Protecting your Data: 4 Key Reasons on Why You Should Have a Backup Solution

Protecting your Data: 4 Key Reasons on Why You Should Have a Backup Solution

Data is something all businesses would agree is their most important asset, this is why they take multiple steps to ensure its security. However, when it comes to data protection, most companies are lax in its measures in the Philippines. This is alarming as data loss is not as uncommon to businesses as most seem to believe. Below are a few common scenarios in which a Backup solution can immediately address:

User Error

One of the highest reason of data loss can be attributed to user mistakes or error. In multiple surveys, human error is at 25% of data loss. This could be from accidental deletion or even accidental overwrites. With a proper backup, you can always revert to it to find the data or even go through different versions of files.

Data Corruption

Files can become corrupted due to bugs or even malware without a moments notice. Backup solutions can help safeguard your data from this spontaneous data loss.

Hard Drive Failure

Just like data corruption, your hard drive can fail due to multiple reasons. With no proper backup in place, this can mean important data can be lost indefinitely.

Retention and Archiving

Some businesses need long data retention or historical archiving of files. This is to ensure proper auditing, or a need arises that the data must be pulled out for review. Backup solutions can be customized to solve these requirements.

Does BCDR = Backup?

There are multiple steps in creating a data protection strategy, the first step being to put a backup solution in place and the last step being to have a BCDR plan. This goes without saying, you should not jump in steps when you are implementing a data protection strategy.

BCDR strategy is not a replacement for a backup solution. The key difference between the two is how the recovery is done. Without the initial backup solution, how can you plan for a disaster recovery when the first step of protecting your data for day-to-day activities is not yet in place?

BCDR is reserved only for cases when disasters occur that would cause business operations to halt. An example of this would be from natural disasters such as fires that would cause your servers to become inoperable, and the entire database will need to be recovered.

While preparing for a disaster is important, ensuring that your data is protected from more common and recurring threats should come first. Short term goals should first be implemented to help achieve your long term goals in data protection.

To learn more about Backup solutions, you may send us a message via the form below!


Images are courtesy of Freepik (1, 2, 3, 4) and Vecteezy

CT Link Partners with RSA Security!

CT Link Partners with RSA Security!

The new year has finally arrived, and we are starting our year by introducing a new solution to help your mobile workforce securely access your corporate data remotely. We are happy to announce that CT Link Systems, Inc. has partnered with RSA Security to better our security portfolio to address the growing concern of identity assurance and to complement our remote access and workspace solutions.

RSA alleviates this problem through its wide variety of security solutions such as SIEM (Netwitness) and multifactor authentication (SecurID).  With over 30 years of experience, RSA has continually grown and adapted its technology to improve its user experience while maintaining a high level of security. It also has a wide selection of authentication methods that organizations can choose from to authenticate their users.

If you are interested in learning more about the RSA Security portfolio, please visit our RSA product page to see what it has to offer for your business. You may also contact us directly via the form below and we will contact you shortly!

CloudSec 2020: Register Today!

CloudSec 2020: Register Today!

CLOUDSEC 2020 is the must-attend business and technology experience, delivering a content experience unlike any other virtual event with access to a community of cloud and cyber security pioneers, leaders and technical experts. 72 hours of non-stop innovation, you’ll connect with experts from around the world while personalizing your own experience.

About CLOUDSEC

Founded in 2011, CLOUDSEC has established itself as a global community for cyber security experts and professionals. The event aims to inspire technology professionals and users to embark on a continuous learning journey to explore and learn about industry trends, best practices and new technologies to secure the digital infrastructure and manage the technological risks of their organizations in safely supporting their corporate goals. 


Registration is now open, there is no cost to attend this virtual event, Save the Date for November 24th to 26th and secure your spot today to stay connected, informed and on track with your #CloudSecurity journey.

Security Advisory: Zerologon, a level 10 Critical Vulnerability

Security Advisory: Zerologon, a level 10 Critical Vulnerability

It was recently discovered that a new Critical vulnerability, named Zerologon, has been found for windows which is so severe that the Common Vulnerability Scoring System (CVSS) has given it a score of 10 out of 10 and Microsoft itself has rated it as a severe vulnerability.

What is Zerologon?

