Citrix Sharefile: Your One-stop Data Repository

<strong>Citrix Sharefile: Your One-stop Data Repository</strong>
Citrix Sharefile banner

Data is the life blood of a company. All aspects of a business rely on data that is sent and received on a daily basis. However, users are now experiencing more disruption in their daily workflows as data is spread out between on-premises and cloud servers. This causes businesses to  experience a loss in productivity due to time loss and overall inefficiencies in processes. Businesses need a solution that can offer a single point of access to all data sources that is available on any device while still being able to maintain the ability to manipulate content resources for their job.

This is where solutions like Citrix ShareFile can help.

Citrix Sharefile: Connecting and Protecting your Data

Citrix sharefile for windows

ShareFile gives your IT team they need to assert better control over how your corporate data is stored, accessed, synced, and shared. It also allows your users the ability to continue being mobile with data without compromising on the data security and control your IT has. The best part, it doesn’t matter if the data is on the cloud or on-prem.

Unlike most traditional synchronization tools that are built more for desktops, Sharefile comes with a drive mapper functionality. This means that businesses can help save on storage costs across when using a VDI infrastructure as the it will only cache content as its accessed. Users will be able to connect an account as a mapped drive on the Windows file system without the need to perform a full sync of account content. This is done through the Citrix Files app which supports a variety of storage apps like SharePoint, OneDrive, and most ECM Systems.

Citrix ShareFile for Windows Benefits for IT

Citrix sharefile for windows

Virtualization Support: IT can use the same file sync-and-share solution across both physical and virtual endpoints, and across on-premises and cloud storage. And because content access from the Citrix Files app is stored as a cache on a user’s virtual desktop, it reduces unnecessary network traffic in the data center.

Storage Flexibility: Store files on premises, in public clouds, in private clouds, or in any combination. The same file sync-and-share solution experience is used across both physical and virtual endpoints.

Reduced Storage Costs: Files can be stored in multiple locations without the need for duplication on devices or storage zones.

Citrix ShareFile for Windows Benefits for Users

sharefile logo

Anywhere, Any Device Access: Connect a ShareFile account as a mapped drive on the Windows file system, without performing a full sync of account content.

Flexibility: Provide a single point of access to multiple data repositories, including networks shares, OneDrive, SharePoint, and personal cloud repositories.

Faster Virtual Connections: Because the Citrix Files app does not sync files into the virtual desktop, files are fetched from their respective source only when a user opens that file, and the virtual desktop integration is more efficient.

To read the full article, you can click here, or you may contact us directly at marketing@ctlink.com.ph to set a consultation with our team today!

Remote Browser Isolation to Simplify your Security Posture

RBI Technology
Remote Browser Isolation Banner

Web access is a cornerstone to productivity in today’s interconnected business environment. Employees both in the office and working remotely need to access the internet to find the information they need to do their job. However, web access can also be the entry point for bad threat actors to access your company’s network. So how do companies go about securing it without compromising the user’s experience?

If companies allow users to freely access the web and rely on traditional AV tools for protection, they run the risk of overworking IT. This happens because traditional AV tools require users to request access as needed from IT which can be large number every day. Traditional AV tools are also ineffective against advanced malware like Zero-day threats, downloaded documents with malicious code, and even data theft from images with hidden malicious text (steganography).

This is where businesses need to look into solutions such as Remote Browser Isolation to fill in their security gaps.

Remote Browser Isolation (RBI)

RBI

RBI allows businesses to move trust from the endpoints by safely fetching, executing, and rendering web content through a remote web session. Within the remote web session, the RBI strips away malicious code and reconstructs the content back into visuals content that is safe for the user to view. However, customers should be aware that not all RBI solutions cover the same security gaps.

When looking into an RBI solution, customers should prioritize a safe and productive solutions that ensures safe web browsing. It should also provide your company a way to deliver content to users without compromising on the user experience while keeping set up and configuration simple.

Key Benefits

Remote Browser Isolation Benefits

Risk Reduction – Prevent malware embedded in web content from contaminating endpoints or your network. Sanitize webpages requested by users for complete assurance.

