On Macs and Windows, encrypting an external drive can be as simple as right-clicking on the external drive’s icon and selecting the encryption option.

Two golden rules:

1) Be sure your files are backed up elsewhere before encrypting a drive.

2) Be sure to save the recovery key in case you forget the password.

Encrypting individual files is helpful to protect your data, but attackers can still read the filenames and deduce information. One advantage to encrypting an entire external drive is bad actors cannot see the filenames when you encrypt an entire external drive or memory stick.

I intend to make you aware of the importance of encrypting external drives and not go into technical details. So, you’re welcome to skip the following information. If you encounter errors encrypting drives in the simple method above, there are many details. For example:

Windows: One way to encrypt drives is using BitLocker. If you have Windows Home edition instead of Pro, you cannot encrypt drives, but you can unlock and use encrypted drives. All editions of Windows support the “device encryption” feature.

Macs: You can use an encryption utility called Filevault2. Alternatively, you can encrypt drives when you format them. If you have a Mac with an Apple CPU, some users experience losing access to the data on the drive after encryption. Apple will fix that soon if they haven’t already.

Hopefully, you won’t encounter any issues when you encrypt your external drives and help protect the data from anyone who steals or discovers a misplaced drive.

The post Protect Sensitive Data on USB Drives and Memory Sticks if they are Lost or Stolen appeared first on Foster Institute.

–> ONE: Ask your IT team, “Do we still have Microsoft Exchange Server email software installed anywhere?”

If they answer affirmatively, even if they’re already moving to the cloud, you must continue:

–> TWO: Ask them, “What can I take off your plate or postpone so that you can immediately test and deploy the patches to the Exchange Server right now?”

Essential: Applying security updates to your Exchange server does not resolve the issue if your organization is already compromised. There might be a small program on your system quietly waiting for an attacker’s commands.

To help determine if you are already compromised: https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/#scan-log

If your team cannot update immediately, send them here: https://github.com/microsoft/CSS-Exchange/tree/main/Security

–> THREE: Say, “The emergency is too great to postpone. Later, let’s discuss the pros and cons of moving email to the cloud.”

Pros include eliminating one server and associated headaches. Often, online email is better for remote workers too. But you could lose some integration features you have now, for example, an on-site phone system tied into Exchange. Because saving money and streamlining is essential, online Exchange is often less expensive.

The blog posting https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/#scan-log has a plethora of other information and guidance for your team related to the updates. Some organizations are experiencing errors after applying the security updates. For example, some learned they must install the updates from an elevated command prompt window. Microsoft provides more guidance:

https://msrc-blog.microsoft.com/2021/03/05/microsoft-exchange-server-vulnerabilities-mitigations-march-2021/

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2010-service-pack-3-march-2-2021-kb5000978-894f27bf-281e-44f8-b9ba-dad705534459

The post Three Essential Questions to Ask Your IT Team Today Because of the Massive Exchange Attack appeared first on Foster Institute.

The attacker does not need to know any passwords; they do not even need a username. They plug in a cable, and 3 seconds later, they’ve completely compromised your network. An attacker posing as a visitor, a copier repair person, or a member of a cleaning crew can all compromise your organization. They can steal sensitive information, install ransomware, and can shut down operations entirely. They bypass the majority of, if not all, of your other protections because now they’re a Domain Administrator.

This exploit is so severe that the Department of Homeland Security directed all federal agencies to apply the patch in accordance with the Federal Emergency Directive 20-04.

Take these three steps ASAP:

First, ask your IT team if they’ve backed up your Domain Controller servers and applied Microsoft’s patches that address the Zerologon exploit CVE-2020-1472. They must do this immediately. Be compassionate if they’ve not. IMPORTANT: Realize that if an attacker already took over a network, the patch doesn’t help.

Second, if you have Domain Controllers using operating systems older than Windows Server 2008 R2, your IT professionals must shut them down for good. Be sure to migrate any mission-critical services to other servers.