The vulnerability was found in Netlogon which is the protocol used by Windows systems to authenticate against a Windows Server running as a domain controller. The vulnerability in Netlogon allows for attackers to:

  • Impersonate the identity of any of computer on your network during an authentication attempt on a domain controller
  • Disable security features in the Netlogon authentication process
  • Change a computer’s password on the domain controller’s Active Directory

The only limitation for the vulnerability is that the attack can only be done if the threat actors already have gotten into your network.

What can I do?

Firstly, it is highly recommended that you update your Microsoft security to avoid this vulnerability. This is the most important step into making sure that your network is not affected by this critical vulnerability. You can find the Microsoft security advisory CVE-2020-1472 here.

If patching cannot be done immediately, one way to help mitigate an attack is to prevent attackers from getting into the network. As stated above, the limitation of this attack is centered on them getting inside the network, however, once they do, it means that they will be able to take control of your whole network.

Trend Micro Solution

For our Trend Micro customers, Deep Security or Apex One can be used to do virtual patching to help mitigate the attacks to help ensure that your network is safe. Below are the IPS rules that may help you strengthen your defense if patching cannot be done immediately:

IPS Rules

Deep Security and Cloud One – Workload Security, Vulnerability Protection and Apex One Vulnerability Protection (iVP)

  • Rule 1010519 – Microsoft Windows Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
  • Rule 1010521 – Microsoft Windows Netlogon Elevation of Privilege Vulnerability Over SMB (CVE-2020-1472)

Please note that both rules are already set to Prevent.


Other Inspection / Detection Rules

Deep Discovery Inspector

  • Rule 4453: CVE-2020-1472_DCE_RPC_ZEROLOGON_EXPLOIT_REQUEST
  • Rule 4455: CVE-2020-1472_SMB2_ZEROLOGON_EXPLOIT_REQUEST

For those interested in learning more about the attacks, Trend Micro is also hosting a webinar this coming September 29, 2020 to talk more in detail about the vulnerability. You can register for the free webinar here.

If you have any questions with regards to either Zerologon or the Trend Micro solution to help prevent the attacks, please just contact us via email (rcruz@ctlink.com.ph) or through our landline 88939515 and we would be happy to answer your inquiries!


Texture vector created by macrovector

Zero Trust Security: 6 reasons Why Companies are Adopting it

Zero Trust Security: 6 reasons Why Companies are Adopting it

As we are more than halfway through the year, we have seen that the Covid Pandemic has accelerated the need of many companies to provide a better remote access solution not just for sales, but for many other divisions. Although many have been concerned with performance of their applications with this new setup, many are also starting to see the need to improve their security for these solutions as well.

A global study was done by Cybersecurity Insiders which showed that many are already looking into incorporating it into their Secure Access Architecture. Below are a few key findings from the study:

  • Over 60% of participating organizations find the Zero Trust tenets of continuous authentication and authorization, trust earned through entity verification, and data protection as most compelling for their organization
  • Over 40% of participating organizations expressed privilege management, insecure partner access, cyberattacks, shadow IT risks, and vulnerable mobile and at-risk device resource access as top challenges to secure access to applications and resources
  • 45% of participating organizations are concerned with public cloud application access security, and 43% with BYOD exposures
  • 70% of organizations plan to advance their identity and access management capabilities
  • 30% of organizations are seeking to simplify secure access delivery including enhancing user experience and optimizing administration and provisioning
  • 41% of participating organizations are looking to re-evaluate their secure access infrastructure and consider Software Defined Perimeter (SDP) – with the majority requiring a hybrid IT deployment and a quarter adopting a SaaS implementation.

On a global scale, we can see that the trend of remote access solutions is becoming the new norm for many organizations. While we move forward, our IT Security team has to deal with the increased security risks as we open new security flaws with unauthorized and non-compliant devices.   

This is where security vendors with Zero Trust Security products and solution providers like us can help your organization. We have been helping many clients throughout the lockdown to find the right solution for them whether it has been for improving remote access performance or security.

The Zero Trust Model can be summarized by the following questions: Can the user prove their identity and of the device they are using? Are they allowed to access this application? Is the network they are using secure? If they cannot answer yes to either of these questions, they should not gain access to the network.

If you are interested to learn more about the solution, you may read more here, or you may contact us directly at 88939515 for us to better assess your situation and find the right solution for you!


