We’re receiving calls from our cybersecurity customers when the IT Team discovers that ordinary users have given third-party applications access to all their organization’s files, email messages, calendar events, Teams chats and channels, and other data.

How can ordinary users have that much power?

By default.

Situation: This configuration affects most companies. While the default settings for your Microsoft 365 system allow your users to approve third-party access, Microsoft recommends the following more restrictive settings to increase security.

The Risk: Without this setting, workers may override protections without oversight and allow any application to access your company data, create and delete files in SharePoint and OneDrive, read and send email messages, edit calendar events, access and modify Teams chats and channels, update user profile information, and perform other tasks. While some applications might need this level of access, it must be granted only after the appropriate authorities, including your IT Team, thoroughly consider it.

Reality Check: This setting catches many IT Teams by surprise. Microsoft is updating its security controls quickly, and it is nearly impossible for IT Teams to keep up with the changes. And when defaults promote ease-of-use over security, like this one, your systems can become at risk quickly without the team realizing it. Know that your IT Team’s level of expertise can be excellent, and situations like this sneak up on them anyway.

Urgent Quick Verification: Your IT Team can quickly access the Microsoft Entra admin center > Enterprise applications > Consent and permissions > User consent settings. There are three options:

• “Do not allow user consent.”
• “Allow user consent for apps from verified publishers, for selected permissions.”
• “Allow user consent for all apps” (the current risky default value)

Update If Necessary: Microsoft recommends you select “Allow user consent for apps from verified publishers, for selected permissions.” Different organizations have different data access needs. Your IT and compliance teams must determine the appropriate level for your situation. Smaller organizations might choose the first option if they don’t want users to expose data to third-party applications without checking with the IT team. Larger organizations with more complex needs often prefer the middle option with careful permission management to take some of the workload off busy IT professionals while providing protection.

Next Step: Your Administrators will also need to specify which permissions are low-impact, as detailed in Microsoft’s article “Overview of user and admin consent.”

Facilitate the Approval Process: Your team can optionally set up an admin consent workflow that users must follow when they want to provide permissions.

Forward this to your friends who are executives at other organizations so they can give their teams this heads-up, too.

The post Executives – Any User Can Accidentally Expose All Your Data Unless IT Changes This Default Setting appeared first on Foster Institute.

AI models are trained to align with human values and never tell people how to cause harm. This is called “AI Alignment” training. New research reveals advanced AI models can give answers that demonstrate harmlessness during training and testing, only to drop the “harmless” act while operating in the real world. This doesn’t mean AI will hurt us all soon, but it raises serious concerns about whether the models are actually aligned with human interests.

To score well on your exams, did you ever choose answers you knew the professor wanted, even if you disagreed? Surprisingly, advanced AI systems seem to have developed a similar capability, giving fake answers to match what trainers want during AI alignment training. Scientists at Anthropic, an AI company valued at $18 billion and backed by Amazon and Google, explored this phenomenon in their paper “Alignment Faking in Large Language Models” in December 2024.

But hold on; those two paragraphs are written from the perspective that AI is like a human. It is essential to remember that AI models don’t have intentions or motivations like humans do. The observed behavior is not a conscious decision to deceive humans but results from the training process. Rest assured that scores of people are working on solving this problem and keeping AI results “safe” for humanity. When alarmist people predict AI will get out of control, it is more that our programming is flawed; most of us do not believe AI is making conscious decisions.

For businesses using AI tools, this means, from now on, to use AI responsibly, you must evaluate AI answers in two ways:

1. As always, check if the AI is hallucinating and giving wrong information accidentally
2. And now, pay attention to whether the AI’s responses align with your values and safety guidelines

The research published in the aforementioned article suggests that in regular conversations when AI doesn’t “think” it is being trained or tested, it’s more likely to give straightforward responses based on its core training.

Unfortunately, the discovery that advanced AI has evolved to give fake answers gives skeptics another reason not to trust AI.

As AI becomes more powerful, business leaders must be cautious and aware of risks as well as benefits.

My speeches about AI have focused primarily on its benefits. I’m creating new presentations about managing the emerging AI security risks that responsible business leaders must consider.

As AI becomes more powerful, business leaders must be cautious and aware of risks and benefits. At least I know my dog isn’t lying to me… I hope.

The post Your Advanced AI Models Are Now Learning to Give Fake Answers appeared first on Foster Institute.

AI’s Growing Role in Controlling Devices:

As AI starts entering more workplaces, it is crucial to recognize that AI will become more interconnected with hardware devices in your organization. You might want AI to control room lighting and air conditioning to make it voice-controlled or adapt to the changing activities in the room. AI can also control massive machinery, including robots and high-powered lasers for cutting steel. We’ll all be surprised at how many real-world tangible controls AI can assist. For AI to control devices, computers must drive the machines. Threat actors could exploit weaknesses to disrupt companies, damage equipment, cause expensive delays, and worse.

Machines Driven by Computers, Including Those Running AI and Traditional Computer Control Systems, Introduce a Security Threat:

As AI becomes integral to your operations, remember: Everything from climate control and identity detection to robots and laser cutters hinges on computer systems. AI’s potential is vast, and its growing adoption means more devices linked to our networks.

However, this surge in AI adoption produces an often-overlooked danger that all organizations with industrial controls must consider. The computer systems hosting your AI and traditional solutions can become obsolete faster than the devices they control. Neglecting to update operating systems and using other security controls exposes your organization to cybersecurity threats. While devices might seem to run smoothly, the escalating sophistication of cyber attackers can’t be underestimated.

Executives: Unchain Your IT Pros from the Security Limitations:

Is your IT Team prohibited from applying critical cybersecurity updates to operating systems or upgrading to supported operating systems on workstations that control instruments, lasers, robots, and other machinery? If they are, those workstations pose a security threat to your organization.

Executives must understand that using workstations with old operating systems or without the most recent critical security updates is a significant security risk. In some cases, executives must ask the IT Team if they have encountered this situation. Sometimes, executives are inclined to delegate decision-making to the IT Pros. Instead, the IT team must alert the executives of the pros, cons, and expenses. The executives need to decide if it makes sense to pay to upgrade the applications that control robotics, manufacturing, or other equipment on a network.

Three Definitions:

In case nobody’s explained these terms, it is essential to differentiate between upgrades and updates:

1. Operating System Upgrades: An example is upgrading from Windows 10 to Windows 11. Newer operating systems often have more security features. Microsoft and Apple will naturally be tempted to assign their best and brightest people to develop and update the newest operating systems, so they eventually drop support for old operating systems. Unsupported operating systems are designated EOL (End of Life.) Using an operating system after it is no longer supported is a significant security risk.
2. Operating System Updates, a.k.a. Patches: Security updates are rated by the severity of the security risk and how likely an attacker will exploit the weakness. Critical security updates are the most important to apply. Staying up to date with patches can be a significant struggle in many situations.
3. Application Upgrades: Upgrades to new versions of the software that controls devices such as CNC machines, robotics, lasers, laboratory equipment, instruments, or any other hardware that connects to a computer.

