At the core of business email compromise are spoofed emails – communications that have forged headers, addresses or signatures to make them look authoritative and trustworthy. They often request fund transfers or sensitive information that can result in large-scale data breaches.

Business email compromise doesn’t discriminate by company size – the smallest organisation can be hit just as hard as a large corporation. Here are five suggestions to help protect your business.

1. Use Sender Policy Framework (SPF)

SPF is a critical tool for differentiating authentic emails from spoofed ones. When you establish an SPF, you can create a safe list of domains that your organisation approves for communication – for example, your own internal domain.

It will then conduct a verification of every incoming email and will send a warning if the address does not match the approved list of domains. You can then decide to analyse, quarantine or delete suspicious emails before they reach their intended destination. A variant of this system is Microsoft Exchange’s Sender ID.

2. Register domains similar to your own

A common tactic used by cyber criminals is sending emails that look similar to your own – for example, replacing a lower-case L with the number 1. At a glance, this can fool many people into thinking they’re receiving official communications.

One way of preventing this tactic is simply to identify all potential imitations of your domain, and register them yourself. Make sure you update these registrations on a regular basis, so they can’t be taken over by malicious entities upon expiry.

3. Add a ‘hard fail’ record

The Australian Signals Directorate (ASD) states that a hard fail record is a core element of preventing spoofed emails. With an SPF, unauthorised email domains can still reach the end user, but with a warning that the message comes from untrusted sources.

By configuring DNS settings to add a ‘hard fail’ record and setting this to a rigorous action, you can ensure communications from unauthorised domains go straight to spam or trash folders. This could also apply to emails sent from company addresses, but not company servers – another red flag to watch.

4. Educate your employees

Research from the Ponemon Institute and IBM shows that 27 per cent of data breaches are due to staff or contractor negligence ^[1]. By educating your employees on the dangers of business email compromise, you take a critical step towards prevention.

Train employees on their role in information security and educate them on email spoofing and spearphishing. Make sure they understand each and every red flag to look out for. You can also implement processes that mitigate the risk of falling prey to spoofing, such as requiring a phone conversation or face-to-face confirmation for any financial or informational transfer.

5. Use application whitelisting

This addresses a symptom of email compromise rather than the cause, but is nonetheless important. Application whitelisting is part of the ASD’s Essential Eight, and entails limiting the applications that can be opened on your data network. It prevents the possibility of malicious programs from opening, and can further alert people to potential compromise when they try to open an attachment from a spoofed email.

Get the best for your business

Business email compromise is all too common in Australia, but there are tangible steps you can take to mitigate the risks. Of course, this can be a complex process for businesses that are not well-versed in cyber security – this is where Over the Wire can help.

Our managed security services take over the administrative responsibility for your day-to-day protection and give you 24/7 cover from all manner of cyber threats. Contact our team to find out what we can do for you.

Learn more about the primary areas of cyber risk in our 24 page eBook, IT Managers: Set your Network Defences to Stunning, you can download it here.

^[1] 2017 Cost of Data Breach Study: Australia (IBM/Ponemon Institute, June 2017)

The post 5 ways your business can prevent email compromise appeared first on Over the Wire.

The post How does point in time recovery work? appeared first on Over the Wire.

“A Service Level Agreement is not a guarantee that your infrastructure will remain active for the specified uptime. Rather it is the minimum period of outage after which the business will receive a financial rebate, where this has been stated in the contract.”

For instance, a 99.95% uptime SLA (which is typical for the majority of business grade Ethernet services) has a maximum target downtime of 21 minutes and 55 seconds per month. Many IT Managers make the costly mistake of thinking this means that the service is guaranteed to be active for the remaining time period. It isn’t. The SLA simply means that come 21 minutes and 56 seconds, the customer will be able to claim some remuneration for any additional downtime experienced.

Why are the SLA’s not guarantees?

Using the example of a 99.95% SLA, 21 minutes and 55 seconds is more than enough time for a provider to fix the majority of network faults. However, infrastructure faults, which often rely on third parties to be resolved, can take much longer. For instance fibre cuts, ULL faults, and NTU failures are normally beyond the scope of the service providers control and as such require third party technicians to be physically present at the point of failure to be resolved. Depending on the fault, the remoteness of the area, number of services affected and the availability of qualified technicians, infrastructure failures may take several days to resolve.

