to no added features or benefits

Endpoint Detection & Response of EDR

  • Can detect previously known and UNKNOWN threats due to behavioral-based monitoring
  • Complex and detailed endpoint data collection
  • Added benefits include application monitoring  threat-hunting capabilities and advanced reporting

Wouldn’t knowing at which bend in the road your business would encounter a breach be nice?

Your preparedness may then include:

  • An updated WISP or Incident Response Plan
  • Employees would be up-to-date on training
  • MFA on every device and application
  • 24×7 monitoring of all systems and endpoints
  • A better Cyber Insurance  policy

As a whole industry, we are getting better at training! Keep up your Cybersecurity Awareness Training!  According to the Verizon Report, breaches caused by human errors are down 8% from last year! Bad actors are interested in your data but really interested in your MONEY!

Payroll Companies are a lucrative business for hackers. We will help your organization meet compliance and become cyber-resilient. To get started, contact Black Bottle IT today We have a bench of cyber analysts ready to fight! 

The More Cybersecurity Changes The More it Remains the Same

The More Cybersecurity Changes The More it Remains the Same

“The more things change, the more they stay the same” means that despite apparent changes or advancements, certain fundamental aspects or patterns remain unchanged over time. One could relate this to cybersecurity.

  • Cyberattacks cost impacted organizations thousands, if not millions, of dollars.
  • Cybersecurity is a critical element of homeland security after 9-11.
  • Ransomware and phishing have always been pervasive.
  • Since on-premise storage still exists for some businesses, despite the rise of cloud computing, monitoring and protecting data will remain an important part of any security execution plan.

Gartner reports that 85% of organizations will embrace a cloud-first principle by 2025 and will not be able to fully execute their digital strategies without the use of cloud-native architectures and technologies. (May 2023)

Three Key Cybersecurity Focal Points that Will Remain the Same for Foreseeable Future

Rise in Cybersecurity Regulations:

Governments and regulatory bodies were expected to enhance and introduce new cybersecurity regulations to address the evolving threat landscape and protect sensitive data.

Focus on Cloud Security:

With the increasing adoption of cloud services, there was a growing emphasis on securing cloud environments. This includes implementing robust identity and access management, encryption, and monitoring.

Enhanced Endpoint Security:

As remote work became more prevalent, securing endpoints (devices used by employees) gained importance. Endpoint detection and response (EDR) solutions were expected to evolve.

 

This year, we will learn more about AI and machine learning techniques to improve response efficiency.

Black Bottle IT is focused on keeping data secure, which, in turn, will keep your business operational and competitive.  Please reach out if you want to outsource your organization’s cybersecurity function!  Contact us today. 

What Managed IT Solution is Best for Your Business?

What Managed IT Solution is Best for Your Business?

What Managed IT Solution is Best for Your Business?

 

When engaging Companies, our team here at Black Bottle IT receives many questions about what tools and services are right for their business. But, there is one question Black Bottle IT frequently gets, “what solutions would you recommend to us?” The answer isn’t simple. There is no “silver bullet” that cures all cybersecurity risks.


To simplify, when looking for a cybersecurity solution, typically companies fall into three categories:

 

1. Companies that recognize the need to upgrade security solutions and HAVE in-house technical talent:


In this scenario, Black Bottle IT will advise the Company on the right security solutions to fit its situation. Once the solutions are selected, Black Bottle IT will help implement and craft the correct policies and procedures to govern the new processes. This activity is typically done side by side with the in-house talent to hand off 100% of the operations back to the Company’s technical team. Post implementation, we strategically advise, when necessary, as the ever-changing security threat landscape changes with new solutions to keep pace.

 

2. Companies that recognize the need to upgrade security solutions and DO NOT HAVE in-house technical talent:


These businesses are our favorite Companies to consult with at Black Bottle IT. Business leadership is savvy enough to understand the risk a cyber attack poses and knows the Company doesn’t have enough in-house talent to find, implement and manage the necessary solutions. Cybersecurity talent is hard to find, and most SMB businesses do not have the budget for a dedicated security team. In these instances, Black Bottle IT will recommend, implement and manage a security solution that meets the Company’s needs and reduces their risk of a cyber attack. Going forward, Black Bottle IT will act as advisors and part of the technology team.

 
3. Companies that may not understand their cyber risk and need some education:


Part of our mission is to inform Companies of the risk a cyber attack can have on their business. In these conversations, we provide industry information, statistics, case studies relevant to the Companies industry. Our goal is to make sure leadership knows the risk. Ultimately, we want to help them and gain them as a client, but the reality is, most Companies that fall into this category need time to digest the information and then quickly realize they need to address the risk. Implementation of solutions will start with low-hanging fruit, as the Company plans and budgets for future improvements.


How can we help your business?  There is always a go-forward plan that is right for you, your business, and your stakeholders. 

Contact Black Bottle IT today to learn more.

Embrace Cybersecurity with Your Partners and Vendors

Embrace Cybersecurity with Your Partners and Vendors

Top 3 Things to Know BEFORE Partnering with Vendors

 

As cybercrime is always knocking on the door of your business, one of the most crucial things you can do is partner with vendors that embrace a good cybersecurity posture. This means that they value your business as much as they value their own!  But how do you know which vendor relationships are safe?  Here are three things to know before you partner.

  1. Does your business have a PROCESS to audit third-party vendors for their cybersecurity resilience before sharing sensitive information?
  2. VERIFY that your third parties have implemented strong third-party risk cybersecurity monitoring and plans.
  3. DEFINE cybersecurity risk expectations and requirements with your vendors.

 

It’s in the Data

 

Payroll Companies, Financial Institutions, Accounting firms — they all have one ‘big’ thing in common.  These industries store large volumes of data.  Data that is very interesting to cyber criminals. It really doesn’t matter what they actual data is — just know that criminals want it!   

 

Types of Risky Data Include:

  • Employee Data
  • Social Security Numbers
  • Bank Account
  • Health Care information
  • Client Data
  • Account numbers
  • Sensitive information owned by Client
  • Credit Card/Bank Account
  • Protected Information
  • Industry specific proprietary information
  • Controlled Unclassified Information

 

 

As a business leader, do any of these pain points resonate with you?

 

  • The Increase in ransomware /phishing schemes
  • Lack of compliance with increases in regulation
  • Lack of an incident response plan
  • Third-party vendor cybersecurity maturity
  • Our Insufficient in-house cybersecurity expertise

 

By understanding third-party security policies and procedures, you can take corrective steps to address the risks to your data. Without the proper controls, your vendors and contractors can become the weakest link to your organization and customers’ privacy.