Blog

An informative blog, where Trident Computer Services staff write about the technology that excites them, innovative solutions they have come across, and the ways they are helping people innovate!

Read More

Top 10 Web Application Vulnerabilities

In a recent survey conducted across multiple industries in the United States it was found that over 50% of organisations had at least one serious vulnerability every single day of the year (White Hat Security, 2015)!

Web applications have enabled organisations to build stronger relationships with their customers, suppliers and stakeholders however it has created another avenue for critical data to be exposed. A vulnerable web application can bring serious risk for your entire database of sensitive information – it can also turn your website into a launching site for further criminal activity such as hosting phishing or illegal content transfers.

To understand the complex nature of Web Application vulnerabilities we have summarised the top 10 risks to your web applications and the effects a breach can have to you and your customers.


1. Injection Flaws

When there are injection flaws an attacker can access back-end database information. All data, including sensitive client and partner information, could be stolen, modified or deleted. Injection can sometimes lead to complete host takeover. 

2. Cross-Site Scripting (XSS) 

An attacker can execute scripts in a victim’s browser to hijack user sessions, deface web sites, insert hostile content, redirect users, hijack the user’s browser using malware, etc. 

3. Broken Authentication & Session Management 

Attackers are able to compromise passwords, keys, session tokens, or exploit other implementation flaws to impersonate users. This type of vulnerability may allow some or even all accounts to be attacked. Once successful, the attacker can do anything the victim could do. Privileged accounts are frequently targeted.

75% of cyber-attacks such as ransomware occur at web application level

4. Insecure Direct Object Reference 

Applications don’t always verify if the user is authorised for the target object. Without an access control check or other protection, attackers can manipulate references to access unauthorised data. 

5. Cross-Site Request Forgery 

This type of vulnerability allows the attacker to force the victim’s browser to generate requests that appear to be legitimate requests from the victim. This type of attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. 

6. Security Misconfiguration 

Such flaws frequently give attackers unauthorised access to some system data or functionality. Occasionally, such flaws result in a complete system compromise. Your system could be completely compromised without you knowing it. All of your data could be stolen or modified slowly over time, leading to a costly recovery process. 

7. Insecure Cryptographic Storage

This type of vulnerability may compromise all data that should have been encrypted. Typically this information includes sensitive data such as health records, credentials, personal data, credit cards, etc. Impacts include loss of trust, reputation and legal liability issues. 

8. Failure to Restrict URL 

Applications are not always protecting page requests properly. Sometimes URL protection is managed via configuration, and the system is misconfigured.  

Occasionally developers may forget to include the proper code checks.  Such vulnerabilities provide hackers the opportunity to forcefully browse and access pages past the login page. 

9. Insufficient Transport Layer Protection  

An attacker can expose an individual user’s data leading to account theft. If an admin account was compromised, the entire site could be exposed. Poor SSL setup can also facilitate phishing and MITM attacks.

10. Invalidated Redirects and Forwards 

Such redirects may attempt to install malware or trick victims into disclosing passwords or other sensitive information. This type of vulnerability can result in major exploitation of sensitive information leading to a strong distrust of your web applications by users. 



Recent research shows that 75% of cyber-attacks such as ransomware occur at web application level, proving that ensuring web app security is crucial for business continuity and safety.  

Trident Health have developed the Web Application Security Test to ensure the web becomes a more secure environment for administrators and users.  The test identifies security vulnerabilities and exploitable elements residing within web applications that could be used to affect the confidentiality, availability or integrity of information.



RELATED


Essential Web Application Security Check - Making the web progressively more secure!


5 Great Tips To Strengthen Your Web Security


IT Security Guidelines You Should Be Implementing


Data is valuable, protect it!




Read More

5 Great Tips To Strengthen Your Web Security

The preferred method for attacking businesses' online assets is via their web applications. According to a study released last year by HP, 69% of web applications scanned by the company had at least one SQL injection error, and 42% contained a cross-site scripting vulnerability. According to the White Hat Security Report, 47% of Healthcare websites are always vulnerable (vulnerable on every single day of the year). 

