Blog

An informative blog, where Trident Computer Services staff write about the technology that excites them, innovative solutions they have come across, and the ways they are helping people innovate!

Read More

Windows Security Update Can Cause Computers Running Sophos Endpoint On Select O/S Versions To Fail Or Hang On Reboot


Microsoft has released security updates that are impacting some security AV vendors, causing some of their customers using Windows 7, Windows 8.1, Windows 2008 R2, and Windows 2012 to occasionally experience system fails or hangs during boot up after application of the update. 

A small number of Sophos customers have reported experiencing this issue. Sophos is working very closely with Microsoft to resolve the issue. Microsoft has introduced a temporary block to stop computers not already affected from applying the latest Windows security update. Additionally, we have a work around for those impacted customers.

How do I know if my customer is impacted?
To be impacted, customers must meet all the criteria below. If they do not meet all the criteria, then they are not impacted. 


1. Running Windows 7, Windows 8.1, Windows 2008 R2, or Windows 2012

2. Running any Sophos Windows endpoint or server product except Sophos Central Intercept X. (Note: this does impact Intercept X Advanced and Intercept X Advanced with EDR.)

3. Have applied the latest Windows security update and have rebooted after the update is complete

Important note: If customers have not yet rebooted, they should uninstall the latest Microsoft security update before rebooting

As the majority of Sophos customers do not seem to be affected, it is possible that during the ongoing investigation additional criteria will be added to further limit the scope of impacted customers. The Sophos Knowledge Base
will continue to be updated with the latest information. 


What can you do if you are being impacted?
The latest information about this issue and remediation steps are documented in Sophos Knowledge Base

We are notifying all Sophos Endpoint customers via email to inform them of this situation. The Sophos Knowledge Base will continue to be updated with the latest information. 

If you are having any issues, please contact your account manager. 



Read More

5 Great Reasons To Own An All-In-One Desktop Computer

5 Great Reasons to Own an All-In-One Desktop Computer


If you’re in the market for a new desktop computer but aren’t sure which option is right for you, you should include an all-in-one desktop computer in your search. The HP all-in-one desktop computer is designed to provide a balance between functionality and form, with several models on the market with various user needs in mind. If these computers are new to you, or you’re just not convinced, remember that they are a breeze to set up. In fact, even users with limited computer knowledge can go from unpackaging to use within minutes.
Not convinced that an all-in-one desktop computer is for you? Here are some of the top reasons why this desktop PC choice is gaining in popularity and may be the best fit for your business, home office, or family's computing needs.

What is an all-in-one computer?

Most people may not hear the term used often, but an all-in-one (often referred to as AiO) computer is commonplace in modern workspaces. In the simplest terms, it’s a computer that combines all desktop components in one enclosed unit, instead of having a separate computer tower from the display monitor. It functions in the same way as a traditional desktop arrangement, but typically has a smaller profile and takes up much less space.
Another major difference between the all-in-one desktop and a typical desktop is that you generally buy an AiO computer with the upgrades you already want in place.
The all-in-one PC case is within the monitor, so it’s unlikely you’ll be opening it to change out parts or upgrade storage space without the help of a professional.
Traditional desktop computers are larger, partly because their storage cases contain empty space. While that space makes it easier to access parts or upgrade components, it’s also wasted when you don’t add on extras.
An all-in-one desktop PC doesn’t have this wasted space because it makes the most of every square inch for a more compact experience.



What are the benefits of an all-in-one desktop computer?

1. Save space

Many offices struggle to find places to put the computers, so they may end up on the floor, in a dusty cabinet, or in-hard-to-reach places within the work cubicle. When you consider that some businesses have hundreds - if not thousands - of desktops to store, and ultimately must turn to computer disposal, switching to an all-in-one PC can save significant space in already cramped offices.

2. Please the eye

The all-in-one is often purchased with size in mind, so its design is a bit more aesthetically pleasing in colour and finish than many traditional desktop computers.

3. Take it anywhere

While many users will be happy to leave their computer in one place, the beauty of an all-in-one is that you can take it with you. These smaller, lighter all-in-one desktops can be picked up and taken to another room or office without calling the IT department.
They can weigh as little as 12 lbs, and those with built-in touch screen displays won’t even require you to take along a mouse or keyboard. For offices or families that share, or for when you need to make a presentation, the all-in-one desktop is ready to go at a moment’s notice.


4. Pick your features


Many all-in-one users have made this their choice over a desktop because of this innovative perk, which is surprisingly affordable. You also no longer have to choose between a touch screen and computing power with the these upgraded models from HP®.

5. Save on energy - and maintenance

Many of the headaches that traditional desktops cause can be resolved by switching to an all-in-one computer. Dusty, loud, and power-hungry desktop towers can get noisy and create unwanted heat in an already-cramped cubicle. HP all-in-one desktops combat these issues by being energy-efficient, allowing them to keep things quiet and not give off the type of heat that comes from their larger, often clunkier counterparts.
Keeping your all-in-one dust-free is also easier since the unit sits right on your desk where it's easily within cleaning reach. With fewer ports and openings to tend to, these sleeker and smaller computers can be wiped down and cared for with minimal effort.

Many offices are putting design first to provide a decluttered workspace that can ease tension and improve productivity. We know that there is some truth to how such streamlined design can influence happier, healthier workers.




If you are interested in hearing more about All-in-One options, contact us or contact your account manager at Trident Computer Services.



Author Credit: Linsey Knerl is a contributing writer for HP Tech Takes 
Read More

Trident Health's Security Operations Centre

The Security Operations Centre (SOC) is a secure location from which all our security solutions can be deployed, monitored and managed. Consolidating monitored device data into an industry leading software platform while leveraging machine learning, allows the SOC to detect, identify and monitor suspicious or irregular behaviour across your network and systems.

A Security Operations Centre houses a security team responsible for monitoring and analysing organisations security position on a continual basis. The SOC’s aim is to detect, analyse and respond to cybersecurity incidents using various solutions and processes. The SOC observes and analyses activity on networks, applications, servers, endpoints, databases and websites looking for abnormal activity that might be a security incident.  The SOC is responsible for ensuring that potential security incidents are correctly identified, analysed, defended and reported.

The benefit of a SOC is the constant improvement of a company’s security, but the continuous monitoring and analysis of activity. This allows for threats to be detected and responded to in a timely manner, allowing organisations to close the gap on their security breaches and prevent being compromised. 


Why you need it? Challenges in the Education Sector:      
Open networks to allow easy connectivity for staff, students and the wider school community are now commonplace on Australian school campuses This can make them alluring targets for cybercriminals – especially since learning institutions possess sensitive personal and financial data for their many users.
When networks are open to allow easy connectivity, security can be lessened to enable a good end-user experience, which can provide an ideal  environment for low-risk-high-reward cyberattacks
Modern cybersecurity threats are becoming more sophisticated and harder to identify. Researchers suggest it takes more 150 days to detect intruders to networks without leading edge solutions.
Schools are no longer 9am to 4pm environments. Network users with high-level credentials, such as school executives and senior staff, are often accessing data remotely via home internet connections - opening the door to user credential theft and data exposure outside the school’s network.


Security Incident Management 
Our SOC’s Security Incident Management means that we are able to track and monitor various threats and issues to executive systems. This includes:
  • Identifying malicious insider threats
  • Notable Event Identification & Alerting 
  • Incident Remediation recommendation or Rectification  recommendations
  • Incident Monitoring & Escalation
  • Incident Review and Recommendations
  • Actively responding to and neutralising threats
Detection and Response
  • The Security Operations Centre will be able to detect and respond to the following:
  • Network scans, Metasploit activities and multiple account lockouts
  • Sophisticated Intrusions from inside and externally.
  • Identification of phishing attacks, recipients and communicating with phishing URLs
  • Misuse of services, such as excessive uploads and downloads, use of external DNS and excessive file or folder copies to external devices 

If you are interested in finding out more about our Security Operations Centre get in touch with your Account Manager or contact us.