Why does this matter if the provider has to compensate me?

Whilst an SLA may provide remuneration in the event of a service outage, the rate of remuneration is determined by the provider and is not linked to the actual loss incurred by the business. This means that the risk of a failure still needs to be weighed against the potential costs of one occurring. If the impact on the business is deemed to be unacceptably high it is strongly recommended that organisations consider utilising a redundancy package to mitigate the risk of an outage occurring.

What redundancy options are available?

Typical considerations for redundancy should include the following; however, it is recommend that all organisations consider backup links on a per-site basis so that the appropriate technology can be balanced against the cost.

• Due to their low cost and geographic availability, ADSL links are often recommended for the majority of sites.
• However if the site is in a remote location or there is a high risk of a large scale problem (e.g. flooding, bush fires, etc.), 3G and 4G backup links can be used. 3/4G is also recommended as a method of providing redundancy against terrestrial problems. For instance if a fibre cable, or other form of cable infrastructure is cut, it is likely that an ADSL connection will be affected as well, making 3/4G the most viable alternative. Microwave transmission can also be used to the same effect, however it comes with its own advantages and disadvantages. You can read more about the differences in connectivity options in this article on connectivity.
• The deployment of a second router to provide additional device redundancy can protect against hardware failure and get you back to work almost instantly.
• Due to a slow reduction in costs, protected fibre (fibre that takes diverse routes to the exchange) is becoming increasingly common as a backup option. Protected fibre comes with the advantage of being able to offer the same speed as the primary connectivity option.

Considerations should also be made as to whether there is a requirement for automatic or manual failover, as each of these options has the potential to affect the speed at which your service can be restored.

The next time your organisation is considering setting up a link to a new office, or upgrading an existing network, make sure you keep in mind that an SLA is not a silver bullet, and that the risk of an outage needs to be balanced against the potential costs of one occurring. 

The post Don’t Get Caught Out By Your SLA’s appeared first on Over the Wire.

In Australia, there has been a definite trend towards this kind of ‘outsourced IT’ over time, with the realisation that it is often unrealistic to expect an internal IT resource to be an expert and have time to stay up to date with an increasingly broad range of systems, particularly at a price point suitable for the business.

Hence the primary benefit organisations seek to derive for managed services providers is the ability to leverage the expertise of professionals with an esoteric skill set in order to gain more efficient utilisation of their existing infrastructure. This may occur as the result of consultation during infrastructure deployments, but can also result from day to day support and management programs which augment the skills and availability of in house IT teams.

To ensure that your IT is built and performing to enable your business to achieve its goals, rather than hinder them, the right amalgamation of different fields of expertise is required. So that we can offer the most appropriate solutions, and support a wide range of deployment styles, Over the Wire works with an extensive network of corporate partners, each of which are experts in their relevant fields, as well as maintaining our own in house teams of engineers.

This enables us to join your team as a trusted adviser, assisting your business goals through the ownership of your whole environment, parts of it, or simply on an ad-hoc basis. When used in conjunction with the wide range of other network, infrastructure, and voice services also offered by Over the Wire, a complete, end-to-end solution can be achieved; with a single point of call, backed by extensive experience in each area.

In the video below Over the Wire’s General Manager of Services Simon Wren, talks about some of the benefits of an Over the Wire Managed Services agreement.

For more information about our IT Support Services,  visit our IT Support Services Webpage, or call us to create a tailor made support solution for your business.

The post Access Expertise via Managed Services appeared first on Over the Wire.

Celentia has a long history of providing IT support services to businesses in Brisbane and we welcome them as a valuable addition to our team. This acquisition will help Over the Wire strengthen it’s end to end service value proposition, by allowing our clients to deal with a single provider for all of their IT and Telecommunications requirements.

More information about Over the Wire’s IT support services can be found on our IT Support Services webpage.

For additional details about the aquisition please contact media@overthewire.com.au

The post Managed Services Provider Celentia Purchased appeared first on Over the Wire.