Internet Safety

Why You Need Both Software and Hardware Firewalls

Why You Need Both Software and Hardware Firewalls 600 329 Greenlight Managed IT Support Services | Sydney | Melbourne

A firewall sounds like a pretty intense thing – unless you’re an action-movie stuntman. Yet when it comes to internet security, you may not have as much firewall protection as you need.

Many internet security products bundle antivirus and firewall software, and many users think this is enough. But first, let’s be clear about what a software firewall actually does:

  • It regulates data through port numbers and applications.
  • It allows you to block incoming traffic from certain locations.
  • It distinguishes between computer programs allowing data to one program while blocking another.
  • It blocks traffic attempting to leave a device to access other devices on your network.

There are drawbacks, though. Software firewalls work only on the computers on which they are installed, and you’ll need to buy multiple licenses to protect several computers.

You also need expertise to administer the firewall to keep up with changing threats. And there are security threats. Bad actors target software firewalls. They’re right there on the computer they seek to exploit.

Beefing Up Your Firewalls

Many businesses also use hardware firewalls to add security. A hardware firewall around your office network acts as a perimeter boundary. The hardware firewall is like the border guard keeping an eye out for dangerous traffic. The firewall inspects incoming internet traffic to protect you from malware and cyberthreats.

IT experts can set up firewalls to pass only safe data. This adds a layer of protection to your network and also secures network-connected devices. Workstations, printers, digital equipment, and telephone systems often don’t have software firewalls.

So, combining firewalls protects both local computers and other devices on your network. The hardware firewall checks traffic coming in from and going out to the internet, whereas the software firewall secures what’s coming into or out of the computer, even from internet sources.

Think about it this way: A cybercriminal is trying to access your systems. They take many approaches, one of which is trying to breach your network perimeter. Another is sending targeted communications to sucker someone into clicking on a virus-laden email. The hardware firewall could stop the perimeter attack, but the software helps stop the malware infection spreading from the user’s computer to others in your office.

Partner with a Firewall Expert

Firewalls can give your business tremendous control over:

  • how users connect to the internet;
  • what information is retrieved from the internet;
  • whether files can leave the company over the network;
  • what devices are accessible and from where.

Yet both software and hardware firewalls need the right expertise to install correctly. Firewalls must be regularly monitored and managed, because threats are constantly changing.

Combining firewalls adds protection but only if you configure them to minimize weaknesses. You’ll need someone to identify compatibility issues and avoid blocking legitimate data.

Partner with an IT expert. We know how to work with firewall rules, and understand what they mean and how to react to alerts generated. Have you heard of a breach that compromised Target’s point of sale systems? That fiasco involved ignored firewall alerts! Don’t let it happen to you.

Greenlight has been awarded the WatchGuard APAC partner of the year. We can help you set up and maintain the firewall protection you need. Contact us today. We know firewalls!

Remote work from home

Top 6 Tips for Effective Working from Home

Top 6 Tips for Effective Working from Home 1920 753 Greenlight Managed IT Support Services | Sydney | Melbourne

With the outbreak of COVID-19, we are increasingly having conversations with our clients about working from home, so we thought it timely that we share some of our recommendations to help us all get through the next few months with as little disruption to business as usual as possible. While every business is different, here are just a few of our suggestions to help enable more flexible work places.

1. Make effective communication your top priority

This is more of a leadership issue than technical, but it is extremely important for your staff to know what is expected of them. Create a detailed list of what you expect from each team member working from home. List the activities required to do their job well, then have a discussion to ensure that everyone is on the same page. Once these are in place, use the collaboration tools mentioned below to keep things running.

2. Ensure that your team are ‘work from home’ ready

It is very easy to assume that everyone has fast internet and a quiet place to work uninterrupted. Not everyone has NBN just yet, and ADSL might not be good enough to collaborate on large files, so the tools and way we interact as a team needs to be considered. Home environments are also an issue. It might be the case their partner is at work and children are at school and they can work quietly and effectively from their apartment, but circumstances can change rapidly. 

Is providing your staff member a laptop and using 4G a consideration?  Do they need a second monitor, or an IP voice handset, or even a mobile phone? The way we managed this internally was to set up a shared spreadsheet, and asked everyone to update their individual situation to finalise the logistics of what each team member needs to enable them to work from home effectively.

