LATEST ARTICLES

Nearly two-thirds of organisations have failed to patch system vulnerabilities, even though fixes have been available for years.

This damning indictment of lax security procedures was published in Bitdefender’s 2020 Business threat landscape report.

It revealed that an astonishing 64% of unpatched vulnerabilities that were reported in the first half of 2020 were caused by known bugs going back almost a decade.

The bottom line is that many organisations are still at risk from known flaws that were identified as long ago as 2002 and should have been fixed years ago.

In today’s increasingly dangerous cyber-environment, it’s quite simply an open door for criminals to hack their systems.

So why do organisations fail to apply patches?

The reasons why so many known Common Vulnerabilities and Exposures (CVEs) haven’t been addressed by so many organisations is up for debate.

In many instances, the most likely culprit is the fact that applying the necessary patches is a time-consuming and rather tedious task that many IT departments simply ignore.

Some organisations don’t apply security patches as they worry that they might have a negative impact on the smooth running of their operational systems, and rather worryingly, would rather run the risk of cyberattack.

Backward compatibility also plays a significant role in whether applications are patched, stemming from the fear that patching or upgrading a service or application might break compatibility with mission-critical software.

Whether it is planned, or mere apathy is a moot point.

One thing is certain, unpatched vulnerabilities provide criminal elements with an open door that can be easily exploited in order to deploy cyber-attacks and malware.

Presented with such a large attack surface, threat actors across the world have been quick to make the most of the opportunities resulting a huge rise in malware attacks, and they show no signs of slowing down.

One single vulnerability is all an attacker needs.

If 2020 was the year of spear-fishing emails, 2021 could see unpatched vulnerabilities making the headlines.

The reality is that when organisations fail to adopt patch management protocols that examine and assess the state of every machine in their network, they leave themselves exposed to serious risk.

The threat has been reinforced by the Edgescan 2021 Vulnerability Statistics Report which clearly shows that hackers are exploiting known, unpatched vulnerabilities in order to launch attacks. It even goes as far as to list the top 5 CVEs being weaponised, their impact, and the threat actors exploiting the vulnerabilities.

Not surprisingly, this issue has been greatly aggravated by the move to remote working. This has been confirmed by security researchers at Check Point who reported that since the lockdown, malware attacks in the UK increased by 80% in the third quarter of 2020.

So how can an organisation protect itself from a long list of threats that directly target these vulnerabilities?

The key steps to protecting your mission-critical IT systems from an ever-growing threat.

At Quadris, we have years of hands-on experience of delivering expert advice on a range of IT issues, not least on how to ensure that all systems are updated, patched, and protected at all times.

In order to achieve these ends, below is list of critical actions that we employ:

To start with it is crucial that you are continually informed about recognised vulnerabilities and patch releases, so that you can act on them immediately. This requires a system that goes above and beyond the standard updates that software publishers release periodically.

Every organisation should have a direct line to an authoritative source that delivers comprehensive and regularly updated lists of vulnerabilities as soon as they become available.

These updates become the lynch pin of a comprehensive patching policy and roll out procedure that covers and protects every single piece of mission-critical IT infrastructure and associated digital devices.

But even a comprehensive patching policy in itself isn’t sufficient.

For a large-scale organisation, manually patching every device is an almost impossible task. You need high-quality automated tools that enable you to implement the changes at scale and at speed.

Last, but by no means least, you need a network design that gives you the resilience that allows you to test and patch without impacting the smooth running of the IT system as a whole.

For example, with a high resilience network instead of patching the live system, you can take a copy of a sample database and test it with known scripts to ensure it has no adverse effects before patching the main database.

Furthermore, this built-in resilience enables you to take snapshots as you proceed, so that you can failback more easily should errors occur.

One of the biggest obstacles to achieving all the above is having the resources and expertise to ensure that it is all carried out to the high standards that it demands.

If it all sounds a bit overwhelming and beyond the abilities of your internal IT department, don’t worry because help is at hand.

Let Quadris secure your systems and protect your organisation.

At Quadris, we have the expertise and skills to call upon a powerful set of services that combine to protect all your IT systems. These can be seen most notably with our Managed Cloud and Infrastructure and Managed Digital Workspace solutions.

We have a vast amount of experience in developing resilient networks that can survive the rigours of the most demanding of scenarios without resulting in downtime.

We stay at the forefront of threat detection by tapping directly into the feeds of the Talos Security Intelligence and Research Group and Threat Grid. This alerts us to any potential cyber-threats that are on the horizon, before they impact your network.

We employ a range of high-quality tools to ensure that patches and updates are implemented as soon as they are available and with minimal impact on your organisation’s operations.

Finally, to ensure you always maintain full control over the security of your IT operations, we have developed EyeQ, an Intelligent and intuitive customer portal that allows you to see clearly and quickly that we are delivering on everything our solution promises.

EyeQ provides you with an extensive range of reports including: proof that maintenance tests have all been completed, the status of anti-virus software, alerts to any security incidents that have taken place, the ongoing status of backups, adherence to all agreed SLAs, the number of tickets that are open and the status of all tickets, plus many additional useful features.

Perhaps most importantly, we have the people and the expertise to deliver on our promises. This includes a round-the-clock service desk that is ready to deal with any issues, staffed by professional front-line technicians and backed up by industry leading experts. So, if a threat is detected you can rest assured that your systems are in safe hands.

It’s time to close the door on hackers or pay the price in the future.

As hackers become more sophisticated, every organisation must respond by placing strict security protocols at the very centre of their IT systems and move as rapidly as possible toward a position of zero-trust security.

In today’s increasingly dangerous cyber space, it’s no longer a question of whether you can put a price on securing your organisation’s data, but whether you can afford not to.

To find out more about our security-focused solutions and how they can protect your mission-critical IT systems, contact Peter Grayson on 0161 537 4980 or peter.grayson@quadris.co.uk 

Why shadow IT is fast becoming one of your organisation’s greatest threats.

The dangers that shadow IT can present to your organisation have been growing for years. 

For the uninitiated, shadow IT is the use of any software, app, or even hardware, without the approval and support of your organisation’s IT department. 

This can cover anything from downloading a videoconferencing app such as Zoom, sharing files via Dropbox or Google docs, the random use of unauthorised USB storage devices, or accessing unsecured Wi-Fi. 

As a direct result of need to keep remote workers connected during lockdowns, the growing frequency and popularity of shadow IT can make their use seem quite normal; regardless of whether they have received official approval from the organisation. 

It’s a trend that hasn’t been lost on the world’s growing legions of cyber-criminals. 

During lockdown shadow IT has presented hackers with even greater opportunities. 

Hackers quickly realised that the push toward remote working provided them with new opportunities to target vulnerable digital devices as an entry point into the wider corporate network. 

The result has been a huge rise in malware attacks over the last 12 months. 

According to a recent security report from cybersecurity company Wandera, more than 50% of organisations stated that they had experienced an incidence of malware on a remote device during 2020. This was a whopping 40% increase over the figures published for 2019. 