Web application vulnerabilities continue to be a significant problem. Depending on the specific circumstances, these vulnerabilities could cause significant problems for the companies that have not remediated them, up to and including the theft of critical business data or personally identifiable information, web site defacement, or denial of service.

While this list could go on and on, here are five great tips from our IT Security Engineer Rajitha Udayanga on how to strengthen your web application security and minimise your risk of a data breach:

1. Get Patched Up!

Keep your servers and software patched and up-to-date, last year we saw a string of security breaches stemming from the same problem: Unpatched versions of the ColdFusion application server software. With web application security, every little vulnerability opens the door for a security breach. You might build impenetrable applications but if you put those applications on an unpatched server, your data is still vulnerable.

2. Trust, But Verify User Input

While this advice might sound obvious, there’s a very good reason why it’s included: Despite the repeated warnings over the years, these types of attacks still happen far too often. Developers still aren’t properly validating user input, leaving their data wide open to attackers. The good news: frameworks for protecting against these attacks are improving. 

3. Use a Security-Focused Quality Assurance (QA) Process

 When testing new web applications, what do you check for? In most cases, testers looks for bugs in the interface and ensure the application does what it’s supposed to do. But, is that enough? Your QA process should also ask this question: Does the application do anything it’s not supposed to do? 

Security is a problem that will keep growing if not made a priority.  

It’s a problem that can compromise your customer’s sensitive data and cause irreparable damage to your company’s reputation.

4. Make Security Part Of The Organisation 

Shortly after the USA Healthcare.gov website went public, a “white hat” hacker discovered that security was never properly built into the site. It was composed of multiple insecure pieces that left user data wide open to attackers. Now, while most organisations aren’t creating applications on this scale, it brings up an important point. Security should never be an afterthought. It can’t be something that’s added after the application is built. It should be a critical component of the entire development process, as well as the organisation as a whole.  

5. Test Your Website For Vulnerabilities 

It is important to regularly perform web security assessment to check for website and server vulnerabilities. Web security assessment should be performed on a schedule, and after any change or addition to your web components. Developing a relationship with a firm that provides security services can be a lifesaver when it comes to protecting your website. While the small things can be taken care of on your own, there are many security measures that should be handled by an expert. Companies providing security services can regularly assess your website for vulnerabilities, perform full website security audits, monitor for malicious activity, and be on hand whenever repair is needed.


RELATED


Essential Web Application Security Check - Making the web progressively more secure!


Rethinking IT Security


IT Security Guidelines You Should Be Implementing


Data is valuable, protect it!


Read More

IT Security Guidelines You Should Be Implementing

It’s a general consensus that banks and financial institutions have a lot to lose financially from being hacked into, however people tend to forget how much Personal Identifiable Information (PII) the health industry holds and just how valuable that is! Think of all the PII a hospital or clinic holds on its staff, patients (past and present) and the community!

Health care staff typically have access to sensitive personal information on a large number of patients, which makes their devices prime targets for hackers looking to steal that information.

Hacking has become a multimillion dollar business with Ransomware attacks on health care organisations four times higher last year than in 2015. It is an extremely worrisome shift towards targeting vulnerable hospitals and health care clinic devices to gain access to personal information. In the past week Emory Healthcare was hit by Ransomeware with over 200,000 patients detail hacked!

Doctors, nurses and staff can protect sensitive patient information, as well as their own reputations, by sticking to some common-sense guidelines.

Encrypt Devices:

Encrypt laptops and other devices so that the information on them will be unintelligible to anybody who steals them. Without an encryption key, data on an encrypted device will be nothing more than ones and zeros.

Recommendation:
Utilise built-in encryption programs that are available on most modern operating systems if you don’t have the budget for an enterprise-grade solution.


Remain Vigilant:

Army grade encryption will not keep a hacker out if you use weak or easy-to-guess passwords, remain logged into public devices or if your anti-virus software is outdated.

Recommendation:
Install system updates regularly and maintain the latest version of your anti-virus programs. This will ensure the latest threats to your data and your operating system will be caught by your security software. Don’t let convenience trump good security.