The Shocking Reality:

Some applications that control devices may prohibit operating system upgrades and security patches. The applications might break if the IT team deploys the patches or upgrades the operating systems. Sadly, as reckless as it seems, some companies that create applications to control machinery will no longer provide technical support to your IT team if the operating system on the workstations is upgraded or has security patches. Their software developers may be too busy to create flexible, secure applications and are forced to focus strictly on functionality.

Depending on the application vendor, paying for an upgraded version of a controller application can be very expensive. Fortunately, sometimes, the upgrade charge is reasonable or free. Sometimes, no upgrade is available to permit operating system upgrades or critical security updates.

Another consideration is the risk that upgrading might interrupt manufacturing flow if the upgrading process requires extensive troubleshooting or potentially interrupt production. When equipment operates 24/7, the IT Team is under more pressure since there is no downtime for maintenance.

If the new application’s user interface significantly differs, shop floor personnel might require additional training. Inadequate training can lead to costly mistakes and safety issues. Scheduling training will affect the timing of deploying the new applications.

So, as you can see, when robotics, scientific instruments, lasers, manufacturing, or other equipment works just fine, upgrading the application offers no valuable benefits, and the IT team is busy, we find during audits and security assessments that many manufacturing organizations have outdated operating systems or need critical cybersecurity updates.

The organization’s executives might accept the risk, especially if compensating controls are in place.

Alternative Tactics Increase Security:

Using compensating controls in networks is essential because systems sometimes have significant vulnerabilities before updates are released or installed. Compensating controls are even more essential to help protect workstations if patches are missing.

Compensating controls include, and are not limited to, isolating the machines that control robotics, manufacturing equipment and scientific instruments on a separate network away from your network. That separate network must have limited connectivity to only allow traffic to and from the specific devices necessary and limit the kind of data and how it traverses the network to reduce the attack surface and make it more difficult for a malicious program or third party to access that instance or device. I sometimes refer to this tactic in keynote presentations as creating filtered subnets.

Another compensating control is to harden the unpatched or EOL machines by removing all applications except those essential for the equipment’s operation. Examples of applications that must be removed include browsers and email clients since they are common vectors for successful attacks. If the employees operating those devices require internet and email access, consider adding a separate workstation that is patchable for email and web access.

EDR/XDR (Endpoint Detection and Response / Extended Detection and Response) technology is another helpful control. It involves installing a small program called an agent on each computer. The EDR/XDR agent monitors the system’s software, services, and behavior for any signs that threat actors might have already compromised the computer. If the EDR/XDR tool detects an IoC (Indicator of Compromise), it can respond by interrupting the process. When tuned to avoid false alarms, the best response is to allow the agent to effectively quarantine the workstation from the rest of the network until the IT team can investigate. This helps prevent attackers from spreading to more hosts.

However, it is common for IT teams to succumb to the danger of relying too heavily on EDR/XDR to protect their organization and, therefore, neglect implementing other industry best practices to protect systems. Threat actors often set up EDR/XDR tools on their test networks to find ways to circumvent the protections. So, even if your EDR/XDR tool says everything is safe, it doesn’t necessarily mean threat actors aren’t active in your network.

To combat this, companies commonly conduct yearly red-team exercises, performed by exceptionally skilled IT teams that regularly perform these exercises and know the tricks and practices real-world threat actors use. These exercises are designed to test the effectiveness of the detection and response process. These exercises look for weaknesses in EDR/XDR and help keep the IT team in practice, ensuring they’re better prepared in the case of an attack.

Depending on your budget, if $20/user/month for EDR/XDR is not feasible, know that the other cybersecurity controls in this article, such as careful hardening and segmentation with very restrictive filtering, are much less expensive than EDR/XDR and have little if any ongoing expense. I don’t want to diminish the usefulness of EDR/XDR tools. If you are on a tight budget, unless your cybersecurity policy requires EDR/XDR, you might choose to focus on other compensating controls.

The IT Team must alert the executives about the expense of upgrading applications, isolating the shop floor instances on a separate network, deploying an additional network for web and email access, training users and operators, implementing EDR/XDR tools, and other expenses. Include time estimates along with financial estimates. Then, the executives can make an informed decision, and IT can follow their instructions and ask for support as necessary.

Step-by-Step Guidance for IT Teams:

Acknowledge that it can be a significant challenge and sometimes practically impossible to ensure that all workstations run with a current OS and that all critical security updates are applied. But keep applying updates if possible.

Inform your executives whether your team has time to make these changes. IT teams must alert executives of the time and expense involved. The executives will have options such as adding more IT professionals to augment the team, postponing other projects, or accepting the risk of continuing with unpatched systems or EOL OSs with the compensating controls listed below.

Explore all technical, training, and expense changes before upgrading applications.

Ask your supervisor to delegate the price checking to someone outside the IT department if feasible. Your IT team is very busy, so checking the prices might cause the upgrade to be delayed. It can be time-consuming to check with the robotic, manufacturing, and scientific equipment vendors to find the pricing for upgrades to their applications that control machinery.

Investigate more than the pricing. Ask about changes in the upgraded applications affecting the user interface and user experience. Ideally, the upgraded application software operates similarly and has the same interface. Unfortunately, some manufacturers significantly change the user experience when they upgrade their applications.

If users will need training, identify a trainer.

Determine how scheduling the training will affect the deployment timing.

Involve executives in decision-making and send them regular reports about the project’s progress.

Implement compensating controls on the workstations because of the high cybersecurity risk of missing critical patches or using EOL OSs. Compensating controls aren’t a replacement for missing patches, but the controls can help tremendously.

Remember that attackers can exploit security risks long before they are discovered. Only when the vulnerability is discovered will the operating system and application developers know to create or release patches to seal that security hole. Refrain from relying on patches as your sole security control for application software and operating systems.

Strongly consider isolating shop floor machines on a separate subnet, especially those you are prohibited from patching and those using EOL OSs. Isolate that subnet completely with an air gap or utilize aggressive filtering at the switch or router to limit traffic to only the required source, destination, ports, and protocols.

Additionally, hardening the workstations against attacks is strongly recommended.

Remove or restrict web and email access. This is one of the most effective ways to harden workstations, as web and email are two of the most common vectors for malware.

If the workers at those devices need access to the web and email, consider deploying a separate workstation to their station they can use for web and email. If feasible, that workstation should not be on the shop floor network. If you put those workstations on the equipment network, you would need to allow email and web traffic, and modifying access control lists to allow more sources, destinations, ports, and protocols can significantly reduce the security you would otherwise introduce to the equipment control network. Strive to exclude TCP ports 80 and 443 on the AI device network while allowing full functionality of the AI and other computer-controlled devices.