To add to an already worrying scenario, 37% of the remote devices compromised by the malware continued to access company emails, while 11% were still free to gain access to their organisation’s cloud storage. 

And to complete an extremely bleak picture, 28% of organisations have been employing an operating system with a recognised security vulnerability, while reporting a 100% increase in employees connecting to ‘inappropriate content’. 

Just when you thought it couldn’t get any worseenter the fake collaboration app. 

Downloading genuine apps such as Zoom has brought their fair share of problems as has been reported repeatedly over the last year. 

But a new and invidious trend has seen remote workers being tricked into downloading malicious apps in the belief that they are installing something that will assist their productivity.

The source is often in the guise of phishing emails that are being downloaded by remote workers with potentially devastating repercussions. These fake apps claim to offer the latest and best collaboration tools, whereas in reality they have been created with the purpose of stealing data or accessing the user’s microphone or video camera in order to eavesdrop. 

As a result, any device compromised by the malware provides hackers with direct access to the corporate network. 

Not surprisingly 2020 saw a huge increase in hacker activity, especially ransomware. And while malware and viruses can cause major problems, ransomware can cost an organisation a fortune in both cost and damage to its brand. 

Crowdstrike’s 2020 Threat Hunting report revealed that there has been a dramatic increase in hands-on hacking activity. Instead of relying on automated programmed scripts, hackers are exploring these compromised scripts themselves, leading to a year-on-year increase in ransomware attacks of over 700%

It’s a frightening thought that just one user, downloading a single app hiding this malware could bring an entire organisation to its knees. 

The solution to growing problem 

No matter how often organisations warn their employees about the dangers of downloading unauthorised apps, the hard truth is that there is always going to be someone who ignores the rules. 

The only fail-safe method of preventing employees jeopardising the entire organisation through an act of carelessness is by removing their ability to make unilateral decisions without the approval of administrators. 

In order to fully safeguard your organisation from threats such as these requires a comprehensive range of actions: 

  • Every end device must receive regular security updates  
  • Software package deployment should be centrally controlled as end users can’t be trusted to install software  
  • Anti-virus software must always be switched on and up to date  
  • Patch management should be up to date 
  • End users should be protected from downloading rogue software and browsing to malicious websites 
  • End user should be restricted from by-passing security controls, e.g. the use of USB devices and personal computing devices
  • Use modern security solutions to identify and prevent malicious data packets that infiltrate your network  
  • Monitor any potential cyber-threats before they impact and disrupt your network  

All well and good, but how can you ensure that all these elements are being monitored and enacted? 

How our Managed Digital Workspace helps keep you secure. 

With the demand for remote working continuing to grow, to counter the threats posed by shadow IT and fake collaboration apps, we deliver a security solution that delivers complete peace of mind.

Our Managed Digital Workspace incorporates five crucial elements designed to protect your distributed workforce from cyber criminals: 

  • VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform 
  • Cisco Umbrella Secure internet gateway (SIG) for remote users 
  • Cisco Advanced Malware Protection (AMP) for Endpoints 
  • Cisco Talos Intelligence Group 
  • Quadris Security Operations Centre (SOC) 

It’s an extremely powerful set of services that combine to deliver comprehensive protection together with ongoing threat analysis: 

  • Advanced policy control of digital workspace equipment, including encryption, USB access, patching, and application use 
  • Web access control through DNS-based internet proxy for mobile devices and Windows desktops 
  • Immediate identification and prevention of malicious data packets that are attempting to infiltrate your network 
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network 

(For the full story click here.)  

Full support 24/7/365. 

Our Managed Digital Workspace also provides a round-the-clock service desk staffed by front-line technicians and backed up by industry leading experts.  

As a result, if a problem arises or a threat is detected you can rest assured that your IT network is in safe and secure hands. 

You stay in control. 

Historically, IT departments have been reluctant to employ external support for fear of relinquishing control. With this uppermost in mind, we have developed EyeQ, the intelligent customer portal that allows you to see with total transparency that we are delivering everything our Managed Digital Workspace solution promises. 

EyeQ provides you with a wide range of reports covering: any security incidents that have occurred, the present status of the anti-virus software, the status of all backups, proof that scheduled maintenance tests have all been completed, how many tickets are open together with the status of all tickets, adherence to all agreed SLAs, and more. 

It ensures that we always deliver on all our promises and you maintain complete control. 

Take the proactive approach and call us today.  

As we speak, someone, somewhere is downloading a fake collaboration app or accessing websites that could put their organisation as risk. Make sure it’s not one of your employees by introducing the protection offered by our Managed Digital Workspace solution. 

For more information, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk 

7 steps that will ensure your new distributed workforce stays connected, productive, and secure.

While there has been a great deal of talk about the new normal in a post-COVID-19 world, no-one can say for sure exactly what that may entail. 

Having said that, as a direct result of the lockdown and the ensuing social distancing, all the signs are that the ‘old’ normal that was built on and ultimately dependent upon centralisation is no longer fit for purpose. 

The fact is that the change, disruption, and uncertainty that has followed in the wake of the pandemic has put centralisation under the spotlight and made many people realise that it’s an extremely fragile model.

The permanent move to more resilient decentralised working models is driven as much by the desire of employees to have more autonomy, as it is by organisations who wish to capitalise on the potential cost savings. This is borne out by a recent survey, in which 50 of the biggest UK employers stated that they have no plans to return all staff to the office full-time. 

As a result, the rise of the digital workspace that delivers the ability for employees to work from any location is set to become an integral part of every organisations’ working practices and operations. 

The question remains, how do you go about ensuring that your organisation is ready, willing, and able to operate a digital workspace that can meet the growing and ever-changing needs of your distributed workforce? 

  1. Start by talking to all stakeholders. 

It doesn’t matter if you have your entire payroll working remotely or just a small percentage, you still face the same challenges – it’s only the scale of the problem that changes.  

As a result, directors, employees, customers should all be involved in the consultation process about how best to empower a distributed workforce.  

An all-inclusive process also offers up the prospect of valuable feedback and by including everyone in the decision-making process any changes to existing working practices are more likely to succeed. 

  1. Ensure that everyone is properly equipped and can do their job safely. 

The requirements of individuals may differ greatly depending on their role and responsibilities, as a result there should be no blanket solution as to the what equipment should be provided to remote workers. 

The specifications of any and all equipment must be tailored to meet the individual needs of each employee. For example, while many people will be happy to work on a laptop people who are required to work on financial spreadsheets will require a large screen monitor. 

Of course, there is far more to meeting the needs of employees than just a monitor. There are docking stations, ergonomic keyboards, laptop risers and a wide range of additional peripherals that can greatly improve working practices. 

Most importantly, as an employer you have the same health and safety responsibilities for home workers as for any other workers, so you need to ensure that you are complying fully with existing legislation

  1. Collaboration and communication. 

One of the biggest challenges for any decentralised workforce is replicating the ability to collaborate effectively even when people are located across different geographical locations. 