3. Choose and implement the right communication & collaboration tools

Having a quick chat to the person in the cubicle, or quick team meeting is now going to have some challenges. Fortunately, there are already a number of collaboration tools to choose from. Email is great, but online chat, and video conferencing tools will help even more. Many vendors are also assisting by offering free access for the next few months. Some tools to consider include:

4. Think about how you will share files

Once we solve the team communication problem, the next challenge is how do we access our documents and file shares. Unless you already have a Remote Desktop or Citrix environment, this will pose some unique challenges. But there are options:

Option 1: Configure a dial-in VPN to the office and get your IT support team to map a network drive from your file server. 

With this option, your remote workers will see their G: drive (or whatever letter you choose) from their home PC just like they would in the office.   Only downside is that accessing large files can be slow, and is contingent on the internet speeds at the end users’ home, and more importantly at your office.  If your office still runs on ADSL, this is probably not a viable option. Security is also a concern with this option as although the VPN ensures data transmission from home to office is secure, you cannot always guarantee that a user’s home PC is not infected with any number of malware or even worse – ransomware – that could easily impact the server data over the VPN. A robust business-grade anti-virus/anti-malware installed on home user’s PC is essential in this scenario.

Option 2: Use a cloud-based file sharing platform

Dropbox, Google Drive, Microsoft SharePoint Online, and OneDrive for Business can help. They will keep a copy of your work files in the cloud and both Google Drive and SharePoint Online allow simultaneous user collaboration of files. Microsoft Teams also allows this (since it is built on SharePoint Online).  If these tools are not already in place, have a chat to your IT team about getting it set up correctly to avoid problems in the future, especially when it comes to who has access to what files, as by default everyone will typically have access unless the structure is configured correctly from the start with specific permissions.

Option 3: Take a copy of the files and try to reconcile later

Our least preferred option would be to copy a batch of files to a USB drive and take them home.  Obviously, this has major security implications if the company data is lost or intercepted, as well as the problem of merging back the changes at a later date (which would be an extremely time-consuming process). This should only ever be considered as a last resort, and not recommended.

With any of these options it is also important to consider how you will continue to back up company data once it has been dispersed outside of the normal server infrastructure to either a cloud-based platform, home PCs or a combination thereof. With cloud-based platforms like SharePoint Online and OneDrive, products like Datto SaaS are perfect for ensuring back ups continue no matter how many staff the company data is shared with. If the data is being stored directly on home PCs this becomes more difficult (but not impossible) however company data stored in this way is not recommended.

5. Think about how you access applications

Once we have access to the raw data, we need some software both for the documents and your unique line of business applications. For Microsoft Office documents, customers with Office 365 Business Premium or E3 may be entitled to download and install an instance on their home computer.  Otherwise licensing might be a problem. Talk to your IT team about your options.

For your business applications, generally you won’t be licensed to run them from home and you probably have a server in your office where the database resides. So your options are: Use or create a Remote Desktop Server, or potentially remote control your office PC.  There are a number of ways to implement this, with varying security considerations, so it is best to talk to your IT team about what the best option with the least risk is for you.

6. Think about your processes

Some roles are more suited to remote work than others so we might need to adapt the way we manage and allocate work. Line managers may need to have daily morning huddles with their team and potentially break work down into smaller, more manageable pieces. Goals and tasks might need to be tracked in a shared spreadsheet or an online tool like Asana. If you don’t have scorecards for your team now is the time to implement them.

With a bit of planning businesses should be able to get through the next few months without too much of an impact on productivity from your remote teams working from home. Keeping in mind government and health official advice changes daily and no one really knows how prolonged this crisis will be. However once this crisis is over the way we work may be changed forever.  If you have any questions about the suggestions in this article please reach out to us.  As always, at Greenlight we are here to help.

Medical Cloud Hosting Australia

DHS Gives The Latest Mandatory Policy on Medical Data Management in Australia for 2020

DHS Gives The Latest Mandatory Policy on Medical Data Management in Australia for 2020 1920 1280 Greenlight Managed IT Support Services | Sydney | Melbourne
DHS Gives Mandatory policy on medical data management in Australia

The medical data management system in Australia is not where it should be. According to Dr. Bernard Robertson-Dunn, who chairs the health committee of the Australian Privacy Foundation (APF), says that rather than focusing on improving patient health, or reducing the cost of healthcare, all the government is doing is putting patients data at risk.

According to the Notifiable Data Breaches Scheme (NBDS) report from April 2018 to March 2019, there has been a 712% percent increase in data breach notifications alone.

60 percent of those data breaches were recognized as malicious attacks with 28 percent off the attacks coming from unknown sources.

55 percent of the attacks and notifications were attributed to human error in the health sector and 41 percent in the financial sector.

Across all industries, 35 percent of those data breach notifications were set off by human error which can be attributed to the loss of a storage data device or the unintended disclosure of personal information. We wrote about more of these Cybersecurity Statistics here.

