Hero | he·ro : (n) a person who is admired or idealized for courage, outstanding achievements, or noble qualities.

A Visionary hero: a person, using the Visionary 360 methodologies, who has taken their company to new boundaries and achievements.

Services We Offer

Contact

+1(818) 459-3950

9018 Balboa Blvd. #563, Northridge, CA 91325

Contact Us

Lesson’s from the Kaseya Cryptolocker situation | Are you ready for a disaster?

For some, this will be heart felt from revisiting the hell that they went through.  Those involved, directly or indirectly understand this more than any, yet they never wish this to happen to anyone.  Here are a few tips to help YOU from a future breach, and it’s not IF it will happen, it’s WHEN!


Backups, encryption, MFA, 2FA, multiple tools, and password encryptions.  Covered correct?

Well, in short the answer ended up being NO.

Backups:  Any type of direct connection between onsite and offsite = possible encryption.  Make sure there are no direct connections, and the credentials are separate from any type of domain structure.  Restore keys, are there offline copies available?

Disk encryption:  Disks are still able to be cypto encrypted.  Do you have keys stored offline?

Passwords:  Most use some form of password storage.  These systems are encrypted for obvious reasons.  Are there offline copies available?  

Cloud services can be awesome for anywhere access, but if databases become unavailable, local databases become encrypted, how will you be able to access any system?

Most commercial grade password and document management systems allow for a “run book” or exporting of information.  Take a look at options, develop an internal policy with strict guidelines in handling.  Export on a consistent basis with it being documented.  Don’t forget to document the destruction as well.

CompTIA, an non-profit industry trade association and considered one of the IT industry’s top trade associations.

A story from the trench,  the Kaesya Cyberattack Experience as told by a fellow IT professional whom experienced this first hand.

Press release CompTIA issued during the attack, an example of how CompTIA helps the community.  Read Press Release.

More information about the ISAO membership here.

Log4j vulnerability information from ISAO

While I originally wrote this before the Log4j vulnerability became known, I would be remiss not to address it here. Log4j has all the makings of the next drop of the hat. This is a widespread vulnerability that impacts nearly everyone and everything. I’m sure you are all well aware of the issue and its impact. Here again, I’d like to direct you to the CompTIA ISAO as an excellent resource for anyone in the IT Channel, especially MSPs and your customers. As they did during the Kaseya attack, the CompTIA ISAO is making their threat intelligence and active discussions on the issue available to everyone, as service to the industry for the greater good. Head over to http://forum.comptiaisao.org and click on the link to access these important resources, which are being continually updated as more details come to light. The warnings have been out there for a very long time. The timing of the release of this vulnerability is no coincidence. This might not be the quiet relaxing holiday season we all hoped for, but it’s imperative we remain on heightened alert and readiness in the face of hackers determined to harm our businesses. Stay safe this holiday season!

Regards,

MJ

MJ Shoer | SVP, Executive Director, CompTIA ISAO
Office: 630.678.8556 | connect.CompTIA.org

Get the latest IT business and career advice from CompTIA.

 

 

 

Advancing the Cybersecurity Resilience of the Tech Industry. Become a member today

Share this article on social media

About Visionary 360

Visionary 360 comprises seasoned coaches specializing in the technology sector, particularly IT Service Providers, to enhance tool implementation with a financial focus.

As problem solvers who relish challenges, we delight in assisting individuals while enjoying the journey. Our client relationships are familial, and we take pride in witnessing their companies thrive. Witnessing our clients prosper is our greatest reward. To learn more about Visionary 360, visit our website at visionary360.com or schedule an introductory meeting to discuss your needs.

Have a Blog idea?

We would love to hear about it!
Ideas Welcomed

Sign Up for Notifications

Want notifications for new blog posts?