Category : Data Recovery

How to scrub data from your device

Delete

You may be surprised to hear that “Delete” is not an end all function for wiping data clean from your machine. To ensure you data doesn’t get into the wrong hands, perform a secure erase. Whether you are selling an old computer or just want to wipe some sensitive data off your machine completely, Secure Erase is an easy way to get the job done.

SECURE ERASE

When you hit Delete, you most likely expect that all of your data is actually deleted. Unfortunately, this is not the case. Delete doesn’t actually delete your data, what this function does is erase a file’s reference information in the disk directory and marks the blocks as free for reuse. Your operating system might not be able to see it, but your data is still there deep down. Hence the use of file recovery programs, these programs look for blocks that the directory says are not in use, and searches for your data. There is something called bad blocks as well, which is when data is left from partly overwritten blocks, and other actions. Secure Erase command overwrites every track on the disk, meaning, there is no data recovery from a Secure Erase. This is great for data security if you know what you are doing, which most of us don’t, which is why the Secure Erase command has been disabled on most motherboards.

ENCRYPT, REFORMAT, ENCRYPT.

Deleting the last little bit of your data can be easier than you think with the right knowledge. Windows uses an encryption tool called BitLocker, which usually requires a system with a Trusted Platform Module (TPM) chip. Without a TPM you won’t be able to access BitLocker or when you attempt to access BitLocker it will pop up with an error message. Full disk encryption is built into Windows and Mac OS X.

To try BitLocker, go the Control Panel, click System and Security, and then click on BitLocker Drive Encryption. Select the drive and start the process. Encryption will take hours on a large disk, but you should be able to do other work on the system while encryption completes. – Robin Harris, writer for Storage Bits

In order to perform this on a Mac, you will need to access the Mac OS File Vault 2 (10.7 and later) function. Open System Preferences, Find Security and Privacy, and FileVault. Choose Turn On FileVault, select a password option, enable any other accounts you want to access the drive – in this case none – and click Restart. The encryption process will begin and, like Windows, will take some hours if you have a large drive. – Robin Harris, writer for Storage Bits

Once you have your drives encrypted, you need to reformat the drive as a new drive and encrypt it again. The drive is now empty so you won’t be met with long wait times as you did with the previous encryption. The purpose of the second encryption is to ensure that your first encryption key is overwritten, because a really great decrypter could recover the key and decrypt your data, which would make all that work for nothing. The second encryption eliminates that possibility.

 

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit : www.zdnet.com

 

 

Lost all your emails in Outlook 2011 for Mac? Not a problem!!

Accidentally deleted everything in your Outlook 2011 email inbox on an Apple Mac? Not to worry, one of our lead techs stumbled upon this quick fix!

Deleting items such as emails and contact list entries means that they are moved to your Deleted Items folder. Now, if you empty the Deleted Items folder, they are removed form your inbox but will remain potentially recoverable for 28 days. To recover lost emails, go into the Deleted Items folder and select the emails you would like to recover. You can always select more than one by holding the ctrl button as you you click.

In the ribbon at the top, click the ‘Move’ icon and select the folder you would like to restore the emails to, such as ‘Inbox’ in this case. Voila!

Deleted-file

You can also recover them by through OWA (the Outlook Web App) at:

exchange.sussex.ac.uk/owa/


 

The information presented in the blog is courtesy of the University of Sussex, please visit http://www.sussex.ac.uk/its/help/faq?faqid=2277, for original content.

 

How to Ensure Company Data Does Not Leave with Employees

employee data

More often than not when an employee leaves an organization, they take company data with them. Some may not even realize they still have access to the data, and others may never do anything malicious with the data at all. Even still it is important to plan ahead in the event that an employee did leave with the intention of using company data for malicious purposes. In a national study conducted by Biscom, one in four employees leave their job with company data, showing how this is a great vulnerability hole for business data. In the act of prevention, Biscom CEO, Bill Ho, offers us a best practices to implement.

Establish clear employee policies on handling company data and information

Make sure all employees are made aware of company policy when it comes to handling company data. Research done by Network World showed that a hude chunk of employees, 84 %, reported there were no policies within their organization preventing them from taking company information. Ensure comprehensive policies are clear, and outline that all information, documents, and data created by the employee or any employee for that matter is considered company property.

Incorporate data ownership and handling policies into employee agreements

Make sure the language in such documents is specific and easy to understand, and immediately laid out to employees from Day 1. Clear ramifications and procedures from the start will lessen any complaints in the future, as well as miscommunication that the policies do not exist.

Add data protection and security discussions to new employee orientation and training

Take time to incorporate data protection and basic security protocols into conversation with employees. Make your team aware of the expectations when handling company data in order to minimize data breaches. Communicate policies with personal devices, social media, and consumer versions of file sharing and collaboration tools. Monitor permission-based access and user controls to the best of you ability.