All in all, it’s safe to say that between the data storage systems and infrastructure as well as the medical community have failed their patients in terms of information privacy and the management of their security. That is why stronger rules have been put in place to patient’s worries on privacy at ease.

Mandatory DHS Rules, Requirements and Consequences

The Department of Health Services (DHS) plays the role of ensuring that health providers comply with the requirements of the Medicare Benefits Schedule (MBS) and other programs, including incentive payment programs.

To help maintain the privacy of patients’ personal information, the DHS has adopted new requirements for third-party software providers. It’s a part of their campaign for the Digital Transformation Agency’s (DTA) Secure Cloud Strategy. Under the Secure Cloud Strategy, the DHA requires that all applicable Australian software companies undergo a process of accreditation and compliance of their data management practices.

The new policy applies to any party using cloud-hosted services that connect with the DHS to provide services such as Medicare, PBS, NDIS, DVA, MyHealthRecord, Child Care, and Aged Care.

The accreditation process involves earning the Australian Signals Directorate Certified Cloud Services List (CCSL) certification and can maintain assurance that all data will remain within the Australian jurisdiction. Additionally, the policy encourages the physical separation of the infrastructure as well as limiting access to patients’ private data to those with Negative Vetting 1 (NV1) security clearance. 

Failure to comply with the DHS’s rules and policy under the Secure Cloud Strategy by the deadline on April can result in major consequences. Those consequences could mean fines, suspended licenses, and ultimately the loss of your practice.

Managing DHS Requirements and Running Your Practice

Under the DHS’s policy, all practices are required to utilize a DHA certified infrastructure to ensure the privacy of their patients. So, how do you manage that and still do work for your practice? —Managed Cloud Services, i.e., medical hosting.

What is Medical Cloud Hosting?

Medical cloud hosting is private hosting (or, more specifically, private cloud hosting). When we talk about cloud hosting, we’re referring to hundreds of individual servers that work together as one. With cloud hosting, there’s no need for an on-premise infrastructure that costs money, space, and time in maintenance. With cloud hosting, everything is managed and stored for you via a cloud service provider.

In general, you have the option of public and private cloud hosting. Of course, medical hosting is private, but for your information, here’s the difference:

Public cloud hosting involves a standard cloud computing framework consisting of files, storage, applications, and services that are available on a public network. (Think Gmail).

Private cloud hosting is comprised of the same things—only all of those things are protected by a corporate firewall controlled by the corporate IT department. (Think Microsoft Exchange, as it requires authorized users and a secure VPN connection).

In other words, private medical cloud hosting equals privacy and protection. If you’ll recall, the DHS policy applies to all third parties using cloud services that connect with the department to deliver services such as Medicare, PBS, DVA, NDIS, and so on. This could only mean that private hosting is viable.

It’s also a necessity considering the fact that it’s DHS Compliant, ISO Certified, and handled offsite via your service provider but remains within the Australian jurisdiction.

How much Should I budget for Cloud Hosting?

Cloud computing and data management within a compliant industry isn’t going to be cheap—but it will become cost-effective in the long run. Ultimately, your budget will come down to your industry and the data capacity that you need, managed services, private vs public cloud hosting, and so on.

Of course, sticking with your outdated, on premise hardware, you’re looking at heaps of unnecessary spending in system maintenance, upgrades, equipment—not to mention paying an IT team to take care of it all for you.

Is you current provider DHS compliant?

If you’re a medical practitioner responsible for running a practice and wondering where to turn for your medical cloud hosting, Greenlight ITC is here to help.

We have one of the few providers of DHA certified cloud infrastructure for medical hosting. We are your ultimate technology solutions partner. Our medical cloud hosting capabilities can make your staff more efficient, and ultimately, your businesses more profitable under its data management practices. Not to mention, we’ll keep you safe from phishing scams and serious data breaches so that your patients can rest easy knowing that their private information is safe while they’re getting the care they need.

Greenlight is also a Tier-1 Microsoft Azure Partner and 2017 Watchguard ANZ Partner of the Year.

If you want to know more about how much switching to private medical hosting is going to cost you and your practice, your best bet is to call Greenlight ITC at 02 8412 000 to get a custom quote today. You’ll get to speak directly with one of our IT experts (aka, Data Doctors) who will walk you through the entire process.

Top 5 Risks When You Stay with Windows 7 this 2020

Top 5 Risks When You Stay with Windows 7 this 2020 1920 1280 Greenlight Managed IT Support Services | Sydney | Melbourne

Windows 7 End of Life

Microsoft will no longer be supporting Windows 7 after a ten-year stint—as announced last December 16, 2019.