Be sure you limit the sources of inbound and destinations of outbound network traffic to the absolute minimum. If you need to run new cables to facilitate the additional workstations for web and email at the workers’ stations, then running new cables might be a significant investment. Deploying a WiFi network for email and web access might be more economical. Keep the key secret. If you share the WiFi password, workers might connect other devices to the equipment network and compromise security. Completely blocking email and web access and access to external IP addresses will hamper the workers on the manufacturing network from exposing the hosts to many threats.

Strongly consider using EDR/XDR tools, along with the Red Team Exercises, to help ensure the configurations’ effectiveness and allow your IT team to prepare for actual emergencies.

Summary:

Protect workstations that control hardware such as robotics, pharmaceuticals, lasers, and scientific instruments, regardless of whether they utilize AI. This helps ensure the safety and operability of your systems, protecting your organization and workers.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

(Image source: Bing. Learn more at [Bing.com].)

The post An Executive’s Handbook to Securing Modern Manufacturing Networks and Robots, AI or Not appeared first on Foster Institute.

While VPNs have long been a staple for securing connections in coffee shops and other public networks, by integrating advanced security measures, you can fortify your organization’s defenses and stay ahead of emerging threats.

The goal of this article is to empower you with insights and strategies to bolster your IT team’s efforts. By equipping them with cutting-edge tools and knowledge, you can elevate your organization’s cybersecurity posture. Remember, cybersecurity is a dynamic, ever-changing domain that demands continuous adaptation and vigilance.

Introduction:

A VPN, a virtual private network, is designed to provide privacy of traffic across untrusted networks and through the Internet by encrypting data between the user’s device and the company network. It functions as a network connection from one point to the other. In the case of a remote access VPN, those two points are the user’s laptop and your company’s VPN terminus in your data center or elsewhere.

Some companies commonly allow or encourage remote users to connect via VPNs while out of the office, under the impression that the VPN alone protects remote users from security risks on a public network.

While a VPN can protect data in transit, it does not protect against all threats on the local network, such as those present on a Wi-Fi network at a public location. The evolving nature of cybersecurity threats means additional measures are necessary.

The often-overlooked risk is that when connected to a public network and using a VPN, the user’s laptop remains exposed to network sweeps, vulnerability scans, and other network attacks. VPNs still play an essential role by encrypting traffic.

Ideally, users should avoid connecting to public networks. If connecting to a public network is necessary, it is crucial to implement additional cybersecurity controls, such as using a properly configured physical hardware firewall, to protect against network attacks.

Real-World Ways Attackers Breach VPN Users on Public Networks:

Here are three notable examples of how threat actors attack workers who connect to a public network using a VPN:

Attacking a VPN Client via Airport Wi-Fi:

Advanced Persistent Threat (APT) groups are targeting enterprise VPN vulnerabilities. A recent example is the 2024 VPN attacks against Ivanti. For example, an employee connects to their corporate network using vulnerable VPN software at an international airport. Attackers exploit the VPN vulnerability, bypass encryption, and install malware on the employee’s laptop. This allows them to infiltrate the company’s network, stealing proprietary manufacturing processes and trade secrets, causing significant financial losses and requiring a major incident response.

Attacking and Breaching VPN Users on Public Library Wi-Fi:

A severe security flaw known as PrintNightmare can be exploited by threat actors against computers, even those of users connected to a VPN over a WiFi network. A typical instance is an employee of a prestigious law firm working remotely from a public library, using the corporate VPN to access internal resources. Attackers on the same network exploit the PrintNightmare vulnerability, executing malicious code on the employee’s laptop. This breach allows the attackers to move within the firm’s network, accessing confidential client information and case details. This leads to legal repercussions and reputational damage, prompting a thorough overhaul of its security practices.

Tech Company Infiltrated via Coffee Shop Wi-Fi:

Threat actors can utilize Mirai malware that spreads to devices on networks, including public WiFi networks, affecting users even when they are utilizing VPNs. A case in point is an employee of a tech company connecting to their office VPN from a coffee shop’s public Wi-Fi network. The network contains compromised devices infected with Mirai malware. The employee’s laptop, running outdated Windows, becomes infected. The malware uses the VPN connection to infiltrate the company’s network, leading to data theft and unauthorized access to sensitive projects. The company must enforce strict security protocols and undergo a comprehensive network data discovery and clean-up.

The Core Issue with VPNs on Public Networks:

VPNs play a vital role in encrypting data and maintaining privacy by encrypting data in transit. They do not fully protect you from local threats found on public networks like those in coffee shops, hotels, or airports. Complementing VPNs with additional tools, such as travel routers or cellular hotspots, as explained below, can significantly mitigate these risks.

Simplifying the VPN Concept:

Some think of a VPN as a tunnel through the Internet that provides a network connection. This tunnel can allow you to work as if you were connected in person at your office, but remember, the VPN provides privacy for your data but not comprehensive security for your laptop.

Understanding the VPN Paradox to Prevent Breaches

The common belief that a VPN alone guarantees security in a coffee shop scenario is not only incomplete – it’s potentially dangerous. Addressing this belief is crucial for your company’s cybersecurity.

The Danger of a False Sense of Security

When workers believe that a VPN makes them secure, they may unknowingly increase their risk by connecting to insecure networks, thinking they are safe. This false sense of security can lead to substantial cybersecurity incidents within an organization.

Solutions for Executives to Consider:

Two relatively simple solutions to help remote users be secure are to prevent them from connecting to the coffee shop, hotel, or other network and connect with a mobile phone or cellular hotspot. Alternatively, the user can be provided with and trained to use a properly configured small hardware firewall to help protect their laptop from the risks of the public network.

Addressing these challenges with your IT Team can strengthen your defenses against sophisticated cyber threats. Implementing portable hardware firewalls or alternative connectivity options can bolster users’ security as they work remotely.

Introduction to Ways to Help Keep Remote Users and VPNs Secure:

What follows is detailed information, described in plain English, for executives and IT Pros who want more information about the risks and how to protect remote users connecting through a remote access VPN connection. Allowing users to use a VPN on a public network could result in a breach at your organization, hence the reason for this document.

Actionable Steps:

This article’s purpose is to highlight the potential security enhancement provided by eliminating the incidence of users connecting to the public network or, if they do connect, using a hardware firewall to isolate them from the public network.

A threat actor doesn’t need to be in the coffee shop; the attacks can originate from an innocent user’s laptop that they do not realize has been compromised by a threat actor or a malicious program or service running on another computer connected to the guest network.

