Pine Cove Pulse

Why Sophos Security? | Pine Cove's Top 5 Reasons

Posted by Jace Holyoak

Pine Cove Consulting has been a Sophos partner for 15 years because we understand the threat of cyber attacks and know that Sophos has the solutions. Together, Pine Cove Consulting and Sophos protect users across the northwest United States from approximately 80,000 cyber attacks a day. In fact, Pine Cove Consulting won Sophos' award for "National Partner of the Year" in 2016. Sophos Partner of the Year AwardSo, you're wondering why Sophos Security? Why is cyber security important? What types of cyber security are there? Let us give you a few reasons to consider Sophos for all your cyber security needs.

Reason 1: The Threat is Growing

Let's start with a few numbers to mull over:

- More than 70% of cyber attacks target small businesses

- 60% of all small businesses go out of business within 6 months of a cyber attack

 The average cost of a cyber attack on a small business is over $36,000

Don't wait for an attack to happen to you. You can protect yourself now and prevent the damage that harms so many small businesses.

Reason 2: Sophos makes Security Simple

Sophos Security

Sophos' slogan reads "Security made simple." Simplicity is a key feature for each Sophos security user. Sophos provides their users with a central platform that can be used to manage all of your Sophos products from one cloud-based console.

Reason 3: Sophos offers Robust Protection from Threats

While Sophos does provide simplicity in its use, its protection is robust and reliable. You may be familiar with the recent WannaCry ransomware attack or the Google email phishing attack. The world was in panic as precious data was encrypted or stolen by these hackers. Meanwhile, users of Sophos Security were protected and all their data was kept secure. Hackers are becoming more and more sophisticated with their attacks and Sophos is prepared for it all. 

Reason 4: They Protect Everything

Sophos security protects you from your firewall to your server and everything in between. Hackers are constantly finding new ways to attack your organization and what a joy it is to not have to worry about staying up to date on all things security and instead put your trust in the cyber crime fighters at Sophos to do it for you. 

Sophos Synchronized Security

Reason 5: Peace of Mind

As a decision maker for your organization, you've got a lot of things on your mind. Your cyber security doesn't have to be one of them. If you've been in business for a while you probably know someone who has experienced a cyber attack or maybe you've experienced one for yourself. Cyber attacks can destroy any business or organization.  Sophos security gives you peace of mind knowing that your assets are protected from the growing threat of cyber attacks. 

Want more information?

Fill out this form to access a Sophos white paper on their Synchronized Security Solution:

 

WannaCry Ransomware Attack sends Businesses into Frenzy

Posted by Jace Holyoak

 

What happened?

"The story of the WannaCry ransomware attack began sometime between 2013 and 2016, when the NSA’s exploit tools were stolen. In August 2016, Shadow Brokers revealed itself, and six months later announced the auctioning of NSA tools it had acquired.

Learning that the exploits targeted Windows SMB, Microsoft released a patch in March. When the outbreak hit two months later, it was clear that organizations and individuals had either neglected to apply the patch or were using outdated versions of Windows."screen-shot-2017-06-06-at-6-00-35-pm.png

"The investigation revealed a three-stage attack, starting with remote code execution and the malware gaining advanced user privileges. From there, the payload was unpacked and executed. Once computers were hijacked, it encrypted documents and displayed ransom notes."screen-shot-2017-06-06-at-6-02-13-pm.png

Lessons Learned from WannaCry:

"James Lyne, Sophos head of security research, offered this advice yesterday at InfoSec:

  • Don’t get distracted by the “big, sexy talks” like government-sponsored attacks and nation-state cybercrime. They are interesting topics to be sure, but …
  • Stay grounded in the opportunistic attacks that target businesses every day, like ransomware and the recent WannaCry outbreak.
  • Focus on the security basics — the simple things like using endpoint security, staying on top of patching and using strong passwords.

That advice could have saved organizations from a lot of pain last month. Paying attention now could help them prepare a much stronger defense against attacks to come."

What can Pine Cove do to protect your business moving forward?

Pine Cove Consulting provides organizations with premier cyber-crime fighting protection through Sophos. Clients who work with Pine Cove to protect their organizations had no issues with this massive ransomware attack. In fact, we help our clients fend off thousands of ransomware attacks every single day. Many companies across the nation are now setting aside money to pay off hackers as part of their budget. We recommend that your organization instead invest in security which can prevent the loss of capital and precious personal data from the beginning. If this is a solution you would like to explore more we would recommend attending our webinar this month on Synchronized Security through Sophos or contacting us online.

