Small and medium-sized businesses need affordable access to enterprise-level server backup solutions. Historically, affordable backup solutions were limited to only backing up specific folders and files locally or in the cloud. Many traditional backup solutions do not backup servers and failto provide disaster recovery and business continuity solutions. All Covered believes that all businesses, regardless of size, should have access to an affordable, complete backup solution—that’s why we offer All Covered Backup for Servers.

Cloud backups, in general

At the most basic level, cloud backups are nothing more complicated than online storage space for your business’s data.Basic cloud backup is not a bad choice if all your business needs is a second copy of data stored somewhere else, but if your business needs anything more sophisticated than that, chances are that it needs a comprehensive server backup solution.

All Covered Backup for Servers is different

All Covered Backup for Servers is a complete backup solution that takes advantage of cloud technologies.All Covered Backup for Servers allows your business to replicate entire servers to our secure All Covered Data Center, and then if needed, restore anything from an email or document to an entire server.All Covered Backup for Servers is more than a product, it’s a solution. All Covered Backup for Servers offers these features:

• Setup, support, monitoring - All Covered will install and configure a data replication appliance that can back up multiple servers simultaneously. Once that is done, we will test backups to ensure data integrity.After setup is completewe will continue to support your business by fine tuning the backup sets to ensure that they always meet your data protection needs. As part of our service we will monitor the entire backup process to ensure that your servers are always backed up.
• Local backups - As part of the backup process, data will replicate to a local appliance in real timebefore it is replicated in our All Covered Data Center.In the event that a document is deleted from a primary server, you can restore the document from the local server image.
• Local continuity - In the event that one or more of your local servers fails, the local replication appliance can virtualize stored server images and temporarily operate as a virtual server for up to three machines.
• Cloud continuity - In the event that any of your backed up servers fail, the replication appliance will allow youto temporarilyvirtualize up to eight servers simultaneously, based on the most recent images that were backed up our All Covered Data Center.

Suitable for Business Continuity and Disaster Recovery

In addition to backing up your business’s servers, All Covered Backup for Servers can help your business meet its disaster recovery and business continuity plan requirements. All Covered will back up your servers to our All Covered Datacenter which is:

• Secure
• Housed on US soil
• SAS 70 Type II compliant
• Supported in the US

Learn more

All Covered Backup for Servers is suitable for most small and medium-sized businesses. To learn more about how All Covered Backup for Servers can help your business, please contact All Covered.

According to the FBI, more money is now made off of malware then off of illegal narcotics. This represents a significant shift in how organized crime is both operating and where they will be making their investments in the future. Experts anticipate more sophisticated attacks with malware that is both harder to detect, and harder to remove. This is driven by several trends:

1. No network is safe. In the past, attacks from the internet were directed by a person who had a specific target in mind, such as a business, and institution or a governmental agency. These days attacks are completely automated, run by sophisticated programs that scan blocks of IP addresses.
• Automated scans scan examine 1000 IP addresses in an hour looking for vulnerabilities to exploit. Most scans are running continuously for days and weeks at a time.
• When an IP address is detected with a vulnerability, the application immediately attempts to exploit it. If successful, it will alert it’s administrator so that he can examine the results and see what additional exploitation can take place.
• Most firewalls are scanned by these automated systems at least twenty times a week from different sources
2. The bad economy is good for recruiting. Computer scientists and professional programmers are being actively recruited to write malware code because it pays well and offers very little risk. This code is often sold to other hacking groups to make money using similar application distribution methods that legitimate business use.
• Virus writing kits enable people with little technical skill to create sophisticated malware applications at low cost.
• Most of these virus kits come with 24hour technical support.
• Virus kits enable rapid advancements in code exploit to be rapidly distributed, which closes the gap between a known vulnerability and a viable virus or worm that can exploit it.
• Many organized crime groups cooperate and share resources for code writing, research and development and malware distribution in order to maximize profits
• There is a for-profit malware contingency who use dedicated test labs and other professional methods to improve their chances of infecting computers that employ techniques which outpace security software maker’s capabilities
3. Malware is now designed to make profits. In the past, viruses and worms were often designed as an intellectual exercise or to make a political or social statement. Today, it’s all about the money.
• Infested machines (bots) send out 44 billion spam emails a day. With many advertising programs, advertisers are paid on a cost-per-mille (CPM) metric. This means that the vendor or merchant is charged a flat rate for every thousand people that are shown the ad. Spam alone generates billions in profits.
• In 2010 McAfee Labs identified more than 20 million new pieces of malware.
• SophosLabs received around 60,000 new malware samples every day in the first half of 2010; every 1.4 seconds of every day, a new malware sample arrives.
• Captured data has value (represented in price per number of accounts captured)