To avoid connecting to the public network, users can use their properly configured phone or a cellular hotspot to connect from the coffee shop, hotel, or other public area. Cellular networks can have security concerns, too. Fake cellular towers or insiders working at the cellular company are examples of threats, but cellular connections are arguably more secure than public WiFi networks. The benefit of this method is how quick and convenient the connection is. Drawbacks include the need for a reliable cellular signal and potentially increased recurring data charges by the cellular carrier. Additionally, if the user exceeds the carrier’s data limit for the month, the carrier might throttle (slow down) the user’s data rate for the rest of the month.

If the user doesn’t have access to a cellular connection, wants to avoid wireless carrier fees, or wants to connect to the public network for any other reason, they could use a portable firewall, commonly known as a travel router, to help isolate them from the risks of the public network. Useful travel routers are available for a one-time purchase for less than $100. Keep in mind that the user’s data rate will be restricted to the data rate of the public network or slower if the user uses a VPN across the public network. Public network speeds can vary greatly, as can cellular data speeds, even during different times of day.

It is essential to note that while travel routers and firewalls can help mitigate many risks, they must be appropriately configured to be effective. Their configuration screens can be complex, potentially leading to insecure configurations. A user with an improperly configured travel router connection is dangerous since the user might have a false sense of security. It is essential to involve your IT Team in the planning, configuring, and deploying travel routers, as well as the necessary training for users to use the devices securely.

Using a travel router requires additional user training for them to complete three steps. After powering on the firewall device, the laptop user must first connect their laptop to the travel router as if it were a cellular hotspot or another Wi-Fi connection. This is a relatively simple process and will likely be the same routine for the life of the travel router. Many travel routers accept wireless and wired connections. The second step is for the user to use a window in their browser to connect the travel router to the public network’s name. This step is potentially precarious due to the complexity of the configuration screen on some travel routers. Your IT Team must be involved in creating precise documentation, user training, and configuring the devices. Third, the user goes through the process of logging into the public network if the public network requires some kind of login process, such as a room number and last name at a hotel. If the user doesn’t see the hotel login screen, they can open a new tab in their browser to neverssl dot com or nossl dot com, and the hotel login screen will usually pop up.

Typically, the public network recognizes the firewall as if the user is connected directly from their laptop. Now, the user does their work as usual. The travel router acts as a firewall between the laptop and the potentially risky public network.  The connection process is usually speedy if the user frequents the same public hotspots. Even at a new network, if the user is trained, going through the three-step process usually takes five minutes.

VPNs are essential for encrypting data and protecting privacy, including the sites users visit while connected to a network. Users wishing to use a VPN to control privacy can use the VPN client on their laptop as usual. This applies whether the user uses their cellular connection or a travel router. Many travel routers include a VPN feature, too. Secure Access Service Edge (SASE), pronounced sassy, is a technology that provides a more comprehensive approach to secure access that can sometimes replace traditional remote connection strategies. Everything in this article about protecting a user’s laptop from security threats against the public network connection still applies in SASE.

Technologies that sound like alphabet soup and are explained below, such as IDS (Intrusion Detection System), IPS (Intrusion Prevention System), EDR (Endpoint Detection and Response), and XDR (Extended Detection and Response), can help protect the laptop against threats potentially lurking on public networks. However, attackers also obtain these protection tools. They are constantly probing for weaknesses they can exploit, so you must continue to use additional tools and techniques to protect your organization in a layered approach.  And the necessity of maintaining and monitoring those technologies can create a significant burden on your IT Team. More on that below.

Multi-factor Authentication is Not a Shield:

Multi-factor authentication (MFA), such as a text message or authenticator app, is an essential part of your cybersecurity strategy that you must adopt immediately if it isn’t already in use. While MFA helps secure the authentication process, it does not address network attacks or other ways that could allow an attacker to compromise the laptop. If attackers compromise the laptop, they can bypass MFA by utilizing the user’s active session. The attacker can wait for the authorized user to log in using MFA on their behalf, and then the attacker can have the same level of access as the authenticated user. The point is that MFA is an essential, if not mandatory, cybersecurity control, but it does not protect the user against network attacks on a public network.

For those of you familiar with my articles, you know my focus is to present cybersecurity topics in non-technical terms. The following section is more technical than usual. Consider passing this along to your IT team if they want more technical details.

The Technical Details to Protect Yourself and Your Organization

In the next portion of this document, we’ll explore configuring the data center’s networking environment and the remote hosts to make using a remote access VPN safer.

Quick Definitions Used in this Document

• Remote Access VPN: This type of VPN allows individuals to connect to their company’s network, unlike site-to-site VPNs, which connect two office locations or data centers.

• Unmanaged Computer: A computer not maintained by your IT professional who uses specialized knowledge and tools. These endpoints are more vulnerable.

• Public Network: Think coffee shops, cruise ships, resorts, hotels, airports, etc.

• MFA (Multi-factor Authentication): This adds a layer of security for the authentication process beyond just passwords. Examples of MFA include a text message or an authenticator app on your phone. However, MFA doesn’t shield you from threats of malicious signals on a network scanning your laptop for vulnerabilities and security misconfigurations.

The Core Issue with Remote Access VPNs

A significant concern with remote access VPNs is that attackers gain the same access as the remote user if a remote host is compromised.

Protective Strategies

Please keep reading to learn how to safeguard your network and host computers, ensuring they don’t become conduits for attackers to infiltrate your network.

Part 1: Fortifying User Devices Against Infection: Such as Protecting the User at the Coffee Shop

While a VPN doesn’t inherently secure a device on a public network, the following measures can bolster your device’s security:

• Fundamental Cybersecurity Controls on Endpoints: Use core cybersecurity controls for laptops. For example, regular critical security updates should be applied soon after release. To help stop attacker programs, restrict what applications can run using application control. Prevent users from installing applications by controlling their permissions or using third-party tools. Restrict enabled services to essential functions only that the user would use. Close all open ports. Follow other cybersecurity best practices.

• Endpoint Protection: Some organizations deploy Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) on remote users’ devices. Using Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), or Managed Detection and Response (MDR) agents on the laptops can increase security by monitoring for malicious behavior known as an indicator of compromise (IoC). EDR/XDR tools provide many benefits, including continuously monitoring network devices and watching for suspicious activities or evidence that an attacker is compromising a system. EDR/XDR is designed to identify, isolate, and mitigate threats. Response options include stopping the threat actor by shutting down processes and services or, as a more comprehensive response, quarantining the remote device until the IT Team can investigate. The thorough response would be for the IT team to erase and reload the workstation if there is any indication that the device was compromised. Some organizations use automated means of initializing workstations to facilitate this reloading process. IDS, IPS, EDR, and XDR must be effectively monitored, managed, and updated. One way many organizations ease the burden on their internal IT Teams is to utilize a third-party MSSP to perform these tasks. Managed Detection and Response (MDR) means you pay a third-party provider to manage your EDR/XDR. One key point to remember is that attackers can obtain these protection tools, too, and are always looking for ways to bypass the tools. We perform Red Team Exercises at companies to test the capabilities of the EDR and XDR protections. Do not make the common mistake of letting your guard down in other security areas after implementing EDR or XDR.