Productivity – Provide your team with the flexibility to access information and tools from new or disreputable sites. As an added benefit, access to uncategorized sites reduces over-blocking and relieves system admins from being overburdened with policy exception IT tickets.

Optimize Savings – Reduce costs by using web security to handle most of the traffic, only sending unknown and risky sites through isolation.

C-level Security – Use full isolation only for individuals that are highly valuable targets, and targeted isolation for the rest of the user population.

Streamline Compliance – Prevent sensitive information from getting into the endpoint browser cache.

To learn more about RBI solutions, you may take a look at this article here, or you may contact us at marketing@ctlink.com.ph to schedule a consultation with us!

Preparing Your Cyber Security in the Philippines for 2023

Starting Cyber Security
Cyber Security for 2023 Banner

Businesses in the Philippines are facing an increasingly challenging prospect when it comes to Cyber Security. As the past few years have shown, cyber criminals don’t discriminate when it comes to who they target for attacks. SMBs and enterprises are both fair game when being hit by cyber attacks and data breaches. This is why businesses of all sizes should properly consider their cyber security solutions for 2023 and beyond. However, it is not an easy task to do as threats and trends are always changing due to the fast-paced nature of technology. Many businesses always end up not knowing where to start and if they are being cost-effective with the solutions they are looking into.

To help businesses this 2023, we would like to talk in depth on what preparations and expectations should include for cyber security plans this year.

Four Major Threats to Cyber Security in the Philippines

Cyber Security Philipppines

There are many forms of cyber attacks that have happened in the past few years. The four most frequent attacks have been the following:

  • Business Email Compromise (BEC)
  • Ransomware
  • Password Compromise
  • Account Takeover

Any form of cyber-attack can cost a business a fortune, whether its an SMB or enterprise business, if not handled correctly. This does not even consider the reputational damage and downtime a business can face once it is known to the public. The sad reality is that there is no fool-proof solution that can ensure that your company will never experience a breach. However, there are ways to ensure that you can minimize the chance of it occurring or the impact of the attack to your business.

Cyber Security Measures: Preparing an Incident Response Plan

Cyber Security Awareness

One of the best defenses for your business that many cyber security experts recommend is to create and test an incident response plan. Knowing how to response to certain security situations will help speed up the response time when an attack happens. Businesses should formalize their plan and run practical tests for their team to better handle the different security incidents that can happen. Incident response planning offers businesses the added benefit of giving your team the insight of where security gaps may be in your security systems. Thus, helping you know where to better improve security to prevent attacks from happening.

Investing in Cyber Security Safeguards

Cyber Security Plan 2022

In addition to having an incident response plan, investing into cost-effective security solutions can help reduce the need to implement your plans. Below are a few tools that businesses should look to improve their cyber security this coming 2023:

Multifactor Authentication (MFA) Prevent intrusions via stolen, phished or compromised credentials through verification methods that prove the user’s identity. This can include methods such as two-factor authentication, biometrics, SMS OTP, etc. According to Microsoft, using the extra authentication method can foil almost 99% of account-based cyberattacks.

Email Security – Investing in a good email security goes a long way in today’s security environment. Many of the hardest hitting cyber attacks like ransomware and BEC are email-based.

Backup and Recovery – Backing up business data is very important, especially in the ransomware era. There are many options your company can take when investing in backup solutions. Both on-prem and cloud solutions have their pros and cons, but both work to your companies benefit.

Endpoint Detection and Response (EDR) – EDR can help businesses detect threats that have evaded other security solutions that are in place. It allows for quicker response time to prevent major damage to your system while also lessening the burden of pressure on your security team with alerts mapped to the MITRE ATT&CK framework.

You may read more about the different preparations your business can take here. You may also consult with us directly by contacting us at marketing@ctlink.com.ph.

How Microsoft Office 365 is Helping Small Businesses Grow

Office 365 SMB
Microsoft Office 365 banner

Around 90 percent of all businesses are small and medium businesses (SMBs) worldwide. They account for almost 44 percent of the global gross domestic product of all businesses. SMBs can be considered the lifeblood of the global community, even more so here in the Philippines. While the past few years have been challenging for SMBs, there have also been sign of growth and opportunity in the space. Microsoft has seen the potential of the SMBs and have been striving to help them succeed through solutions like Microsoft Office 365.

