Tag Archives: Business

Ten Steps That Will Guarantee Cybersecurity in Your Business

pandasecurity-security-tips-1

In a recent study by Panda Security in collaboration with Nielsen, 91% of Spanish SMEs confirmed that they were victims of daily IT attacks. The viruses that wreaked havoc on their systems included Trojans (33%) and spyware (25%). The viruses entered the company systems from unsecure websites (39%), downloaded programs (23%), and email malware (19%).

It is fundamental for both small and medium-sized companies to allocate resources for security and establish security policies, otherwise the losses can be substantial and costly. The losses can include anything from information theft to a temporal IT collapse.

Here are some of the most basic, yet crucial, cybersecurity tips for SMEs:

Protect Your Office

Of course the easiest way to directly attack a company’s systems is by having physical access to the IT equipment. Companies should control who enters facilities with identification cards or some kind of biometric identification. Pay special attention to external personnel (cleaning services, external companies, etc.) and visitors, and make sure that they identify themselves properly. Alarms and video surveillance systems are other great ideas.

Secure Passwords

As a rule of thumb, all of your employees should use passwords that mix capital and lowercase letters, numbers and symbols, and should refrain from using personal information, etc. It is also important that they change passwords frequently, at least once every six months.

Keep Your Software Up-to-Date

In respect to downloading and running programs on company computers, there is an easy rule to follow: if you don’t need it, don’t install it; if you need it and you install it, keep it updated; if you stop using it, uninstall it. If you follow these rules you will save yourself from a lot of headaches.

Don’t let Your Employees Download Pirated Software

As we explained earlier, pirated copies of programs are common entry points for malware. In order to keep these unlicensed programs from threatening your company, it is important to establish an adequate software management policy. This includes keeping an updated inventory, controlling program licenses, and educating your employees.

Be Careful with USBs

Be aware of all external devices that connect to your company’s devices, whether they are external hard drives, memory cards, or anything else that could poke holes into your system and threaten sensitive data. To avoid problems, provide your employees with secured pen drives (the kind that encrypt information and are password protected) and define what information can be transferred using this type of device or should be sent by other means. Likewise, make sure that all appropriate files that come from external devices are tested with an antivirus before they are copied or run on company computers.

Back-up Your Data

Ransomware has grown to be the largest threat to companies. If you want to keep valuable information safe during a cyber-attack, backing-up your files and information is fundamental. We recommend that you keep two backups: one stored on the cloud and another physical copy (an external hard drive, pen drive, etc.).

Invest in Hardware

There are several inexpensive devices that are easy-to-use and will help improve the security in your systems. Some of this hardware includes security cables for laptops, U2F keys, accessories for securely charging up your mobile device in public hot spots. Setting aside sufficient capital for security hardware can save your business money in the long run.

pandasecurity-security-tips-2

Educate Your Employees

The weakest link in your company’s security chain is the people. Training and educating your workforce should be a priority. That alone could save you from fraud and vulnerabilities that begin with phishing and social engineering.

Their Vulnerabilities Are Your Vulnerabilities

Employees may be the weakest link, however, businesses that provide products and services for your company are an even bigger threat. It is important to legally protect yourself from the vulnerabilities that one of these suppliers may have and carry out inspections periodically, in order to ensure that all related businesses respect good security practices.

Install an Antivirus

When using computers or mobile devices, before they are connected to the internet you need to install a good antivirus. This measure is fundamentally important at both home and at work. A cybersecurity solution for businesses will protect your organization’s devices and information in all types of circumstances, even when employees are careless or make errors.

The post Ten Steps That Will Guarantee Cybersecurity in Your Business appeared first on Panda Security Mediacenter.

AVG Wins Three 2016 ChannelPro Readers’ Choice Awards

Our AVG Business products won top honors in ChannelPro’s 2016 Readers’ Choice Awards, securing Gold and Silver wins in the Antivirus, Security Software Suite and Remote Monitoring and Management categories.

This is also the third consecutive year we have been a ChannelPro medalist in the security software suite category.