  Facebook

  • 100/$15
  • 250/$35
  • 500/$65
  • 1,000/$120

  YouTube

  • 100/$12
  • 250/$30
  • 500/$60
  • 1,000/$120

  Yahoo

  • 100/$3
  • 500/$8
  • 1,000/$15
  • 5,000/$50
  • 10,000/$100

  Facebook

  • 100/$15
  • 250/$35
  • 500/$65
  • 1,000/$120

  Gmail

  • 100/$20
  • 250/$40
  • 500/$65
  • 1,000/$120

  Hotmail

  • 500/$10
  • 1,000/$15
  • 5,000/$65
  • 10,000/$120

  Twitter/MySpace

  • 100/$15
  • 250/$35
  • 500/$65
  • 1,000/$100

  Hushmail/AOL

  • 500/$10
  • 1,000/$20
  • 5,000/$90
  • 10,000/$160
4. Blended Threats are the latest trend. These days threats are no longer from just the internet, or just from infected attachments. Often these threats come from many sources, such as infected web sites, thumb drives or through VPN connections.
• Within the top 100 results 51 percent of the daily top search terms led to malicious sites, and on average each of these poisoned-results pages contained more than five malicious links. Of those poisoned, almost 5 percent had a malicious link in the top 10 results alone.
• As the IPAD and other apple product rise in popularity, so do the number of viruses designed specifically to exploit them. Currently there are over 35 viruses written for the IPAD alone
• Over 30 percent of network infections come from either a thumbdrive or through a vpn connection from a home office
• Most viruses are network-aware, allowing them to spread rapidly across the network. In addition, most viruses are designed to “call home” to a command and control center to download more advanced malware.
5. Advanced persistent threats are on the rise. APTs are different from other attacks. They are coordinated, methodical and exceptionally hard to detect.
• APTs are not automated – these attacks are directed by individuals or teams with a high degree of skill
• APTs establish a back door so that they can return to steal more data.
• APSs use sophisticated techniques to encrypt and hide data so that it can evade detection
• The detection rate for APTs is 24%. In comparison, the detection rate for malware is above 80%

Businesses can defend against these threats in many ways, but it is important to understand that there is no singular solution to the defense against malware and attacks. Organizations need to have a layered approach to security, defending the perimeter, the servers, the workstations, the network and the data, with solutions that overlap protection at each layer. These protections need to be specific to the organization – one size does not fit all, as solutions need to not only align with the individual needs of the organization, but with the policies that are in place.

John Dupras has been identified as An All Covered Technology Business Plan (TBP) Subject Matter Expert. His experiences working with All Covered for nearly a decade have made him a recognizable asset to the All Covered Team.

All Covered: Please tell us about your employment with All Covered.

John: I have been with All Covered for a total of 8 years. I started out as a Business Development Executive doing sales in the local market. When the direction of the company changed, I left All Covered for 15 months. In November 2005, I came back to All Covered as a Director of Consulting Services for the Seattle Market. During the past 6 years, I have also been the Director for Seattle, Regional Sales Director for the Western US, and Director for Seattle and Denver. Currently, I am fulfilling multiple roles as Director and Relationship Manager for Seattle and Sales, particularly involving synergies with Konica Minolta.

All Covered: You have been identified as a Technology Business Plan (TBP) Subject Matter Expert. Could you tell us what a TBP is?

John: A TBP is a document prepared for clients that identifies their current state of technology, their desired state of technology, and the gaps between the two. It is used to build a roadmap of our thoughts on how to get from where they are to where they want to be. It is more than a technical document, but takes into account the overall business strategies and challenges.

All Covered: What is a TBP Subject Matter Expert?

John: A TBP expert is someone that is able to identify a client’s business needs and provide the technology solutions to support it. As a Relationship Manager, it is my role is to understand the business drivers that are enhanced through technology and work with the All Covered Solutions Architects to design technical solutions that will enable the client’s business initiatives to be more successful. A person who understands the administrative and technology sides of business and how the two work together is extremely beneficial to the overall success of our clients.

ALL Covered: What did it take for you to become a subject matter expert in this area?

John: I have a degree in Business Administration and over 30 years of experience in Sales, Management, and Customer Service. A lot of my career has been in technical fields, although I have never been a technical person per se. My ability to listen well and ask thoughtful questions, coupled with the fact that I am genuinely interested and curious about a client’s business and vision makes it both interesting and challenging for me.

All Covered: How do clients benefit from your TBP expertise?