Read more at: https://nakedsecurity.sophos.com/2017/06/07/infosec-2017-how-to-protect-yourself-against-the-next-wannacry/

Sophos Intercept X Protects against Malware

Posted by Jace Holyoak

Sophos-Intercept-X-brand.png

"Sophos has made what was a very difficult, if not impossible, task of stopping ransomware very simple and effective with Intercept X.  We have stopped hundreds of ransomware and exploit attacks already, throughout our customer base, with Intercept X." -Dan Russell, Chief Information Officer, Pine Cove Consulting

Stop ransomware with new Sophos Intercept X

Ransomware cost organizations over $1 billion in 2016 alone. Sophos Intercept X gives you the best anti-ransomware protection on the market. It automatically stops ransomware attacks as soon as they’re detected and rolls back damaged files to known and safe states.

A new era of endpoint protection

Sophos Intercept X ushers in a new era of endpoint protection for modern threats. It features signatureless anti-exploit, anti-ransomware, and anti-hacker technology, plus beautiful visual rootcause analysis and advanced malware cleanup. 

Stop zero-day threats before they stop you

Sophos Intercept X gives you unrivaled protection against advanced zero-day threats – with minimal impact on performance. This next-gen endpoint solution features signatureless anti-exploit, anti-ransomware, and anti-hacker technology, plus visual root-cause analysis and advanced malware cleanup.

Take your endpoint protection to a whole new level

Sophos Intercept X gives you unrivaled protection against advanced zero-day threats. No other solution on the market offers so many features in a single package: signatureless anti-exploit, anti-ransomware, and anti-hacker technology; beautiful visual root-cause analysis; and advanced malware cleanup. Sophos Intercept X works alongside endpoint solutions from all leading vendors to extend and enhance your protection.

The easy way to stop complex IT threats

New Sophos Intercept X gives you unrivalled protection from today’s complex, sophisticated attacks. This next-gen endpoint solution lets you stop ransomware, block zero-day threats, remove all lingering traces of malware from your system, and understand attacks with root-cause analysis. It runs alongside endpoint solutions from Sophos and other vendors to provide a powerful additional layer of security.

Save time and money with Sophos Intercept X and Root Cause Analysis

Get to the bottom of complicated attacks fast with the Root Cause Analysis feature found in Sophos Intercept X. See how attacks got in, what they’ve infected, and anything else they’ve touched so you can be sure to thoroughly neutralize them – all with an easy to use, easy to understand interface.

Webinar: Stop the Phish; Protecting your Weakest Link

Posted by Jace Holyoak

Topics: Cyber Security

How important is technology in education?  Let's ask this rural Montana school district.

Posted by Brandon Vancleeve

HERE IS A LITTLE TASTE OF THE INTERVIEW:

Lynne Peterson | Savage Public Schools Superintendent

3005351_orig.jpg

Located in the eastern area of Montana, near the North Dakota border on MT highway 16. Savage is a small, isolated farming community. Savage School District is all too familiar with the technology challenges rural communities face: location, resources, and funding. 

Competing for access to resources, funding and the professionals that can implement, support and manage an idea can be much more difficult for rural communities. This is especially true of all things IT related, as the appeal of city living and compensation often pull homegrown talent away from the communities they grew up in. Pine Cove Consulting recognized this trend at its inception and has strived to partner with and support rural communities, bringing top tier technology so that their students have equal access and exposure to learning opportunities. 

Lynne Peterson took over as the superintendent for Savage School District in 2013, Lynne learned first-hand how far behind her district was. She began looking for solutions and partners to upgrade Savage’s teaching and learning experience.

What are some of challenges you face being the superintendent of a district in a rural community?

“Geographically, we’re in the Bakken oil field and the oil companies snatched up all the techs. We have not had a technology person for probably six years. Previous superintendents came in and thought they had a little bit of tech knowledge which is always dangerous.

How did you hear about PCC?

“I first met Matt at a tech meeting in Sidney where they were talking about the SBAC testing and I knew that there was no way my school could support what was being mandated by the state. He saw the look of panic on my face and set up a meeting.”

What was your first impression of the Pine Cove approach?

“I felt Pine Cove looked at Savage School's challenges, did a needs assessment, and fit a solution to us.”

How did you start this tech overhaul?

“We basically had to start from ground zero. Network cabling services first but Matt had to come to a few board meetings to talk them into it.

How did you fund this project?