• Shielding from Public Networks: Equip remote users with a filtering device, such as a portable firewall or travel router, to act as an intermediary between their laptop and the public network. In some cases, these devices can establish VPN connections directly to the data center, offering an added layer of security since the laptop is shielded from the network. Proper configuration of travel routers is crucial. They should be set up to help ensure secure connections, such as using the most secure Wi-Fi security protocols, regularly updated with the latest firmware to protect against vulnerabilities, secure configuration policies, and other steps to enhance security.

• Alternative Connectivity: When a secure filtering device isn’t available, it is recommended that remote users connect via a cellular network to avoid the risks of public Wi-Fi. When you are disconnected from public Wi-Fi, you are also disconnected from potentially harmful devices on that network.

By implementing these practices, you can significantly enhance your security posture against the potential risks associated with remote VPN access.

Part 2: Securing Your Organization’s Network Against Compromised Users’ Laptops on a Remote Access VPN: Protecting the Organization from the User at the Coffee Shop

To help prevent unauthorized network access through a compromised VPN user’s device, consider these strategies:

• Restricted Access: Restrict VPN use to company-issued computers only. Your IT team must manage robust security measures like patch management, EDR/XDR solutions, stringent configurations, and more.

• Ban Personal Devices on VPN: Consider prohibiting the use of family or personal devices for VPN access. These unmanaged devices are more susceptible to malware, which can spread to your corporate network.

• Network and Firewall Strategies at the Data Center:

• Server Segmentation: Isolate RDS and file servers in separate network segments or VLANs. This approach allows for tailored security policies and mitigates the spread of potential breaches.

• VPN Traffic Isolation: Create a dedicated network segment for VPN traffic to act as a buffer zone, keeping incoming connections separate from the core network.

• Firewall Implementation: Place firewalls strategically to monitor and control traffic between the VPN and other network segments. Implement Firewall Access control Lists (ACLs, a.k.a. Firewall Rules) to define and enforce permissible traffic types, sources, and destinations between these segments.

• Traffic Protocol Rules: Specifically, allow only necessary protocols like RDP and file-sharing through the VPN to the designated servers, using protocol filtering and port restrictions to enforce this.

• Session Management: Configure firewalls to limit session numbers and durations, reducing the risk of prolonged unauthorized access.

• Deep Packet Inspection: Employ firewalls capable of DPI to scrutinize traffic content, ensuring it aligns with expected patterns.

• Vigilant Monitoring: Set up logging for all traffic passing through the firewalls and regularly review these logs for anomalies.

• Firewall and Infrastructure Firmware Patches and Updates: Keep firewall firmware and configurations up to date to counter emerging threats.

• Regular Audits: Conduct periodic audits to validate the effectiveness of your security measures.

Part 3: Don’t Provide an Easy Path for Attackers to Access Your Files

• Omitting Drive Mapping to Remote Hosts: Consider alternative solutions for file sharing rather than mapping server drives for remote VPN users. If you share a drive through the VPN and an attacker compromises a host, the attacker can access the drive. The mapping makes it easier for the attacker to encrypt or delete files on your servers.

• If you won’t map drives, and the remote users need direct access to the exact instances of the files local users have, strategies include:

• Cloud Storage: To avoid drive mapping, the files could be stored in a cloud location, from Microsoft or a third-party solution, for all users to access.

• File Synchronization Considerations: If cloud storage is not an option, and the files must be stored on traditional servers for local users, some form of file synchronization could be utilized to copy the files to a hosted location accessible to remote users. This would be effective if remote users only read, not edit, the files. If multiple users edit files simultaneously, data inconsistencies are likely. The synchronization would need to consider the possibility of a local user editing a file while a remote user editing a file in the shared storage environment. In this case, the synchronization process would need to know which saved version to preserve and what to do with the conflicting version. It should also alert the users that they could have lost their edits.

VPNs and MFA: A Misunderstood Safety Net

In my experience, some well-meaning IT professionals proclaim, “If you are in a coffee shop, you can protect yourself from the security risks if you use a VPN backed up with MFA.” This well-intentioned advice, however, needs a deeper dive to uncover the whole truth.

MFA and VPN Security:

Multi-factor authentication (MFA) significantly enhances security by helping ensure that only authorized users can access VPNs. However, it’s crucial to understand that while MFA helps in securing the authentication of users, MFA does not safeguard against attacks exploiting vulnerabilities on devices connected to the public network. For example, MFA cannot protect against an attacker scanning for open ports on a laptop connected to a compromised Wi-Fi network. These attacks can occur independently of the authentication process that MFA protects, highlighting the need for comprehensive endpoint security measures and robust authentication protocols.

To guard against a wide range of threats, organizations must implement a layered security approach that includes strong authentication measures like MFA and endpoint protection strategies. This should involve regularly patching and updating software and operating systems, closing unnecessary ports, employing host-based firewalls, and continuously monitoring suspicious activities. By addressing device-level security with authentication controls, organizations can provide a more robust defense against attackers’ diverse tactics.

Consider Alternative Solutions for Remote Access:

A Remote Desktop Services (RDS) gateway can allow remote users to access internal network resources without requiring a traditional VPN connection. This approach can reduce the network’s attack surface by not providing a tunnel for attackers to exploit. However, RDS gateways come with other security challenges and require robust configuration and protection. User devices using RDS still need robust security measures to help protect against potential compromises, including an attacker compromising a remote user’s laptop.

Similarly, allowing remote users to operate cloud-based virtual desktops, such as those provided by Windows 365, can eliminate the need for drive mappings to the remote user’s computer.

However, it is essential to recognize that if the remote host system—whether a cloud-based virtual desktop or a machine accessed via an RDS gateway—is compromised, an attacker may still be able to hijack a user’s session. This potential risk underscores the necessity for robust security measures, including continuous monitoring and response strategies, to quickly detect and address any such compromise.

In Conclusion:

VPNs provide significant security benefits by encrypting data, which is crucial for privacy and protection against eavesdropping. However, they should be part of a broader security strategy that includes secure endpoints and awareness of public network risks. An attacker, physically present in the coffee shop or remotely controlling another patron’s device, could exploit open ports, unpatched vulnerabilities, or other security loopholes. This is where malware, often lurking unnoticed, can exploit weaknesses on your laptop.

Threat actors rely on the misconception that using a VPN is the only cybersecurity control necessary to protect users on public networks. Some of the most significant cybersecurity predictions relate to threat actors attacking VPNs. Additionally, using a VPN with drive mapping is a common practice for remote work but includes significant inherent risks.