The ChannelPro Readers’ Choice Awards are entirely driven by votes and direct feedback from SMB channel readers of ChannelPro magazine. More than 500 channel VARs, MSPs, integrators, system builders, and IT consultants cast their votes for Gold, Silver, and Bronze winners across a range of categories.

Readers were asked to cast their votes for the vendors with the most SMB- and partner-friendly products, technologies, services, and programs, as well as the top professional organizations in the channel today.  IT professionals were also asked to select the option that best satisfies the unique business requirements, work styles, and budgets of their small and midsize business clients, as well as those that best serve their own partner organizations.

This is a special win that our AVG partners can share with their clients. It also provides another strong testament to the quality, performance and simplicity of our AVG Business product portfolio, as well as the strong channel partner program we are building.

Comments from Cecilia Galvin, executive editor of ChannelPro-SMB, capture the value of this recognition, “We are gratified that such a large number of readers participated in our survey, underscoring their commitment to, and understanding of, the SMB market and the vendors, distributors, and professional associations with whom they partner. The results are a true snapshot of the top IT product and service providers in today’s SMB channel.”

Here are the awards you can mention and share:

AVG: Best AntiVirus Vendor (Gold)

AVG: Security Suite Software Vendor (Silver)

AVG: Best Remote Monitoring and Management Vendor (Silver)

 

Please share these wins with your teams and clients. Your AVG Account Manager can provide awards logos to share and promote. Thank you for your continued support!

Ranking of Attacks Aimed at Businesses: Protect Your Wallet

pandasecurity-attacks-walletIn the first article of our series “Ranking of Attacks Aimed at Businesses”, we’ll introduce you to the top security threats aimed at companies and give you some tips on how you can protect yourself!

Staying up-to-date with security is an undertaking and requires effort and commitment. As technology develops and evolves, it is easy to fall behind. Cyber-criminals, on the other hand, are always ahead of the game and are constantly looking to exploit new vulnerabilities that accompany these innovations.

To protect yourself, it is extremely important to keep up with cybersecurity trends. Every year, the RSA publishes a report on the current state of cyber-crime that summarizes the hacking methods that are trending among cyber-criminals. Being aware of these trends is vital for IT security in companies. (The RSA is a group of American IT security experts that developed the RSA public key cryptography algorithm, and later renamed their computer network and security company the RSA.)

Attacking Your Wallet

Today, it is extremely easy to complete transactions on mobile devices, which is part of the reason this is an area that has quickly gained popularity among cyber-criminals.

More and more companies are setting-up services based from mobile phones. This benefits both customers (e-commerce apps, payment platforms, etc.) and employees, whose work is increasingly dependent on these devices. However, these conveniences also make everyone involved more desirable and attractive to cyber-criminals.

Although these transactions are convenient, there is a lot of fraud associated with these channels. Since mobile devices have not been around as long as other devices, like computers, security technology is not as advanced and they are usually less protected.

In 2015, the RSA detected that 45% of transactions, and 61% of fraud attempts, took place in mobile devices.

pandasecurity-attacks-wallet-2

In response to this, an interest in biometric identification systems has emerged, which identify users by analyzing some aspect of the body, or physical behavior.

There is an emerging special interest in biometric identification systems

Today, this technology can be found in facial recognition, fingerprint and iris scanners, and less commonly in voice or signature recognition. In addition, it is being investigated how other biometrics can be used for identification like our typing patterns, movement patterns, heart rate, and sweat levels.

 

According to the report of RSA, more than 90 % of banks are currently exploring the use of biometrics in their mobile applications (or intend to do so) within the next nine to twelve months. Many companies are following the same path. In fact, the future of authentication seems to be a mix of these systems with traditional ones, such as PINs and passwords.

Using a combination of both is the best option to ensure security in the future. More than one billion transactions, both online and offline, were influenced by mobile attacks in 2015.

If you want to boost your business’s cybersecurity, it is fundamental to invest in an advanced cybersecurity solution that will allow you to manage, control and protect your entire technological park from one place.

 

The post Ranking of Attacks Aimed at Businesses: Protect Your Wallet appeared first on Panda Security Mediacenter.

Jigsaw Deletes Files Every Hour: Upgrade Your AVG Software Today!