Read More

SOPHOS Firewall OS Update – XG V17.5

The Sophos XG Firewall v17.5 is now available, bringing all new Synchronized Security features, better institution features to improve overrides and more top requested features. 

With the rise in targeted ransomware and other adversary attacks, Sophos has identified the need for organisations to be able to rapidly identify and respond to threats and prevent them from moving laterally across your network. To combat this, the Sophos has introduced Lateral Movement Protection, a new Synchronized Security feature in the XG Firewall v17.5, which builds on the success of Security Heartbeat™ in providing an automated response to the presence of a threat. It isolates the compromised system from accessing network resources at the firewall but also enlists the aid of all healthy endpoints on the network to synchronise a defence. All healthy Sophos endpoints will isolate any compromised system, providing isolation at the endpoint level, and preventing any threat from moving laterally.

A key feature of v17.5 is its web policy overrides. This allows authorised users to override blocked sites on user devices, temporarily allowing access. Administrators can dictate which users have the option to authorise policy overrides, through this users can create passwords and rules for which sites can be used. Codes can then be shared with end-users who can directly enter them into blocked sites.  

The new features in XG Firewall v17.5

Synchronized Security – lateral movement protection – extends Sophos Security Heartbeat™ automated threat isolation to prevent any threat from moving laterally or spreading across the network, even on the same subnet. The firewall instructs all healthy endpoints to completely isolate any unhealthy endpoints.

Synchronized User ID – utilizes Security Heartbeat™ to greatly streamline authentication for user-based policy enforcement and reporting in any Active Domain network by eliminating the need for any kind of server or client agent.

Education features – such as per-user policy-based control over SafeSearch and YouTube restrictions, teacher enabled block-page overrides, and Chromebook authentication support.

Email features – adds Sender Policy Framework (SPF) anti-spoofing protection and a new MTA based on Exim, which closes a couple of top requested feature differences with SG Firewall.

IPS protection – is enhanced with greatly expanded categories enabling you to better optimize your performance and protection.

Management enhancements – including enhanced firewall rule grouping with automatic group assignment, and a custom column selection for the log viewer.

VPN and SD-WAN failover and failback – including new IPSec failover and failback controls and SD-WAN link failback options.

Client authentication – gets a major update with a variety of new enhancements such as per-machine deployment, a logout option, support for wake from sleep, and MAC address sharing.

Sophos Connect – is our new IPSec VPN Client, free for all XG Firewall customers, that makes remote VPN connections easy for users, and supports Synchronized Security.

Wireless APX access point support – provides support for the new Wave 2 access points providing faster connectivity and added scalability.

Airgap support – for deployments where XG Firewall can’t get updates automatically via an internet connection (due to an “airgap” or physical isolation), XG Firewall can now be updated via USB.

Sophos XG Firewall - What's New in v17.5 from Sophos on Vimeo.




Read More

Minimising Risk Of Privacy Data Breaches - Privacy Data Protection

With the introduction of the Notifiable Data Breaches scheme in 2018, Data protection has been a key focus for organisations around Australia as data breaches have become an enormous threat to the reputation and capital of Australian Businesses.

Trident has reached out to Stephens Lawyers & Consultants, who has provided advice on how Australian Businesses can minimise the risk of privacy data breaches. Katarina Klaric, principal at Stephens Lawyers & Consultants has also presented examples of how real the consequences of data breaches can be for your organisation. 

Privacy compliance and data breach risk management is too often not taken seriously by Australian organisations. The complexity of organisational structures and IT business systems in many instances results in management not knowing what data is collected by whole of business and how the data is managed. Privacy policies often do not accurately reflect how the organisation manages personal information, that is:

  • The kind of personal information that the organisation collects and holds;
  • How the organisation collects and holds the personal information;
  • The purpose for which the organisation collects, holds uses and discloses personal information;
  • Whether the personal information is likely to be disclosed to an overseas recipient and where that recipient is located;
  • How individuals can access information about them and seek correction or lodge a complaint about a breach.

Data breaches can have significant impact on the businesses and result in

  • Business disruption
  • Significant costs in responding to a data breach
  • Reputational damage
  • Loss of valuable intellectual property/confidential information
  • Loss of business and revenue
  • Reduction in capital/share value of the business
  • Substantial costs in regaining consumer confidence that the organisation can be trusted with personal information/data
  • Regulatory fines
  • Compensation claims by individuals/class actions.

OAIC Data Breach Statistics

Data breach notification statistics published by the Office of the Australian Information Commissioner (OAIC) since January 2018[i]indicate that the majority of data breaches involved human error or cyber incidents involving human factors. These statistics provide useful information for the risk assessment and potential organisational exposure to data breaches.

During the first quarter January 2018 and March 2018, the OAIC received 63 notifications of data breaches. Human error (50.8%) and malicious or criminal attacks (which includes cyber incidents) (44.4%) were the major source of the breaches.

During second quarter April 2018 to June 2018, the OAIC received 242 notifications of data breaches. Malicious or criminal attacks and human error were the cause of the majority of the breaches.  Malicious or criminal attacks accounted for 59% of the data breaches. Most of these attacks were cyber incidents such as compromised or stolen credentials (34%) phishing (29%), brute-force attack (compromised credentials) (14%), hacking by other means (10%), malware (4%) and ransomware (4%).  Many of these cyber incidents involved a human factor such as clicking on a phishing email or disclosing a password, which could be avoided by staff awareness and training.

During the third quarter July 2018 to September 2018, the OAIC received 245 notifications of data breaches. Once again, the majority of these breaches were caused by malicious or criminal attacks (57%) and human error (37%), with most of the malicious or criminal attacks during the third quarter also being cyber incidents.  However, the majority of the cyber incidents during the third quarter were linked to the compromise of credentials through phishing (50%) – a marked increase from the second quarter.  The other cyber incidents during the third quarter were compromised or stolen credentials (19%), brute-force attack (compromised credentials) (12%), hacking by other means (8%), malware (8%) and ransomware (3%).

Human error was the second largest source of data breaches during the second quarter (36%) and the third quarter 37%). The major sources of human error were:

  • Personal information sent by email or mail to the wrong recipient.
  • Unauthorised disclosure (unintended release or publication)
  • Loss of paperwork/data store device
  • Failure to BCC when sending emails.
  • Insecure disposal

During the second quarter, the majority of the data breaches involved one or more of the following ‘personal information’:

  • the individual’s contact information (89%) – home address, email address or phone number.
  • Financial details (42%)- bank account or credit card details.
  • Identity information (39%)- information that is used to confirm a person’s identity such as passport number, drivers licence number or other government issued identifiers.
  • Health Information (25%)
  • Tax File Number (TFN) (19%)
  • Other Sensitive information (other than health information)(8%)

During the third quarter, the majority of the data breaches involved one or more of the following ‘personal information’:

  • the individual’s contact information (85%) – home address, email address or phone number.
  • Financial details (45%)- bank account or credit card details.
  • Identity information (35%)- information that is used to confirm a person’s identity such as passport number, drivers licence number or other government issued identifiers.
  • Health Information (22%)
  • Tax File Number (TFN) (22%)
  • Other Sensitive information (other than health information)(7%)

In many cases unauthorised disclosure of confidential information or data occurs because employees do not have an adequate understanding of the type of data/information that is protected under the Privacy Act and other laws for the protection of confidential information/data and the organisation’s obligations under those laws in relation to data protection from unauthorised disclosure, use and loss.  Many of the human error data breaches can be avoided by appropriate ongoing staff training in data protection and privacy compliance and handling of information.