The purpose of this direction is for the tech giant to pour its ample resources into more lucrative, newer technologies. Essentially, Microsoft has squeezed as much juice as it can out of Windows 7. It doesn’t make sense for them to continue providing technical assistance and software updates that protect PCs using the outdated program.

The Impact on Your Businesses

First and foremost, Windows 7 is still being used on 39% of all PCs.

And a year from now in January 2021, Windows 7 will be used on 18.7% of all PCs, which accounts for around 281 million machines.

What does that mean, exactly? That even at under 20% of total usage on PCs, there are still over 280 million systems with Windows 7 in place. At such a vast number, it’s fair to guess that small to medium businesses make up enough of those totals. Especially since many owners might wish to sidestep the costly nature of upgrades.

Though, with the removal of all support for the system, keeping Windows 7 installed will end up being more costly than merely paying for the upgrade to Windows 10.

So, as a business owner or stakeholder who may still be using Windows 7, you’re likely interested in knowing what might happen after neglecting to upgrade.

Let’s examine some of the most significant risks involved in continuing to use Windows 7 on your PC and how it can affect your workplace:

The Top 5 Risks of Staying with Windows 7

Risk # 1.      No More Technical Support

Last year, Microsoft patched 29 Windows 7 vulnerabilities in April alone.

Of those vulnerabilities, 6 were rated critical with the other 23 being deemed important.

Think about it, that’s one month alone—and the only reason those changes were made was due to an extended support phase focused on fixing flaws. Those snafus on Windows 7, since it’s an older system, have continually surged over the years. Now, without support, these issues will be seemingly never-ending.   

Risk # 2.      Heightened Cybersecurity Risk

Studies from 2018 about cybersecurity in small-and-medium-sized businesses reported that 67% of survey respondents experienced some form of cyber-attack. On top of that, another 58% went through a data breach with employee or customer information.

These stats prove that businesses are already susceptible to these attacks. With Windows 7 now lacking the infrastructure to deal with these issues, if you don’t upgrade, the consequences could be disastrous.

Risk # 3.      Additional Costs

On a per-system basis, it’ll be possible to receive extended security support. However, there’s an additional fee paid to Microsoft per computer to obtain the appropriate security updates. Furthermore, the dollar amount owed to Microsoft will double every year and caps out at a maximum of three years.

The price begins at $50 per machine—meaning by 3 years it’ll be $150 per device. If you have around 10 machines, that can prove quite costly.

Risk # 4.      Falling Behind the Competition

As Windows 7 becomes more obsolete, more businesses will be using Windows 10. 

As technologies keep improving, functionality enhances. If you’re on an outdated system, the slower it’ll run, and it’ll be less equipped to handle the state-of-the-art tools that’ll keep you ahead of your competitors.

Risk # 5. Frustrating Your Team

When your employees end up with inferior technology, their morale tends to suffer. For many staff members, it can be a bad look when you fail to equip them with systems, programs, and software that isn’t – at the very least – up to date.

If you don’t update to Windows 10 soon, your team might get the idea that you aren’t invested fully in their success. From there, frustration brews, work tends to be negatively impacted, and you’ll have an office full of employees at their wit’s end.

The Very Real Problem of Malware in the Workplace

As technology keeps reaching new heights, so does its propensity to be malicious and dangerous. Businesses far and wide must be eternally vigilant in the face of these threats that can damage both their reputation and bottom line.

For instance, recently, Landry’s, Inc., an American, privately owned, multi-brand dining, hospitality, entertainment, and gaming corporation, identified malware on its payment processing system.

The malware was designed to access payment card data from cards used in person. Interestingly, the card data wasn’t readable due to the end-to-end encryption technology used at points-of-sale. So, the malware was prevented from accessing payment card data.

Although this hasn’t occurred on a Windows 7, these attacks come from everywhere when sensitive information or money is involved. As proven by Landry’s, with state-of-the-art systems in place, these cyber breaches situations can be nipped in the bud.

So how do you mitigate these risks?

The short answer is to move to Windows 10 to receive the full support from Microsoft. This can be done by upgrading your operating system on your existing PC’s, assuming your hardware is capable of handling the demands of a modern operating system. If you PC is more than 3 or 4 years old, it is probably more cost effective to simply replace the PC.

Why it is Important to Secure Your Remote Desktop Server

Why it is Important to Secure Your Remote Desktop Server 1280 720 Greenlight Managed IT Support Services | Sydney | Melbourne

With a rise in employees working from home in recent years, there has also been an influx of cyber attacks on the very system that makes that possible.