Creating ways to do more with less with Microsoft Office 365

Microsoft Office 365 login

Pressures in the economy are forcing companies of all sizes to strive for growth while maintaining a low costs. Microsoft Office 365 helps SMBs achieve this by centralizing your business technologies in to one easy to access application. It enables your team to use multiple business apps like PowerPoint, Excel, and Word to boost productivity at an affordable price.

Microsoft Office 365 Provides SMBs a complete solution

Microsoft Office 365 Download

Historically, SMBs had to rely on multiple solutions, of which none were ideal for their unique needs. Microsoft 365 gives SMBs the solutions together in one integrated experience that delivers on the power of the cloud. This enables employees to be able to work from anywhere while also keeping the costs relatively low. It is a cost-effective, secure cloud solution that includes all the tools needed by SMBs to grow their business, reach new customers, and provides a way for employees to collaborate.

Enabling SMBs to Create Documents, Meet, Call, and Chat Securely

Microsoft

Microsoft Office 365 is full of applications that your users are already familiar with. These applications include all the office staples like Word, Excel, and PowerPoint. In addition, these tools can now be accessed in real time by your team to be able to collaborate on certain documents through the cloud. Other added benefits would include access to Microsoft Teams which can be used to do chat-based messaging or audio/video calls.

Microsoft Office 365 also keeps your business security in mind when enabling these collaboration features. Microsoft 365 helps safeguard devices and data from cyber threats with built-in security features. The basic package includes access control and email protection while the Business Premium includes more advanced security features that have minimum impact to IT complexity.

Microsoft Office 365 Customer Success Stories

Office Success Stories

Below are a few success stories of how Microsoft 365 has helped some SMBs grow their business the past few years:

  • At Tony’s Chocolonely, the team found new ways to keep employees connected with virtual book clubs, themed weekly meetings like “flip-flop formal Friday,” and fitness classes—all running on Teams as a part of the Microsoft 365 solution.
  • 1083, a sustainable jeans and sneakers manufacturer, leveraged Microsoft 365 and Teams to communicate and collaborate more effectively, internally and externally, while the platform’s embedded security features helped ensure that communications were highly secure.
  • Rodel Financial Services realized the benefits of a unified, easily managed environment from Microsoft apps, services, device management, and information protection. It replaced a disjointed on-premises environment with Microsoft 365 Business Premium, helping South African businesses and their own bottom line to flourish.

You can read the full article here. To learn more about how you can incorporate Microsoft 365 into your business, you can email us at marketing@ctlink.com.ph!

Gartner’s Top Cyber Security Trends in 2022

Gartner Trends 2022
Gartner Cyber Security Trends

Looking back, cyber security trends were numerous this 2022. This year had many ups and downs in terms of cyber security in the Philippines as many businesses had to shift from office to remote work and now hybrid. These past few years have shown many businesses that their security solutions need to be able to adapt and handle threats that can pop up at any time. To better prepare for 2023, Gartner has published their top cyber security trends of 2022 that you and your business should be aware of.

Cyber Security Trend: Attack Surface Expansion

Cyber Security in the philippines

According to Gartner, 60% of knowledge workers are working remotely, and 18% of these workers will not return to the office. This opens businesses to many risks as more points of entry are now open to cyber criminals to go through. This includes threats associated with open-source code, IoT physical systems, cloud workloads, SaaS applications, social media and more.

Cyber Security Trend: Identify Threat Detection and Response (ITDR)

Cyber Security examples

ITDR is a new term that Gartner introduced in their recent report. It is best described as a collection of tools and best practices to successfully defend identity systems from endemic level of attacks. ITDR tools are highly recommended by Gartner as a security solution to look for in the coming years. This is due it being able to support discovery and inspection, provide analysis capabilities, enable policy evaluation, and provide incident management and remediation suggestions to restore affected systems.

Cyber Security Trend: Digital Supply Chain Risk

Cyber Security Supply Chain

Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains. Businesses should be more wary of these types of attacks in 2023 and the future.