Minimising Risk of Data Breaches – Steps to Assist in Data Protection

There is no single solution for the protection of data and compliance with data protection laws. A whole of business approach is required. People are the most important part of the process and solution, followed by technology. Safeguards against unauthorised use, disclosure, theft, cyberattacks, industrial espionage and sabotage of IT system have to be agile and updated to deal with increasing sophistication of cyberattacks or cyber incidents.

Some steps that Organisations may consider taking to protect confidential information/data:

  1. Understand what type of data including confidential information and personal and sensitive information is collected and managed by the organisation and who is authorised to access this information. An audit of the organisational data collection and flow may be required. Legal advice may also be required
  2. Undertake ongoing reviews and assessments of the organisational and technological data flows and risks.
  3. Have all staff sign non-disclosure/confidentiality agreements and provide appropriate training.
  4. Implement and update appropriate security measures for the protection of confidential information/data including encryption, password protection, multi-facet authentication and monitoring data flows.
  5. Have a cybersecurity expert assess and monitor your computer system for potential vulnerabilities to cyberattacks and implement appropriate measures to deal with risks.
  6. Implement and update appropriate technological measures to deal with possible cyber threats including viruses, ransomware, malware, hacking and other cyberattacks.
  7. Keep up to date in relation to the latest scams and cyber threats including phishing emails and telephone calls requesting passwords and other personal information and keep management and employees updated. Useful resources for such updates include:
  • Stay Smart Online – an online alert service which provides alerts on the latest threats and information on how to reduce the risk of cyber threats
  • ACCC Scam watch
  • Australian Cyber Security Centre (ACSC)
  • Australian Cybercrime Online Reporting Network (Acorn)
  1. Education and training of management and employees.

Compensation for Privacy Data Breaches under the Privacy Act 1988 (Cth)

Katarina Klaric, Principal at Stephens Lawyers & Consultants predicts that in 2019 we will see a significant increase in the number of class actions commenced in Australia against companies, claiming compensation for data security breaches involving personal and confidential information of individuals.


Read More on Compensation for Privacy Data Breaches under the Privacy Act 1988 (Cth)


Read More

Australian Parliamentary Network Hacked

As you may have heard over the last few days, Australia’s government security agencies are furiously investigating a hacking attempt on the federal governments computer network. At this stage no data breach has been reported, however, all passwords of the parliamentary computers were reset and the Australian Cyber Security Centre (ACSC), which is responsible for cybersecurity including analysing, investigating and reporting cyber threats, is among those investigating.

Which raises the question for your organisation, ‘How are you managing your critical passwords?

If you are still doing it manually, say in a spreadsheet or by asking your browser to remember it for you, it is highly recommended to look at a commercial password management tool as a more secure and granular alternative.

What is a password manager?

A password manager is a software application that automatically creates strong passwords for you, so you don’t have to worry about creating a reliable password every time you open a new account on a website or add the management of a critical device. It also stores all your passwords in a single vault which you can secure by a master password. A password manager should come with other useful features like current passwords assessment, password and auditing capability.

Why do I need one?

Strong passwords translate to strong security—or at least stronger security. Even if you do know how to create complex passwords, across a large organisation, it can be nearly impossible to remember all of them (as they should use special characters and numbers). Add in multiple devices, different users, numerous sites and services, then you have a huge amount of information to try and keep track of.

A password manager not only eliminates the need to remember multiple passwords, it also ensures that your passwords are stored safely with using encryption. This means that no one can access the passwords unless they know the master password for the password manager software.

The following are some of the main advantages of using a good password manager:

  •     Centralize & secure your corporate & personal passwords
  •     Set up folders to organize and categorize passwords
  •     Manage all employees and data access rights
  •     Receive notifications of all passwords known by departing employees
  •     Generate strong and unique passwords
  •     Login to saved websites with a single click
  •     Run audits and reports on your secure stored passwords

Want more information on a Password Management solution for your organisation? Please contact your Trident Account Manager.

For more information please check out the Australian Cyber Security Centre’s advice on ‘Getting smarter with passwords’


Read More

Wireless Clinical Data Capture

eSense is a complete end-to-end telehealth service solution designed to provide revolutionary pathways for nurses, practitioners, specialists and health professionals; enabling complete consultations from the comfort of a client’s own home. 

Elderly patients or those living in rural areas can access speciality services
easily, enabling patients remaining in their homes without the need to travel
long and fatiguing distances. eSense will expand the reach of clinical
professionals enabling an improved efficient service to more Australians.


The
eSense kit contains wireless devices for the following functions: 
•    Temperature
•    Blood Pressure
•    Blood Glucose
•    Weight
•    Oxymeter
•    Video Conferencing


Please Contact Anthony Fighera at Trident Health for a free demonstration
Read More

Empower Your Teams To Do Their Best Work: The Nitro PDF Productivity Suite

Trident Health has recently partnered up with Nitro PDF who specialises in software that allows you to create, edit, sign, and secure PDF files and digital documents. This year Nitro released the Nitro Productivity Suite which helps organisations be more efficient, reduce printing, and lower costs by combining powerful PDF productivity tools with lightweighteSigning capabilities, rich data insights, and simple user management tools.

 Nitro Pro: PDF Productivity at Enterprise Scale Equip every knowledge worker with the tools they need. 
· Eliminate the most common productivity bottlenecks by giving every knowledge worker the power to edit and convert PDFs
· Bolster the security of your documents and data 
· Standardize on a single PDF solution to simplify IT management · See real results through quick adoption and high user satisfaction

 Nitro Cloud: eSigning for Everyone Get documents signed faster, simpler, and without paper.
 · Expedite form-filling and signing processes on any device
 · Remove the need to print and sign forms like POs, expense reports, and offer letters
 · Finalize PDFs, reorganize pages and set form fields in any web browser before sharing
 · Provide a better signing experience for customers and employees
 · Equip your entire team at a fraction of the cost and complexity of DocuSign 

End-to-End Workflow Efficiency
Make digital document workflows a reality.
· Seamlessly transition your work from desktop to cloud 
· Access stored documents on the go from your favourite document repositories, including Dropbox, Google Drive, Box, and OneDrive
· Gain productivity insights based on common workflows and document activity
· Use suggested print alternatives to reduce paper and printing inefficiencies

 Easy Deployment and Management
 Streamline rollout and account maintenance.
· Simplify user and license management with Nitro Admin, available for Nitro Cloud. Admin for Nitro Pro is on the roadmap. 
· See ROI with Nitro Analytics' feature usage and printing activity reports; available for Enterprise customers with more than 3,000 licenses. 
· Discover opportunities to optimize document workflows
· Enjoy support for App-V and managed servers
· Look forward to single sign-on with our planned integration with AD and other IdP providers

 Built-in Security
 Ensure your data stays yours. 
The Nitro Productivity Suite:
· Complies with all U.S. and EU eSign legislation 
· Observes CSA and NIST SP 800-53 standards
· Has HIPAA and SOC 2 Type II certifications
· Integrates with Microsoft Rights Management Services (RMS) 
· GDPR compliant (for May 2018 legislation)

To find out more about Nitro PDF, get contact us or get in touch with your account manager. 