Jigsaw is a fast-growing ransomware threat on the web, posing new danger for businesses. It is also the first ransomware to actually delete files hourly until the ransom is paid.

In April and May, our AVG Virus Lab team detected and blocked nearly 3,000 instances of Jigsaw across 25 countries. This recent detection report showed the malware being most active in the United States, Germany and South Africa.

Though the number of instances is alarming, our AVG 2016 AntiVirus engine and LinkScanner feature – integrated across all of our AVG Business products – is proactively detecting and blocking Jigsaw.

It is still critical that you understand how Jigsaw works, how to identify it and best steps for protection.

How does Jigsaw work? 

  • You typically have 72 hours to pay the ransom, usually in Bitcoin.
  • Every hour after that, Jigsaw deletes files to pressure victims into paying.
  • The rate at which files are deleted is exponential, from a single file to a thousand files at a time.

How does Jigsaw spread?

  • Email – malicious or spammed emails are common entry points.
    • Be on alert for malicious links and attachments with malicious code inside disguised as a pdf, Word, Excel or .Zip file. Don’t open email with suspicious or vague email subject lines.
  • Websites – visiting web pages can be an entry point.
    • Simply visiting an infected web site, you could be at risk.
    • Many websites are legitimate and you have no way of knowing if they have been infected.
    • Don’t click on popups or banner ads, if the product/service is of interest, then visit the site directly
    • The only defense is ensuring all software is updated, and using advanced antivirus software protection (Our AVG Business products provide this defense.)

How can a business stay protected?

  • Backup files to an external drive (local drives can become encrypted)
    • Even better, disconnect the external drive after the backup and do a cloud backup.
  • Educate employees
    • Employees should know what to watch for and what to avoid.
  • Implement policies to prepare for and manage ransomware
    • Antivirus software must always be on and up to date (AVG Business products detect and protect against ransomware and other malware. Be sure you have the latest AVG software running!)
    • Update all software to the latest versions, from within the product or directly from the vendor web site
    • Put processes in place and train users on what to do if an ‘event’ occurs (Examples: Notify IT or MSP, shut down, pull network cable).
  • Use multi-level AV protection
    • At AVG, we use a multi-layered security approach with multiple layers of inspection and testing to identify and eliminate a wide variety of malware.
    • AVG’s 2016 security engine leverages sophisticated technologies – including artificial intelligence, advanced algorithms and cloud-based outbreak detection to detect and protect in real-time. AVG Business products are powered by these technologies with features that also include an advanced scanning engine, LinkScanner for safe web surfing, online shield, identity protection and more.
    • We regularly submit our security software to independent test labs and have receive high industry-leading results across protection, performance and usability categories.

Don’t let your business or client’s business be held for ransom.  AVG partners and distributors can find out more about our AVG Business solutions with integrated AV 2016 at www.avg.com/service-provider-solutions.

MSPs Share Positive Feedback on AVG Managed Workplace

Monitoring and managing your customers can be challenging as demands increase and environments become more complex. Your tools must present fast and complete information– reducing complexity, not adding to it.

In April, we introduced AVG Managed Workplace 10 – a simplified approach to RMM that enables MSPs to deliver managed services and advanced security in a simplified, scalable and applied way that also meets their own business goals.

Feedback from our AVG partners indicates we’re on the right track – take a look:

“We have used Managed Workplace since 2006; it is our eyes and ears to everything. We looked at Kaseya, LabTech, Microsoft Systems Center – but AVG had the full featured RMM solution and with Managed Workplace 10, keeps improving.” 

“Managed Workplace 10 is helping us reduce our onboarding time. The change to service plans was a big step forward in terms of architecting a managed service offering. We have gained immediate time savings and it’s easier to roll this out for our technicians.”

“The AVG Managed Workplace service templates are a stroke of genius. We literally onboarded a new customer on the first day of the product’s release and applied a monitoring, antivirus and proactive plan for a new customer within 10 minutes.  We removed about five days of technician time thanks to the solution.”

“We can see that AVG Managed Workplace represents a significant improvement. We like the ability to apply a service plan to a site and like the fact that these are customizable.  We also see the ease of use in setting up services and linking these to the service plans and speeding onboarding.” 