People need to be able to chat, message, call, hold videoconferences, share files and content, work collectively on projects – everything that would normally be carried out in the conventional office environment. 

There are numerous solutions with perhaps the most widespread and notable example being Microsoft Teams – the hub for teamwork in Microsoft 365 (formerly Office 365). This chat-based workspace offers a truly flexible environment that makes everything visible, integrated, and accessible. It’s a messaging application where everyone can access conversations, meetings, and documents, and a hub where people can collaborate securely and in real time. 

Regardless of what type of work you do, a digital hub will allow you to customise its functionality to meet the specific needs of your organisation and quickly become an indispensable business tool. 

  1. Consistent connectivity.

While you have to admire the ingenuity and speed at which many organisations dealt with the challenges presented by the need for remote working, one area that caused considerable problems was internet access. 

This was especially noticeable in the drive to implement VoIP and videoconferencing, an essential element in the absence of face-to-face meetings and events. While the internet held up quite admirably in the face of the vastly increased traffic, users experienced the frustration of choppy video and audio, missed words and calls being dropped in the middle of a conversation. 

The cause can be attributed directly to poor internet access and the resultant network latency/delay, packet loss and inconsistency, and network congestion due to bandwidth overuse. Unfortunately, the speed and reliability of internet connections is often dependent on where people live – making the ability to communicate and collaborate with colleagues subject to a postcode lottery. 

Thankfully there are solutions to the problem of poor internet access such as improving users’ home broadband by augmenting it using future-focused software defined solutions

  1. Security, security, security.

One of the biggest problems confronting every organisation is that remote working has led to the disappearance of the physical perimeter and fundamentally altered the threat landscape. 

The push to keep employees connected has led to a rapid increase in the use of enterprise applications such as Office 365 and Salesforce. And while they greatly helped organisations and their employees to maintain a semblance of normality, the use of personal devices, unsecured internet access, and a lack of support for remote workers has resulted in a catalogue of potential security issues. 

In a recent survey 95% of security professionals stated that they are facing added IT security challenges: the provision of secure remote access for employees, the need for remote access scalable solutions, and employees using untested software, tools and services. 

The move to a decentralised workforce means that enterprises now need to focus on a multi-dimensional security model that takes into account data loss prevention, information barriers, retention policies, in order to keep any sensitive data safe against unauthorised access. 

Any future-facing model should ensure that: everyone receives regular security updates; software packages are deployed centrally; anti-virus software is always switched on and up to date; all software and applications are regularly updated; OS and software security patches are regularly implemented in order to address vulnerabilities and fix bugs; internet browsers are protected and secured; and central security policies are applied to devices to protect users from compromised USB devices. 

  1. Training and management.

From the first day of induction, to ongoing assessments, to training people on how to use the new tools necessary for remote working – every organisation is now facing a whole new set of issues when it comes to training and managing a decentralised workforce. 

When it comes to training and ongoing management, videoconferencing and team collaboration applications are now a fundamental part of keeping the whole workforce informed and connected.  

Daily or weekly management meetings should still take place in order to plan out the forthcoming operations and help coordinate the overseeing of business units, applications, or deal with specific organisational issues. 

Beyond day-to-day management, leaders must train their staff on how to address worker problems, provide advice on home office setups, while all the time keeping projects on schedule. 

At the end of the day, given that teams are now more likely to be dispersed across different geographical areas, videoconferencing and team collaboration applications are set to become essential business tools. With this in mind, it’s no longer just a matter of providing employees with access, to make the very most of collaboration hubs such as Microsoft 365 requires very specialised professional training. 

  1. Provide 24/7/365 support wherever people are located.

The days of getting someone from the IT department to drop by your desk to help solve an issue are all but over. The centralised support that employees have previously relied upon now needs to transform into a support service that is just as at home in the office, as it is in the home. 

The problem is that the majority of IT personnel are accustomed to being on site and as a result, must now be trained on remote troubleshooting to ensure the same high standards of support can be delivered to remote workers. 

Furthermore, IT personnel who aren’t involved with end-user support also need the tools and guidance to remotely manage systems and applications that they were previously managing locally. 

The fact remains that without the proper equipment, the right tools, and sufficient personnel to deal with the issues that come with remote working, the problems will keep mounting. No matter how big your organisation or what sector it operates in, end point management and end user management will become two of the most critical points of focus across the entire organisation. 

The problem is that many organisations simply don’t have the skills and resources to deliver the service that the future demands. As a result, the solution often lies in outsourcing IT support to a dedicated service provider or service desk. 

How Quadris Managed Digital Workspace can support you every step of the way.

All the signs point toward the majority of forward-thinking organisations will increasingly move away from the centralised model of old and toward the decentralised model we have seen emerging over the last 6 months in the wake of the pandemic. 

The pandemic has caused monumental shifts in the way that organisations operate and it’s a brave (or reckless) organisation that isn’t making contingencies for the possibility that this won’t be the last pandemic we encounter. 

The fact is that work will no longer be a place, but an organised set of tasks and activities that can be securely carried out using any device and tailored to deliver a personalised and relevant employee experience. Digital workplaces are set to become the backbone of modern business and analysts estimate the global market will expand to a staggering £32.7 billion ($44.9 billion) by 2026. 

Our Managed Digital Workspace will free you up from the vast majority of work involved in supplying, maintaining, and supporting computer equipment, phones, and peripherals.  

As a direct result, this comprehensive solution greatly simplifies your IT management, reduces internal costs, and most importantly leaves you with more time to concentrate on higher value work. 

To find out more about Quadris Managed Digital Workspace and how it can benefit your organisation, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk 

Zero-trust security. It’s time.

Not next year, not next month, not next week. Securing your remote workforce with a strict zero-trust strategy must start today.

The reason for the immediacy is because it’s impossible to stress just how dangerous the current situation is with regard to cyber security. If you doubt our word, then take a look at the eye-watering cost of some of the biggest hacks and data breaches of the last 12 months.

The internet of today is a vast unsafe cyber-neighbourhood and it’s getting more dangerous by the day. To demonstrate just how unsafe it is, connect a newly loaded Windows system to the internet without patches, and within just a matter of seconds it will be attacked and compromised.

Data hacks, phishing scams, identity fraud, and in particular ransomware, have all increased exponentially over the last year.

And it’s about to get worse.

The future is looking increasingly dangerous.

The cause of the massive upsurge in malware attacks is directly linked to the sudden shift to supporting an increasingly distributed workforce. The consequences of maintaining the smooth running of an organisation in this new environment has led to a huge range of security challenges.

As a result, it has heaped enormous pressure on IT departments as they are now required to provide support for rising numbers of remote workers and a range of devices – all without compromising the overall security of the organisation.

A recent survey of over 1000 global Managed Service Providers revealed that almost 70% of respondents declared ransomware to be the most prevalent threat, with over 90% of businesses convinced that these attacks will continue to rise.

The main causes behind successful ransomware attacks are the growing sophistication of phishing scams, poor practices by end users, and a worrying lack of training in security protocols (one source reported that a third of staff working remotely have received no security training whatsoever in the last six months).