Third, does your organization rely on third parties to support you? What if one of your major suppliers, a distributor, or your biggest customer falls prey to an attack? Prepare your organization now for an interruption of their operations. Be sure their executives know about this flaw and these three steps. You do not want a catastrophe at their organization to domino and cause a disaster for you, even though you’ve protected your systems.

Additional steps:

Inform your work-from-home team members that, in some cases, the attacker can take over your network using a VPN connection. Do you have an armed guard at every work-from-home user’s home to watch visitors? Of course not. But your entire organization might rely on their security. What if a teenager’s friend feels like playing around, experimenting, with this new cool exploit on a mom or dad’s computer?

The patches only protect you from attacks from Windows devices. If an attacker accesses a network port or cable with a non-Windows machine, the attacker can still take control of your network. Microsoft will release a second patch on February 9, 2021. Ask your IT team to configure alerts now to monitor security log events 5827 thru 5831 to see when connections are allowed or denied.

The average time for IT Professionals to apply critical security patches is five months, but you need to help yours be above average. Ask them what you can do to help them have time to test and install all critical security patches within 14 days or sooner. They might want to have a patch management tool. They might need more time to devote to applying updates.

Confirm that your IT Team disconnects or disables all unused Ethernet ports, including those in conference rooms. Lock doors to any offices and conference rooms that contain active Ethernet ports. Train everyone to be proactive and remove opportunities for anyone, including guests and repair people, to plug a device into a network port.

Keep in mind that 911 systems, airlines, governments, and every organization that you depend on are at risk for Zerologon exploit CVE-2020-1472 until they take action too.

Please forward this to fellow executives you care about so they can support their IT Professionals successfully backing up servers and applying the emergency patch.

The post Attackers Can Take Control of Your Network in Three Seconds, and How to Stop Them appeared first on Foster Institute.

Step 1: Attackers compromise work-from-home users.
Step 2: They gain access to their company.
Step 3: They bite into the company to discover what’s inside.

There are so many work from home users; this is a target-rich environment.

1. You must harden remote users’ systems against attacks. Secure their connections.
2. When possible, issue laptops, so your IT team has more control over your remote users’ security.
3. Implement user training and phish testing. Please say if you’d like us to provide phish testing and online training for your users. We do all the work so your IT teams can focus on their other tasks.

Please forward this to your friends so they realize their remote users must be more secure than ever, and attackers target them indiscriminately.

The post Your Work From Home Users are Like a Box of Chocolates appeared first on Foster Institute.

This video is for non-technical people who need to make Zoom more secure today. So, if that’s you, open up your zoom account settings on your screen, and keep this video where you can see it side-by-side. Pause the video when you need to.

Some people say, “Mike, tell us what settings to change to increase our Zoom security.” If that’s you, then you are going to love this video. It walks you through your Zoom account settings so you can follow along.

I know that some of you will want to fine tune the settings more than this. This video is not designed to replace your IT Pro; they know more about your specific system and requirements.

To help protect your Zoom meetings, watch other videos that cover concerns about using Zoom:

Zoom Security – Set Up Two-Step Login

Zoom Security Settings – The Concise Details

Zoom Security Issues – Protect Yourself

The post Zoom Security – Follow Along to Set Security Settings appeared first on Foster Institute.

The post Warn Your Workers about Attacker Decoy Tactics appeared first on Foster Institute.

Add a footer to all of your web pages to the effect of “The CCPA requires us to notify you that we could sell your data unless you opt-out here” and provide them a link. Do it even if you don’t sell data.

CCPA applies to you if:

• At least half of your organization’s revenue is from the sale of personal data, or
• Your organization stores personal data of fifty thousand people or more, or
• Your organization has at least twenty-five million dollars annual revenue

If one of those applies, then:

• If a consumer in California asks, you must be able to give them copies of all of the data you collected about them.
• You must be able to tell them if you sold their data and to whom.
• Consumers can demand that you delete their data. Scouring their information from all of your applications and tools can be difficult because you have to remove them from your contact list, accounts receivable, order history, and everywhere else you store any information about them or their activities.