Understand how to re-organize an attack or social engineering ploy

Know when is the necessary time to cancel accounts, block access and deny permissions. This is crucial in protecting company data from internal threats. Critical information that is unprotected and exposed can be detrimental to an organization.

Encourage reporting of suspicious activity

Make it very clear to employees that any suspicious activity should be reported immediately. Tell employees who to notify and what to do in this event. It has been shown that some of the largest breaches of data stem from an internal source. Sometimes these are mistakes made by employees that end up costing the organization a lot of money and data. Teach employees the basics on what is safe and what is suspect.

Train on best practices continuously and often — practice makes perfect

It is advised that quarterly meetings are held to inform employees on data threat prevention. This sets up a safe environment from employees to gain clarity and for supervisors to acknowledge what policies need to be beefed up.

Establish data classification and access permissions – limit access to those who need it, e.g. using the principle of least privilege

Streamline control and access to only the employees that directly require it. Only give permission to information employees need. It is advised that a spreadsheet is kept that lists each employee and their permitted access to tools and apps. This will aid in monitoring who has control as well as what access needs to be blocked once an employee has left the institution.

Create a response plan and practice it 
Keep a solid information technology company on hand to help aid in the mitigation of access. Always keep an emergency response plan for if/when data has been breached. This creates a clear process for members of the organization to follow in the event of crisis, avoiding excess chaos. This emergency plan may also be necessary if an employee leaves on poor terms and proceeds to steal of misuse company data they have acquired.

If you would like to educate yourself in more detail about the information presented in this blog post please visit: How to prevent data from leaving with a departing employee

Why your business should be utilizing DRM

drmDigital rights management, often known as enterprise DRM, gives companies control over the sharing capabilities of their documents. Nothing about this technology is necessarily new, rights management versions have been in Windows Server since 2003. For businesses, its generally surprising that many are unaware of the benefits of employing DRM. Data control is enforced over networks, mobile devices, and applications so why not documents. DRM allows companies to share quotes and prices with clientele, monitoring the number of times the document has been opened. You can also set documents to expire, such as with prices and quotes so only the most current document is available. In addition DRM allows for control of sharing, making it possible to send documents to clients without them being forwarded to your competition.

Companies are beginning to see that protecting the perimeter and devices is no longer enough, and that a data-centric approach is necessary, says Dan Plastina who runs Microsoft’s rights management offerings. He goes on to to describe rights management as “identity-bound data protection; you encrypt the files so only the right person has access to it”. Although most of the companies that have DRM capabilities enforced are in finance, automotive, or manufacturing, data rights management is important for greater range of companies than it is currently reaching. What companies need to understand is the importance of control. Data goes to the cloud, to clients, to vendors, forwarded to partners, passed around without any central control of what is being sent, changed, or if the data is current. DRM eliminates the mess of rogue data.

The most important thing to acknowledge with DRM is flexibility of control. Rights management works well if you begin by identifying the basic needs, classifying, labeling and protecting. This way you can ensure that digital rights management is working to the benefit of your company.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: Why you need DRM for your documents

 

5 New Tech Tested Products for Your Business

Ever wondered what the best in tech products are at this very moment? The experts at Network World weigh in and give us a little glimpse of the newest innovations on the market.

Vidder PrecisionAccess – By rendering applications invisible to unauthorized users PrecisionAccess does a fantastic job at preventing application hacking. Even with stolen credentials hackers can’t access protected applications with unauthorized devices.precision-vpn_clip_image002

VeloCloud SD-WAN – VeloCloud provides a hybrid WAN solution that works with MPLS private links as well as ATT-U-Verse with cable or any broadband DSL links. One tech pro reported an increase from almost zero network visibility to nearly 100% network visibility. A great tool for IT management across multiple locations without staff needing to be onsite at all times. Facilitates communication and network visibility.  velocloudlogo

Cisco Identity Services Engine (ISE) – With so many features that help with managing user-facing ports and devices, whats not to love about Cisco ISE. One huge factor reported by tech pros is the integration of TACACS within Cisco ISE, making it easy to run Cisco ISE as a Radius server or TACACS server for network devices. In addition to this, Cisco ISE significantly improves management of devices especially restricting machines from devices and sites they are not permitted to visit.Cisco_ISE

 

 

 

 

 

 

 

 

Intermedia SecuriSync – For backup and file sharing SecuriSync is the way to go. As a two-in-one tool for consolidated file backup and management of continuous file backups, Intermedia SecuriSync makes relevant files easier to access as they are all stored in a secured shared folder. If you have team members spread across different locations, this tool is very helpful in making sure the data is always backed up and kept secure. One platform with a master source keeps project collaboration as safe as it can be.securisync-logo-247x300