Yet, as remote working and the use of cloud applications continue to become more prevalent, no single product can deal with the sophistication of today’s attacks.

It requires a strategic, multi-layered approach with zero trust at every level.

How zero trust works.

To ward off any threat it requires an approach that soars above and beyond the limitations of standard anti-virus software, and traditional firewall and perimeter-based security.

As organisations continue to spread their data across different applications, multiple locations, cloud services and the like, the traditional firewall is no longer fit for purpose. Today, there are now so many different channels for cyber criminals to gain access that it simply doesn’t offer sufficient protection against the latest identity and credential based attacks.

The concept of zero-trust security was first introduced a decade ago and operates on the presumption that every single device, even if they are within the network perimeter, is likely to be or has already been compromised.

It’s a model that utilises a wide variety of capabilities such as, multi-factor authentication, access and identity management, file permissions, intelligence-driven Mobile Device Management, Secure internet gateways, unified endpoint management, and real-time threat intelligence.

The benefits of this new model are significant:

  • It offers far greater protection for your organisation’s data 
  • Greatly reduces the risk of a breach and detection time
  • Greatly increases control in the growing cloud environment
  • Improves overall visibility into network traffic

To summarise, with the zero-trust approach interactions will only happen if they are already authorised. Everything else is simply blocked unless they are subsequently sanctioned.

It is perhaps best described as not trusting anything in your infrastructure to be secure unless fully explored and tested.

This includes your staff who present one of the most dangerous areas of possible compromise, and as such should be treated like an integral piece of your organisational infrastructure.

In fact, securing your distributed workforce is arguably the first and most important step in your journey to a zero-trust strategy.

How our Managed Digital Workspace solution takes you a step closer to zero trust security.

Our Managed Digital Workspace is a future-focused solution that incorporates 5 critical elements to introduce a zero-trust approach to your distributed workforce.

  • VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform
  • Cisco Umbrella Secure internet gateway (SIG) for remote users
  • Cisco Advanced Malware Protection (AMP) for Endpoints
  • Cisco Talos Intelligence Group
  • Quadris Security Operations Centre (SOC)

It’s a powerful set of services that provides comprehensive protection and ongoing threat analysis to every end user – no matter where they are working:

  • Advanced policy control of digital workspace equipment, including encryption, USB access, patching, and application use
  • Web access control through DNS-based internet proxy for mobile devices and Windows desktops
  • Immediate identification and prevention of malicious data packets that are attempting to infiltrate your network
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network

(For the full story click here.) 

Furthermore, should any issues arise, you have at your disposal a round-the-clock service desk staffed by front-line technicians, and backed up by industry leading experts. So, if a problem arises or a threat is detected you can rest assured that your IT network is in safe and secure hands. 

Trust no one 

We believe that zero trust relates to everyone, including us. Which is why we developed EyeQ, an intelligent and intuitive customer portal that enables you to see that we are delivering everything our solution promises – with complete transparency.

EyeQ delivers a comprehensive range of reports such as: any security incidents that have taken place, the current status of anti-virus software, the status of backups, proof that maintenance tests have been completed, how many tickets are open and the status of all tickets, adherence to agreed SLAs, etc.

It not only ensures that we deliver on all our promises, EyeQ ensures you have greater control over security than ever before.

Start today.

In the face of increasing uncertainty and fear of malware attacks, it’s not surprising that zero-trust security is fast becoming the standard for every organisation.

Make no mistake, zero-trust security isn’t going to be achieved overnight. Factors such as legacy infrastructure, outdated devices, and the need for training across the organisation means that it will take time to implement it successfully.

But at the very least, today should be the start of the journey.

Take the first step to zero-trust security by discovering the benefits of our Managed Digital Workspace solution, and contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk 

Why the Managed Digital Workspace must place security at its very heart.

While most organisations have proved quite capable of facing up to the immediate challenges posed by remote working, the one area that has proved to be the weakest link is security.

The fact is that for most organisations, working from home is a new and ultimately foreign concept. The technology, operations, and policies they have employed simply aren’t up to the task of protecting one of any enterprise’s most important assets – its data.

This worrying trend is supported by a recent survey where a staggering 85 percent of CISOs admitted to sacrificing security to enable remote working.

Why are remote workers less secure than those in the office?

Historically, the solutions that protect corporate networks have been focused on physical locations where people work such as offices and production facilities.

In the office people are far more careful about the websites that they visit and the files that they download/upload, when they have colleagues and an IT department looking over their shoulder. Away from the office, it’s an entirely different matter and opens up a frightening array of threats from unscrupulous individuals.

This has been exacerbated by the huge surge in the use of cloud-based services such as Microsoft 365. Hackers are very aware of the security challenges posed by the new distributed workforce and as a result are actively seeking opportunities to exploit this situation to their advantage.

As a result, the rapid adoption of remote working has provided hacking groups with new and growing means with which to gain access to accounts and networks.

Failure to ensure that every corporate device is continually updated, patched, protected, and connected securely to the internet at all times, is basically an open invitation for hackers to access your data.

2020 has seen a sharp increase in hacking campaigns, especially ransomware.

While viruses and malware can reap havoc across an organisation, ransomware can bring it to its knees.

According to the 2020 Threat Hunting report from Crowdstrike, the fallout from the COVID-19 pandemic has resulted in a huge rise in sophisticated hands-on hacking campaigns. These hands-on intrusions are when human hackers actively explore compromised systems themselves rather than relying on automated programmed scripts.

Most worryingly, there has been a massive increase in the number of ransomware attacks since the lockdown, with Bitdefender’s Mid-Year Threat Landscape report 2020 claiming a 715% year-on-year increase in ransomware attacks.

A single attack can cost the unfortunate recipient a fortune, as the University of California at San Francisco discovered when it paid a partial ransom demand of over $1 million to recover files locked down by a ransomware infection.

So be afraid, be very afraid, as a single ransomware attack on an unsecured device could cost your organisation a staggering amount.

How Quadris puts security at its very heart of the Managed Digital Workspace.

To deal with the threats presented to home and office workers, Quadris provides a future-focused Managed Digital Workplace with security at its very core and powered by:

  1. VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform
  1. Cisco Umbrella Secure internet gateway (SIG) for remote users
  1. Cisco Advanced Malware Protection (AMP) for Endpoints
  1. Cisco Talos Intelligence Group
  1. Quadris Security Operations Centre (SOC)

(For a more in-depth look at the functionality and features offered by all the above click here.)

This powerful set of services combines to deliver comprehensive protection and continual threat analysis to every end user – no matter where they are working:

  • Advanced policy control of digital workspace equipment, including encryption, USB access, patching, and application use
  • Web access control through DNS-based internet proxy for mobile devices and Windows desktops
  • Immediate identification and prevention of malicious data packets that are attempting to infiltrate your network
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network

To find out more about how the Quadris security solution ensures your people are as protected when working remotely as they are in the office, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk

Securing your remote workforce is going to cost you. But not nearly as much as failing to do so.