Image Provided by Vecteezy

WFH/BCP Challenges: Improving VPN Firewall Security Concerns

WFH/BCP Challenges: Improving VPN Firewall Security Concerns

Before the Covid-19 pandemic, many companies did not provide their workforce with client VPN access due to the concern on the security of data. However, most companies were caught flat-footed when the government suddenly announced the Enhanced Community Quarantine (ECQ). This forced many companies to adopt a short-term remote access solution by enabling the Client VPN feature that came with their firewalls. As the quarantine extended, many have come to realize that their Client VPN firewall feature would not be enough as a long-term solution.

Holes in traditional VPN Firewall Solutions  

Existing Firewall solutions were used by majority of companies here as a band-aid fix to their BCP/WFH needs during this crisis. They quickly realized that after enabling this feature, that their firewall was not equipped to accommodate the large amount of client VPN users. This is either due to the limitation on the number of concurrent users, or the hardware has a limited throughput for VPN users leading to a poor user experience.

Another concern with traditional firewall-based VPN is that it provides full access to remote users with minimal control and visibility on what the users are doing, which leaves the IT team unaware if most users are accessing the corporate network with security compliant devices. In fact, with an increase of varying location, time of access, and device used, it makes it even harder to spot malicious activity. This can increase the chances of your company from suffering a data breach or experience data leakage.

In fact, even malware residing on the user’s home PCs can traverse over the VPN and arrive to your corporate network if not properly secured. VPNs are used more to encrypt your data so that outsiders are not able to view your data or hijack it. It does not mean that infected files from unsecured endpoints will be scanned through a VPN.

Zero Trust Secure Remote Access Solutions

Companies need to fortify their security capabilities to prevent and contain cyberattacks and data leakage. With the help of more advanced remote access solutions like Pulse Connect Secure, your company can solve beyond the traditional dilemmas while ensuring future scalability.

With Pulse Connect Secure, it always enforces the strategy of verification before trust to ensure that only authenticated users with compliant devices can connect to authorized applications and corporate resources at any time, from any location, over any network. By always verifying, it is ensured that:

  1. The user trying to access the network is who they claim to be to keep the wrong people out, through a multi-factor authentication in place
  2. The device used to connect to the network is an authorized device (i.e. company-issued laptop) or has met the specific corporate security requirements to decrease the possibility of malware infiltration and data loss
  3. Users can only access authorized resources based on their roles to limit access to confidential information and reduce chances of data leakage

To learn more about secure remote access solutions, send an email to rcruz@ctlink.com.ph or contact your CT Link Account manager today!


Images were provided by Vecteezy (1, 2)

Reducing Business storage costs with vSAN and Dell EMC

Reducing Business storage costs with vSAN and Dell EMC

Technology is growing at a fast pace. When you consider the situation, many are going through now, many have to adapt to new technology to ensure their place with their consumers. Adapting to new applications are key now. This means that those that adopt new technology are also starting to feel the growing data requirements that come with it.

Maximizing storage efficiency is becoming more difficult as new applications are added into your network. This can become problematic as it can start slowing down your systems infrastructure, affecting the user experience.

To fix the issues traditionally, means upgrading your current infrastructure to match with the growing needs of the company. This however can become costly as you move forward without considering the future needs of your organization. So how do you properly scale your business infrastructure while keeping your costs at a minimum?

This is where solutions like software defined storage solution can help, vSAN in particular. With its simplistic approach to a complicated architecture, you can ensure that your company will be able to scale its infrastructure optimally and securely through its virtualized shared storage model.

As a software defined solution, you are also able to pair your vSAN solution with hardware that you choose. Deciding on a hardware to run vSAN is also an important step to your growth when considering future directions of your company. This is why partnering with a reliable hardware vendor is key to ensure that your solution is running optimally for your present and future needs.

This is where Dell EMC’s vSAN ready nodes excel in. They are pre-configured and validated building blocks that reduce deployment risks, improve storage efficiency while allowing you to scale storage quickly and easily as needed. Below are a few key considerations to note on to consider Dell EMC hardware when using vSAN:

Reduce project risk

Dell EMC vSAN Ready Nodes are jointly validated solutions in tested and certified server configurations for accelerating vSAN deployment. Dell EMC and VMware have collaborated on vSAN for more than five years, putting the technology through thousands of hours of testing.

Improve storage efficiency

Dell EMC vSAN Ready Nodes improve storage efficiency while reducing capital expense (CapEx) with server‑side economics, affordable flash and grow‑as‑you‑go scaling. Reducing the time and effort it takes to deploy and manage compute and storage infrastructure reduces operational expense (OpEx).