Bolster your organization’s security by empowering your users to avoid connecting to a public network and consider some form of securely configured cellular connection. If they connect to the public network, consider facilitating their security with a properly configured hardware firewall to help isolate their laptop from the public network.

Combining multiple tools and best practices is essential for a layered security approach. As always, regular user training is an essential component of keeping your organization secure.

Note: This document provides guidelines for enhancing remote access security through VPNs and alternative methods. It does not address the security specifics of the VPN client application or browser plugins. Readers are encouraged to follow cybersecurity best practices for those components as well.

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post What Executives Must Know: VPNs and Public Network Security appeared first on Foster Institute.

A Real-World Example from the Workplace: Recently, a new employee at a company received a fraudulent text message on her personal phone, supposedly from the company’s president. The president had not sent any text, and the company had not stored her personal phone number. How did the threat actor know? It’s possible that a data broker linked the new employee’s private phone number with the president’s name at the new company by eavesdropping on a conversation, such as her telling a friend about her new job. Upon investigation, the employee found that some unexpected apps had access to her microphone.

A Real-Word Family Example: Last week, a husband and wife discussed dental options for their child at the breakfast table with their phones nearby. They hadn’t typed anything into a computer or searched online, yet less than an hour later, one received a text message from a company offering dental aligners. How could this happen? An app on their phone might have accessed the microphone, listened to the conversation, and shared the information with a data broker. The data broker then provided this information to a company selling dental aligners, prompting them to send a targeted text message. Have you or someone you know had similar experiences?

How It Happens: Some apps collect data, including audio data from a microphone, and sell it to data brokers, also known as Marketing Data Aggregation Warehouses. These brokers aggregate and sell data to various businesses, including marketing and advertising firms. These businesses then use the information to send targeted advertisements or, in the case of threat actors, perform sophisticated phishing attacks designed to extract sensitive information or commit fraud.

Apps are supposed to request your permission to access your microphone. However, this “user’s consent” often comes from clicking “Do you agree to the privacy policy” during installation. Most users do not read these policies and agree just to use the app. Privacy policies can be vague, stating that the user allows the app to collect information and share data with third parties.

Several types of apps can gather information for sale to data brokers and request microphone access in their privacy policies. These include:

• Social Media and Communication Apps: Use microphone access for features like voice messaging and video recording, sharing collected data for advertising.
• Virtual Assistants: Require microphone access for functionality, collecting voice queries and background noise for service improvement and advertising.
• Gaming Apps: Mobile games with voice chat request microphone access for communication, sharing user data for advertising.
• Productivity Apps: Note-taking and voice recorder apps request access for audio notes and transcriptions, collecting valuable user data.
• Health and Fitness Apps: Fitness trackers and health apps request microphone access for voice input, collecting sensitive health data.
• Utility Apps: Simple apps like flashlights and calculators sometimes request unnecessary permissions, including microphone access, to gather user data covertly.
• Marketing and Rewards Apps: Request location and microphone access to collect user data, which is then sold to data brokers.

These apps often include clauses in their privacy policies that allow microphone data collection, which users might unknowingly grant, leading to targeted advertising and other uses by data brokers.

For further reading, refer to articles like “FTC Cracks Down on Mass Data Collectors” by the Federal Trade Commission.

Protecting Your Privacy: To protect against such risks, Apple, Google, and Microsoft have all implemented ways to help ensure your microphone’s privacy even if users agree to the privacy policy. Instructions for disabling access to your mic are listed below. It’s crucial to regularly review and update app permissions on your devices, ensuring that only essential apps have access to sensitive data like the microphone.

Beyond Annoying Ads: Threat actors can use similar tactics to perform targeted attacks and commit fraud against individuals and their companies. For instance, the fraudulent text message received by the new employee could lead to more sophisticated phishing attacks intended for extracting sensitive information, transferring money, or other financial fraud.

Follow the instructions in the following draft memo you can send your workers and tell your family:

Memo to All Employees: Securing Your Microphone Privacy Settings

Dear Team,

We are committed to ensuring the privacy and security of our employees’ personal and professional information. Recent reports have highlighted the risks associated with apps accessing device microphones without explicit consent, potentially leading to targeted fraud and privacy breaches.

To protect your privacy and our organization’s security, we ask all employees to take a few moments to review and update the microphone privacy settings on their devices. Below are step-by-step instructions for various platforms:

For Apple Devices:

1. Go to Settings > Privacy > Microphone.
2. Turn off the microphone for all applications that do not need access to your mic.

For Android Devices:

1. Go to Settings > Type Microphone, Privacy, or Permission Manager in the search box. If you do not see the privacy settings, you might need to use a search engine or chatbot to find specific instructions for your device model and version of Android.
2. Turn off the microphone for all apps that do not need access to your mic.

For Windows:

1. Go to Settings > Privacy & Security > Microphone.
2. Turn off the microphone for all apps that do not need access to your mic.

For Macs:

1. Click on the Apple symbol > System Settings > Privacy & Security > Microphone.
2. Turn off the microphone for all apps that do not need access to your mic.

Practical Steps:

• Revoke Unnecessary Access: Disable microphone access for all apps that do not need it. Allow exceptions for essential apps such as video conferencing tools and browsers if you use them for meetings. If you are uncertain, restrict access; the app will request permission if it needs access in the future.
• Test Essential Apps: Before your next meeting, verify that the apps you frequently use for video conferencing and other essential functions work correctly with the microphone settings you have configured.
• Restrict Other Permissions: While adjusting your microphone settings, you’ll see other settings. To further protect your privacy, consider restricting access to your camera, location, contacts, and other sensitive data.

We live in a world where protecting our privacy is increasingly our responsibility. Threat actors are becoming more sophisticated, so it’s crucial to stay vigilant and proactive in securing our devices.

Thank you for your attention to this important matter. If you have any questions or need assistance, please ask.

(In the last sentence, you can give them more specific guidance on what to do if they have a question)

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

The post Are Threat Actors Listening to Your Phone? Secure Your Mic to Reduce Security Risks and Protect Your Privacy appeared first on Foster Institute.

Credit Freeze

If you haven’t already, consider freezing your credit to prevent new credit accounts from being opened in your name without your permission. Here are in-depth instructions and details: Help Protect Your Financial Future: Freeze Your Credit – Foster Institute

Monitor Financial Accounts

Keep a close watch on your financial accounts for any unauthorized activity or transactions. Consider subscribing to an identity theft protection service, which can help monitor your information and alert you to potential misuse of your personal data. If you didn’t place the credit freeze mentioned above, doing so is essential.

Beware of Fraud and Scams

Beware of email, text, phone calls, or messages popping up on your computer that claim you are hacked and offer tech support help. Familiarize yourself and your family with the latest fraud techniques. Be skeptical of emails, phone calls, or messages that request personal information or direct you to websites asking for personal or financial data.