According to a recent survey by 451 Research, almost 80% of organisations have now implemented remote work policies, and nearly 70% believe that it will be permanent. 

Like it or not, remote working is here to stay. And while it has been welcomed by many employees and employers, the new distributed workforce has brought with it an extraordinary slew of cybersecurity challenges. 

Yet another corporate casualty makes the news. 

Rarely a day passes without the news of yet another organisation, either reporting a huge data breach or that that they have been the target of a costly ransomware attack. 

If you are of the persuasion that this is unlikely to happen to you, then ignore the warnings at your peril. According to a recent survey by CrowdStrike over half of organisations were subjected to a ransomware attack at least once in the last calendar year. 

In fact, ransomware now poses the greatest malware threat to SMBs with the average cost of downtime increasing by a staggering 94% in the last year. 

It’s time to acknowledge that whave entered a new era. 

There is little doubt that the rapid shift to remote working has been the key driver behind the recent surge in malware attacks. Hackers are fully aware that organisations are vulnerable and are taking full advantage of the opportunity to line their pockets. 

Many observers initially laid much of the blame firmly at the feet of staff who in their haste to continue working were oblivious to best security practices. But it’s all too easy to point the finger at staff or beleaguered IT departments who were all working flat out to deal with a series of precedented challenges. 

With hindsight, 3 main major contributing factors have led to this huge rise in attacks: 

  • The dramatic increase in the adoption of new technologies to facilitate remote collaboration 
  • A lack of training and support for remote workers 
  • Overworked and poorly equipped IT security staff 

The reality is that a range of factors combined to create a perfect storm that cyber criminals have been quick to exploit. 

In the new era, organisations of all sectors and sizes must recognise the security implications of managing a remote workforce and take immediate action. 

To start with, operations have to shift their focus from protecting office-based assets that are predominantly secured behind the corporate firewall. Looking forward, the main aim must be to keep up with and secure assets in the new decentralised, increasingly diverse IT environment. 

This change from a network security strategy to a new end point security strategy requires a fundamentally different approach. Failure to make the transition to allow people to work from remote locations without establishing a robust end point strategy, will simply play straight into the hands of the cyber criminals. 

Not only do you need the means to secure your data, you also need the skills to maintain it – 24/7/365. 

Some organisations have tightened up their security protocols and implemented new software solutions. A few have even employed additional staff such as service desk technicians to provide advice and support. 

But if the truth be told, it’s simply not enough. 

Every single corporate device, be it desktop, laptop, or smartphone, must be continually updated, patched, protected, and connected securely to the internet at all times. 

Many existing IT teams aren’t equipped to implement a new operational process that will deliver this new level of security. Training up existing staff to take on the role takes time and resources, while a dearth of qualified professionals in the job market can make hiring an extremely frustrating and ultimately fruitless task. 

In order to accommodate the move to remote working, security can no longer be regarded as simple add on, it needs to be an integral part of every single IT asset. 

Which is why we have seen the evolution of the Managed Digital Workspace, a solution that is set to become an essential element of the organisational makeup of businesses across the world. 

Not only does employing the services of an external managed service make the organisation instantly more secure, it also saves the time and cost of having to recruit and/or train up members of staff. 

Furthermore, it removes the headache of having to oversee all the important operational processes that go on in the background and ensure that everyone is doing their job properly. 

Pay now or pay the price later. 

If you are serious about securing your organisation and not leaving your people and your organisation vulnerable, then unfortunately, like everything in life it comes at a price. 

The hard truth is that you can no longer get away with a standard anti-virus product and a basic firewall and think you are secure – because you aren’t. Cyber criminals have upped their game and consequently you need to up your game to match the threat. 

Consequently, the cost of securing every user regardless of where they are located comes with a price tag. And while it may be a bitter pill for your organisation to swallow, it’s not nearly as much as the cost of the failure to do so, as many organisations have discovered. 

Which is why at Quadris we have invested a great deal of time, effort, and money in engineering our Managed Digital Workspace with strict security protocols at its very heart. 

This future-focused solution incorporates 5 critical elements to secure your distributed workforce and protect your organisation from cyber threats. 

You can discover the full story behind this ingenious solution here. But to summarise, we have placed security at the very heart of our Managed Digital Workspace solution, through a combination of the following: 

  1. VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform 
  1. Cisco Umbrella Secure internet gateway (SIG) for remote users 
  1. Cisco Advanced Malware Protection (AMP) for Endpoints 
  1. Cisco Talos Intelligence Group 
  1. Quadris Security Operations Centre (SOC) 

This powerful set of services delivers comprehensive protection and continual threat analysis to every end user – no matter where they are working: 

  • Advanced policy control of digital workspace equipment, including encryption, USB access, patching, and application use 
  • Web access control through DNS-based internet proxy for mobile devices and Windows desktops 
  • Immediate identification and prevention of malicious data packets that are attempting to infiltrate your network 
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network 

What’s more, with Quadris’ Managed Digital Workspace not only do you have a round-the-clock service desk ready to deal with any issues, our front-line technicians are backed up by industry leading experts. So, if a worst-case scenario should happen and a threat is detected, you can relax in the knowledge that your IT network is in the safest of hands. 

You always stay in control. 

To complete the picture, we have developed EyeQ, a customer portal that enables you to see quickly and clearly that we are delivering everything our solution promises. 

With EyeQ you have at your fingertips a comprehensive range of reports such as: proof that maintenance tests have been completed, the current status of anti-virus software, any security incidents that have taken place, the status of backups, adherence to agreed SLAs, how many tickets are open and the status of all tickets, plus a host of additional features and functionality. 

This intelligent and intuitive portal not only ensures that we deliver on our promises, it also provides you with a degree of transparency that ensures you have greater control over the security of your IT operations than ever before. 

At the end of the day, the question is not whether you can put a price on guaranteeing the security of your organisation’s data, but whether you can afford not to. 

To find out more about our Managed Digital Workspace solution and how it ensures your people are as protected when working remotely as they are in the office, contact Peter Grayson on 0161 537 4980 or peter.grayson@quadris.co.uk

5 critical elements of our Managed Digital Workspace will secure your distributed workforce.

The rapid adoption of remote working has provided hacking groups with new and growing means with which to gain access to accounts and networks. 

Failure to ensure that every corporate device is continually updated, patched, protected, and connected securely to the internet at all times, is basically an open invitation for hackers to access your data. 

In order to keep hackers at bay, any future-facing model must ensure the following areas are covered – 24/7/365

  • Every end device receives regular security updates 
  • Software packages are deployed centrally 
  • Anti-virus software is always switched on and up to date 
  • All software and apps are regularly updated 
  • OS and software security patches are regularly implemented in order to address vulnerabilities and fix bugs 
  • Update and patch the underlying drivers and firmware of all devices 
  • Internet browsers are protected and secured 
  • Central security policies are applied to devices to protect users from compromised USB devices 
  • Deliver the same level of web protection for the roaming end user as you would in the office environment 
  • Immediately identify and prevent malicious data packets that are attempting to infiltrate your network 
  • Monitor any potential cyber-threats that are on the horizon, before they impact your network 

But how can an organisation ensure that all the different elements mentioned above are always being monitored and enacted? 