OpenSpan Transformation Platform – OpenSpan collects all employee desktop activities both productive and nonproductive, including time away from the computer. This platform allows businesses to evaluate from employee activities how employees work best and what can be improved upon in order to drive down operational costs and maximize revenue. Providing data about employee activities takes away the need for manual employee logs. Lack of employee logs that need to be analyzed by supervisors for key performance indicators (KPIs), such as call volumes, proves to be a huge time saver. OpenSpan Transformation Platform takes working smarter to a higher level.

yKVWo9CQ_400x400


If you would like to educate yourself in more detail about the information presented in this blog post please visit: Fave Raves: 29 tech pros share their favorite IT products 

Storage and Backup Products that Save the Day

Nasuni Cloud Storage – Leveraging the cloud as a primary storage component, Nasumi Cloud NAS combines local storage controllers and cloud storage to provide global access to data with local performance. The only file system of its kind that can scale from hundreds to hundreds of billions of objects without any degradation of performance. If your company is having trouble taking on highly data-intensive projects because of limited storage capacity that is costly to upgrade, NAS is the right solution.pic

DataCore’s SANsymphony-V – This software-defined storage option maximizes IT infrastructure performance by virtualizing storage hardware in a universally compatible format. The SANsymphony-V software runs on standard x86 servers, providing one set of common storage services across all storage devices even allowing communication between unlike storage devices. Customers and IT techs rave about the increase in performance and especially the 75% reduction in storage costs. “[It] meets our replication needs — replicates all critical data between two data centers. Also provides rich SAN capability.”says David Blaisdell, assistant IT director at the New London, NH, college.

Intermedia SecuriSync – Backup and File sharing with Intermedia SecuriSync is made easier by providing real-time backup and point-in-time restore for PCs and Macs. When data is the core of your business, you need to be able to retrieve and analyze data without delay. SecuriSync provides both consolidated file management and continuous backup of documents, while securing access to sensitive data. Going beyond read-only access, employees can edit documents from mobile devices without having to worry about version control. Real time backups give users the comfort of being able to easily restore corrupted files.

CloudBerry Managed Backup – This flexible and cost effective solution allows the user to choose the storage providers as well as provides remote management capabilities. For small to mid-sized businesses this is the perfect option. Cloudberry provides all of the benefits of cloud based storage, scalability, reliability and security but at a size attainable for small businesses. Backups are made both easier and less costly.


If you would like to educate yourself in more detail about the information presented in this blog post please visit: Go-to storage and disaster recovery products

 

Ransomware Attacked My Mom’s Computer

04CYBERWALL-facebookJumbo
How My Mom Got Hacked, a real life story about Brooklyn artist who receives a panicked phone call from her mom one day complaining her personal computer has been taken over by some sort of strange encryption. The story unravels the journey Alina Simone and her mom Inna endure in order to restore the files back from the hackers. After the initial shock of the situation sets in the two research their options and realize, as many do, that there is little to no answer as to how to get the files back without paying the hefty $500 ransom fee.

“I thought it was a typical mom rant about hr hardware crashing and having to pay the repair people $500 because her computer crashed.” Like many of us do when our parents call us after a long days work, Alina didnt take her mom seriously. Seeing as it was Thanksgiving weekend, a major snowstorm had just hit, and the ransom deadline was already decreasing to less than a 24 hour bracket, Alina and her mother were frantic. Her mother didn’t make the deadline, and according the the hackers the ransom would double due to this. Inna pleaded with the hackers and they let her off with $500 ransom and all her files. Luckily.

Others, such as the case of the Hollywood Presbyterian Medical Center that was hacked in early February and had to pay a whooping 40 bitcoin, $17,000 ransom, in order to get their system back on track.

“The value of my personal files and pictures caps off somewhere. But [if] I encrypt the back-end of your corporate system and prevent you from processing payments, that has a tremendous value. And if the hacker can recognize the value of what he has, the ransom can be more dynamically set based on the content of the data.”explains Grayson Milbourne, Security Intelligence Director for Internet security firm Webroot.

From personal to corporate, ransomware is most certainly an eye opening experience to security vulnerabilities.

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: The Growing Threat of Ransomware

Ransomware seeks victims via TeamViewer

Download-TeamViewerAnyone use Teamviewer? If so, sorry to say,  you may have been hacked.

A new ransomware has been discovered appending the .surprise extension to encrypt important files. Further research into the extension revealed the loader had EDA2 ransomware from memory, and was only attacking those who also had TeamViewer installed. The victim logs showed that TeamViewer had been utilized as a means to reach computers. Someone connected via TeamViewer and proceeded to download the encrypted surprise files onto the unsuspecting desktop.

The two TeamViewer IDs used by the attackers were  479441239 and 479440875.