Be Cautious with Search Engine Results that are Ads

Threat actors can purchase ads so that, if you search for keywords such as ‘My phone provider database was hacked,’ the ad, disguised as a helpful search result, will appear at the top. This can lead you to a page designed to defraud you or compromise your computer

To help protect yourself, when you search, scroll down and click on the organic search results rather than the ads. You are more likely to access safer websites.

Malicious advertising is not limited to search engines. Advertisements on websites can be just as dangerous. These attacks are called malvertising and trick millions of users each year.

Change Passwords Immediately

If you haven’t recently, change passwords for all your accounts including phone provider, social media, banking, and other sensitive accounts, especially if you’ve used the same password for multiple accounts.

Use a Password Manager

Consider using a password manager to manage your unique passwords on every website. Detailed information about using password managers: Password Managers Speed Your Workflow – Foster Institute

Set Up Unique Security Questions

When setting up security questions, avoid real answers that are easy for a bad actor to research. Instead, use fictional answers like, “The fourth crater on the moon.” Save your secret answers in a randomly named file such as “socks.docx,” and consider encrypting this file for added safety.

Enable Two-Step Verification

Enable two-step verification for accounts. Prioritize setting this up on sensitive websites and services where it’s available.

Update Operating Systems and Software

Ensure that all your devices have the latest security software, web browsers, and operating systems updates and patches. This is one of the best defenses against viruses, malware, and other online threats.

Secure Your Tax Identity with an ID.me Account

Given that social security numbers were compromised, there’s an elevated risk of someone attempting to file a fraudulent federal tax return in your name. To combat this, consider registering for an ID.me account which provides access to IRS services. With this account, you can also apply for an IRS Identity Protection PIN (IP PIN) that adds an extra layer of security to your tax filings by requiring this unique six-digit number on your tax return.

Protect Your Property Records

With personal details like your SSN in the wrong hands, even your home ownership documents could be targeted. It’s advisable to monitor and possibly register your property deeds with services that alert you to any unauthorized filings or changes. While a universal solution for this isn’t available yet, taking initial steps such as contacting your local county clerk’s office to inquire about protective measures can be beneficial.

Awareness for Business Impact

Businesses, particularly those utilizing services from the breached provider, should be acutely aware of the implications this breach can have on their operations. It’s crucial for business owners to assess their exposure and strengthen their internal security measures, including employee training on data privacy and regular security audits to prevent further damage.

Register for Online Tax Accounts in All States

To prevent the misuse of your personal information for fraudulent state tax filings, consider registering for an online tax account in each of the 50 states. This pre-emptive registration can block identity thieves from creating accounts in your name, a tactic increasingly used to commit tax fraud across state lines.

Digital Footprint and Data Sharing

Be vigilant about the information you share online and through mobile applications. It’s crucial to minimize data sharing and scrutinize the permissions you grant to apps, especially those that request access to sensitive personal information. Educate yourself and limit exposures to safeguard against unauthorized data usage. The less information threat actors can gather about you, the more difficult it will be for them to misuse your identity.

Review and Update Privacy Settings

Regularly review and update your privacy settings on social media and other online platforms to ensure minimal public exposure of personal information. This proactive measure can significantly deter fraudsters from using accessible data to facilitate identity theft or scams.

Legal and Financial Consultation

Consult with legal and financial advisors to explore additional protective measures tailored to your personal or business circumstances. Discuss setting up legal structures such as trusts to shield assets, or other strategies that may offer enhanced security against identity theft and financial fraud.

Emergency Contacts and Protocols

Prepare an emergency contact list and establish protocols for immediate action if you suspect identity theft or if a data breach occurs. Include the contact information for essential services such as credit bureaus, your bank, and legal advisers, to ensure a swift and organized response to security threats.

Forward this message to your friends so they can follow these steps can help mitigate the damage from the breach and protect their personal information.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

Disclaimer: The information provided in this blog is for general informational purposes only. Technology changes constantly, and some of this information might become obsolete or incorrect. We do not endorse or receive compensation for mentioning products, services, or brand names. Any outbound links provided are for your convenience and to get you started, but we cannot guarantee the security or safety of those external websites. Conducting your research and making an informed decision about any products or services mentioned here is essential. We shall not be held responsible for any actions taken based on the information provided.

The post Protecting Your Financial Interests in the Wake of a Major Data Breach appeared first on Foster Institute.

The post Leadership in the Line of Fire: Cleanup or Clean Slate? appeared first on Foster Institute.

Considerations for Workplace Operations

Loss of Electricity: Without power, most businesses would experience an immediate halt in operations. This affects everything from lighting to the operation of computers and machinery. Companies that do not have backup power sources might be unable to continue any form of production or service delivery.

Water Supply Disruption: The loss of water would impact sanitary conditions and halt processes that require water, affecting sectors like manufacturing, food and beverage, and healthcare services. It also raises serious concerns for employee welfare at workplaces.

Natural Gas Outage: For companies relying on natural gas for heating or as a part of their production process, a disruption would halt operations and affect the heating and comfort of work environments, especially in colder climates.

Communication Breakdown: The loss of phone and cell services would severely disrupt communication, both internally among staff and externally with clients, suppliers, and partners. This could lead to breakdowns in coordination, missed opportunities, and a drop in customer service quality.

Shipping and Logistics Challenges: The inability of shipping companies to operate would disrupt supply chains, leading to shortages of materials and products. This would cascade, causing production delays and potentially leading to financial losses.

Food Service Disruptions: If restaurants and food services cannot operate, it could affect food availability for employees, especially for businesses that rely on nearby food services for staff meals.

Manufacturing Disruptions: Manufacturing operations would be severely impacted, especially those reliant on continuous processes. This could lead to significant financial losses and contractual penalties.

Financial Impact: The cumulative effect of these disruptions would be substantial financial losses due to halted operations, spoiled goods, contractual penalties, and loss of business opportunities.

Unusable Work Environment: Inability to see or work due to power outages, coupled with extreme hot or cold conditions, would affect productivity.

Employee Safety and Morale: The safety and morale of employees would be significantly affected. Companies may face challenges in maintaining workforce engagement and productivity during such crises.

Employee Prioritization of Family Needs: With schools closing and potential dangers at home, employees would naturally prioritize the safety and well-being of their families. This would result in increased absenteeism and a significant decrease in workforce availability.

Dependency on External Aid: Companies would be heavily reliant on external assistance, whether from government aid, emergency services, or community support, to navigate through the crisis.

Long-Term Recovery Challenges: Even after services are restored, businesses would face challenges in resuming operations, managing backlogs, and dealing with the financial and operational aftermath.