John: Because I have done a number of TBPs, I have the experience to offer clients a point of view that they might not have considered. Since I have been involved in a number of TBPs for a variety of clients with different business needs, I have the ability to draw on that knowledge and experience and share it with other clients and add value to the discussion. Clients appreciate the additional information they may not have considered and the opportunity to discuss and evaluate different approaches and points of view.

The break down

Data can be broken down into four categories. In addition to identifying the risk levels of your company’s stored digital information, data classification can also help your company determine how to react in the event that any piece of data was exposed. The data types in order of least to greatest risk level are as follows:

1. Private

Data whose unauthorized disclosure, alteration, or destruction would likely result in only a minimal level of risk to your company should be classified as “private.” Examples of private data include internal SOPs, HR policies, and other internal communications. Data that is suitable for being considered private should meet the following criteria:

• Data is not explicitly assigned to another risk classification.
• Data is not intended for use outside of your company.
• Data contains personal information and is generally related to a specific conversation or communication between two people.

2. Sensitive

Data whose unauthorized disclosure, alteration, or destruction could result in a moderate level of risk to your company or business partners should be identified as “sensitive.” Examples of sensitive data include—but are not limited to—business plans, corporate risk assessments, network assessments, and business continuity plans. Data that meets the following criteria should be classified as sensitive:

• Data is not appropriate for public exposure.
• Data contains IT network information such as server and router configurations.
• Data, if exposed, could necessitate the modification of business operations or application and system configurations.

3. Confidential

Data whose unauthorized disclosure, alteration or destruction could result in a high level of risk to your business, business partners, or clients should be classified as “confidential.” Typically, confidential data types include—but are not limited to—data that contains passwords, financial data, and personally identifiable HR data. Data that meets the following criteria should be treated as confidential data:

• Data is only for designated personnel within your corporation.
• Data is for a specific individual that is a business partner or client of your company.
• Data is sensitive enough to require encryption.

4. Restricted

Data whose unauthorized disclosure, alteration, or destruction will cause a significant level of risk to your corporation, business partners, and clients should always be classified as “restricted.” Restricted data types include—but are not limited to—data that is protected by state or federal privacy regulations and data that is protected by confidentiality agreements. The highest level of security controls should be applied to restricted data. Data that meets the following criteria should be classified as restricted:
- Data is only for designated personnel.
- Data is regulated or legally sensitive.
- Data requires encryption.

Learn more

Depending upon your business’s particular needs, data classification can be as simple as applying a naming scheme to document titles or as complex as creating a comprehensive program that requires different levels of security clearance and credentials to access documents. Of course, most companies’ data classifications needs fall somewhere in between. To learn more about how data classification will help protect your company’s data, please contact All Covered.

All Covered asked Konica Minolta (its parent company) to help shed some light on this important security topic. Here is some helpful advice on securing your MFPs.

Understanding the Problem

Businesses use secondary computing devices – MFPs – that might create critical security gaps for the following reasons:

• Unauthorized network access can be a problem with many MFPs.  Because most MFPs don’t have built-in security and are designed to integrate with your business’s mail servers to distribute faxes to users there is always a potential risk that the MFP can be used by hackers to gain access to your company’s network.
• Potential data exposure is always a risk as most MFPs store data in centrally located areas that do not require credentials for access.  All data residing on your business’s MFP is likely available to anyone that has physical access to the machine.
• Data theft can be a problem if the MFP or the hard drive within it is stolen or if the device is returned to the vendor for any reason (a lease expires).  In the event that the device or its hard drive is stolen or sent back to the vendor, all data on the hard drive is accessible to whoever is in physical control of the MFP because encryption and password protection are typically not available or enabled on MFPs.

The solution

Small businesses need to include security as part of their MFP evaluations.  If it is overlooked your valuable data could be at risk.   Security features every business should look for in MFPs include:

• Hard Drive Encryption is usually an 8 or 20-character alphanumeric key that encrypts the entire contents of the MFP drive.  Look for products that use real-time 128-bit AES encryption algorithms to provide the highest level of protection if the hard drive is removed from the device.
• Hard Drive Lock Password is an additional level of security that can be added to a hard drive by electronically locking it to the MFP via a 20-digit alphanumeric password.  The password is applied directly to the BIOS of the hard drive and prevents access to the hard disk data. This also protects the hard drive from unauthorized access if it is removed or switched to another device.
• Automatic Deletion of Temporary Image Data on a timely basis is another safeguard to data security for MFPs.  An auto deletion time can be set for data stored in the personal or public user boxes, as well as system boxes (e.g. secure print box or encrypted PDF print box). The auto deletion setting will erase the copy, print, scan or fax jobs stored in boxes, depending on the storage period and the time frame selected for deletion.
• Data Overwrite of Electronic Documents on a Timed Basis eliminates the potential of retrieving temporary data even after it’s been deleted. This feature automatically overwrites each completed job, deleting it from MFP and leaving no trace of its data anywhere in the system.  Be sure that the feature is in compliance with U.S. Department of Defense standards by using either one-time overwrite or three times overwrite.