This surprise ransomware is unique in that it has successfully bypassed AV signature definitions as well as behavior detection. Rather than containing the more typical encryption functions seen in ransomware, this surprise ransomware encompassed an encrypted BASE64 encoded string. This string is loaded into memory and functions from there.

The ransomware scans all fixed disks on the computer for files that contain a particular file extension. When it finds a matching file, it will encrypt it with the AES encryption key and append the .surprise extention to it. The targeted file extensions are a hefty list. It will skip any files containing the $ symbol or contain the c:/windows and c:/program strings in the filename.

Bleeping Computer discovered the 3 files the ransomware creates are as follows:

  • %Desktop%\DECRYPTION_HOWTO.Notepad ransom note.
  • %Desktop%\surprise.bat, which executes the vssadmin.exe Delete Shadows /All /Quiet to remove Shadow Volume Copies.
  • %Desktop%\Encrypted_Files.Notepad file that contains a list of encrypted files

Sadly for those encrypted there is no alternative method to gain access to the files at this time without paying the ransom.

If you would like to educate yourself in greater detail about the material presented in this blog post please visit:

http://www.bleepingcomputer.com/news/security/surprise-ransomware-installed-via-teamviewer-and-executes-from-memory/

Ransomware

 

Ransomware Malware Ransomware is the devilish and extremely debilitating program designed to lock and encrypt files in order to extort money from consumers, business owners, and even government officials. It seems that no one is safe in the fight against ransomware. Most ransomware programs are targeted at the most popular operating system, Windows. Ransomware programs can and will target other systems such as Android applications, Mac OS X and possibly even smart TVs in the near future. Not only is this an unsettling forecast for consumers, but also a call to action for preventative measures to protect your most important data files.

What can be done? Most users have learned the hard way that it is better to back up sensitive data to an external hard drive. However, this type of malware is tuned in to this. When a ransomware program infiltrates a computer, it infects all accessible drives and shared networks, encrypting all files found. This makes for a very irritating discovery of locked data across the board.

Rather than rely on the external hard drive method for backups, it is suggested that consumers adopt a new best practice. Ensure at least three copies of sensitive data are made, and stored in two different formats. At least one of these copies should be stored off-site or offline. This way if ransomware locks files away consumers are not forced into a sticky situation of deciding whether to risk paying for the data retrieval or losing the data forever.

What to do when faced with ransomware? Not much can be done once ransomware has attacked. Most security researchers advise not paying for files to be unlocked, as there is no guarantee that the hackers will provide the deception key once paid. Security vendors also worry about the implications for fueling the fire. The more consumers give in and pay for the safe return of their data, the further encouraged ransomware criminals become to continue this practice of extortion.

If I haven’t said it enough already, I will say it again. Prevention is key. Know how ransomware reaches your computer. Be especially careful of email attachments, word documents with macro code, and malicious advertisements. Always keep the software on your computer up to date. It is especially important to ensure that OS, browsers such as Flash Player, Adobe Reader, and Java are always updated when available. Unless you have verified the senders, never enable the execution of macros in documents. Finally and most importantly, perform daily activities from a limited user account rather than an administrative one. And always, always, utilize a well running and up to date antivirus program.

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.pcworld.com/article/3041001/security/five-things-you-need-to-know-about-ransomware.html

Cyber Security Threats – Proactive Rather Than Reactive

Word Press PhotosSecurity executives have increasingly urged firms to utilize prevention, encouraging a plan that encompasses Information Technology and business units in order to ensure cyber security.

Why might you ask? As a mere observation, most firms have accepted hackers as a viable threat that will eventually infiltrate their network. Rather than focus on preventative measures, companies have taken to the opposite, strengthening their reactive forces and mitigating the damage a hacker can do once inside. Although important, focus needs to be on cyber security and data breach prevention in addition to recovery after the fact. This change of mindset ensures significant progress can be made to prevent threats, making better use of time and resources for your company.

John Davis, CSO of Palo Alto Networks’ federal division, suggests “Call for a comprehensive risk analysis, mapping out the different segments of the network and examining the needs of the enterprise along with the security concerns.” He encourages information technology teams and cybersecurity teams to work together for a higher level of performance. Prevention tactics bring together these two forces in a more collective manner.

 

 

If you would like to educate yourself in more detail about material presented in this blog post please visit:

http://www.networkworld.com/article/3039955/security/why-cios-to-be-proactive-not-reactive-to-cybersecurity-threats.html?token=%23tk.NWWNLE_nlt_networkworld_security_alert_2016-03-02&idg_eid=b0bd995e2814d7f58c50105dd3327c12&utm_source=Sailthru&utm_medium=email&utm_campaign=NWW%20Security%20Alert%202016-03-02&utm_term=networkworld_security_alert#tk.NWW_nlt_networkworld_security_alert_2016-03-02