Surf Between the Flags:

Practice safe surfing. It is imperative to remain vigilant and to be able to recognise phishing scams, where hackers send emails with links or attachments that trick users into giving them access to their information, either by providing their credentials to a bogus web site or by executing malicious software on their machine.

Recommendation:
Since these can spread easily among coworkers, we recommend IT staff provide professional security training/guidelines to get all staff members up to speed on this threat. To enhance the barriers for staff, patients and guests to surf outside the flags Trident Health recommends considering anti-virus, anti-spam and web content filtering controls.


For further information on what security software to purchase or how to improve the IT security for your organisation, contact Trident Health today – (03) 8587 7500 | saleshub@trident.com.au


You may also be interested in



Read More

Prevent Ransomware This Christmas Period

There’s nothing worse in the field of technology than having a criminal in control of your network. When a ransomware attack occurs, it can easily elevate from a potential data loss to potential identity theft to a data breach in the form of extortion. Many various types of ransomware such as Cryptolocker are on the rise across the web within the health industry with criminals netting over $150 million a year. These email scams are very cleaver, and while antivirus products help prevent these incidents, they are not infallible, and so to avoid being a victim to the scam we must all be vigilant and be aware of what to look for.

Threat Description
Be wary of emails coming in from unknown sources that claim to be originating from the following but not limited to AusPost, ANZ Bank, Commonwealth Bank and Federal Police. The hoax email appears legitimate as it is presented in a professional layout from email address that appear official and incorporates the company logo. The emails in fact contain a payload of a very dangerous virus/Trojan links that if clicked will download and install a program that encrypts data on all your computing devices including but not limited to your desktop or laptop computers, server storage, cloud storage if you have installed Dropbox or Onedrive on your local computer. 

The ransomware will also installs "helpful" files in each folder that direct the user to pay a ransom to have the encryption removed.

Example:

While these threats can be extremely serious, there are a number of actions you can take to reduce the risk of attack and improve the overall security of your organisation.
 


If you have received an email of this type and have clicked on any links or attachments, please contact Trident Health immediately on 1300 784 774.


Read More

Connecting Remote Patients With Specialist Care

In a country as vast as Australia, finding ways to provide access to specialist health care to our rural and remote communities can be a major challenge, but recently, dedicated professionals like Rohan Corpus have made massive inroads in this difficult area. Rohan’s work sees him supporting 52% of the state of Queensland and finding ways to deliver an accessible health care solution for some Australia’s most marginalised and disadvantaged people has lead him to embark on a two-year project as part of the Indigenous Cardiac Outreach Program (ICOP).

Quality Telehealth solutions are changing the way we can work with our patients.

Utilising modern telehealth solutions, Rohan has been able to assist in connecting Queensland’s Indigenous rural and remote patients with a range of specialists so that they can have consultations between their scheduled clinic visits. This, combined a with what Rohan likes to call a Telehealth Toolkit, has reduced the need for patients to travel, minimised patient inconvenience, provided health professionals with comprehensive access to a patient’s vital health information, and gives a more thorough picture of a patient’s condition, allowing greater management of their health and wellbeing.

Rohan is very excited about recent developments in the Telehealth area and the impact this will have on the Health Care industry. The original supporter of the system Rohan uses, Gold Coast based Telehealth Networks, and Melbourne based IT provider Trident Health have partnered to develop new telehealth services that will ensure that these innovative solutions will have state of the art diagnosis equipment combined with robust IT and communications infrastructure to deliver the service and support that’s needed for our health industry.

“Telehealth has the opportunity to ease the financial and travel burdens for patients and can lead to a greater willingness to engage with health service, where previously these inconveniences can negatively impact and have limited community engagement opportunity.” Rohan says.

“This unique Telehealth system connects patients holistically to other services and specialists, resulting in a more thorough picture of a patient’s burden of disease and enhancing health management and overall individuals wellbeing. In addition, having a supplementary servicee between scheduled face-to-face consultations keeping patients connected and health effectively monitored to.”