Read More

Trident Data Operations Centre (DOC)


       

     

    1. Business Intelligence
    a. Microsoft Power BI for live data insights, dashboards, visualisations and trend analyses
    b. SQL Server Reporting Services (SSRS)
    c. Enterprise-wide BI
    i. Management reporting
    ii. Operational reporting
    iii. Financial reporting
    d. Synergetic custom reports




    2. Microsoft SQL Database Administration 
    a. Database performance monitoring and health checks
    b. Data extraction and transformation
    c. Database Integrations using SQL Server Integration Services (SSIS)




    3. Microsoft Consulting
    a. Power BI
    b. SharePoint
    c. Office 365

     

    DOC services include requirements analyses, solution specification, design, delivery, maintenance and support.
    Services available via T&M or Project, remote or on site.

    For more information, Contact Us 

    Read More

    Avoiding Social Engineering And Phishing Attacks

    What is a social engineering attack?
    In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organisation or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organisation's network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organisation and rely on the information from the first source to add to his or her credibility.


    What is a phishing attack?

    Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organisation. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
    Phishing attacks may also appear to come from other types of organisations, such as charities. Attackers often take advantage of current events and certain times of the year, such as:
    natural disasters (e.g., Hurricane Katrina, Indonesian tsunami);
    epidemics and health scares (e.g., H1N1);
    economic concerns (e.g., ATO scams);
    major political elections;
    holidays.



    How do you avoid being a victim?
    Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organisation, try to verify his or her identity directly with the company.
    Do not provide personal information or information about your organisation, including its structure or networks, unless you are certain of a person's authority to have the information.
    Do not reveal personal or financial information in email and do not respond to email solicitations for this information. This includes following links sent in email.
    Don't send sensitive information over the internet before checking a website's security. 
    Pay attention to the Uniform Resource Locator (URL) of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
    If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group.
    Install and maintain anti-virus software, firewalls and email filters to reduce some of this traffic. 
    Take advantage of any anti-phishing features offered by your email client and web browser.


    What do you do if you think you are a victim?

    If you believe you might have revealed sensitive information about your organisation, report it to the appropriate people within the organisation, including network administrators. They can be alert for any suspicious or unusual activity.
    If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
    Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
    Watch for other signs of identity theft. 


    What can you use to help prevent attacks from happening? 
    Mimecast's new cybersecurity awareness training and cyber risk management platform Ataata can help you combat information security breaches caused by employee mistakes. Ataata uses cybersecurity training modules to help your employees understand how people make catastrophic security mistakes and what the consequences are for them, their friends and their family. 

    The modules are fun and entertaining despite the serious nature of the topic - and the learning just happens. While employees becoming security-aware, Ataata captures data and transform it into insights for managing risk. Ataata's unique risk scoring and analysis help drive future training, building a virtuous cycle of improvement. Ataata's modules use fun to evade employees’ psychological defences against security awareness training and Ataata goes beyond facts, showing people why they need to care, helping you achieve GDPR compliance by quickly educating employees on these crucial new data privacy rules.

    If you would like to find out more about Mimecast Ataata, Contact Us or get in touch with your account manager. 




    Read More

    Beware Of Fake Mygov Email

    Alert Priority High

    You are advised to delete a fake email that claims to be from the Australian Government and its myGov website. This email is a phishing scam designed to capture your personal and banking information that may then be used for fraud, identity theft and other unwanted activities.

    The phishing email includes links to fake web forms and pages that try to trick you into providing information such as your drivers’ licence and passport details. These forms and pages also ask you to supply your bank account details. The scam email purports to come from myGov. However, the fake ‘sender’ address incorporates terms such as ‘bashsummit’ and ‘esseaservizi’ that do not correspond with any legitimate myGov or Australian Government email addresses. 
     

    The subject line of the fake email is similar to:

     ‘Australian Government and myGov must verify your identity!’


    The email body text reads:

    ‘This is a notification email only. Please do not reply to this email as this mailbox is not monitored.
    ‘This is a message from the myGov Team.
    ‘Australian Government and myGov must verify your identity - (Part 4.2, paragraph 4.2.13 of the AML/CTF Rules).
    ‘Click go to myGov and start the verification process.
    ‘Thank you

    ‘Message reference: WP571’


    You are advised not to click any links in the scam email as these direct you to forms designed to capture personally identifying information such as photocopies of passports and drivers’ licences, as well as your bank account details.  These fake forms and pages feature myGov design and branding, making them appear legitimate. They may even provide you with a one-time PIN as part of the process of capturing your account details.


    Staying safe 
    If you have supplied your personal or financial information via this scam email and associated web pages and forms, immediately inform: 
    Your financial services providers (particularly banks)
    The Australian Passport Office
    The state government body responsible for drivers’ licences in your state or territory
    They will advise you of the next steps you should take to protect your information.

    It is recommended you do not open emails from unknown senders and that you be wary of unexpected emails.
    If you are unsure about whether an email is legitimate, contact the organisation, department or individual that it purports to come from, using a number you have independently located on a website, phonebook or bill, before opening the message. 



    Having issues with cyber security? Contact us today - we have over 30 years of experience in improving IT security in schools and enterprises across Australia.

    YOU MAY ALSO BE INTERESTED IN

        RETHINKING IT SECURITY
        PREVENT RANSOMWARE 
        OUR SECURITY AUDITS
    Read More

    Challenges And Opportunities Of Hyperconverged Infrastructure

    Hyperconverged infrastructure is among the fastest growing and most hotly competitive segments of the IT infrastructure market today. Much of the market adoption, education, and growth has been driven by smaller technology startups like SimpliVity that have capitalized on gaps within the portfolio of established vendors. It should be noted, however, that these large, established suppliers have reassessed their participation in this fast-growing market and are now redirecting resources and attention to the hyperconverged market. Looking forward, there will be increased opportunities for hyperconverged systems to support greater scale, and more granular SLAs within mixed/diverse workload.

    Decisions made within IT departments have never been more important to the broader business than they are today. IT departments must react quickly to new business initiatives that are designed to drive bottom-line improvements and generate new revenue streams. 

    As a result, IT departments are increasingly looking for infrastructure that improves resource utilization rates while also addressing productivity and agility within the datacenter. Organizations around the world have turned to converged systems to achieve just such goals and helped turn converged systems into a rapidly growing market segment.

    Hyperconverged systems are improving upon the realised benefits of first-generation converged systems by redesigning datacenter infrastructure and allowing customers to:

    • Collapse silos of storage, compute, and data management services into standard nodes of x86 servers.

    • Collapse silos of IT experts by allowing customers to leverage common virtualization tools to manage the vast majority (if not all) of the infrastructure tasks required to support virtualized workloads.

    • Reduce the need to deploy many types of dedicated appliances and separately licensable infrastructure within the datacenter, including data efficiency and data protection solutions.

    Although the market for converged and hyperconverged systems remains relatively young, it is becoming increasingly clear that these scale-out and feature-rich systems are driving real benefits within datacenters around the world, impacting capex, and, more importantly, opex.

    For further information on Hypercoverged Infrastructure contact Trident Health today!

    *This is an excerpt from the whitepaper, SimpliVity Hyperconvergence Drives Operational Efficiency and Customers are Benefitting.

    Have a question about Hypercovered Infrastructure?


    * Required









    Captcha Image

    Read More

    Top 10 Web Application Vulnerabilities

    In a recent survey conducted across multiple industries in the United States it was found that over 50% of organisations had at least one serious vulnerability every single day of the year (White Hat Security, 2015)!

    Web applications have enabled organisations to build stronger relationships with their customers, suppliers and stakeholders however it has created another avenue for critical data to be exposed. A vulnerable web application can bring serious risk for your entire database of sensitive information – it can also turn your website into a launching site for further criminal activity such as hosting phishing or illegal content transfers.

    To understand the complex nature of Web Application vulnerabilities we have summarised the top 10 risks to your web applications and the effects a breach can have to you and your customers.