Perhaps you’ve used Remote Desktop Protocol (RDP) for work or have had to resort to it when dealing with customer support. If either is the case, the first time you ever used it might have been something of a worry. Allowing a stranger full control of your computer via a desktop interface? Sure, that doesn’t sound sketchy at all.

However, it actually isn’t sketchy. Microsoft designed RDP to facilitate secure data transfer from one computer to another. In both theory and practice, RDP has shown itself to be one of the most integral technological inventions of the last couple of decades. This is most notably the case within the healthcare industry, whose existence relies on patient confidentiality.

Although where hackers are concerned, the turn of phrase, “This is why we can’t have nice things” also comes to mind. The FBI reported recently that, since 2016, RDP attacks have been becoming more and more frequent. These brute force attacks aim to collect data such as names, dates of birth, insurance numbers, which the hackers then sell on to the dark market.

But with more and more companies understandably turning to RDP to cover their workloads, this is a threat that has to be dealt with before it’s too late. That said, the solutions to securing our remote desktop servers, are also in our hands.

The Many Uses of RDP

There are plenty of reasons why companies and individuals resort to RDP. For one, the ability to connect to and control one computer from another means that not every worker should have to go into the office. In the same vein, business travelers can stand to use it for that very same reason.

If you’re traveling for work or want to work while on vacation and work for a company, you’ll need access to your files. Particularly so if those files are confidential. This is where RDP really stands out. Not only can you access your work computer from anywhere in the world, but you can do so from home, too.

Administrators also benefit heavily from RDP. Many large-scale technology companies use it to aid their customers with any problems they might be facing. Additionally, if you’re out of the office for one reason or another and the software or hardware fails, you can fix it from your own computer.

RDP is a helpful and convenient tool for businesses the world-over.

So then where do the hackers come into it?

How Attackers Compromise RDP

Ransomware such as CrySIS, CryptON, and SamSam among others have been utilized and spread through RDP. Most of these attackers use what is known as the brute force method.

The problem with brute force is that attackers don’t necessarily have to be professional at what they do. On the contrary, brute force attacks are literally just trial-and-error.

Brute-force is also, however, time and resource consuming. Its success relies on patience, perseverance, and volume rather than some magic algorithm. What this means for us is that we can take measures such as complex passwords to protect against them.

Securing Your Remote Desktop Server Against Brute Force

Brute force attacks usually begin with the attacker scanning a list of IP and TCP port ranges to find a port that’s open. This is the time-consuming part. Once the attacker has gained access, however they’ve done it, they can start to unleash malware chaos on your server.

That said, brute force attacks really do depend on the measures you have or haven’t taken in securing your desktop. By rectifying your mistakes, you can successfully keep attackers out.

Solutions

Whitelist Your IP Address

Whitelisting an IP is a simple way of preventing RDS attacks. However, it’s also simple enough that it won’t block every attacker who is trying to get in, such as the case with roaming users. Whitelisting your IP address restricts outsiders from gaining access. In order to do this, you need to set up inbound rules on your firewall, and/or your RDP server.  For example:

  1. Connect to your RDP server
  2. Open Windows Firewall with Advanced Security
  3. Click Inbound Rules
  4. Find and right-click the RDP Rule
  5. Go to Properties > Scope

Inside of the Scope tab is where you’ll create your IP restrictions.

  1. Under Remote IP address, check These IP addresses
  2. Click Add…
  3. Type your IP address in the top field
  4. Hit OK

Note: If you want to add an IP range instead, click This IP address range and input said range.

Deploy an RD Gateway

Remote Desktop Gateway servers give RDP users a more secure and encrypted connection. Having an RDG lets you share your network connection with other programs, enabling an ISP connection that steers off unwanted outsiders.

To do this, you first need to go to your service manager within your RDP.

  1. Go to Server Manager > Remote Desktop Services > Overview
  2. Under Deployment Overview, click on the green RD Gateway icon to install it
  3. Choose the server on which you want to install the role
  4. Enter your external FQDN (fully qualified domain name) in the SSL certificate name box
  5. Hit Next >

Once your RD Gateway is installed, you can configure certificates and properties. In properties, you can set up rules such as maximum simultaneous connections and further SSL bridging. This should leave your RDP network to your RDP team.

Multi-Factor Authentication

It’s likely you’ve heard of two-factor authentication already, even if you’re not a software professional. Companies like Apple, Google, and Amazon are all quickly adhering to this forward-thinking way of ensuring the security of their users.

Multi-factor authentication can also be used in conjunction with the two methods above, tripling down on your high-security RDP forcefield for better protection. In short, MFA allows you to login to your RDP and then authenticate that login by other means such as SMS, automated phone call, email or an app on your phone.