“Using AVG Managed Workplace 10, onboarding is a breeze. There are multiple things you need to do when onboarding customers and setting up a site but with AVG Managed Workplace’s service plan model, all the alerting is pre-configured and ready to go. You don’t have to go in and customize each individual client based on the service plan they are part of and you can see quickly how the customer is being supported and the specific environment.”

“During the beta process, AVG really encouraged us to put Managed Workplace through its paces. They gave us a checklist of items to try and it enabled us to experiment with everything – it was a fantastic approach. We upgraded all customers without a hitch.”

We have used different RMM tools in the past but they either had terrible support or too much required maintenance.  AVG has a good balance of necessary information, self-management, and of course, price point. With the new Managed Workplace 10, we were able to easily transition our clients into standardized Service Plans.  It was easy to reassign sites into their proper service plans.  Configuration changes can now be adjusted very easily and only one time!”

 

Put Managed Workplace to the test today for your business. Join our Daily Demo and experience the simplicity by clicking here.

Phishing is on the rise: Are you protected?

Phishing is on the rise as hackers are finding easier and less expensive ways to launch attacks.  Every solution in our AVG Business product portfolio detects and protects against phishing.

Phishing is a security hack to trick you into providing usernames and passwords to your accounts. Usually sent as a legitimate-looking email from a company you may use or buy services from, a phishing hack will ask you to login to your account to verify some information.

The email may communicate that your account has been, or will be, closed down unless you act promptly.  The email is actually not from a legitimate or trustworthy company. With one click, you’ll be directed to a fake website and any login or user information will be sent to the hacker.

The good news is every solution in our AVG Business product portfolio detects and protects against phishing. Educating your business clients is the next step in a good defense.

AVG Business portfolio detects and protects

Our LinkScanner® is a security feature in every AVG Business product, including AVG AntiVirus and Internet Security Business Editions, AVG CloudCare and AVG Managed Workplace.  To protect against phishing, the feature checks web pages in real-time before they open in browsers, displaying immediate alerts to help eliminate click throughs to compromised web pages.

The advanced technology powering this feature takes a multi-layer approach to identify and stop “phishy” emails:

  • First, we scan the web continuously to identify “phishy” emails and websites linking to these.
  • Next, we analyze those websites and also compare them with legitimate sites. In this process, we identify unique characteristics in the way web pages are coded to identify if it is a phishing site – similar to taking a “fingerprint” of the phishing website.
  • Then those “fingerprints” are automatically added to your AVG software’s virus database so it can identify this phishing site and other sites that may use the same or similar code.
  • AVG monitors any web links that you click and stops phishing pages from loading and displays a message alerting you to the danger.

 

Please share this education about phishing with your business clients and continue to put advanced detection and protection in place with AVG Business solutions.

 

AVG Signs New Distributors, Strengthens Channel Program

This year, we are leveraging the power of distribution to help our channel partners take their security business to the next level. This is also aligned with our partner-focused approach.

Our distribution strategy will provide access to specialized, geo-specific distribution companies. This will increase ease of doing business for our partners.

Our distribution partners can provide services ranging from logistics to pre-sales, finance and technical support. Our AVG Business Sales team will remain heavily engaged with our growing partner base, and at the same time, develop new accounts and relationships within our distribution partner network.  We will also continue to work with our large top-tier distributors to complement our model.

We have recently onboarded new distribution partners in the UK, Ireland, the DACH region and North America.

And today, EarthBend joined our channel as a new AVG Business distributor for North America and Canada.

Here are a few facts about our new partnerships:

  • EarthBend:
    • EarthBend, based in Sioux Falls, South Dakota, is a fast-paced, fast-growing distributor that serves businesses in the U.S. and Canada
    • AVG will be the primary business security and managed services solutions provider in EarthBend’s product portfolio
    • The specialized distributor is an experienced MSP with a history of selling AVG Managed Workplace and known for its highly skilled, certified account and engineering team
  • CMS Distribution
    • Joined our channel program in March 2016
    • Independent value added distributor in the UK and Ireland
    • Serves 3,000 resellers, including the top 100 value added resellers in the UK
  • ADN Distribution GmbH (ADN)
    • Joined our channel program in May 2016
    • Value added distributor in Central Europe
    • 20+ year history in security, managed services and RMM solutions
  • Infinigate
    • Joined our channel program in May 2016
    • Value added distributor in Europe serving 7,500 resellers (2,500 in Germany)
    • 20-year history in IT solutions
    • Sole focus on IT security (including managed services and managed security solutions)
  • ASBIS
    • Existing AVG distributor, expanded its AVG Business EMEA footprint in May 2016
    • Specializes in IT/communications technology in EMEA emerging markets
    • 27,000 active customers in over 65 countries