"This unique Telehealth system connects patients holistically to other services and specialists, resulting in a more thorough picture of a patient’s burden of disease and enhancing health management and overall individuals wellbeing."

Rohan has seen firsthand how the ‘hospital-in-the-home” delivery approach minimises the inconvenience to patients, particularly those who require specialty service assistance, such as the elderly, those with significant co-morbidities that alienate them, and those who are reluctant to engage with services for various reasons. “Quality Telehealth solutions are changing the way we can work with our patients and are bridging the gap between patients and care.” Rohan says.

“Early evidence indicates that patients and community health enthusiasts have found the tool easy to navigate and the simplicity in its comprehensive data collection results are ideal. The ease of access and navigation makes it a suitable system for rural and remote application, with minimal risk of human error.”

Speaking about Trident Health’s C2C Connect 2 Care systems, Anthony Fighera is enthusiastic about how care providers are embracing the Telehealth solutions, “We have been engaging with a wide range of health providers and they are keen to integrate our solutions into their service offerings. The idea of being able to extend quality care to patients challenged by distance or accessibility is very attractive.”

"For the past 18 months, Telehealth Networks have worked with Indigenous health workers who are very receptive to the telehealth solution and felt this would fill the current gap in Indigenous health care."

As Australia’s health care providers seek new both comprehensive and innovative ways to address the current challenges facing them, one thing is certain, Telehealth systems like Trident Health’s Connect2Care solution are breaking new ground in providing new avenues for health care providers to deliver quality care to some of Australia’s most challenging areas.

Click here to read more about Trident Health's Connect 2 Care solution.

Read More

The 6 Building Blocks Of Victoria's Digital Health

Speaking to OpenGov Asia, Andrew Saunders, Health CIO, Department of Health & Human Services, Victoria, outlined the departments 6 building blocks for the realisation of their Digital Health strategy.

"Health systems within Australia and around the world are grappling with how to mitigate the increasing cost pressures on health, and Victoria is no different. One of the strategies being developed is moving to a more person-centred system that focuses on meeting individual and place based needs, with the aim of keeping people healthy and well throughout their lives.

Technology is an enabler in connecting the disparate parts of the system together, to enable clinical information to be shared in such a way that the overall health system is safer, better able to meet individual needs and produce better outcomes in a more cost effective way.

Whilst technology is an enabler, change management and developing new workflows is the key for success, and we need to ensure that patients, clinicians and health service administration work together to develop the new digital health workflows.

"What are the core priorities that you are looking to implement or may have started to implement over the coming years?"

We have 6 building blocks for the realisation of our Digital Health strategy:

1. Digitise clinical systems so that appropriate clinical information can be shared to provide safer and more effective clinical outcome.

2. Create a person-centred systems approach that deals with the specific needs of the individual from a health and social care perspective, and provide a seamless pathway to accessing appropriate services.

3. Provide ‘clinical grade ICT integration’ across the whole sector to ensure we have robust and secure ICT infrastructure that can support the real time decision making required to assist in saving lives.

4. Creating a shared clinical information system to enable clinicians to better support their patients from an integrated and continuum of care perspective.

5. Enhance applied health research, quality & safety and education through deeper analytics of de-identified health datasets.

6. Identify opportunities for targeted preventative health and early intervention.

Our plan for the next 3 years is to progress each of the building blocks, the pace of change dependent on the funding received. In summary, we want to ensure we are collecting clinical information in digital form that can be part of a person’s health record, is able to be appropriately shared, is robust and secure, and can be used to deliver better health and wellbeing outcomes for the person."

Read the full interview conducted by OpenGov Asia Moving towards a ‘Person-Centreed’ approach to healthcare'.

Read More

Trident Health's Connect 2 Care Reminder Service

As Australia faces increasing load on our Health services, many health providers are looking to ways to improve the efficiency and effectiveness of their service provision. Many providers are looking to TeleHealth and IT based solutions to assist in this goal. Trident Health has recently released their new Connect 2 Care Reminder Service to assist Health Providers achieve this.