Challenges You and Your Employees May Face in Personal Life

And just as important, how will you support your workers as they face the challenges at home with their immediate and extended families? How will you take care of your family? Here are some of the challenges that company leaders can consider to help employee well-being:

Food Supply Issues: The lack of electricity would lead to food spoilage at stores and homes, creating a food scarcity crisis. Companies should consider ways to support their employees with necessities in such scenarios.

Cooking and Sanitation Challenges: Without electricity or gas, cooking would become a significant challenge. Lack of water would also impact basic sanitation, including dishwashing and toilet flushing.

Automobile Fuel Shortage: Fuel pumps would cease to function without electricity, leading to a fuel shortage. This would impact employees’ ability to commute, further reducing workforce availability and potentially halting any operations involving transportation. Work from home is not an option when Internet connections are down.

Increase in Crime: A breakdown in public services could lead to increased theft and other crimes, as law enforcement may be overstretched or focused on their own families’ safety. Companies must enhance their security measures to protect their assets and personnel.

Hygiene and Health Concerns: The lack of water and proper sanitation facilities could lead to hygiene issues and the spread of diseases. This would have a direct impact on employee health and absenteeism.

Inadequate Healthcare Services: Healthcare facilities might be overwhelmed or incapacitated, limiting access to medical services. This could exacerbate health issues among employees and their families.

Payment and Transaction Challenges: With credit card machines down, transactions must be conducted in cash, a medium that might become scarce. This would affect both personal transactions and business operations.

Lack of Resilience and Knowledge: Most people are accustomed to modern infrastructure and might not be resilient to such a drastic change. This could lead to widespread panic and confusion, affecting mental health and the ability to cope with the situation.

Influx of Refugees: Should your area maintain functional infrastructure, expect an influx of refugees from impacted zones. This could stretch your community’s resources thinner, intensifying issues like food scarcity, healthcare access, and public safety.

Steps to Take:

Be sure to see the article about ways to make your organization more resilient https://fosterinstitute.com/executive-guide-to-navigating-power-internet-and-infrastructure-disruptions/

Conclusion:

The ramifications of a disruption in a nation’s infrastructure extend far beyond the workplace, affecting every aspect of employees’ lives and, by extension, the overall resilience of the business. Leaders must, therefore, not only focus on fortifying their operational infrastructures but also invest in strategies that support their workforce in times of crisis.

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

The post Consequences of Infrastructure Disruptions: A Realistic Assessment for Business Leaders appeared first on Foster Institute.

Envisioning the Business Impact: Understanding the potential consequences of an infrastructure attack is critical. This includes being aware of how a loss of electricity or water supply, communication breakdowns, or disruptions in shipping and logistics can impact your business. It’s not about anticipating doom; it’s about recognizing and planning for possible business interruptions.

Interrupted Cloud Connectivity: In this digital age, many companies have transitioned to cloud-based operations. It’s crucial to acknowledge that while cloud services offer tremendous benefits, they also present unique challenges, especially in scenarios of power failures and internet outages. Be sure your business continuity and disaster recovery plans consider periods of limited or no access to cloud services, including critical functions like email.

Emergency Communication Plan: Diversification in communication methods is key. Developing a plan that extends beyond digital and cellular networks can ensure continuous operations. Alternatives like two-way radios, messengers, and satellite phones for key personnel are not just about crisis management, but about maintaining uninterrupted communication channels under various circumstances.

Financial Resilience: Financial strategies that encompass scenarios like cash-based transactions and alternative payroll methods demonstrate foresight in financial planning. It’s about ensuring that your business remains operational and your employees are taken care of, regardless of the situation.

Supply Chain Resilience: In the face of fuel shortages and electricity disruptions, rethinking your supply chain is vital. Local sourcing can reduce dependence on long-distance transport, while increasing buffer stocks of key materials ensures consistent supply flow. Adapting to manual or low-tech inventory management maintains operational continuity when digital systems fail. This strategy is not just about responding to crises; it’s about proactively creating a robust and flexible supply network for any situation.

Employee Support and Training: In any challenging situation, the well-being of your workforce is paramount. Educating employees on fundamental resilience skills and establishing support systems for essentials like food and water are not only about disaster readiness but also about nurturing a strong and supportive corporate culture.

Regular Drills and Plan Updates: Engaging in routine exercises to test and update disaster recovery plans is not just about remaining resilient in worst-case scenarios. It’s about ensuring that your team is ready and efficient in any form of business interruption, maintaining agility and responsiveness.

Supporting Employees in Crisis: In any significant disruption, employees will prioritize their families’ needs. Acknowledging and planning for this – through support in food supply, healthcare, and security – is an integral part of maintaining a resilient workforce. The support you provide will encourage employees to remain engaged and productive at your organization during challenging times.

Conclusion:

This article offers essential insights to help your business thrive amidst a wide spectrum of operational challenges. Please forward this to your friends so they can increase their organization’s resilience too.

Comprehensive List of What to Expect:

https://fosterinstitute.com/consequences-of-infrastructure-disruptions-a-realistic-assessment-for-business-leaders/

Subscribe to maximize your executive potential with Foster Institute’s E-Savvy Newsletter, packed with practical IT security solutions and actionable strategies for success: https://fosterinstitute.com/e-savvy-newsletter/

The post Executive Guide to Navigating Power, Internet, and Infrastructure Disruptions appeared first on Foster Institute.

• Exploring Space Exploration: “Find the latest news about NASA’s Mars missions. Summarize the key points of the most recent mission, and then generate an image that depicts a futuristic Mars rover based on the described technologies in the news article.”
• Discovering Cultural Cuisine: “Look up traditional Japanese cuisine and select a popular dish. Describe the dish’s ingredients and preparation method. Then, generate an image of this dish presented in an authentic Japanese dining setting.”
• Exploring a Famous Landmark: “Research the history and architectural features of the Eiffel Tower. Provide a summary of your findings and then generate an image of the Eiffel Tower as seen during a beautiful sunset.”
• Market Trend Analysis and Visualization: “Search for the latest trends in renewable energy technology. Summarize the key developments in solar power advancements over the past year, and then generate an image that visualizes the most innovative solar panel design mentioned in the articles.”
• Competitor Product Analysis and Conceptual Design: “Find recent product launches by major competitors in the electric vehicle (EV) market. Provide a summary of the unique features introduced by these competitors, focusing on one specific product. Then, create an image of an EV incorporating these features in a new, conceptual design.”
• Consumer Sentiment Analysis and Marketing Campaign Concept: “Research recent consumer reviews and sentiments about smart home technologies. Summarize the most desired features and common concerns. Based on this, generate an image of a hypothetical smart home product that addresses these consumer preferences and concerns in its design.”

The post Try This Now: ChatGPT Plus’s and Perplexity’s Fusion of Text, Internet Search, and Image Creation appeared first on Foster Institute.