Konica Minolta, has led the industry in providing enhanced security features for the digital era.  With our new bizhub SECURE professional service, Konica Minolta helps customers set up enhanced password protection and data security features on all its bizhub MFPs.   This ensures that any document data residing on bizhub MFP’s internal hard drive is locked down.

Learn more

Your business’s IT network needs to be secured and protected against potential data exposure especially if your business has to adhere to regulatory guidelines (such as healthcare origination). One of the easiest ways to ensure that it meets these requirements is to purchase MFPs that include the industry’s most cutting-edge security technologies – most of which come standard on Konica Minolta bizhub MFPs.  To learn more about how to secure your network including your MFPs, please contact the experts at All Covered or Konica Minolta.

Dino Pagliarello is director of product marketing at Konica Minolta Business Solutions U.S.A., Inc.

Verified network breach

In the event that a verified security breach has occurred and your business cannot determine if data or any part of the network was modified, your business needs to have a security assessment. Security breaches which should trigger an immediate assessment include, but are not limited to, the following:

• Actions by an unauthorized user
• Accidental actions by an authorized user
• Unlawful actions by an authorized user

Newly discovered application and hardware vulnerabilities

Vulnerabilities are always being identified and your business needs to protect itself. Because many of the newly discovered vulnerabilities don’t have fixes, secondary security measures need to be implemented. An immediate assessment will identify the specific scope of the threat to your business’ infrastructure and help identify the best secondary solution. To learn about vulnerabilities consult with the following sources:

• Vendors of hardware and software
• Trade groups
• Law enforcement

Lost or stolen computing devices and media

In the event that a laptop, smartphone, backup tape, or other media device is lost or stolen, your business should consider an immediate security assessment if any of the following data types were stored on the missing device:

• Passwords
• Network diagrams
• Firewall and router configurations
• Wireless network information

Significant modifications to the IT infrastructure

Adding, updating, or removing hardware, software, or firmware can create new security holes within your network. The following modifications should trigger an immediate security assessment:

• Operating system upgrades on servers
• New Line of business applications or upgrades
• Changes in perimeter security
• Changes in networking equipment
• Changes to or installation of remote access solutions
• Modifications to information system platforms such as virtualization, storage, high availability, and public/private clouds

Significant organizational changes

Organizational changes to your company through the departure of key personnel or modifications to risk management strategies or information security policies can affect the security of your company’s infrastructure. An immediate assessment will do the following for your business:

• Ensure that security policies are in alignment with your company’s other existing policies and strategies
• Verify access controls and permissions
• Validate security controls on information systems when the types of data being processed, stored, or transmitted by your company have changed

Learn more

In addition to the above identified threats which should trigger an immediate security assessment, depending upon the nature of your business and the types of data it handles, there may be other security events that also require immediate attention. To learn more about security events that threaten your business or to schedule a security assessment please contact All Covered.

The Situation

On a Monday morning, just back from a three day vacation, you plod into your business office, set down your steaming cup of coffee, turn on your computer, roll up your sleeves, and take a look at your email inbox. In addition to all of the expected emails that typically accumulate over three day weekend, there are numerous, automatically generated security warnings announcing that a potentially malicious threat has been identified– some sort of virus, worm, or other type of malware made it through the firewall and infected your company’s IT network and spread to one or more critical servers that contains sensitive data.

In the past, you might not have done much about the identified malware except quarantine it with your antivirus application because more often than not, a virus was nothing more than an inconvenience and the likelihood of it being a true threat was minimal. Unfortunately, cybercriminals got smart and started developing malware that multitasks. This is bad news for your business.

