With widespread news of security concerns, reassurance that your company's solutions are secure is imperative. Awareness of these security issues is one way to protect your business and keep it from happening to you. On Friday, July 2, There was a cyber attack involving Kaseya which is a software tool used to manage servers and computers.
The same group that hacked the JBS meat processing plants in early June exploited a vulnerability in Kaseya’s software in an attempt to hold computers and server’s ransom. This is the second incident of this kind of software being taken advantage of with the SolarWinds event in December 2020 being the first.
Attacks on Remote Monitoring and Management Tools
Remote Monitoring and Management (RMM) tools like Kaseya and SolarWinds are one of the most secure ways to manage patches and devices, but they are becoming a target for bad actors wishing to exploit others for financial gain.
At Thriveon, we do not use Kaseya or SolarWinds, so there has been no risk to our clients from these events.
That said, we are mindful that we are not completely immune to these types of illegal attempts which is why ardent planning and monitoring is a core function of our business to serve our client base. We work to get ahead of any issues in case there comes a day a software tool that we use might become a target.
To help avoid becoming a victim of these attacks, it’s vital to put multiple layers of security in place and invest in next-level protection with things like multi-factor authentication. Pushing a code to a second device helps to authenticate and protect your account information. Securing your devices and accounts at the jump helps to provide an early adoption of next-level protection. At Thriveon, we internally follow the security measures we recommend to our clients to ensure your security.
As mentioned, a core business function of ours is to proactively monitor and identify potential risks and mitigate them before they become an issue. We invest in the highest level of protection to proactively pinpoint malicious behaviors and quarantine software and files at the onset of any suspicious activity. We’re constantly working day in and day out to take all risks off the table. During this compromise of Kaseya, our protection systems immediately identified and blocked this attack, prior to it being publicly released that it was occurring.
We know that the security landscape will continue to evolve, and we are dedicated to staying up to date on the latest in cybersecurity. Following security best practices is a pertinent element to any Managed IT Service provider, so make sure your provider is clearly aligned with following them.
Ask your IT Group the following two questions:
A solid IT firm is implementing new security initiatives every quarter so you can take comfort in knowing that their cybersecurity house is in order. We, at Thriveon, consistently audit and communicate best practices quarterly to our clients, so you’ll always be on top of the changes and updates needed to your technology solutions.
In 2016, Thriveon secured the Security Trustmark through CompTIA which follows the Federal cybersecurity framework for meeting regulations for the Department of Defense, Financial and Healthcare. We also have regular 3rd party auditing performed to keep our systems in check. Read about the Thriveon difference through our Thrive On IT pathway.
Thriveon is offering a complimentary Technology Audit to discuss and explore common issues that might be making your business less secure and less productive. Thriveon will comb through your technology solutions, both hardware and software to pinpoint potential areas of improvement and aid fill the gaps.