    1. Injection Flaws

    When there are injection flaws an attacker can access back-end database information. All data, including sensitive client and partner information, could be stolen, modified or deleted. Injection can sometimes lead to complete host takeover. 

    2. Cross-Site Scripting (XSS) 

    An attacker can execute scripts in a victim’s browser to hijack user sessions, deface web sites, insert hostile content, redirect users, hijack the user’s browser using malware, etc. 

    3. Broken Authentication & Session Management 

    Attackers are able to compromise passwords, keys, session tokens, or exploit other implementation flaws to impersonate users. This type of vulnerability may allow some or even all accounts to be attacked. Once successful, the attacker can do anything the victim could do. Privileged accounts are frequently targeted.

    75% of cyber-attacks such as ransomware occur at web application level

    4. Insecure Direct Object Reference 

    Applications don’t always verify if the user is authorised for the target object. Without an access control check or other protection, attackers can manipulate references to access unauthorised data. 

    5. Cross-Site Request Forgery 

    This type of vulnerability allows the attacker to force the victim’s browser to generate requests that appear to be legitimate requests from the victim. This type of attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. 

    6. Security Misconfiguration 

    Such flaws frequently give attackers unauthorised access to some system data or functionality. Occasionally, such flaws result in a complete system compromise. Your system could be completely compromised without you knowing it. All of your data could be stolen or modified slowly over time, leading to a costly recovery process. 

    7. Insecure Cryptographic Storage

    This type of vulnerability may compromise all data that should have been encrypted. Typically this information includes sensitive data such as health records, credentials, personal data, credit cards, etc. Impacts include loss of trust, reputation and legal liability issues. 

    8. Failure to Restrict URL 

    Applications are not always protecting page requests properly. Sometimes URL protection is managed via configuration, and the system is misconfigured.  

    Occasionally developers may forget to include the proper code checks.  Such vulnerabilities provide hackers the opportunity to forcefully browse and access pages past the login page. 

    9. Insufficient Transport Layer Protection  

    An attacker can expose an individual user’s data leading to account theft. If an admin account was compromised, the entire site could be exposed. Poor SSL setup can also facilitate phishing and MITM attacks.

    10. Invalidated Redirects and Forwards 

    Such redirects may attempt to install malware or trick victims into disclosing passwords or other sensitive information. This type of vulnerability can result in major exploitation of sensitive information leading to a strong distrust of your web applications by users. 



    Recent research shows that 75% of cyber-attacks such as ransomware occur at web application level, proving that ensuring web app security is crucial for business continuity and safety.  

    Trident Health have developed the Web Application Security Test to ensure the web becomes a more secure environment for administrators and users.  The test identifies security vulnerabilities and exploitable elements residing within web applications that could be used to affect the confidentiality, availability or integrity of information.



    RELATED


    Essential Web Application Security Check - Making the web progressively more secure!


    5 Great Tips To Strengthen Your Web Security


    IT Security Guidelines You Should Be Implementing


    Data is valuable, protect it!




    Read More

    5 Great Tips To Strengthen Your Web Security

    The preferred method for attacking businesses' online assets is via their web applications. According to a study released last year by HP, 69% of web applications scanned by the company had at least one SQL injection error, and 42% contained a cross-site scripting vulnerability. According to the White Hat Security Report, 47% of Healthcare websites are always vulnerable (vulnerable on every single day of the year). 

    Web application vulnerabilities continue to be a significant problem. Depending on the specific circumstances, these vulnerabilities could cause significant problems for the companies that have not remediated them, up to and including the theft of critical business data or personally identifiable information, web site defacement, or denial of service.

    While this list could go on and on, here are five great tips from our IT Security Engineer Rajitha Udayanga on how to strengthen your web application security and minimise your risk of a data breach:

    1. Get Patched Up!

    Keep your servers and software patched and up-to-date, last year we saw a string of security breaches stemming from the same problem: Unpatched versions of the ColdFusion application server software. With web application security, every little vulnerability opens the door for a security breach. You might build impenetrable applications but if you put those applications on an unpatched server, your data is still vulnerable.

    2. Trust, But Verify User Input

    While this advice might sound obvious, there’s a very good reason why it’s included: Despite the repeated warnings over the years, these types of attacks still happen far too often. Developers still aren’t properly validating user input, leaving their data wide open to attackers. The good news: frameworks for protecting against these attacks are improving. 

    3. Use a Security-Focused Quality Assurance (QA) Process

     When testing new web applications, what do you check for? In most cases, testers looks for bugs in the interface and ensure the application does what it’s supposed to do. But, is that enough? Your QA process should also ask this question: Does the application do anything it’s not supposed to do? 

    Security is a problem that will keep growing if not made a priority.  

    It’s a problem that can compromise your customer’s sensitive data and cause irreparable damage to your company’s reputation.

    4. Make Security Part Of The Organisation 

    Shortly after the USA Healthcare.gov website went public, a “white hat” hacker discovered that security was never properly built into the site. It was composed of multiple insecure pieces that left user data wide open to attackers. Now, while most organisations aren’t creating applications on this scale, it brings up an important point. Security should never be an afterthought. It can’t be something that’s added after the application is built. It should be a critical component of the entire development process, as well as the organisation as a whole.  

    5. Test Your Website For Vulnerabilities 

    It is important to regularly perform web security assessment to check for website and server vulnerabilities. Web security assessment should be performed on a schedule, and after any change or addition to your web components. Developing a relationship with a firm that provides security services can be a lifesaver when it comes to protecting your website. While the small things can be taken care of on your own, there are many security measures that should be handled by an expert. Companies providing security services can regularly assess your website for vulnerabilities, perform full website security audits, monitor for malicious activity, and be on hand whenever repair is needed.


    RELATED


    Essential Web Application Security Check - Making the web progressively more secure!


    Rethinking IT Security


    IT Security Guidelines You Should Be Implementing


    Data is valuable, protect it!


    Read More

    IT Security Guidelines You Should Be Implementing

    It’s a general consensus that banks and financial institutions have a lot to lose financially from being hacked into, however people tend to forget how much Personal Identifiable Information (PII) the health industry holds and just how valuable that is! Think of all the PII a hospital or clinic holds on its staff, patients (past and present) and the community!

    Health care staff typically have access to sensitive personal information on a large number of patients, which makes their devices prime targets for hackers looking to steal that information.

    Hacking has become a multimillion dollar business with Ransomware attacks on health care organisations four times higher last year than in 2015. It is an extremely worrisome shift towards targeting vulnerable hospitals and health care clinic devices to gain access to personal information. In the past week Emory Healthcare was hit by Ransomeware with over 200,000 patients detail hacked!

    Doctors, nurses and staff can protect sensitive patient information, as well as their own reputations, by sticking to some common-sense guidelines.

    Encrypt Devices:

    Encrypt laptops and other devices so that the information on them will be unintelligible to anybody who steals them. Without an encryption key, data on an encrypted device will be nothing more than ones and zeros.

    Recommendation:
    Utilise built-in encryption programs that are available on most modern operating systems if you don’t have the budget for an enterprise-grade solution.


    Remain Vigilant:

    Army grade encryption will not keep a hacker out if you use weak or easy-to-guess passwords, remain logged into public devices or if your anti-virus software is outdated.

    Recommendation:
    Install system updates regularly and maintain the latest version of your anti-virus programs. This will ensure the latest threats to your data and your operating system will be caught by your security software. Don’t let convenience trump good security.


    Surf Between the Flags:

    Practice safe surfing. It is imperative to remain vigilant and to be able to recognise phishing scams, where hackers send emails with links or attachments that trick users into giving them access to their information, either by providing their credentials to a bogus web site or by executing malicious software on their machine.