Below are the four main categories that digital supply chain generally falls under:

  • The potential disclosure of sensitive information shared with supply chain partners
  • Compromise of infrastructure shared with supply chain partners such as networks, software, cloud service and managed services providers
  • Attacks through common commercial and open-source software used in business and IT operations
  • The exploitation of security flaws in the digital products sold to customers

Cyber Security Trend: Vendor Consolidation

Vendor Consolidation

Vendors are consolidating security functions into single platforms. This is to reduce the complexity of the growing number of technologies businesses use while creating a more attractive package to businesses. Doing this may introduce new challenges such as reduced negotiating power and potential single points of failure, the reduction in complexity and improved efficiency will lead to a better overall security.

To learn more on the other cyber security trends, you can click here to view the full article or you can contact us at marketing@ctlink.com.ph.

Protecting Against Ransomware in Hospitals and its Medical Devices

Ransomware in Hospitals banner
ransomware medical devices

Ransomware attacks have grown to a point where it is no longer just known to the IT industry, but also in the mainstream. Ransomware attacks have risen over the past years, from consumers to even specialized industries like healthcare. It can cause sudden loss of data if threat actors choose to keep stolen data encrypted. Another overlooked risk is the disruption of services that the affected experience during an attack. This is even more critical for specialized services like healthcare which handle the lives of its patients.

Healthcare organizations like hospitals rely heavily on computer systems to run their operations. Threat actors know that any disruption to this system can heavily affect the care given to their patients. With lives at stake, the affected healthcare organization has no choice but to pay even if they don’t have the resources. Attackers even go the extra step to research what the absolute limit of ransom an organization can pay.

2019 had an incident where a facility in the US was hit by ransomware. This incident disabled the organizations access to patient records and medical devices. This was a case where unfortunately, due to the medical systems being down, a life of a baby was lost.

While there is no foolproof way to prevent ransomware attacks, there are ways to lessen the risk. This comes in the form of a multitude of IT security solutions that can help detect the attacks or even backup solutions that can help restore data before the attack. However, Operational Technology (OT) like medical devices also need to be considered as it is a lesser-known entry point.

This is where solutions like Trend Micro’s TXOne solutions can help the healthcare industry.

TXOne to Secure OT

Ransomware in Hospitals preview

The security experts at Trend Micro have done the research for you. From the industry standards to hospital processes, they know where the security vulnerabilities lie and created a solution that complements it. Below are a few ways in which TXOne can help healthcare’s OT security:

  • Effective network segmentation, virtual patch (IPS) and network containment through robust network appliances, preventing ransomware propagation
  • Granular control over healthcare protocols with support for 50+ variant IT and OT protocols for hospital network access control (HL7, DICOM, Modbus and more)
  • Lock down mission-critical endpoint assets using whitelisting technology, immunizing your system to ransomware
  • Quickly and conveniently remove ransomware via our plug-and-scan USB technology
  • Provide central and individual management options perfectly suited to different management roles

To learn more on how to better protect your business from ransomware, you can email us at marketing@ctlink.com.ph!

What is MFA Prompt Bombing Attacks?

Prompt Bombing preview
Prompt bombing header

Notifications are now a very common occurrence in our lives. Pop ups for our mobile devices are always being sent to update us and even act as a security measure. This has become so common in fact, that many people stopped paying attention to what notifications pop up. Once it has become a routine, some people do actions “without thinking” and this is where security risks can happen.

Take Multifactor Authentication (MFA) as an example, it is slowly becoming an essential security step in today’s applications and accounts. Whenever you place your credentials or use an online service like money transfer, many require you to use an authenticator that is attached to your mobile device. As an extra step in your security, it helps defend against bad actors who have gotten your credentials from other methods from using it to steal financial resources or data through something that is not as easily obtained.

MFA Prompt Bombing to Create Fatigue

MFA Fatigue

Despite the pros of an MFA solution, it does come with the inconvenience that users must use another system to verify their identity. This also come from a different device that they may be using that is closer to their personal life. Threat actors know that there are lapses in people’s attention, so they take advantage of it. Once they know your credentials, they try to induce alert fatigue on the user by pushing the MFA push notifications many times. They either try to make the user click on one alert for confirmation while they are inattentive with all the notifications or through spam that makes them confirm out of annoyance.