C2C Reminder Service – Assisting where help is needed most.

The C2C Reminder Service is an automated, phone based reminder service that enables care providers to deliver simple, effective reminders to patients or clients. Trident Health TeleHealth Project Manager Anthony Fighera sees huge potential for the new product. “The C2C Reminder Service enables care providers to create customised messages that are automatically delivered to a patient’s phone. They can use the system to remind patients of upcoming appointments, home visits or medication reminders.”

The C2C Reminder Service scales from a consumer to enterprise level and offers improved operational efficiencies, lowering patient management risks and needs minimal staff involvement. “The service is extremely cost effective and enables care providers to focus on what they do best, providing care. C2C Reminder Service automates the time consuming process of contacting patients with reminders about a range of things. This service will free staff up from this onerous task.” Says Fighera.

When asked about the service, Fighera offered great insight into the new service. “We’ve created this service with ease-of-use in mind. It has a quick and simple booking service, can scale to have an unlimited amount of advance bookings and can deliver calls to landline or mobiles. It really offers an outstanding service to our Health Care providers.”

"The service is extremely cost effective and enables care providers to focus on what they do best, providing care."

If you’d like more information on the C2C Reminder Service and how it could help your organisation provide a better level of care to your patients, contact Trident Health today.

 

Anthony Fighera

Telehealth Project Director
Trident Health
e: nafighera@trident.com.a
u

Read More

Data Is Valuable, Protect It!

While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a hospital holds on its staff, patients and past patients, creditors and the wider community!

What do we have of Value?

While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a hospital holds on its staff, patients and past patients, creditors and the wider community!

Over recent months, we are seeing examples in the United States where health care providers are being hit with ransomware and crypto-lockers, and if you look at who suffers the consequences of a breach like this, it’s not just the organisation, but potentially everyone connected to that organisation. Recent incidents highlight that security leaks can happen and can damage the reputation and security of an organisation. Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information or opening a door to your information as it is the most valuable asset you have!

"Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information"

Times, they are a changin’

People think that hackers are the only people who will pose a risk to their organisation, but the Threat Landscape is so different now that hackers are such a small part. With the prevalence of state support groups, cyber terrorist, insider attacks, and now ransomware, external hacking is only a small part of the risk.

Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.

Every organisation needs a Security Audit, Vulnerability Assessment and/or a Penetration Test to evaluate their risk. These measures will identify holes you didn’t know about, or highlight things you have missed, it’s information that is vital to improving your security controls. If you are never tested, how are you to actually know?”

Read More

Microsoft Office Security Alert

Who is affected?
Organisations running Office versions since: 

Office 2007
SharePoint Foundation 2010 SP2
SharePoint Foundation 2013 SP1
Microsoft SharePoint Server 2016.
https://technet.microsoft.com/en-us/library/security/ms16-088.aspx
 
What is the vulnerability?
Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. 
 
An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. 
If the current user is logged on with administrative user rights, an attacker could take control of the affected system. 
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. 
Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

 
Exploitation of the vulnerabilities requires that a user opens a specially crafted file with an affected version of Microsoft Office software. 
In an email attack scenario an attacker could exploit the vulnerabilities by sending the specially crafted file to the user and convincing the user to open the file. 
In a web-based attack scenario an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerabilities. 

An attacker would have to convince users to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince them to open the specially crafted file.

What should I do?
We suggest you contact us on (03) 8587 7500 to book in a time to discuss how this issue affects your organisation and how we can assist you in its remediation.
Or navigate to https://support.microsoft.com/en-us/kb/3170008 and complete the updates.

Further reading
Rethink IT Security
Symantec Vulnerabilities Uncovered



Read More

Rethinking IT Security

For many years’ companies have been focussed on the security required to protect their IT investment and their data. Companies have installed firewalls and Anti-virus solutions and many would be quite confident that they have a good level of security in place. Unfortunately, today’s threat landscape has changed so rapidly and is now so broad, that just having a firewall is no longer enough.