Once authenticated by your second device, you and only you can partake in that session.

Use a VPN

Installing a VPN helps administrators to limit unauthenticated users. With software like FortiClient.  SSL and IPSec VPNs are used to provide a secure and reliable solution to attempted RDP attacks without the user needing to know the nitty-gritty on security and protection.

Once your remote desktop server is secure, you can continue to work from home or from the beach, if you want to.

It’s always better and cheaper to protect yourself and your company in advance.  To learn more about IT Security, please contact us.

Notice of data breach laws

What Australia’s New Mandatory Data Breach Notification Laws Mean For Your Business (And What You Can Do About It!)

What Australia’s New Mandatory Data Breach Notification Laws Mean For Your Business (And What You Can Do About It!) 715 509 Greenlight Managed IT Support Services | Sydney | Melbourne

On February 22nd , 2018, Australia’s new Mandatory Data Breach Notification Laws come into effect, mandating a legal requirement to disclose information on any serious data breach, both to the affected individuals as well as to the Privacy Commissioner. The current penalties for non-compliance under this regulation range from $360K for an individual to $1.8M for a corporation, but it has been proposed to raise these amounts to $420K and $2.1M respectively, effective July 1, 2017.

Who Does the Data Breach Law Apply To?

Businesses that must comply include any organizations that are governed by the Privacy Act, including:

  • Government agencies
  • Not-for- profits with an annual revenue of more than $3M
  • Businesses with an annual revenue of more than $3M

And additionally, it applies to specific types of businesses with a turnover of less than $3M, which include:

  • Private sector healthcare and related businesses (including weight loss clinics, fitness centres, chiropractors and other alternative medical practices)Private schools and private education institutions
  • Private schools and private education institutions
  • Child care centres
  • Credit reporting agencies
  • Any business that buys or sells personal information

Individuals who handle personal information in their course of doing business (including insurance brokers, bankers, accountants, attorneys, health insurance providers)

How Will This Change the Way I Do Business?

After the laws come into effect, you will be required to report any relevant data breaches to the Australian Privacy and Information Commissioner. You must also notify any individual whose private information may have been compromised.

Not all data breaches, however, will require notification. There must be a reasonable expectation on your part that the data in question has been lost, accessed, or disclosed unlawfully and without authorization, and that this would potentially result in harm to the individual or individuals in question.

Harm, in this sense, can mean a variety of things. It could be psychological or emotional in nature, in the sense that personal information is exposed that reveals something the person did not want to be known, such as a serious disease, or other personal health details. The harm caused could be financial or professional in nature, such as the disclosure of previous criminal records or activity, political information, personnel files from a previous employer, or anything that may harm the person’s ability to conduct business or obtain a job. If any harm is perceived as being the outcome of the breach, it may be considered an offence.

To determine whether a breach is eligible under the Act, refer to Part IIIC of the Act, which outlines the various breaches as well as the notification process. This section of the law will help you to pinpoint whether the breach is likely to result in serious harm under the terms of the law and whether it is necessary to report it. Things like personal medical and credit card information should rank high on your radar, as there is no question that a breach of this type of information could potentially cause significant harm.

If a breach occurs, you have 30 days to make a full assessment of the potential for harm. Following that, and if it is found that a breach has occurred, you must submit your report to the commissioner and to each individual in question as expeditiously as possible.

In your report, you must disclose what happened (a detailed description of the breach), the type of information that was compromised, accessed or lost, and what the individual in question can do to respond to the incident, which might include prompting them to change passwords on their accounts or backing up information stored on the server.

Fines will be levied for breaches considered to be serious or to repeat offenders by the Federal Circuit Court of Australia following a recommendation by the Privacy Commissioner.

Greenlight-ITC: helping you navigate the new Data Breach Notification Laws

If you have any concerns about your company’s IT security policies and would like to update your data protection protocols, or if you have questions about whether Australia’s Mandatory Data Breach Notification Laws apply to your business, call Greenlight-ITC today. We are Melbourne and Sydney’s business IT headquarters, helping your company stay secure and compliant every step of the way.

How opening a MS Word Doc can hijack every file on your system!

How opening a MS Word Doc can hijack every file on your system! 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

If you receive a mail masquerading as a company’s invoice and containing a Microsoft Word file, think twice before clicking on it.
Doing so could cripple your system and could lead to a catastrophic destruction.

Hackers are believed to be carrying out social engineering hoaxes by adopting eye-catching subjects in the spam emails and compromised websites to lure the victims into installing a deadly ransomware, dubbed “Locky,” into their systems.