Scale quickly

Dell EMC vSAN Ready Nodes enable easy deployment with factory‑installed, pre‑configured and pre‑tested configurations for a range of needs. Faster configuration, fewer update steps, and reduced time for maintenance, troubleshooting and resolution all add up to a solution that scales quickly.


To learn more about Dell EMC and vSAN, contact your CT Link account manager or email us at marketing@ctlink.com.ph

ECQ Success Stories: CT Link Managed Services Remotely Secures Client’s WFH setup

ECQ Success Stories: CT Link Managed Services Remotely Secures Client’s WFH setup

With the suddenness of the declaration of the ECQ, most companies were unable to give their workforce the tools that they may have needed to work effectively at home. This left many employees to find their own ways to complete the tasks that they do on a daily basis at home. Many of which ended up using their own devices and installing the apps from work or apps and connecting to thru the company VPN.

Client Challenges: Unsecured Personal Devices connecting to Corporate VPN

One of our customers from the Public Sector encountered this dilemma during the start of the ECQ. They have about 500 employees who need to Work From Home (WFH). They were unable to give all employees resources in which to accomplish their tasks so opted to allow employees to use their personal devices. However, the Infosec Team is concerned that malwares from the personal devices could enter thru the VPN connections.

Solution: CT Link Managed Endpoint Security

As a CT Link managed service customer, we deployed Trend Micro’s Worry-Free Business Security Services (WFBSS), which is a cloud-based Endpoint Security Solution. We provided the link for installing of Trend Micro Agents to end users and assisted them in deploying this on their endpoint devices.

As a cloud-based solution, we were able to be with them every step of the way during this process and helped with problems that occurred during installation of some devices while also monitoring the threats found by WFBSS. This has proved as an effective measure for them as presently WFBSS has detected over 3,000 suspicious and malicious activities from the endpoints.

Security as a Service

Having Managed Services for security helped our client worry less about the security from personal devices connecting into their network and freed up their time to concentrate on other important tasks at hand during the ECQ. This meant that we handled the troubleshooting of the installations of the endpoint devices and monitoring of malicious activities reported by WFBSS. This service is also not reserved for only enterprise accounts as our services are actually very beneficial as well to small and medium businesses that do not have their own dedicated IT team.  Below are a few key features in which you can expect to get when subscribed to our managed services:

  • Keep outside threats like malware from getting in and sensitive data from going out
  • Filtering potentially dangerous or inappropriate websites
  • Preventing phishing and social engineered attacks from getting to your users
  • As a cloud-based solution, support is done remotely
  • Supports WFH setups to ensure your network is safe
  • Ease of deployment with little to no IT skills required
  • Centralized monitoring through one dashboard accessible through the cloud

If you are interested in learning more about our CT Link managed services or WFBSS, contact your CT Link AM or reply to this email and we will get back to you as soon as possible!


Images were provided by Vecteezy (1,2,3,4,5)

ECQ Success Stories: CT Link Managed Services Remotely Sets up Audio Conferencing for Customer Board Meeting

ECQ Success Stories: CT Link Managed Services Remotely Sets up Audio Conferencing for Customer Board Meeting

Right now, there are little to no physical meetings happening due to the need for us to practice social distancing. This has caused a spike into companies looking to put their meetings in the virtual space where they can be safely conducted. To others, however, video conferencing is not feasible for various reasons.  One of our clients fell under one of those reasons.

Customer Challenge

With the extension of the ECQ, our client would not be able to carry out their scheduled board meeting at their office.  This meant that they needed to find an alternate way to carry out the meeting which was scheduled in four days. One consideration they had was to use Microsoft Teams video conferencing capabilities. However, the attendees were not tech savvy individuals and asked their team if it was possible to join the board meeting using landlines.

Our Solution: Set up Audio Conferencing on Microsoft Teams

As they are currently a CT Link Managed Services customer for Office 365, our team set up an audio-conferencing facility using our own tenant to let them try and see if this met their needs.

Within a few hours, the environment was ready and a dedicated bridging number was provided.  Our engineer taught the customer how to use the Audio Conferencing facility. They tested the facility the following day and confirmed that is what they needed, especially because it is easy for non-tech savvy individuals to connect. They only had to dial the bridging number on their landline phones and provide a conference ID for them to join the conference. With this, we recommended the most cost-effective subscription that needs to be added to their Office 365 tenant.