“We got the network cabling services done with some oil money and Matt helped me organize my thoughts on a Mill Levy for technology. We passed a ten-year mill tech to cover the Hardware as a Service (HaaS) cost of the endpoints and servers.  It was a lot of help that Matt was a presence here with my board members; walked around with Char, my board chair and had constant dialogue with them. Through the board members, the teachers and the kids expressing their frustrations about how the system was always letting us down and how we could never count on it we got it across that we had out grown our system.”  

How do you feel about Pine Cove service since the install?

“I love it. I have monthly meetings with Brandon Bassett (Pine Cove's head of account management) where I can discuss what is going on.  Brandon is awesome and gets things done.

What would you tell someone who asked about your Pine cove experience?

“Call Pine Cove and sit down and talk to them.  They will take you by the hand and guide you through what you need.

 

Download the Whole Case Study Here:

case_study_cover_savage2.jpg

 
 
 
 
 

Topics: Showcase

Sophos Intercept X stops Ransomware

Posted by Dan Russell

Sophos Intercept X Overview from Sophos on Vimeo.

We are excited for the upcoming launch of Sophos Intercept X, a next generation of endpoint protection for today’s threats.  Intercept X is Sophos’ new signatureless anti-exploit, anti-ransomware, and anti-hacker technology that includes enhanced reporting and visibility (root-cause analytics) as well as advanced malware cleanup.  All of this managed from Sophos Central.

Ransomware has been a hot topic in the Cyber Security world for several years now, costing businesses and organizations hundreds of millions every year.  With the release of Sophos Intercept X, you can stop Ransomware right in its tracks.  As part of Intercept X, Ransomware protection (Cryptoguard) is built in to stop Ransomware attacks as soon as they are detected and roll back any files to their original state if them become encrypted.  

Along with Cryptoguard, Intercept X also has many other exciting and new technologies that include anti-exploit technology that blocks zero-day threats without needing to scan files or the need of signatures/definitions the way it was traditionally done.  Sophos Intercept X also includes deep-cleaning technology, which can track down spyware that traditional Anti-Virus misses and cleans up deeply embedded malware to make remediation extremely simple.   With all this, Sophos has added forensic reporting that traces attacks back to their origin and pinpoints addition infection points while cleaning up the malware and providing guidance for strengthening your organizations security posture.

 Whether you’re a business or school, Sophos Intercept X is a must have add-on to your current Anti-Virus solution.  Regardless of whether you are a Sophos Endpoint customer already, or use a 3rd party Anti-Virus solution, Sophos Intercept X can be installed alongside existing endpoint protection solutions to give you ultimate protection – all with minimal impact to system performance.  Watch the video below to get a first hand look at Intercept X’s Cryptoguard technology in action. 

Watch the Technical Demo:

 
 
 
 
 
 
 
0:19
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Topics: security

Challenges in Wireless: (Part 1 of 5: Wireless Coverage)

Posted by Rick Vancleeve

coverage.jpg

Framing the question

Great Wi-Fi is everyone’s goal, but achieving it can be a big challenge:
How do we get the maximum coverage with the least interference and the best throughput?

Stating the question that way, we can see there are three basic issues we always have to deal with, and we can look at them one by one. Let’s start with wireless coverage.

Radio range

In an earlier post, we explained that creating a predictive heat map is crucial to planning a wireless network. This heat map should be designed using industry standard software tools that take a number of factors into account.

One factor is radio range. In general, lower frequency devices will have a longer range than those that operate at higher frequencies, because they are better able to penetrate solid objects such as walls and floors. Higher frequencies, however, offer more speed or bandwidth. Thus the advice has been to use 2.4 GHz when coverage is your major concern and 5 GHz when it’s bandwidth. It’s not that simple.

First, the standard you chose will affect range, with more recent standards, 802.11n and especially 802.11ac devices providing significantly longer range than earlier standards. That said, you’ll have to take the lowest common denominator into account, since not all of your users will have the latest smart phones and laptops.

Next, the number of antennas in the access points you choose will affect their range and thus the wireless coverage each can provide.

Building materials

The materials used in your walls may have the biggest impact of all. If we’re installing a network into a large open space such as a gymnasium, our task will be pretty simple, but most often that’s not the case. Generally speaking, if the walls in your building use wood or metal studs plus plaster or glass, our signals will penetrate them readily. If they’re made of bricks or marble, the range will be more limited. If they’re made of concrete with wire or steel reinforcement, we will not expect the signal to penetrate.