So if you find .locky extension files on your network shares,
Congratulations! You are infected and left with just two solutions: Rebuild your PC from scratch or Pay the ransom.
Locky ransomware is spreading at the rate of 4000 new infections per hour, which means approximately 100,000 new infections per day.

Source & Credit : http://thehackernews.com/2016/02/locky-ransomware-decrypt.html

Disaster Recovery – Planning for the worst is only the tip of the iceberg

Disaster Recovery – Planning for the worst is only the tip of the iceberg 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

Like many small or medium businesses you’ve probably paid some thought to that rare data-loss catastrophe but chances are that when it came to budgeting for that unforeseen scenario the “what are the odds?” attitude ultimately prevailed inevitably resulting in a largely inadequate disaster recovery solution or in some cases, nothing at all.

Whilst these disaster scenarios are indeed relatively infrequent it is extremely important to understand the reality of the threat and the unpredictable nature of their occurrence. One could successfully argue that within Australia the risk to business is noticeably higher than the global average due to our country being particularly prone to weather extremes and associated natural disasters whether they be fires, floods or tropical cyclones. Now planning for that major disaster is one thing, but it is easy to overlook and hence not consider the detrimental effect of many smaller incidents that can have just as large an impact on your business. This is where RTOs and RPOs come in.

When it comes to planning for a disaster every business needs to be able to determine both an acceptable period of production downtime and the limit of acceptable data loss. The Recovery Time Objective (RTO) specifies the maximum duration of loss of or disruption to production systems beyond which the consequences to business are unacceptable. Similarly, the Recovery Point Objective (RPO) specifies the maximum period of time that is considered acceptable for lost data as the result of a disaster.

rto

What is considered acceptable for both data loss and production downtime will vary depending on the type of business and nature of the circumstances however the necessity for considering and planning for the consequences of both major and minor incidents remains the same. What one business considers an event of major disruption to workflow may not be as significant an impact for another but the need to ascertain exactly what is acceptable and what consequences a particular incident will have on your business applies to all.

It must be understood that planning a solution to maintain business continuity, adhere to the defined recovery time and point objectives and mitigate the impact of a disaster is not a trivial matter and more than likely is beyond the capability of a business’s existing internal resources. There are many products and strategies available when it comes to disaster planning but determining which will suit your business’s needs is another matter. Consulting with a service provider that understands your requirements and specialises in backups and disaster recovery is crucial to ensuring a robust and reliable solution.

One of the most significant factors in recent years that has dramatically increased the need and urgency of businesses to implement a disaster recovery solution has been the prevalence of ransomware. Most people would have heard of this type of malicious software by its most common variety – CryptoLocker. For those that are not aware of what makes this type of malware so damaging it is its ability to silently access and encrypt not only the most common types of documents and files on your computer, but also any network shared folders you may also have attached to your computer. The result will be all of your most important business data being in an unreadable state at which point it will prompt you to pay a hefty ransom within 24-72 hours to obtain the decryption key without which your data is useless.

Since 2013 the sophistication and variance of this type of malware has increased massively as has the range of file extensions and genuine-looking emails that are used in attempt to get you to run the malware on your computer. Chances are you know someone that has experienced this either at work or at home or you may have been unfortunate enough to already have had your data held hostage and have had to pay the ransom to regain your important files and documents.

One of the best pieces of advice against encountering this nightmare is as old as email itself. Don’t open attachments from someone you don’t know. If it looks suspicious it probably is. Even if it claims to be from a government department, courier/postal service or a reputable bank or institution, tread cautiously as this is one of the most common guises currently in use all in order to get you to open and run that attachment.

Having said that, not everyone within your company will always be as mindful of such threats whether they be from obvious but rare natural disasters, hardware failure, data theft or ransomware and there will almost certainly come a time when recovery is needed. The best defence will always be to have a comprehensive and well-planned backup and disaster recovery solution in place before the day comes when you regret not having one. The inherent human mindset typically dictates that we don’t act or plan for a scenario until the first time it happens. There can by any number of reasons for this whether it be simply from a lack of consideration or budgetary constraints but regardless the question that needs to be asked is can you afford not to?

Top 10 Tips to keep your Passwords Safe and Secure

Top 10 Tips to keep your Passwords Safe and Secure 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

As IT professionals, we are fighting a never ending battle to keep our customers networks secure.  Here are our top 10 tips that end-users can undertake to help keep your systems secure.