With years of experience in providing distributed workforces with the tools they need to operate efficiently and securely both in the office and in remote locations, Quadris is perfectly positioned to ensure that security is always a top priority. 

Today, as the demand for flexible remote working continues to grow, in order to counter the mounting threats posed by malicious threat actors we now deliver a security solution that provides complete peace of mind. 

Our security solution has been developed in partnership with Cisco and VMware and is founded on 5 key elements. 

  1. VMware Workspace ONE intelligence-driven Mobile Device Management (MDM) platform. 

It all starts by integrating access control, app management and multi-platform endpoint management into a single platform using VMware Workspace ONE. 

Available as a cloud service or on-premises deployment, this intelligent MDM solution delivers the ability to manage and control thousands of mobile devices across the widest possible geographical locations. VMware Workspace ONE informs us exactly where the devices are and more importantly enables us to enforce policies and security restrictions, remotely control them, and even remotely wipe them if they are stolen or lost. 

With laptops in mind, we deliver full out-of-box, zero-touch provisioning to users direct from the supplier. Once safely in the hands of the user, all they have to do is unbox the device and turn it on. They will be presented with a login screen where they simply enter their corporate credentials, hit enter, and they are instantly logged into the device. 

The device is already pre-configured to access your corporate domain, and as the MDM software is preinstalled it will automatically check into the Quadris dashboard, so that we are aware that that user is on that device and from the moment it is connected. 

By default, the platform will apply a comprehensive range of predetermined policies to ensure the security of every device and every end user. 

  • BitLocker encryption is enabled in order to protect the hard drive against unauthorised changes. Furthermore, encryption locks are in place so that in the event that the encryption be compromised or turned off for any reason, it will automatically be re-encrypted. 
  • A wide range of policies can be applied in order to restrict certain functionalities and actions, such as the ability to connect USB sticks or flash drives that can lead to potentially disastrous data loss. Whatever restrictions are required, they can be applied quickly and simply to thousands of devices from one central location. 
  • This versatile MDM also enables us to roll out new apps or update existing apps centrally, providing an unrivalled level of control of the day-to-day management tasks. 
  • With smartphones in mind, the MDM delivers the same out-of-the-box experience. When the user turns the smartphone on, it immediately asks for their corporate credentials before checking into the MDM server, which in turn installs the MDM app. The device is immediately provisioned including the automatic configuration of corporate email accounts. This bypasses all the usual time-consuming steps, such as asking if the user wants to back up the device using iCloud and having to create an iCloud credentials and user account. 

All the above can be achieved quickly and simply, without ever having to be physically in front of the user. 

  1. Cisco Umbrella Secure internet gateway (SIG) for remote users. 

In the conventional office environment, users can connect to the corporate network via cable or Wi-Fi, safe in the knowledge that there is a datacentre or server room that delivers full web security in the form of proxy servers, firewalls, and enterprise grade anti-virus software. 

But when the users work remotely from home or from a coffee shop, it presents a challenge as to how to you protect that device when accessing the web. So, to ensure the security of every device, regardless of location, we have enlisted the help of Cisco Umbrella SIG

  • SIG delivers multiple security functions integrated into one cloud service. In addition to providing the flexibility to deploy security services to all remote end users, it also secures direct-to-internet access, cloud app usage, and roaming end users. 
  • Unlike other solutions, there are no appliances to deploy as Cisco Umbrella is an app that is pre-installed into the laptop. This means that wherever the laptop may be, it has all the protection you would expect from a corporate proxy, such as the general blocking of gambling, pornographic, or social media websites. All these policies can be assigned from the cloud to protect the device regardless of its location.  
  • It also enables us to leverage more advanced features such as cloud access security broker (CASB) software. This sits between cloud service users and cloud apps, in order to monitor activity and warn administrators about potentially hazardous actions. 
  • More specifically, CASB software enables administrators to introduce granular, policy-based restrictions. As a result, rather than just blocking or allowing access, it provides the ability to grant access but with certain restrictions, such as allowing users to access Dropbox but block uploads, or login to social media but prevent the sharing of posts. 

Cisco Umbrella is a powerful tool, offering the same level of web protection for the roaming end user as you would expect when working in a conventional office environment. 

  1. Cisco Advanced Malware Protection (AMP) for Endpoints. 

Despite the best intentions you can’t rely on prevention alone, which is why our solution also relies on Cisco Advanced Malware Protection (AMP) for Endpoints in order to provide global threat intelligence, real-time malware blocking to prevent breaches and advanced sandboxing capabilities. 

With Cisco AMP for Endpoints, you have a high-powered, enterprise-grade level solution that will defend your network infrastructure from all sorts of malware (e.g. Ransomware, Business Email Compromise, etc.) and help prevent attacks from newer variants. 

Your network infrastructure is one of the top targets for cyber-attackers; as once they have entry into your infrastructure, over time they can gain access to the servers and databases that reside on it.  

This leading-edge solution delivers the visibility and control to defeat advanced attacks by continuously analysing file activity across your extended network, so we can quickly detect, contain and remove advanced malware. 

  • If your organization is hit by malware, Cisco AMP uses the above-described feeds in order to identify and prevent malicious data packets that are attempting to break through and infiltrate your network. 
  • Afterwards Cisco AMP will then provide detailed information to your IT security staff as to the origin of the malware, what its point of impact was in your in-network infrastructure, and what the current status of the malware is. In fact, with just a few clicks of the mouse, the malware can be contained, and isolated from causing further damage. 
  • Another advanced feature of Cisco AMP is its ability to sandbox any device. This means that in the event of an attack on an end client we can cut the connection between it and the outside world, thereby preventing it from spreading beyond the device to the corporate network. But we still retain the ability to access it remotely and investigate the issue in order to ascertain the exact nature of the attack. 
  1. Cisco Talos Intelligence Group. 

Prevention is always better than cure. And the internet of today is a vast, unsafe cyber-neighbourhood. Connect a freshly loaded Windows system without patches to the internet, and within 10 or 20 seconds following the connection, the system will be attacked. 

Which is why we stay at the forefront of threat detection by tapping directly into the feeds of the Talos Security Intelligence and Research Group and Threat Grid. This alerts us to any potential cyber-threats that are on the horizon, before they impact your network. 

  • Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world, comprised of world-class researchers, analysts, and engineers. These teams are supported by unrivalled telemetry and sophisticated systems to create accurate, rapid, and actionable threat intelligence. 
  • Talos defends against known and emerging threats, discovers new vulnerabilities in common software, and intercepts threats before they can cause further harm. 
  • The unrivalled expertise of the team is backed by sophisticated infrastructure, and Cisco’s unrivalled telemetry of data that spans across networks, endpoints, cloud environments, virtual systems, and daily web and email traffic. 
  •  While Talos overarches the entire Cisco portfolio, it specifically focuses on Cisco Umbrella and Cisco AMP for Endpoints, delivering real-time information on threats the moment they are identified. 
  • As soon as threats are classified, they are automatically made available as definitions to the relevant software and apps in use. As a result, we are as up to date as anyone possibly can be on threat analysis and threat detection, ensuring that we are always at ‘day zero’ – the same day an event occurs, or a vulnerability is discovered. 