    Recommendation:
    Since these can spread easily among coworkers, we recommend IT staff provide professional security training/guidelines to get all staff members up to speed on this threat. To enhance the barriers for staff, patients and guests to surf outside the flags Trident Health recommends considering anti-virus, anti-spam and web content filtering controls.


    For further information on what security software to purchase or how to improve the IT security for your organisation, contact Trident Health today – (03) 8587 7500 | saleshub@trident.com.au


    You may also be interested in



    Read More

    Prevent Ransomware This Christmas Period

    There’s nothing worse in the field of technology than having a criminal in control of your network. When a ransomware attack occurs, it can easily elevate from a potential data loss to potential identity theft to a data breach in the form of extortion. Many various types of ransomware such as Cryptolocker are on the rise across the web within the health industry with criminals netting over $150 million a year. These email scams are very cleaver, and while antivirus products help prevent these incidents, they are not infallible, and so to avoid being a victim to the scam we must all be vigilant and be aware of what to look for.

    Threat Description
    Be wary of emails coming in from unknown sources that claim to be originating from the following but not limited to AusPost, ANZ Bank, Commonwealth Bank and Federal Police. The hoax email appears legitimate as it is presented in a professional layout from email address that appear official and incorporates the company logo. The emails in fact contain a payload of a very dangerous virus/Trojan links that if clicked will download and install a program that encrypts data on all your computing devices including but not limited to your desktop or laptop computers, server storage, cloud storage if you have installed Dropbox or Onedrive on your local computer. 

    The ransomware will also installs "helpful" files in each folder that direct the user to pay a ransom to have the encryption removed.

    Example:

    While these threats can be extremely serious, there are a number of actions you can take to reduce the risk of attack and improve the overall security of your organisation.
     


    If you have received an email of this type and have clicked on any links or attachments, please contact Trident Health immediately on 1300 784 774.


    Read More

    Connecting Remote Patients With Specialist Care

    In a country as vast as Australia, finding ways to provide access to specialist health care to our rural and remote communities can be a major challenge, but recently, dedicated professionals like Rohan Corpus have made massive inroads in this difficult area. Rohan’s work sees him supporting 52% of the state of Queensland and finding ways to deliver an accessible health care solution for some Australia’s most marginalised and disadvantaged people has lead him to embark on a two-year project as part of the Indigenous Cardiac Outreach Program (ICOP).

    Quality Telehealth solutions are changing the way we can work with our patients.

    Utilising modern telehealth solutions, Rohan has been able to assist in connecting Queensland’s Indigenous rural and remote patients with a range of specialists so that they can have consultations between their scheduled clinic visits. This, combined a with what Rohan likes to call a Telehealth Toolkit, has reduced the need for patients to travel, minimised patient inconvenience, provided health professionals with comprehensive access to a patient’s vital health information, and gives a more thorough picture of a patient’s condition, allowing greater management of their health and wellbeing.

    Rohan is very excited about recent developments in the Telehealth area and the impact this will have on the Health Care industry. The original supporter of the system Rohan uses, Gold Coast based Telehealth Networks, and Melbourne based IT provider Trident Health have partnered to develop new telehealth services that will ensure that these innovative solutions will have state of the art diagnosis equipment combined with robust IT and communications infrastructure to deliver the service and support that’s needed for our health industry.

    “Telehealth has the opportunity to ease the financial and travel burdens for patients and can lead to a greater willingness to engage with health service, where previously these inconveniences can negatively impact and have limited community engagement opportunity.” Rohan says.

    “This unique Telehealth system connects patients holistically to other services and specialists, resulting in a more thorough picture of a patient’s burden of disease and enhancing health management and overall individuals wellbeing. In addition, having a supplementary servicee between scheduled face-to-face consultations keeping patients connected and health effectively monitored to.”

    "This unique Telehealth system connects patients holistically to other services and specialists, resulting in a more thorough picture of a patient’s burden of disease and enhancing health management and overall individuals wellbeing."

    Rohan has seen firsthand how the ‘hospital-in-the-home” delivery approach minimises the inconvenience to patients, particularly those who require specialty service assistance, such as the elderly, those with significant co-morbidities that alienate them, and those who are reluctant to engage with services for various reasons. “Quality Telehealth solutions are changing the way we can work with our patients and are bridging the gap between patients and care.” Rohan says.

    “Early evidence indicates that patients and community health enthusiasts have found the tool easy to navigate and the simplicity in its comprehensive data collection results are ideal. The ease of access and navigation makes it a suitable system for rural and remote application, with minimal risk of human error.”

    Speaking about Trident Health’s C2C Connect 2 Care systems, Anthony Fighera is enthusiastic about how care providers are embracing the Telehealth solutions, “We have been engaging with a wide range of health providers and they are keen to integrate our solutions into their service offerings. The idea of being able to extend quality care to patients challenged by distance or accessibility is very attractive.”

    "For the past 18 months, Telehealth Networks have worked with Indigenous health workers who are very receptive to the telehealth solution and felt this would fill the current gap in Indigenous health care."

    As Australia’s health care providers seek new both comprehensive and innovative ways to address the current challenges facing them, one thing is certain, Telehealth systems like Trident Health’s Connect2Care solution are breaking new ground in providing new avenues for health care providers to deliver quality care to some of Australia’s most challenging areas.

    Click here to read more about Trident Health's Connect 2 Care solution.

    Read More

    The 6 Building Blocks Of Victoria's Digital Health

    Speaking to OpenGov Asia, Andrew Saunders, Health CIO, Department of Health & Human Services, Victoria, outlined the departments 6 building blocks for the realisation of their Digital Health strategy.

    "Health systems within Australia and around the world are grappling with how to mitigate the increasing cost pressures on health, and Victoria is no different. One of the strategies being developed is moving to a more person-centred system that focuses on meeting individual and place based needs, with the aim of keeping people healthy and well throughout their lives.

    Technology is an enabler in connecting the disparate parts of the system together, to enable clinical information to be shared in such a way that the overall health system is safer, better able to meet individual needs and produce better outcomes in a more cost effective way.

    Whilst technology is an enabler, change management and developing new workflows is the key for success, and we need to ensure that patients, clinicians and health service administration work together to develop the new digital health workflows.

    "What are the core priorities that you are looking to implement or may have started to implement over the coming years?"

    We have 6 building blocks for the realisation of our Digital Health strategy:

    1. Digitise clinical systems so that appropriate clinical information can be shared to provide safer and more effective clinical outcome.

    2. Create a person-centred systems approach that deals with the specific needs of the individual from a health and social care perspective, and provide a seamless pathway to accessing appropriate services.

    3. Provide ‘clinical grade ICT integration’ across the whole sector to ensure we have robust and secure ICT infrastructure that can support the real time decision making required to assist in saving lives.

    4. Creating a shared clinical information system to enable clinicians to better support their patients from an integrated and continuum of care perspective.

    5. Enhance applied health research, quality & safety and education through deeper analytics of de-identified health datasets.

    6. Identify opportunities for targeted preventative health and early intervention.

    Our plan for the next 3 years is to progress each of the building blocks, the pace of change dependent on the funding received. In summary, we want to ensure we are collecting clinical information in digital form that can be part of a person’s health record, is able to be appropriately shared, is robust and secure, and can be used to deliver better health and wellbeing outcomes for the person."

    Read the full interview conducted by OpenGov Asia Moving towards a ‘Person-Centreed’ approach to healthcare'.

    Read More

    Trident Health's Connect 2 Care Reminder Service

    As Australia faces increasing load on our Health services, many health providers are looking to ways to improve the efficiency and effectiveness of their service provision. Many providers are looking to TeleHealth and IT based solutions to assist in this goal. Trident Health has recently released their new Connect 2 Care Reminder Service to assist Health Providers achieve this.