1. Don’t give your password out to anyone

Be very mindful when a colleague or IT professional asks you for your password. Wherever possible type your password for them, or get them to use their own.  The IT security industry uses the term Social Engineering  to describe a process where bad guys pose as an IT professional to get regular users divulge passwords or other security related information.

2. And Watch out for web “phishing” attacks

Phising   is when you get an email that pretends to be from a bank or other reputable institution, that leads you to a false website that prompts you to enter your account information.  Banks will never send you such an email, and if you do think it is legitimate, give them a call to confirm.  A commercial anti-spam filter will block a lot of these emails, but you still need to be vigilant.

3. Use different password for each account

We all do it.  We all have one, or even a number of favourite passwords that we use (or rotate) on different systems. If even one of these passwords gets compromised, it leaves the door open to a multitude of systems.  Once you are aware of a breach, you have to go and reset your passwords everywhere you can think of.  Better to keep the passwords different from the start.  Password management software can help track these passwords, and even generate unique passwords for you.

4. Change passwords regularly

Some systems and websites, such as banks, require you to change your password on a regular basis.  For any system that has potentially sensitive information, it’s best practice to take a pro-active approach and initiate the change yourself.

5. Put a password on your mobile and tablet

If you use your mobile or table for work emails, or file sharing through dropbox or one drive then it goes without saying that you should have a password or pin to access your mobile device.  Losing your mobile is bad enough.  Allowing thieves enough information to gain access to your bank accounts would be disastrous.

6. Create passwords that include Capital letters and special characters with numbers

And avoid common passwords and dictionary words.  A brute force attack is where an attacker uses software that goes through a list of common usernames and passwords to see if they get a “hit”. So don’t leave you password blank, or use “password” or “12345”

7. Don’t leave passwords on sticky notes

You never know who is looking around the office when you are not there, so keep you account details and passwords out of plain sight

8. Update your anti-virus and anti-malware software

A current subscription for anti-virus software may help detect and prevent some phishing and key logger attacks.  The software is cheap compared to costs of rebuilding a compromised PC, let alone the cost of lost data

9. Use password management software

There are a number of free and commercial password management solutions available that will store your passwords in a “vault” on your PC or in the cloud, depending on your preferences.  Talk to your local IT support  company if you need guidance on this.

10. Spread the word

Pass these tips onto your colleagues and staff.  A chain is only as strong as its weakest link.  Even if a low level users account is compromised, hackers often use this as a stepping stone to get access to an entire system.

Handy tips and tricks for identifying malware

Handy tips and tricks for identifying malware 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

Handy tips and tricks for identifying malware
We live in a world that is dominated by computers. For many people, they are a necessity that is essential for daily life. We use them to watch videos, write term papers, do our taxes and so many other tasks. Computers truly are one of the greatest inventions in the history of mankind. However, there is a threat to your computer that is always lurking and waiting to cause problems when you least expect it. This threat goes by the name of malware.

If you own a computer long enough, you will eventually have to deal with this menace. Having your computer get infected by malware can be an annoying hassle that ruins your day and slows down the work you need to get done. However, if you know a few tips, you can get a resolution to these issues before they get out of hand. If you are able to identify the malware infection symptoms, you will be able to get your computer working perfectly. You will also be able to safe-guard it from being attacked by malware in the future. The five tips below will allow you to recognize that signs that your machine is contaminated with malware:

1. Browser offline

If you are not able to access the Internet, but you are certain that you are still connected to the network, a malware infection might be in progress. You will first need to go to Internet Options > LAN Settings to see if any foreign proxy is currently in use. There is malware that is able to configure your browser to allow it to enter through a proxy that is unsafe. If this is the case, eliminate these proxy settings.

2. Change of Google links and/or home page

If your home page changes by itself, this is a good indicator that malware is present. This is also the case if you click on a link provided by a search engine and you are taken to a different site. If these things are happening, there is an extremely strong possibility malware is the cause.

3. Your PC is slowing down

One of the most common problems created by malware is slowing down the computer it is infecting. The decrease in speed can be related to a specific application or the network performance as a whole. It is important to note that just because a computer is slow, it does not automatically mean malware is the cause. A small amount of memory or a fragmented system are also common causes of slow computers. Therefore, regularly schedule maintenance on your computer, such as disk cleanup, running a check-disk and defragmenting your hard-disks. If you perform all these tasks and your computer remains slow, malware may very well be the culprit.

4. Pop-ups

Every person on the Internet knows how annoying pop-ups can be. Persistent pop-ups are a prime indicator of a malware infection. To get rid of these pop-ups, you will need to use an anti-malware application.

5. Software

Using anti-malware software is the most common method of finding malware on a computer. This type of software is also able to detect adware and spyware.