If you’re designing a network for a multi-story space, realize that your floors are probably built from steel and concrete. For that reason, we normally treat each floor of a building as a separate space for the wireless network design.

Finally, electrical closets can pose a problem by causing some RF conflicts.

A holistic approach

Thus the wifi coverage map. You have to look at your building as a whole, inputting the dimensions, building materials and hazards such as electrical closets. The software will predict the best type and placement of your access points.

In Part 2, we will look at the nastiest of scenarios, interference.

Topics: wireless

Challenges in Wireless: (Part 2 of 5: Interference)

Posted by Rick Vancleeve

 interference.jpg

The biggest single challenge

We’re continuing to explore key challenges in wireless network design: How do we get the maximum coverage with the least interference and the best throughput?

In our last post, we looked at coverage. Today we’ll talk about interference, the single biggest challenge for proper wireless network design.

 

Co channel interference

In an old riddle, a guy in a bar is telling a fascinating story, with three friends hanging on every word. Still, before long his buddies walk away. Why would they lose interest?

Answer: The noise made by others talking in the bar makes it impossible to hear what their friend is saying. This is exactly what happens in many wireless networks.

For example, in large building or a crowded neighborhood you may have ten 802.11n networks within range of each other, all tuned to Channel 3. This is co channel interference and it can be a major problem. Sometimes it happens after you’ve had your network running for a while. Someone next door sets up a new network, tunes it to Channel 3 and you’re done.

 

Trying new channels

The first thing you’ll want to try is switching to another channel. You may do that manually or you can use software, perhaps supplied by your device manufacturer, to look at your neighbors and recommend the best channel for wireless in your location. Often the software will display a graph: here’s your network, here are your neighbors, and since their coverage areas each form a perfect circle, you won’t have a problem if you tune to Channel 9.

Of course, that doesn’t take the densities of the walls into account, which ensure that, outside of a gym or big auditorium, there are no perfect circles. For that reason, the only way you can be sure you don’t have co channel interference on a given channel is to walk around your building and measure it. Often network managers will use the software to give them a base design, but then go back and modify it as needed.

 

Loud neighbors

When all else fails, the answer may be to turn down the power on your radios and ask your neighbors to turn down theirs. You each want enough power to cover your own users, but not so much that it causes problems next door.

Sometimes you can make that happen by offering to fix your neighbors’ Wi-Fi or offering to provide the Wi-Fi for them. At that point, you may be able to specify the channels everyone uses, control the power levels they use or even specify the location of their access points.

 

Rogue access points

But even in a controlled environment, someone may decide they’re not happy with the network, so they bring in their own access point and plug it into the wall. By so doing, they make the problem worse for everyone. You will have to find these rogue devices and eliminate them. One of the best ways to avoid the problem is by limiting the number of network ports that are hot.

 

Other 802.11 wireless devices

Sometimes your co-channel interference is not from a Wi-Fi network, but from other 802.11 wireless devices such as door locks, security cameras, intercoms, baby monitors, wireless LCD monitors, and wireless phones.

Right now, there are considerably fewer of these devices using 5 GHz than 2.4 GHz, so switching to 5 GHz radios can often solve the problem. If not, you’ll want to search for a channel not used by these devices, or look at whether you can change the power of their radios.

 

Other electronics

Microwave ovens, florescent lights and power lines can throw off noise at the same frequencies as your network. It’s a common error to look only at 802.11 devices, when your real solution may be as simple as replacing an oven. Here again, though, non-Wi-Fi devices are most likely to interfere with networks operating in the 2.4 GHz range.

Interference can be extremely frustrating in that you can test carefully and eliminate the problem today, only to have it crop up tomorrow, worse than before. Buildings are living, breathing things, and so you will need to tweak your network on an ongoing basis.

Next: Throughput and the wired network

Topics: wireless

Challenges in Wireless: (Part 3 of 5: The wired network)

Posted by Rick Vancleeve

wired_network.jpg 

Looking at throughput

We’re considering a crucial question: How do we get the maximum coverage with the least interference and the best throughput?

Our last post covered interference. Today we’ll start talking about bandwidth, asking how big of a pipe we can put through our wireless devices. It’s important to do so because a lot of Wi-Fi devices have great range, but not the density to handle much traffic.

Wireless throughput is king, especially because, in many environments, we’re seeing a huge uptick in the number of people using wireless. If 10% used it five years ago, maybe 70% do today, and probably 90% or more will connect wirelessly a couple of years from now.