    C2C Reminder Service – Assisting where help is needed most.

    The C2C Reminder Service is an automated, phone based reminder service that enables care providers to deliver simple, effective reminders to patients or clients. Trident Health TeleHealth Project Manager Anthony Fighera sees huge potential for the new product. “The C2C Reminder Service enables care providers to create customised messages that are automatically delivered to a patient’s phone. They can use the system to remind patients of upcoming appointments, home visits or medication reminders.”

    The C2C Reminder Service scales from a consumer to enterprise level and offers improved operational efficiencies, lowering patient management risks and needs minimal staff involvement. “The service is extremely cost effective and enables care providers to focus on what they do best, providing care. C2C Reminder Service automates the time consuming process of contacting patients with reminders about a range of things. This service will free staff up from this onerous task.” Says Fighera.

    When asked about the service, Fighera offered great insight into the new service. “We’ve created this service with ease-of-use in mind. It has a quick and simple booking service, can scale to have an unlimited amount of advance bookings and can deliver calls to landline or mobiles. It really offers an outstanding service to our Health Care providers.”

    "The service is extremely cost effective and enables care providers to focus on what they do best, providing care."

    If you’d like more information on the C2C Reminder Service and how it could help your organisation provide a better level of care to your patients, contact Trident Health today.

     

    Anthony Fighera

    Telehealth Project Director
    Trident Health
    e: nafighera@trident.com.a
    u

    Read More

    Data Is Valuable, Protect It!

    While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a hospital holds on its staff, patients and past patients, creditors and the wider community!

    What do we have of Value?

    While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a hospital holds on its staff, patients and past patients, creditors and the wider community!

    Over recent months, we are seeing examples in the United States where health care providers are being hit with ransomware and crypto-lockers, and if you look at who suffers the consequences of a breach like this, it’s not just the organisation, but potentially everyone connected to that organisation. Recent incidents highlight that security leaks can happen and can damage the reputation and security of an organisation. Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information or opening a door to your information as it is the most valuable asset you have!

    "Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information"

    Times, they are a changin’

    People think that hackers are the only people who will pose a risk to their organisation, but the Threat Landscape is so different now that hackers are such a small part. With the prevalence of state support groups, cyber terrorist, insider attacks, and now ransomware, external hacking is only a small part of the risk.

    Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.

    Every organisation needs a Security Audit, Vulnerability Assessment and/or a Penetration Test to evaluate their risk. These measures will identify holes you didn’t know about, or highlight things you have missed, it’s information that is vital to improving your security controls. If you are never tested, how are you to actually know?”

    Read More

    Microsoft Office Security Alert

    Who is affected?
    Organisations running Office versions since: 

    Office 2007
    SharePoint Foundation 2010 SP2
    SharePoint Foundation 2013 SP1
    Microsoft SharePoint Server 2016.
    https://technet.microsoft.com/en-us/library/security/ms16-088.aspx
     
    What is the vulnerability?
    Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. 
     
    An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. 
    If the current user is logged on with administrative user rights, an attacker could take control of the affected system. 
    An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. 
    Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

     
    Exploitation of the vulnerabilities requires that a user opens a specially crafted file with an affected version of Microsoft Office software. 
    In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. 
    In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. 

    An attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince them to open the specially crafted file.

    What should I do?
    We suggest you contact us on (03) 8587 7500 to book in a time to discuss how this issue affects your organisation and how we can assist you in its remediation.
    Or navigate to https://support.microsoft.com/en-us/kb/3170008 and complete the updates.

    Further reading
    Rethink IT Security
    Symantec Vulnerabilities Uncovered



    Read More

    Rethinking IT Security

    For many years’ companies have been focussed on the security required to protect their IT investment and their data. Companies have installed firewalls and Anti-virus solutions and many would be quite confident that they have a good level of security in place. Unfortunately, today’s threat landscape has changed so rapidly and is now so broad, that just having a firewall is no longer enough.

    Rajitha Udayanga, Security Engineer

    To gain a better insight into IT security and the threats posed to a company today, I spoke to Rajitha Udayanga, Security Engineer within the Trident Computer Services group. Rajitha is a Certified Information Systems Security Professional with over 13 years of experience in IT, Network and Data Security. He specialises in a wide range of IT security areas, such as Data Network Security Implantation, Data Network Design and Implementation, Information Security Audits, Information Security Management Risk, Cyber Security Incident Management and Response, IT Forensics.

    Rajitha said, “It is extremely difficult to achieve 100% security, you can get close, but you need layered security to achieve anything close to it.

    Many organisations forget that people will always be a factor. IT Security professionals have a saying, ‘There is no security, without U’, and it’s very true. Technical controls are only one aspect of your security, most organisations forget that human resource security is just as important.

    “True IT Security is a collective effort between people and technology, that way we can reduce risk. But understand, it is extremely difficult to remove risk completely. You can certainly reduce it to acceptable levels, but you cannot remove it completely. Take, for example, the recent successful hacking of the FBI and NASA. They have multi-layered security controls yet were still able to be compromised.”

    "There is no security, without U"

    Why have things changed so much?

    When asked why things have changed so much, Rajitha told me, “People think that hackers are the only people who will pose a risk to their organisation, but the Threat Landscape is so different now that hackers are such a small part. With the prevalence of state support groups, cyber terrorist, insider attacks, and now ransomware, external hacking is only a small part of the risk.

    Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.”

    "Just because we trust you, doesn’t mean we trust your device"

    Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.”

    We're not in finance, so what do we have of value?

    Having worked in the education and corporate sectors for many years, I’ve heard many colleagues say that as their School or Company is small, or that since they aren’t dealing in finance etc., that they won’t be a target, but Rajitha’s perspective on that was quite different. “While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a school holds on its staff, present and past students, parents and community!

    We are seeing examples in the United States where health care providers are being hit with ransomware and crypto-lockers, and if you look at who suffers the consequences of a breach like this, it’s not just the organisation, but potentially everyone connected to that organisation. Recent incidents highlight that security leaks can happen and can damage the reputation and security of an organisation. Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information or opening a door to your information as it is the most valuable asset you have!”

    Words of Wisdom!

    When asked to give me his most important ‘words of wisdom’ about IT Security, Raj told me he had two:

    “You have to remember that the security professionals are playing catch-up, always working on the new holes as they arise. Hackers are on their own timelines, exploring new potentials – they have plenty of time to come up with new threats, and many hackers caught by law are under 20. They are students!”

    And

    “Every organisation needs a Security Audit or Vulnerability Assessment and Penetration Test to evaluate their risk. While it may show you holes you didn’t know about, or highlight things you have missed, that information is vital to improving your security controls. If you are never tested, how are you to actually know?”

     

    Details on Rajitha Udayanga

    Rajitha has recently joined the Trident Computer Services group, bringing over 13 years of experience in IT, Network and Data Security to the organisation. Rajitha has a strong technical background in Network, Systems Integration and Network Security and is constantly working to improve performance and outcomes for his clients.
    He has worked across various industry sectors (e.g., banking, financial services, service providing, telecommunication and education) with large organisations designing, implementing and reviewing security solutions as well as security and risk management frameworks.
    Rajitha specialises in:

    • Data Network Security
    • Implantation Data Network Design
    • Implementation Information Security Audits
    • Business Continuity Planning and Audits
    • Information Security Management
    • Risk Management
    • Compliances
    • Cyber Security Incident Management
    • and Response IT Forensic.