Rajitha Udayanga, Security Engineer

To gain a better insight into IT security and the threats posed to a company today, I spoke to Rajitha Udayanga, Security Engineer within the Trident Computer Services group. Rajitha is a Certified Information Systems Security Professional with over 13 years of experience in IT, Network and Data Security. He specialises in a wide range of IT security areas, such as Data Network Security Implantation, Data Network Design and Implementation, Information Security Audits, Information Security Management Risk, Cyber Security Incident Management and Response, IT Forensics.

Rajitha said, “It is extremely difficult to achieve 100% security, you can get close, but you need layered security to achieve anything close to it.

Many organisations forget that people will always be a factor. IT Security professionals have a saying, ‘There is no security, without U’, and it’s very true. Technical controls are only one aspect of your security, most organisations forget that human resource security is just as important.

“True IT Security is a collective effort between people and technology, that way we can reduce risk. But understand, it is extremely difficult to remove risk completely. You can certainly reduce it to acceptable levels, but you cannot remove it completely. Take, for example, the recent successful hacking of the FBI and NASA. They have multi-layered security controls yet were still able to be compromised.”

"There is no security, without U"

Why have things changed so much?

When asked why things have changed so much, Rajitha told me, “People think that hackers are the only people who will pose a risk to their organisation, but the Threat Landscape is so different now that hackers are such a small part. With the prevalence of state support groups, cyber terrorist, insider attacks, and now ransomware, external hacking is only a small part of the risk.

Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.”

"Just because we trust you, doesn’t mean we trust your device"

Across all industries, we are now seeing attacks from within an organisation being more prevalent than ones from outside. Recent statistics show that the internal security risk is more prevalent, not because of malicious intent, but because companies now allow staff to bring their own device to work (BYOD). While BYOD can reduce device cost, and empower employees to choose a device that suits the way they work, these devices are more difficult to secure and open up an organisation to internal threats. It’s hard to say to an employee that ‘just because we trust you, doesn’t mean we trust your device,’ but it’s never been more true! Any infection their BOYD has, creates the potential to compromise your organisation’s IT security.”

We're not in finance, so what do we have of value?

Having worked in the education and corporate sectors for many years, I’ve heard many colleagues say that as their School or Company is small, or that since they aren’t dealing in finance etc., that they won’t be a target, but Rajitha’s perspective on that was quite different. “While banks and financial institutions have a lot to lose financially, people tend to forget how much Personal Identifiable Information (PII) smaller organisations hold and just how valuable that is! Think of all the PII a school holds on its staff, present and past students, parents and community!

We are seeing examples in the United States where health care providers are being hit with ransomware and crypto-lockers, and if you look at who suffers the consequences of a breach like this, it’s not just the organisation, but potentially everyone connected to that organisation. Recent incidents highlight that security leaks can happen and can damage the reputation and security of an organisation. Security breaches aren’t necessarily about breaking a system or bringing down a network these days, it’s more about gaining information or opening a door to your information as it is the most valuable asset you have!”

Words of Wisdom!

When asked to give me his most important ‘words of wisdom’ about IT Security, Raj told me he had two:

“You have to remember that the security professionals are playing catch-up, always working on the new holes as they arise. Hackers are on their own timelines, exploring new potentials – they have plenty of time to come up with new threats, and many hackers caught by law are under 20. They are students!”

And

“Every organisation needs a Security Audit or Vulnerability Assessment and Penetration Test to evaluate their risk. While it may show you holes you didn’t know about, or highlight things you have missed, that information is vital to improving your security controls. If you are never tested, how are you to actually know?”

 

Details on Rajitha Udayanga

Rajitha has recently joined the Trident Computer Services group, bringing over 13 years of experience in IT, Network and Data Security to the organisation. Rajitha has a strong technical background in Network, Systems Integration and Network Security and is constantly working to improve performance and outcomes for his clients.
He has worked across various industry sectors (e.g., banking, financial services, service providing, telecommunication and education) with large organisations designing, implementing and reviewing security solutions as well as security and risk management frameworks.
Rajitha specialises in:

  • Data Network Security
  • Implantation Data Network Design
  • Implementation Information Security Audits
  • Business Continuity Planning and Audits
  • Information Security Management
  • Risk Management
  • Compliances
  • Cyber Security Incident Management
  • and Response IT Forensic.