 

Your connection to the Internet

The first thing we have to realize is that Wi-Fi speed depends not just on the wireless devices but on the hard-wired environment that brings the network to them.

The easiest thing to check, and to fix, is your connection to the Internet. Your network management software should provide graphs and charts that show bandwidth utilization. If the demands are higher than the bandwidth coming you are provided, it really doesn’t matter what your network is doing. You WILL have bottlenecks.

 

Poor switches or wiring

The switches are often the next weakest link. You may have a great wireless design but running it on a undersized network switch.  A poor switch design is the biggest stopping point for many of our customers.

Poor wiring is common as well. A lot of times people say, “Well, we have wiring, let’s just install our access points.” Bad wiring is a simple issue, but it seems to be the last one people think of. “We must have co-channel interference, or the walls are too thick.” You want to test your wiring early in the design process and make sure it’s up to speed. Sometimes it’s very hard to pull new wiring, and so you may have to work with what you’ve got. But generally speaking, if the wiring is inadequate, you can replace it.

 

End point issues

Sometimes your throughput problems will be localized to certain areas within your building. It may be that certain endpoints have obsolete wireless cards or need firmware updates. That’s easy to check, but sometimes the problem moves around. Now you start charting which devices are in which areas when you have an issue. You narrow it down, then examine those devices to find the enemy.

It may be that you settle on your Apple laptops, phones and tablets. Apple devices are a lot more chatty than Windows or Android, and their constant communications with Apple servers will require more throughput than other devices.

Malware

More often in these cases we find viruses or malware, which can bring your network to its knees. Viruses are usually easy to diagnose and fix, but some of the malware can be a major threat to performance.  If everything seems to be running perfectly, but slow, it may be that foreign sites are using your devices as servers.

It’s important to constantly push out firmware and software updates for your user devices. Doing so will help minimize the danger from malware and ensure that users are able to communicate efficiently with your network.

The same is true of your switches, access points and other wired network devices. Keep them updated and you’ll have fewer problems.

Next: Separation of traffic

Topics: wireless

Challenges in Wireless: (Part 4 of 5: VLANs)

Posted by Rick Vancleeve

vlan2.jpg 

The network as a whole

We’re considering a crucial question: How do we get the maximum coverage with the least interference and the best throughput?

In our last post, we discussed the wired backbone that feeds our wireless devices. Today we’ll look at some of the things you can do to improve the performance of the network as a whole.

Separation of traffic

To maximize throughput, you’ll want to look at the use of virtual networks, or VLANS, to separate phones, video, data, printers, wireless and other types of traffic into their own environments, each managed separately.

Simply put, if you’re pushing streaming video and security cameras over your entire network, it will be very easy to flood that network and shut it down. We recommend separating not only the different types of traffic, but limiting the number of devices on each VLAN, down to say 30 on each. Doing so makes it much easier to troubleshoot problems and keep performance at the maximum.

Sometimes we use SSIDs, which are alphanumeric identifiers attached to each wireless network, to help users connect to the right wireless VLAN (or “WLAN”). You’ll see these sometimes when you’re in a restaurant or hotel: you’ll have the chance to connect to the Applebee’s free network or the guest network at the Hilton. We have used the concept in schools to help staff connect at 5 GHz and students at 2.4, simply labeling the networks “Students” and “Staff.”

Such labeling can help with throughput because, once you have your WLANS established, the more people mix them up, the slower they will run.

Band steering

Most new types of wireless devices will connect using the latest protocols and support legacy standards as well. But they have to connect at the correct frequency. For example, 802.11ac will only connect at 5 GHz, so if you don’t set that up, they won’t connect.

One good way to set up your access points is called band steering. When connecting with a user device, access point will try 5 GHz first, and if that doesn’t work, it will go to 2.4. Setting up this way, you can ensure that all of your end user devices are running at the highest possible speed.

Controlling the size of traffic

Netflix, YouTube and other video sites have become a real problem for network administrators, because even in a big network environment, just five or six people streaming from these sites can bring the network to its knees. If this is the case with you, you can control access with content filtering, but the best way, if you have a Layer 7 firewall and switches, is to configure them with “blocked URL pattern” rules. That way, users cannot go to (or set up) proxy servers designed to circumvent filters.

Of course, some organizations need or want to allow access to video streaming sites. If you’re in that environment, there are things you can do to limit the bandwidth available to them. Your users may not see that as ideal, but because we’re in a community where everyone has to share access to the Internet, we can’t let one user take the network down for everyone.

Topics: wireless