    He holds certifications in:

    • CISSP (ID # 317851)
    • C|EH (ID # ECC48949222183)
    • ISO 22301:2012 Lead Auditor (ID #BSI9912901)
    • ISO 27001:2013 Lead Implementer (ID # BSI9912912)

     

     

    Nathan Burgess

    Lead Marketing Innovator
    Trident Health
    e: nburgess@trident.com.au

    Read More

    Symantec Vulnerabilities Uncovered

    Over the last week, the focus of IT professionals has been drawn towards Symantec, as details were released regarding more than two dozen vulnerabilities in its anti-virus software, many of which have been listed as "high" severity. The vulnerabilities cover most of the company's consumer and enterprise products, and some will need to be manually updated by partners or customers to remediate the issues.

    Is it really that bad?

    Out of the vulnerabilities that have been uncovered in 25 of Symantec's products, most are listed as "high" severity vulnerabilities. This is because the vulnerabilities are fairly easy to exploit, and from there hackers could compromise an entire enterprise fleet using a vulnerability like this," said Tavis Ormandy, a researcher with Google's Project Zero that helped discover the vulnerabilities.
    "These vulnerabilities are as bad as it gets," Ormandy said "They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption."

    The vulnerabilities centre mostly around the tool Symantec uses to unpack compressed executables, a tool that is run in the kernel. Ormandy used odd-sized records, which were incorrectly rounded up by the system, to create a buffer overflow. This could be triggered by something as simple as emailing a file or link to a victim, without the need for them to open it, because Symantec uses a filter driver to intercept all system I/O, Ormandy said.

    Symantec said in its advisory that it is not aware of any of the vulnerabilities being exploited.

    "90% of Trident customers trust Sophos to keep them secure. Perhaps the time has finally come to switch to Sophos."

    What products are affected?

    An extensive number of products are affected because Symantec uses the same core engine across many products, including its consumer and enterprise lines. According to an advisory posted by Symantec, the affected enterprise products include:
    Advanced Threat Protection, Symantec Data Center Security:Server (SDCS:S), Symantec Web Security .Cloud, Email Security Server .Cloud (ESS), Symantec Web Gateway, Symantec Endpoint Protection (SEP), Symantec Endpoint Protection for Mac (SEP for Mac), Symantec Endpoint Protection for Linux (SEP for Linux), Symantec Protection Engine (SPE), Symantec Protection for SharePoint Servers (SPSS), Symantec Mail Security for Microsoft Exchange (SMSMSE), Symantec Mail Security for Domino (SMSDOM), CSAPI, Symantec Message Gateway (SMG) and Symantec Message Gateway for Service Providers (SMG-SP).

    The vulnerabilities also affected nine of the company's consumer Norton products.

    Is there a fix yet?

    Symantec has "verified these issues and addressed them in product updates, to fully mitigate the identified vulnerabilities”, Symantec recommends applying the required patches to the affected products as soon as possible. This is the only means to ensure that installed products cannot be exploited," the advisory said.

    What does Trident Recommend?

    For over 10  years, Trident has been recommending Sophos anti-virus and endpoint protection solutions. Whilst no security vendor claims 100% protection, we've assessed many products over the years and every time Sophos ends up ahead in pricing, protection and support – that’s why it’s the only endpoint protection solution we offer! They also do email, antivirus and anti spam solutions and with the recent acquisition of Cyberroam their UTM Firewall solutions provide world class protection.
    It’s time to talk Sophos with us and take away the risk and complexity of your firewall, anti-virus, endpoint and email protection. 

     

    There’s a few resources available for you to read over:

    Which is easier, Upgrading Symantec, or switching to Sophos - https://www.sophos.com/en-us/security-news-trends/security-trends/upgrading.aspx
    Read More

    Katie Bentley Named As Ambassador For The St Kilda Gatehouse.

    I am very excited to officially become an Ambassador for the St Kilda Gatehouse. The Gatehouse is a not for profit Christian organization which works alongside those involved in street based sex work or affected by commercial sexual exploitation as a result of hardship.

    Through providing a place of belonging and engagement Gatehouse helps individuals address issues such as family violence, drug addiction, homelessness, poverty, mental health and social isolation. It is a place where individuals feel valued and important. For many who come from challenging backgrounds it is a source of dignity and hope. I have wanted to work with the Gatehouse for many years and felt that 2016 would be a good time for me with my family starting to grow older. I want to teach my children, and potentially inspire my staff, about principals of compassion and empathy.

    "The St Kilda Gatehouse is a place where individuals feel valued and important. For many who come from challenging backgrounds it is a source of dignity and hope."

    After completing my law degree, it was obvious I was never going to be a very good lawyer as I was more interested in how the individual was going to prepare to lead a more fulfilling life. Working with marginalized women in my local community is important to me. I believe it will help my family and my organization promote a culture of joy in 2016.

      Katie Bentley

    Chief Executive Innovator
    Trident Computer Services
    e: kbentley@trident.com.au

    Read More

    The First Line Of Defence In Electronic Security

    While the effective management of passwords is the first line of defence in the electronic security of any organisation, it is often not given the priority it deserves I securing a company's IT systems. 

    Benefits of a Password Procedure

    • Appropriate access for all staff;

    • Effective identity management and access auditing;

    • Preservation and protection of personal information entrusted to your care;

    • Protection of YOUR personal information.

    Best Practices/Recommendations

    When creating a password procedure, it is important to consider elements that can be enforced through software security settings. Items such as the minimum length of a password and expiry cycle for passwords are typically set through system software. Another important consideration when developing a password procedure is password retention. Even with the best procedures in place, passwords will be shared or otherwise become known over time, weakening security, so it is necessary to change them on a regular basis.

    Most systems allow the system administrator to set a parameter which causes passwords to expire and requires them to be reset by the user. This parameter is typically set for anywhere from 30 days to 90 days. Password expiry does add some additional workload for technical staff as users often forget their new passwords and need support to change them. This is where Trident Health can assist and provide easy to use solutions like Managed Password Protection. 

    Best Practice When Creating a Password

    • Length of password - Passwords should be a minimum of six characters.

    • Mixed characters - Passwords should contain at least one of the following: upper- and lower-case letters, numbers, and special characters (@#$!% etc);

    • Password retention - Passwords should be reset on a regular basis and should expire after a set length of time. This can vary from 30 days to 60 days to 90 days;

    • Histories - Password histories should be maintained and set so that users cannot use the same password twice within a defined period. 


    User Education

    For the users’ protection, passwords created should be difficult to guess. The following points provide some guidance
    on best practices for creating a password:

    • The password should not be the same as the username, even with a number or symbol added;

    • Passwords should not contain personal information such as street number or name, company name, date of birth, etc;

    • Passwords should never contain names of family members, pets, friends, or co-workers;

    • Passwords shouldn’t be a common phrase followed by a digit that is changed when the password expires.

    Users should always follow these principles:

    • Do not share passwords with anyone. If there is an issue that requires you to do so, remember to change the password immediately after the issue has been resolved;

    • Never use the same password for work accounts as the one you have for personal use (banking, etc.);

    • Do not write down passwords or include them in an email;

    • Do not store passwords electronically unless they are encrypted;

    • Never use the “Remember Password” feature on any systems; this option should be disabled in systems where technically feasible.

    Conclusion

    There are many things to consider when developing a password procedure. Strict password procedures ensure greater security but require more user support and may result in a low compliance rate. Very relaxed password policies will likely result in higher compliance by users but may not provide adequate protection.

    The key to an effective password procedure is to define a balance between the security needs of your organisation and its culture and to follow the guidelines defined.

    For further details on how to secure your organisations IT security give Trident a call today. We will provide personalised and proven security measures to give you peace of mind.

     

      Domenic Lucarelli 
    Senior Account Manager
    Trident Health
    e: DLucarelli@trident.com.au