The world is changing fast – is your IT on cruise control? If so, you’re inviting chaos into your world.
As we enter the fourth month of the pandemic-induced world of working remotely, it’s time to take stock of whether you’re making the right moves to maintain, improve and otherwise ensure that your IT environment remains effective in supporting your business. Cruise control is a great feature when you’re on the highway, but it can be a disaster when applied to IT operations.
Here are 3 key principles to focus on to help keep your IT environment running securely, reliably and at peak performance.
Principle #1: Systems maintenance never takes a sick day
All of those systems that you rely on each day are counting on you and your team to keep them maintained and running smoothly. Time out of the office could result in your IT systems being “out of sight and out of mind” – don’t let that happen as they may go awry and drive you out of your mind.
- Failure to keep core infrastructure current can leave your world unstable or, worse yet, vulnerable to attack. Regardless of whether your core IT is onsite at your office or hosted with Amazon, Microsoft or elsewhere, it all needs to be kept current on patches, hotfixes and firmware updates.
- Similarly, your user workstations and laptops also need to be kept current. Without regular trips to the office, are they still getting their updates in a timely manner? The solution you had in place while in the office may not extend to remote locations, and if that’s the case then you run the very real risk of something sneaking in through the back door and making a mess.
- Your antivirus solution is typically your last line of defense. If it isn’t staying current on updates, then each day there are new variants out there ready to exploit the gaps. COVID-19 is unlikely to infect your computers, but Cyborg, CryptoMix Clop, GoBrut, Jokeroo and Trojan Glupteba each have new variants that will be only too happy to deploy.
- Be sure your team practices good data hygiene and puts things back where they belong. When we were all in the office it was routine to remember to save your documents and data to the network, where it was safely backed up during the day or at least at night. Now that your team is working remotely, are they continuing this important practice or are your firm’s intellectual property and/or confidential information winding up stored on local machines? If that machine dies, the data goes with it. And speaking of backups . . .
- Keep an eye on the successes and failures of your backup system. In the event of a ransomware attack or system failure it is vital that your backup system was running smoothly and holds the data you’ll need to recover. Now is the time to make sure your environment is being monitored and backups are successful.
Principle #2: In the chaos, danger lurks – security is more important than ever
There are bad actors waiting to take advantage of the ongoing disruption for their own benefit, as we saw with the fraud perpetrated against the Washington State Employment Security Department. With everyone dispersed to their home workspaces, what we in the IT world call the Attack Surface has grown massively to include everyone’s home offices where new vulnerabilities may emerge. The next step after a successful breach is for the bad actor to recon the environment to see what’s valuable, and shortly thereafter comes the Friday-night-when-no-one-is-looking ransomware attack.
- Phishing attacks have increased exponentially, tricking even vigilant users into opening a malicious email or attachment. The days of spotting an unusual email address or finding spelling errors in the email body are long gone as attackers are now better at impersonating people you trust. The email that brings your system down is likely going to come from someone you trust, after their email was hacked. Never trust an email, and make sure you’re using the latest and greatest tools to filter your email stream.
- Stick with known, trusted websites for your information sources. We’re all interested in the latest information about the pandemic, and the internet is typically the go-to place for the latest news. The bad actors know this, and they’ve deployed numerous websites that deliver malicious payload along with the latest graphics on pandemic statistics. Again, never trust a link!
- Downloading VPN software from the wild can result in malicious content deployed exactly where you want it least. There’s been a surge in demand for remote-access tools since March, and for obvious good reasons. Just make sure the remote access software you’re installing is what you think it is, and it’s wise to let your IT team point you towards the trustworthy places to find it.
Principle #3: Time to pick up your pace
Just like the old joke with two hikers in bear country – “I only need to be able to run faster than you!” – it’s time to pick up the pace and improve your firm’s IT posture. You don’t want to look around and suddenly realize you’ve been left behind, exposed to hostile elements.
- Start with security. I assume you’ve already taken care of the basics like strong passwords, two-factor authentication and rigorous training for your users around good practices. With those in place, your next low-hanging fruit is to step up from your plain vanilla “I use a mugbook” antivirus system, to something that combines a mugbook with a watchful eye for unexpected systems behavior. If your systems start communicating regularly with eastern Europe, a next generation antivirus system will flag that as something to be concerned about.
- Configure your email systems to provide maximum protection for end-users. This applies to everyone, including hosted by Office365 or Google but doubly so if you are one of the last holdouts with an onsite Exchange Server. There are “Best Practice Analyzers” available for just about every flavor of email solution, and it’s on you to make sure your systems are better protected than those of your internet neighbors. (On a related note, Office365 and Google are both more reliable, accessible and cost-effective than your onsite solution, time to join the 21st century and migrate.)
- If your onsite server hardware is reaching end-of-life, this is the right time to consider migrating your system to Amazon Web Services or Microsoft’s Azure. Both offer more cost-effective solutions than a capital investment, and both allow you to stop worrying about power outages, hardware failures and running out of capacity or storage.
- Consider deployment of a hosted Security Incident and Event Management (SIEM) solution. Ready to step up to the next level? These solutions will aggregate log data from your firewall, servers and other systems and look for correlations that warrant further review. A new connection to the firewall from a foreign land, combined with your backup system going offline and an increase in CPU usage on your servers correlates to a scary diagnosis: you’re in the midst of a ransomware attack.
There’s a lot to think about here, but it’s all feasible. We’ve talked before about IT maturity, and in the past few months we’ve have seen that our clients who have been ahead of the game have weathered this crisis incredibly well. Stay tuned as we’ll be sharing some of their experiences and what worked well for them, so that you can learn from their successes.
Want to get more timely business tech tips delivered to your inbox? Subscribe to our Tech Tips email newsletters here.