With Talos extensive and unrivalled threat intelligence capabilities on our side, not only will they help ensure the security of your network, they also make the internet safer for everyone. 

  1. Quadris Security Operations Centre (SOC) 

Quite simply, the Quadris SOC oversees our entire security solution. It is there to ensure that all the different elements are always being monitored and enacted,  

  • Continuously monitors all devices and systems to ensure they are fully compliant; from a patching perspective, and from a security perspective, ensuring that they are always encrypted, and that all policies are in effect. 
  • From the Quadris SOC, we are able to centrally manage and push out updates. We are also able to analyse updates to ensure that those updates are ready for devices and there are no known issues before we push them out. 
  • Should any policies not take effect on a device, we will immediately be alerted that it is uncompliant and Quadris SOC will investigate to ensure it is returned to a compliant state, according to our own predetermined baseline. 
  • If there is an issue with a particular update, that could potentially cause an app to become unavailable or lead to problems with end user devices, we can centrally uninstall that affected update from all affected devices. Only when we have determined the cause of the problem and found a solution will we roll out the update to all devices in order to bring them back online. 
  • To complete the picture, we also continually update and patch the underlying drivers and firmware of all devices operating on the machines. This ensures that they are always up to date throughout the entire lifecycle of every machine, thereby avoiding any incompatibilities that can lead to more serious issues.

Let Quadris put security at the very heart of the Managed Digital Workspace 

As the demand for flexible remote working continues to grow, malicious cyber threat actors will continue to take advantage of the situation. 

As a result, it is crucial that organisations are aware of the potential cyber threats they face while they make transitions to alternative business continuity plans, and that they are informed of the immediate steps they can take to mitigate potential risks. 
 
By adopting a strong defensive position, you can help to ensure the security of your organisations’ most important assets. 

For more details about how the Quadris security solution ensures your people are as protected when working remotely as they are in the office, contact Peter Grayson on 0161 537 4980 or peter.grayson@quadris.co.uk 

Could an IT security breach cost you your job?

Ever since the Covid-19 pandemic first hit, millions of employees have been accessing their company’s data from remote locations, more often than not using unsecured internet access. 

As a direct result, it has provided hackers with a golden opportunity to gain access to corporate accounts and data. This has been borne out by security researchers at Check Point who reported that as hackers continue to take advantage of mass remote working, ransomware attacks in the UK increased by 80% in the third quarter of 2020. 

And it’s not just your remote workers that you should be concerned about. Failure to ensure that every corporate device is always updated, patched, protected, and connected securely to the internet, is basically an open invitation to hackers. 

A single attack can cost an organisation a fortune, as the University of California at San Francisco recently discovered when it paid over $1 million to recover files locked down by a ransomware infection. 

Money aside, the repercussions can potentially be fatal. Only last week, we published a report about an attack on the University Hospital of Düsseldorf where a 78-year-old woman may have died because of this criminal action. 

In addition to launching a negligent homicide case against the hackers, the authorities have also said that the hospital itself could be placed under investigation. The very fact that hospital administrators could be questioned, raises some very serious issues about who is ultimately responsible for the security of IT systems. 

Where does the buck stop? 

The existing legal framework surrounding breaches of data isn’t particularly defined. Once you go beyond the requirement that an organisation immediately discloses any data breaches to those customers who have been affected, there are very few laws that govern who takes responsibility. 

The data owners (the organisation that stores the user data) is responsible for any breaches and as a result can be fined accordingly. But under normal circumstances, the data holder (the organisation that stores the data) cannot be held responsible, aside from failing to notify affected parties. 

The level of liability for data owners is dependent on the safeguards they take in order to protect the data.  If they can be shown to have failed to control access to the network or not encrypting sensitive data, they will be more liable for damages suffered as a result of the breach. 

But putting legalities to one side, who within an organisation should or rather could take the fall for a major breach? 

IT and cybersecurity staff. 

It’s all too easy to point the finger at hard-pressed IT staff. 

The problem is that for a variety of reasons networks are becoming far less secure, while the cost of cybersecurity is growing by the day. Tighter budgets, fewer people in the IT department, and an increasing shortage of people with the necessary skills, all add up to create a perfect storm that could lead to a breach. 

Across the country IT departments are crying out for money to shore up their creaking security protocols and implement policies such as encryption, only for their cries to fall on deaf ears. That is until a security breach occurs, and the organisation is left counting the enormous cost. 

In such a situation, it’s hard if not impossible to lay the blame on anyone other than the powers who control the IT department’s budget. 

CEOs, CIOs and CISOs. 

C-level executives are the most likely candidates to fall on their swords in the event of a major breach such as in the cases of Target and Equifax. But it’s not a given that the CEO, CIO or CISO will resign and there are countless cases of organisations sticking with their senior appointees even after a costly error. 

But there are some people who argue that the C-suite should be made responsible, as they wield the power that determines both the level of funding for security and the corporate culture that underpins it. Consequently, the C-suite and its management teams should bear responsibility for any failures in security. 

Gartner has predicted that soon the C-suite will no longer be able to hide behind their corporate legal teams. This is a direct result in the growth of cyber-physical systems (CPSs), that will increasingly interact with the physical world, including humans. They even go as far to suggest that by 2024 three quarters of CEOs could be held responsible, especially where incidents lead to the destruction of property, environmental disasters, or cause harm to people. 

Strong sentiments indeed, but if this were to come to pass who in their right mind would take on a position that could result in incarceration? 

The organisation. 

The organisation as a whole always takes the biggest fall in the event of a security breach, both financially and in the subsequent damage to its brand. 

It also reflects the view of both the law as it stands and the vast majority of cybersecurity professionals, as trying to shift the blame onto one individual or a group doesn’t reflect the true collective nature of organisation. 

It’s true that with greater power comes greater responsibilities, but it’s up to every organisation to embed security across its IT landscape. By proving that your organisation is doing everything possible to mitigate potential security breaches, that should surely be enough. 

It’s time to end the blame game. 

With the best will (and skills) in the world, no-one can guarantee 100% security. 

You only have to look at the big-name businesses that have succumbed to hackers to realise that it’s almost impossible to protect your organisation from groups or individuals who are determined to find a way. 

Having said that, should a hacker gain access to your organisations systems on your watch, no doubt it would result in the powers to be questioning your ability to carry out your job. Not only will your organisation’s reputation be damaged, it’s unlikely to do much for your own career prospects. 

The question remains, are you being advised about all potential vulnerabilities such as with Citrix ADC (CVE-2019-19781) that may have resulted in the death of the 78-year-old woman

If you aren’t, then we strongly suggest you start asking why. 

Concerned about the security of your organisation’s IT systems? 