The Primary Risks

In the event of a successful malware attack, your company’s primary risk revolves around the proprietary data that might have been compromised. Data from your company, partners, and clients may have been exposed, but the extent of that exposure will likely be difficult to initially determine. Besides potential data exposure, even the least harmful malware can be expected to do the following:

• Penetrate your business’s information systems by seeking out all vulnerable systems on the network. Most malware is network-aware, meaning that it will prowl the network looking for systems that are unpatched and then use those systems to launch attacks on other external networks. In situations like this, not only is your company’s network compromised, it is also now being used to attack other corporations’ networks.
• Download more complex malware to your company’s network. The first wave of malware is typically simple exploits that are designed to breach the network’s security and establish permanent access to the IT environment. This first wave of malware gives hackers complete access to information systems, allowing more nefarious malware to be deployed at will.
• Communicate back to a “command and control” center. More advanced malware will report back to the hacker once the initial automated attack has been completed. These communications provide the hacker with system information that makes it easier to execute advanced threats and gain remote access to your company’s network.
• Affect services and systems such as internet, email, and server-based applications. Malware infected networks can slow down the speed and availability of services because they tax the processing power of every infected system with thousands of simultaneous communication requests.

The Secondary Risks

In addition to the primary risks that malware poses to your business’s network, malware infections can cause secondary risks such as the following:

• Shutdown by your ISP providers is not uncommon if they detect that your network has been compromised by malware with their network monitoring tools. Losing access to internet connectivity can delay the quarantine and eradication of malware on your system, especially if tools and patches need to be downloaded from the internet to clean up the infection.
• Blacklisting of your business’s IP addresses will occur if the malware hijacks your network to send out spam. This will affect your business’s ability to send and receive emails because the ISP community will block all mail flow to and from your company’s IP addresses. Getting the problem cleared up with the ISP community can take weeks.
• Reinfection of your business’s network is possible because advanced forms of malware can evade detection and continually re-launch themselves even after initial cleanup has been done.

The Reactive Solution

As soon as your business detects the presence of malware on its network, it should contact the IT security experts at All Covered. All Covered’s trained security team will triage your business’s IT environment and quickly identify what immediate steps must be taken to secure your information systems.As part of All Covered’s Incident Response Program you can expect our trained security experts to do the following for your information systems:

• Isolate- All Covered will quarantine all machines that are suspected of being infected from the network to prevent the possibility of further infection.
• Analyze- All Covered will research the nature of the malware to determine what its payload is. Due to the rapidly changing cyber threat landscape this can be a challenging, time consuming, but very important step that must be done to identify which tools must be used to completely eradicate the malware from you business’s IT environment.
• Remove- All Covered will get rid of the malware on your network. Removal is often very difficult and may require specific applications and tools such as specialized “boot disks” or vendor specific utilities which can be expensive.
• Patch- All Covered will update all operating systems and applications on all computers, servers and network devices to recommended standards. It is important that all available updates are applied immediately after the network has been cleaned up to avoid the risk of reinfection.
• Examine- All Covered will examine all servers using forensically sound procedures to determine the extent of the malware infection and identify if any sensitive data has been compromised. Depending on your business’s vertical market it may be governed by regulations, legal contracts, or association memberships that require a forensic investigation.
• Report- All Covered will provide your business a written document that identifies the nature of the including a detailed accounting of the malware type, the infected devices, and recommendations to help prevent the situation from reoccurring.

The Proactive Solution

Information Security should be considered an extension of business operations. Because your business has unique information security needs, All Covered will work with you to create a customized proactive Information Security Plan that will do the following for your organization:

• Assess- All Covered will provide your company with a comprehensive and critical examination of its information systems to identify all potential security risks. The assessment will compare your corporation’s current security environment against industry best practices. If vulnerabilities are discovered, All Covered will provide your business with solutions to help secure your network.
• Advise- All Covered will help your business navigate the complex security requirements of regulatory compliance from governing bodies such as HIPAA, SOX, and PCI.
• Monitor- All Covered offers your business remote monitoring services to track the health and condition of your information systems 24/7, responding to incidents while they happen, not after.
• Support- All Covered will keep your information systems patched and properly configured to prevent malware outbreaks that usually occur due to delinquent security updates or misconfigurations.
• Train- All Covered will provide your company with customized end-user security awareness training for all information system users.
• Test- All Covered will examine your network’s external protections to ensure that information systems are protected from internet attacks.
• Review- All Covered will work with your company to create or refine an information security policy that is in alignment with your business’s operational needs while keeping it responsive to the latest threats.

Learn More

Statistically, it is only a matter of time before your company is targeted by a malware threat. All Covered wants you to know that any malware infection poses a very real threat to your business on many different levels and encourages your company to face the threat head on by adopting proactive solutions that will help protect your company. When your business forms a partnership with All Covered it can trust that it is working IT security experts that will provide customized security solutions that will reduce the likelihood of a malware incident. In the event that your business does suffer from a malware infection, All Covered’s Incident Response team can help stop the infection, mitigate the damage, and determine the nature of data exposure.

To learn more about the proactive and reactive security solutions that All Covered can offer your organization please contact the IT services & security experts at All Covered.