All it takes is just one mistaken approval from the user’s side and they will be able to access the business network. This small mistake can have major repercussions to the business that users don’t understand.

Protecting your Business from These Attacks

MFA Protection

The simplest way to reduce the risk of getting hit by these types of attacks is user education. By educating your users, you arm them with the knowledge of what is normal when it comes to MFA notifications. It is much like hearing someone knocking at the door, you don’t just let them in without checking who is on the other side. Why should a user allow a login request when they are not requesting a login for themselves.

Another way is to use MFA solutions that are better equipped to handle these kinds of attacks like RSA. RSA technology has a wide range of features that make use of context within their notification requests that users can look into before confirming. This includes timestamps, applications, and even location of where the notification is.

To learn more about recent attacks like prompt bombing or MFA solutions like RSA, you may send us an email at marketing@ctlink.com.ph!

Phishing Evolving: Learning About Modern Evasion Methods

Phishing Evolving: Learning About Modern Evasion Methods

Email has been a staple use of communication ever since it was introduced. Businesses are constantly trying to keep their email security updated to avoid attacks and data leaks. However, attacks like phishing are constantly evolving to evade email security technology. From attacks that try to fool users into clicking links to emails exploiting vulnerabilities, attackers are mixing or combining them to better succeed in getting into your network. This is why it is important to not only update your security, but to also educate your users.

Below are a few of these methods that are being used in the online environment that you and your users should be aware of:

Favicon Evasion

The first Phishing evasion method affects the icon of the browser tab called the favicon. If you look carefully at some links that ask you to login to your account, there are some inconsistencies. The left image and right image are similar but have major differences. This is purposely done to evade detection from email security, the left image has different color patterns then the actual Microsoft logo.

Phishing evasion methods Favicon

Logo Evasion

They also apply small differences on the logos they use on the login link. The left image uses a similar font and is in bold. This is to cause errors in template matching and increase the chance of being missed in Phising detection engines similar to the Favicon Evasion method.

Logo

Form Evasion

When looking at the inside of the sign-in link (the HTML code), we might see some things that look suspicious. Some detection engines are looking for form codes, so what attackers do is use <div> tags instead to look exactly the same.

Phishing evasion methods Form

Suspicious Text in Images

Some detection engines scan for fields that asks for a user’s password, like “enter password”. This is then investigated if this is a legitimate site. How attackers try to bypass this, they use a text image of “enter password” to evade this.

Phishing evasion methods Suspicious Text

Input Field in Disguise

Another technique that phishing detection engines may use is scanning the HTML for input fields, indicating that this might be a credential theft attempt. In this attack, attackers hide an input field by creating an empty div with a background image showing the word password. This is another way attackers evade detection from email security solutions.

Input Field

To learn more on email security methods or if you would like to better educate your users, you can consult with us by sending us an email at marketing@ctlink.com.ph!

6 Benefits of Migrating your Email Server to the Cloud

<strong>6 Benefits of Migrating your Email Server to the Cloud</strong>
Email Migration banner

On-premises email servers has always been the preferred set up for most businesses. However, businesses are now seeing that maintaining its upkeep, updates, and security is becoming increasingly difficult due to the growing threats and technologies. This is why many are now considering migrating their email servers to providers like Microsoft’s Exchange Online. Microsoft takes care of many tasks that businesses would normally do such as those stated above, while also giving your business multitudes of benefits. Below are some of the benefits businesses can expect to get when migrating to cloud servers:

Maintenance

Email Migration maintenance

The biggest benefit into moving your email servers to the cloud is that your team is no longer burdened with maintenance of the servers. Microsoft handles the upkeep and maintenance of servers giving your team more time to focus on other business critical tasks.

Accessibility

Email Migration accessibility

Remote workers have become the trend in the past few years. However, businesses still need their teams to be able to work together in a consolidated, collaborative environment. An Exchange Online migration enables your employees to connect to their emails anywhere, on any device, at any time. It also has the added benefit of being able to support a larger number of mailboxes through its scalable resources.