Upon confirmation by the customer on the availment of the additional subscription, the Audio Conferencing was set up in their Office 365 tenant. The board meeting was scheduled and was held using the Microsoft Teams Audio Conferencing Facility. A CT Link engineer was on standby on the day of the meeting to assist with any connection issues.

Audio vs Video

Although video conferencing is now steadily growing in popularity, audio conferencing still has many advantages over its video counterpart. One would be what our client encountered, it is easier for users to connect to and can hold more participants (up to 250 concurrent users).  It is as simple as dialing the number to the join the conference. 

Audio conferencing is also more viable to those who have limited access to the internet, whether it be due to remote locations where connectivity is limited or if the user is currently roaming. Quality of audio is also much better when done through audio conferencing, so if your meeting requires no video aspect, it is usually much better to hold it as an audio conference.

Microsoft Makes Teams Available for Everyone in Light of Covid-19

With the flexibility of Microsoft Teams, there are many ways to collaborate with your colleagues remotely during the ECQ. We have been working closely with many of our clients during the ECQ to set up their Microsoft Teams’ journey remotely. Whether their interest be in a free messaging app, a better tool to share documents, or even to set up video conferences, it has been helping many of our clients improve their operations and productivity.

If you would like to learn more about Microsoft Teams or if you would like to try it for yourself for free, please get in touch with your CT Link account manager or you can send an email to sales@ctlink.com.ph / marketing@ctlink.com.ph and we would be happy to help you!


Images were provided by FreePik (1, 2, 3, 4) and Vecteezy (1, 2, 3, 4)

ECQ Success Stories: CT Link Managed Services restores Client’s Web Services from Failed Physical Server

ECQ Success Stories: CT Link Managed Services restores Client’s Web Services from Failed Physical Server

Disruption to your business can happen without any notice. This was felt by everyone when the enhanced community quarantine (ECQ) was suddenly implemented last March 2020. Companies were forced to adopt a Work From Home program where servers are expected to be always available even when unattended.

Client Challenge

A couple of days into the ECQ, one of CT Link’s customer’s web server became inaccessible. The server hosts the web portal of the company, which runs on a physical server. They have an appliance deployed on-site to back up some of the customer’s servers which are replicated to a private cloud to serve as a Disaster Recovery (DR) site. However, despite no one is in their Data Center, they must bring the web portal back up running as soon as possible, without anyone going on-site.

Our Solution: CT Link’s Managed DR as a Service

With a subscription to CT Link’s Managed DR as a Service, a teleworking CT Link Engineer was assigned to the case after the customer contacted CT Link Customer Service. By accessing the BCDR Orchestrator, a working backup from the previous night was identified. However, with the physical server not accessible remotely, how can the back-up be restored to the original server?

CT Link’s Managed DR as a Service used a two-part solution:

Restore Even Before Repairing via Local Virtualization

The on-prem appliance being used for CT Link’s Managed DR as a Service has a capability called local virtualization which allows the appliance to host virtual machines restored from the backups. This feature was used to restore the most recent backup of the web portal into the appliance. This enabled the web portal to be accessible to users once again. The web portal was hosted on the backup appliance for 4 weeks until the systems administrator was able to visit the Data Center.

Easily Move Over to a New Physical Server via Bare Metal Restoration (BMR)

Once the systems administrator was able to replace the physical server, the web portal had to be moved back from the backup appliance into the physical server. Manually reinstalling the operating system, installing the web server software and patching and hardening the server would take a couple of days.

Instead of reinstalling the operating environment, CT Link engineer used the Bare Metal Restoration technique to quickly restore from the backup appliance into the new server. Bare Metal Restoration removes the need to reinstall the OS or applications prior to restoration, making the transition smooth and easy.

Commendation

Customer sent a commendation to the engineer assigned to their case, for having their web portal back up running and accessible in just two hours after contact. Having seen the benefits of CT Link’s Managed DR as a Service, the customer is now considering enrolling more servers into this service.

Keeping BCDR in mind

Business Continuity and Disaster Recovery plans are investments into keeping your operations running. Our client experienced this first hand, having faced two disruptions simultaneously from the ECQ and having their server go down when no one could service it physically. However, they came out of this ordeal with minimal downtime, reaping the benefits of their investments.

If you are interested in learning more about CT Link Managed Services, you may email us at sales@ctlink.com.ph / marketing@ctlink.com.ph.


Images were provided by Vecteezy and Freepik