He holds certifications in:

  • CISSP (ID # 317851)
  • C|EH (ID # ECC48949222183)
  • ISO 22301:2012 Lead Auditor (ID #BSI9912901)
  • ISO 27001:2013 Lead Implementer (ID # BSI9912912)

 

 

Nathan Burgess

Lead Marketing Innovator
Trident Health
e: nburgess@trident.com.au

Read More

Symantec Vulnerabilities Uncovered

Over the last week, the focus of IT professionals has been drawn towards Symantec, as details were released regarding more than two dozen vulnerabilities in its anti-virus software, many of which have been listed as "high" severity. The vulnerabilities cover most of the company's consumer and enterprise products, and some will need to be manually updated by partners or customers to remediate the issues.

Is it really that bad?

Out of the vulnerabilities that have been uncovered in 25 of Symantec's products, most are listed as "high" severity vulnerabilities. This is because the vulnerabilities are fairly easy to exploit, and from there hackers could compromise an entire enterprise fleet using a vulnerability like this," said Tavis Ormandy, a researcher with Google's Project Zero that helped discover the vulnerabilities.
"These vulnerabilities are as bad as it gets," Ormandy said "They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption."

The vulnerabilities centre mostly around the tool Symantec uses to unpack compressed executables, a tool that is run in the kernel. Ormandy used odd-sized records, which were incorrectly rounded up by the system, to create a buffer overflow. This could be triggered by something as simple as emailing a file or link to a victim, without the need for them to open it, because Symantec uses a filter driver to intercept all system I/O, Ormandy said.

Symantec said in its advisory that it is not aware of any of the vulnerabilities being exploited.

"90% of Trident customers trust Sophos to keep them secure. Perhaps the time has finally come to switch to Sophos."

What products are affected?

An extensive number of products are affected because Symantec uses the same core engine across many products, including its consumer and enterprise lines. According to an advisory posted by Symantec, the affected enterprise products include:
Advanced Threat Protection, Symantec Data Center Security:Server (SDCS:S), Symantec Web Security .Cloud, Email Security Server .Cloud (ESS), Symantec Web Gateway, Symantec Endpoint Protection (SEP), Symantec Endpoint Protection for Mac (SEP for Mac), Symantec Endpoint Protection for Linux (SEP for Linux), Symantec Protection Engine (SPE), Symantec Protection for SharePoint Servers (SPSS), Symantec Mail Security for Microsoft Exchange (SMSMSE), Symantec Mail Security for Domino (SMSDOM), CSAPI, Symantec Message Gateway (SMG) and Symantec Message Gateway for Service Providers (SMG-SP).

The vulnerabilities also affected nine of the company's consumer Norton products.

Is there a fix yet?

Symantec has "verified these issues and addressed them in product updates, to fully mitigate the identified vulnerabilities”, Symantec recommends applying the required patches to the affected products as soon as possible. This is the only means to ensure that installed products cannot be exploited," the advisory said.

What does Trident Recommend?

For over 10  years, Trident has been recommending Sophos anti-virus and endpoint protection solutions. Whilst no security vendor claims 100% protection, we've assessed many products over the years and every time Sophos ends up ahead in pricing, protection and support – that’s why it’s the only endpoint protection solution we offer! They also do email, antivirus and anti spam solutions and with the recent acquisition of Cyberroam their UTM Firewall solutions provide world class protection.
It’s time to talk Sophos with us and take away the risk and complexity of your firewall, anti-virus, endpoint and email protection. 

 

There’s a few resources available for you to read over:

Which is easier, Upgrading Symantec, or switching to Sophos - https://www.sophos.com/en-us/security-news-trends/security-trends/upgrading.aspx
Read More

Katie Bentley Named As Ambassador For The St Kilda Gatehouse.