Protected data includes contact information and anything that can identify a household, including GPS locations.

Confusion abounds in the CCPA. For example, if consumers choose to opt-out, an organization cannot discriminate against them by blocking or offering a lower level of service. But some companies provide services based on their consumers’ data, so how can they give the same level of service to consumers who do not provide data? Another example is that employers need to keep some data on employees. What if an employee asks to have all their data, including their social security number, erased everywhere, but want to continue their employment? There are extensive attempts to address these issues, but the rules are confusing.

You’ll need to involve your lawyer to help wade through the issues, and that leads to the obligatory disclaimer: Do not misconstrue this to be legal advice. Check with your lawyer.

The CCPA is only the beginning. Expect to see similar laws in other states and at a national level too. Please forward this to your friends and associates, so they know they only have until July 1, 2020, to prepare.

The post Information that You Need to Know About the California Consumer Privacy Act appeared first on Foster Institute.

First, see if you are vulnerable. Click on the apple symbol on the top left of your screen, then choose About This Mac. If you have macOS High Sierra, you are probably vulnerable. If you have anything else, stop here.

Second, you can protect yourself by making sure nobody other than you can get to your computer. So far, though theoretically possible, the vulnerability has not been exploited remotely unless you have enabled “Share my Screen.” If you feel confident that no bad actors will have access to your computer, you can stop here.

Third, reset the root password. Apple provides the 8 necessary steps at support.apple.com/en-us/HT204012 , Scroll down to the section entitled: Change the Root Password. In their step 7, if the option Edit > Change Root Password is grayed out on your Mac, then instead click the option Edit > Enable Root User and continue with step 8.

Please forward this to everyone you care about that has a Mac.

The post Mac Vulnerability Permits Unauthorized Login appeared first on Foster Institute.

That’s right. You have a second computer running inside each of your organization’s existing computers. And probably don’t know it.

An attacker’s dream come true:
-A scarcely known operating system
-Hidden in millions of computers
-Using a secret microprocessor
-With priority over everything else on the computer. Something IT Pros refer to as ring negative three.
-With network access
-Patching security flaws are a nightmare
-And there is no anti-virus

Even if the attackers don’t soon find a quick way to access sensitive information, they might find a way to shut down all of your servers. And keep them shut down.

Intel has great intentions. MINIX is part of Intel’s ME Management Engine that has desirable features. MINIX runs on, coexists with, Windows, Linux, or whatever you thought was the only operating system.

The most important thing for you, as an executive, to do is to make sure your IT Team is aware of MINIX. They can read more at www.zdnet.com/article/intel-weve-found-severe-bugs-in-secretive-management-engine-affecting-millions/

The race is on: Attackers are looking for ways to use MINIX to their advantage. Intel, Google, and others are working to find ways to make MINIX more secure.

Forward this message to any organizations that you care about, especially organizations upon which you rely to perform services and provide products to your own organization. If they get shut down, or infiltrated, that will affect you too.

The post A Secret Operating System is Running Inside Your Computers appeared first on Foster Institute.

If you want to be able to reach them when they are off playing around the neighborhood, or stay in contact when you all go to holiday festivities, the amusement parks, or about anywhere else, consider the wonderful radios that can be purchased for a fraction of the price of phones.

The FCC set aside frequencies for family radio service (FRS) for free, and for a FCC registration fee, members of the same household can use the more powerful GMRS radios.

Someone loses, or breaks, a radio? Easy to replace. No monthly fees.

We keep several radios right next to the front door. Someone leaves to go play? Grab a radio. The whole family headed for an indoor or outdoor adventure, grab all the radios. The range isn’t unlimited, but we can reach each other easily within a two-mile radius, and usually, since our family travels, and howls, in packs, it is more than enough. Need more range? That’s an option too.

If you want more details, please ask.

The post Portable Radios Can Replace Family Phones appeared first on Foster Institute.