Hybrid Flexibility

Hybrid Flexibility

For those who don’t want a full cloud migration, going hybrid is also an option. Better security can be achieved with an on-premises Active Directory/Exchange Integration while being able to take advantage of the scalability and flexibility of the cloud. Going hybrid provides additional resources when needed while also offering all the security features of an on-prem service. Even after transferring to the cloud, existing on-prem servers can be maintained to make it easier for employees to transition.

Real-Time Collaboration

Real-Time Collaboration

Exchange Online allows your users to collaborate in real-time through Office 365 groups. The Exchange Online service can also take advantage of all other applications attached to Office 365. By taking advantage of the app connectivity, users can also effectively communicate within the Exchange Online Service and even work on documents in real-time.

Automated Mail Flow Rules

Automated Mail Flow

Exchange Online streamlines administrative task by automating them. This reduces the administrative burden of managing your mail services while ensuring email management is performed faster and consistently. This can be accessed through the exchange admin center for an easier and simpler way for your team to manage features.

Better Security and Compliance

Better Security and Compliance

Security threats are constantly evolving, businesses using on-prem servers must make sure that their security is maintained and up to date. Regulatory compliance as well are becoming more difficult to track as more rules on data privacy are made. With Exchange Online, Microsoft handles the updates for security and maintains the security of your email servers. For regulatory compliance, Office 365 migration allows for better accountability, making it easier to track changes, and providing features like litigation holds.

To learn more about Exchange online or if you would like to consultation for your business migration, please contact us at marketing@ctlink.com.ph!

Innovating industries: How iboss Improves Operations for the Financial Industry

<strong>Innovating industries: How iboss Improves Operations for the Financial Industry</strong>
finance banner

Business has grown to a point where users are no longer bound to traditional network boundaries. With shifts to cloud applications like Microsoft 365, it has become increasingly difficult for businesses to deliver fast, secure, and compliant connections to these applications. Vendors know this and have been working towards improving the technology offerings. Secure Access Service Edge (SASE) solutions have become the recent buzzword in technology for the exact reason that it was conceived to solve the above problems. SASE ensures that any connection originating from a user or device to any destination in the cloud is secure and meets the organization’s connectivity requirements.

However, some industries, like financial services, have unique situations where adopting solutions would also come with security risks associated with SaaS cloud delivered platforms. This is where iboss’ approach to SASE can help through its containerized based platform. Containerization allows iboss to deliver secure connectivity for users anywhere while maintaining a completely isolated and controlled network data path. A fully containerized architecture also has the benefit of synergizing well for hybrid deployments. It allows businesses to utilize their proxy and firewall security features within their private network while being able to leverage cloud-based service for their remote users or branches.

Below are a few features of iboss’ containerization architecture that can benefit those in the financial industry:

SaaS Network Security Service with Containerization

iboss SASE network security

Containerization services like iboss allows network connections from devices and users to be processed within isolated containerized gateways which perform proxy and firewall functions. These gateways never process data for any other organizations and data is never mixed between different customers. The gateways can also be destroyed or created in seconds to provide horizontal scaling.

security infographic

Better Security When Inspecting Traffic

iboss SASE traffic security

The containerized cloud architecture that iboss provides also allows full isolation of data as it moves between the cloud and business users. This includes a full isolation of private keys required to decrypt the traffic of data during motion. The containerized cloud gateways isolate the private SSL decryption keys to ensure security and reduce risk. On the other hand, non- containerized cloud architecture has the private SSL decryption keys available to the gateways that decrypt the network traffic. This means that those gateways are decrypting and processing traffic for any organization that traverses that gateway. This can pose as a big security risk and can have serious implications for high-security industries like financial services.

Naturally Hybrid for Easy Deployment on Private Cloud

iboss SASE hybrid cloud

Containerized architecture allows not only for its use on cloud but can also be deployed within a company’s network. This includes running the gateways within an office or datacenter. With iboss, you can run containerized gateways on physical infrastructure within the business. Traffic can be subjected to a proxy or firewall directly within the organizations perimeter without ever sending it through the cloud gateways running within the service.

To learn more about the benefits of iboss solutions for finance or other industries, you can send us an email at marketing@ctlink.com.ph