If for any reason you are concerned about security breaches that could leave your organisation at the mercy of hackers, don’t hesitate to contact us. 

For immediate help and advice call Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk

Did the exploitation of a known Citrix ADC vulnerability cause the death of a hospital patient?

Earlier this year, we posted an article alerting people to a Citrix ADC vulnerability, that if exploited could allow an unauthenticated attacker to perform arbitrary code execution. In other words, your system could be hacked.

Sadly, a 78-year-old woman may have died as a consequence of a ransomware attack that took advantage of the self-same vulnerability (CVE-2019-19781).

The patient in question was en route to the University Hospital of Düsseldorf (UKD) when hackers disabled its IT systems. As a result she had to be transferred to another hospital some 35 km away.

In an AP News article published a few weeks after the tragic incident occurred, Germany’s senior public prosecutor was quoted as saying that she may have died due to the delay in emergency care.

Cybersecurity experts were immediately drafted in order to determine if there is a definitive link between the ransomware attack and the patient’s death, with the hospital also expected to be investigated.

Some reports suggest that the attack was misdirected and was originally intended for the nearby Heinrich Heine University. After law enforcement contacted the hackers and informed them that they had encrypted a hospital by mistake, the people behind the attack withdrew their ransom demand and provided the decryption key.

This in no way exonerates the actions of the criminal perpetrators and prosecutors have officially launched a negligent homicide case, stating that the hackers could be held responsible for the death.

Although there has been a huge rise in ransomware attacks during the global lockdown, this disturbing incident marks the very first recorded casualty of unscrupulous hackers targeting critical healthcare IT infrastructure.

It also highlights the extreme consequences that can occur if organisations fail to maintain the highest level of vigilance when it comes to safeguarding the security of their IT systems.

Failure to patch vulnerabilities opens a gateway to ransomware attacks.

Despite ransomware gangs stating early on in the pandemic that they wouldn’t deliberately target medical facilities, a series of attacks resulted in Interpol issuing warnings to all hospitals about the dangers of ransomware.

The fact is that failing to address vulnerabilities and weak credentials have provided threat actors with the opportunity to access the internal networks of many thousands of organisations across the world.

Cybersecurity agencies have become increasingly aware of incidents where Citrix systems were compromised before the security updates were made available and installed.

As a result, hackers still have access to many organisations’ systems and networks even after the security gap has been filled, leading to attacks many months after the vulnerability was first identified.

How to ensure your system hasn’t been compromised by the Citrix CVE-2019-19781 vulnerability.

To help identify compromised systems associated with CVE-2019-19781, FireEye and Citrix worked closely together to release a tool that searches for indicators of compromise (IoC) associated with attacker activity. (This tool is freely accessible in both the Citrix and FireEye GitHub repositories.)

The free tool will allow you to run it locally on your Citrix instances and receive a rapid assessment of any potential indications of compromise in the system based on known attacks and exploits.

In addition to applying the previously released mitigation steps and installing the permanent updates, Citrix and Firefox strongly recommend that all Citrix customers run this tool immediately. This will increase your overall level of awareness of potential compromise and help you to take the appropriate steps to protect your organisation.

Note: If you do detect any suspected exploitation, you should report it to the NCSC via the website.

Worried about the security of your organisation’s IT systems? Don’t worry, help is at hand.  

If for any reason you are concerned about the implications of this Citrix vulnerability, or the wider implications of security breaches that could leave your organisation at the mercy of hackers, don’t hesitate to contact us.

For immediate help and advice contact Peter Grayson by calling 0161 537 4980 or sending an email to peter.grayson@quadris.co.uk

How Managed Services can help your IT staff avoid burnout.

The move to remote working caused by the pandemic caught virtually every organisation completely by surprise and struggling to cope with this unprecedented situation. 

Not surprisingly the IT department bore the brunt of the fallout. As well as maintaining the smooth running of the organisation’s everyday operations, it also had to take on additional responsibilities associated with equipping colleagues with the means carry out their roles away from the office. 

For many IT staff involved in the pivot to remote working, there was a lot of adrenalin and purpose. But after the workforces had been equipped to work remotely, the question was “now what?” 

And to rub salt into the wound, a lot of IT professionals put a great deal of work into ensuring their organisation could continue to function, only to have half the team put on furlough. The result being that a much smaller percentage of that group were left carrying an even larger burden. 

Stress, burnout and redundancy. 

The fallout from the pandemic on IT professionals was borne out by a recent survey conducted by tech recruiters Harvey Nash, which reported that over a third of respondents stated that their mental health deteriorated as a direct result of the crisis. 

Many of those who expressed concern about their mental health, said that is the first time in their lives that they have experienced that worry. The two key reasons cited by respondents were not being able to switch off from work and the fear of losing their job. 

Some enlightened organisations provided their employees with resources to help them manage their mental health and wellbeing such as mindfulness and mediation apps, and even access to trained mental health professionals. 

But the reality is that many IT departments are still playing catch up and their staff are finding it increasingly difficult to cope. 

Skills shortage. 

Despite a surge in redundancies, there has been a significant increase in job ads for IT professionals. 

The reason for this is that as a direct result of the coronavirus pandemic we’ve seen two years of digital transformation happening in the space of a few months. 

Organisations, both large and small, are now realising that digital skills are crucial to all parts of their business. The problem is that they are receiving a huge amount of applications from people who simply don’t have the necessary skills. 

The UK already had a serious skill shortage when it comes to IT, and the latest data from the Open University shows half of all employers are struggling to attract talent with the right skills. 

Quadris Managed Services to the rescue. 

We have been demonstrating our expertise in delivering future-focused solutions for over a decade.  
 
A large part of this has been empowering distributed workforces to communicate and collaborate, securely and efficiently. So, when the lockdown forced clients to work from home, so we were already in the driving seat when they suddenly had to enable their employees to work from home. 
 
In fact, one of our clients that operates in a highly regulated sector came to us for help when they needed to enable their entire workforce to work from home. It took us just 4 days. (Click here for the full story).  
 
It’s just one example of our deep understanding of the ever-changing nature of technology, and how we can overcome challenges quickly and efficiently. 

Our Managed Services comprise 4 key areas.  

Quadris Managed Services deliver a comprehensive range of future-focused services that cover every major aspect of IT and communications management. 
 
These have been categorised into 4 services offerings: Managed Service DeskManaged Digital WorkspaceManaged Cloud and Infrastructureand Managed Security Service 
 
In addition to offering round-the-clock support and expert advice, we also provide a single point of accountability that relieves the stress of trying to coordinate multiple vendors across different products and services. 
 
Which is why enterprises of all sizes and sectors can rely on Quadris Managed Services
 
Let Quadris take care of your IT services so that you can focus on your business; safe in the knowledge that your systems are always up-to-date, and any problems that arise are dealt with quickly and efficiently. 

To find out more about Quadris Managed Services and how they can take the pressure off your IT department, contact Peter Grayson on 0161 537 4980 or email peter.grayson@quadris.co.uk