I am very excited to officially become an Ambassador for the St Kilda Gatehouse. The Gatehouse is a not for profit Christian organization which works alongside those involved in street based sex work or affected by commercial sexual exploitation as a result of hardship.

Through providing a place of belonging and engagement Gatehouse helps individuals address issues such as family violence, drug addiction, homelessness, poverty, mental health and social isolation. It is a place where individuals feel valued and important. For many who come from challenging backgrounds it is a source of dignity and hope. I have wanted to work with the Gatehouse for many years and felt that 2016 would be a good time for me with my family starting to grow older. I want to teach my children, and potentially inspire my staff, about principals of compassion and empathy.

"The St Kilda Gatehouse is a place where individuals feel valued and important. For many who come from challenging backgrounds it is a source of dignity and hope."

After completing my law degree, it was obvious I was never going to be a very good lawyer as I was more interested in how the individual was going to prepare to lead a more fulfilling life. Working with marginalized women in my local community is important to me. I believe it will help my family and my organization promote a culture of joy in 2016.

  Katie Bentley

Chief Executive Innovator
Trident Computer Services
e: kbentley@trident.com.au

Read More

The First Line Of Defence In Electronic Security

While the effective management of passwords is the first line of defence in the electronic security of any organisation, it is often not given the priority it deserves I securing a company's IT systems. 

Benefits of a Password Procedure

  • Appropriate access for all staff;

  • Effective identity management and access auditing;

  • Preservation and protection of personal information entrusted to your care;

  • Protection of YOUR personal information.

Best Practices/Recommendations

When creating a password procedure, it is important to consider elements that can be enforced through software security settings. Items such as the minimum length of a password and expiry cycle for passwords are typically set through system software. Another important consideration when developing a password procedure is password retention. Even with the best procedures in place, passwords will be shared or otherwise become known over time, weakening security, so it is necessary to change them on a regular basis.

Most systems allow the system administrator to set a parameter which causes passwords to expire and requires them to be reset by the user. This parameter is typically set for anywhere from 30 days to 90 days. Password expiry does add some additional workload for technical staff as users often forget their new passwords and need support to change them. This is where Trident Health can assist and provide easy to use solutions like Managed Password Protection. 

Best Practice When Creating a Password

  • Length of password - Passwords should be a minimum of six characters.

  • Mixed characters - Passwords should contain at least one of the following: upper- and lower-case letters, numbers, and special characters (@#$!% etc);

  • Password retention - Passwords should be reset on a regular basis and should expire after a set length of time. This can vary from 30 days to 60 days to 90 days;

  • Histories - Password histories should be maintained and set so that users cannot use the same password twice within a defined period. 


User Education

For the users’ protection, passwords created should be difficult to guess. The following points provide some guidance
on best practices for creating a password:

  • The password should not be the same as the username, even with a number or symbol added;

  • Passwords should not contain personal information such as street number or name, company name, date of birth, etc;

  • Passwords should never contain names of family members, pets, friends, or co-workers;

  • Passwords shouldn’t be a common phrase followed by a digit that is changed when the password expires.

Users should always follow these principles:

  • Do not share passwords with anyone. If there is an issue that requires you to do so, remember to change the password immediately after the issue has been resolved;

  • Never use the same password for work accounts as the one you have for personal use (banking, etc.);

  • Do not write down passwords or include them in an email;

  • Do not store passwords electronically unless they are encrypted;

  • Never use the “Remember Password” feature on any systems; this option should be disabled in systems where technically feasible.

Conclusion

There are many things to consider when developing a password procedure. Strict password procedures ensure greater security but require more user support and may result in a low compliance rate. Very relaxed password policies will likely result in higher compliance by users but may not provide adequate protection.

The key to an effective password procedure is to define a balance between the security needs of your organisation and its culture and to follow the guidelines defined.

For further details on how to secure your organisations IT security give Trident a call today. We will provide personalised and proven security measures to give you peace of mind.

 

  Domenic Lucarelli 
Senior Account Manager
Trident Health
e: DLucarelli@trident.com.au