 

We look forward to extending the benefits of our distribution model for our partners as we build out our strong, channel program.

Ransomware criminals should be “shot at sunrise”

Should be “Shot at sunrise” is the opinion of U.S. politician Michael C.Burgess, the representative for Texas, when talking about the cybercriminals who distribute ransomware that victimizes consumers and businesses.

Ransomware, malicious software designed to block access to a computer system until a sum of money is paid, and the use of exploit kits to distribute it, are adding new challenges to threat detection and protection. And now Angler, an exploit kit, which has been a known Internet threat since 2013, is being used to distribute ransomware. With the sole intent of installing ransomware on victim’s machines.

Our AVG Web Threats team is tracking these widespread ransomware attacks being delivered by the Angler crimeware exploit kit.

The use of exploit kits to distribute ransomware is a new trend – one that could cause widespread ransomware distribution. Exploit kits are software packages readily available for sale and are used by malicious operators to easily create malware that performs a wide variety of malicious functions. The malware is installed on hacked web servers and attacks the machines of visitors to web sites, in many instances, without their knowledge.

There is a common misperception that web users are only at risk if they browse risky sites, however, hacked sites are often brand names and appear safe. Small business sites in particular can be prime targets because they have less security and their visitors typically know the company and trust their brand.

The malware on these sites seeks out vulnerabilities in commonly used tools that improve website experiences, such as Flash, Silverlight and other software that employs Java and PDF-format files. The malware then runs malicious code on the visitors’ machine to install ransomware, backdoors and Spybot clients.

Our AVG Web Threats team has researched a particular instance of a Java exploit commonly found in association with Angler. This threat is detected by AVG, which we’ve been detecting since January. AVG customers who participate in anonymous threat sharing reported 6,123 hacked domains serving Angler in January, 8,260 in February and 4,412 in March.

Angler ransomware installs

TeslaCrypt is the most common type of ransomware installation currently that’s associated with Angler, according to our AVG Web Threats team analysis of this threat. TeslaCrypt encrypts users’ files, including writeable shares, and messages the user to extort payment for recovering the encrypted data. Paying the ransom to unlock files typically does not result in the recovery of the files.

Below are screen shot examples of ransomware attacks that attempt to extort $1,000 USD, payable through the untraceable currency of bitcoins.

Backdoor installs

Our AVG Web Threats team track the Angler-infected host machines have also tracked incidences of downloading malware known as backdoor malcode (commonly Bedep). Backdoor, or Bedep, can snatch passwords and personal confidential data from visitors’ machines.

Protecting your desktop

AVG recommends that consumers and businesses take the following preventive measures:

  • Frequently backup data and important files; do not leave the backup device connected to the machine
  • Ensure that security software, such as AVG, is up to date
  • Ensure that Windows updates are downloaded and installed; doing this automatically is recommended.
  • Update browsers and ensure you are using the latest versions available

Protecting web servers

Malicious code from the Angler exploit kit is initially installed on the web pages of vulnerable servers. For businesses, standard security precautions and monitoring are the basic defense. Researchers find a large number of Angler injections on WordPress and Apache servers – these should be given an extra measure of scrutiny.

  • Ensure all Operating System patches and updates are applied quickly
  • Regularly review and assess the state of 3rd party software running on the server.  For example, vulnerabilities in packages like WordPress are particularly important, as these are common attack vectors
  • Consider removing site content and 3rd party software that is out of date or not being used
  • Keep backups of websites in a safe place (not on a shared directory); offsite backups are best
  • Monitor web pages for unexpected and unauthorized changes
  • Keep antivirus and other security software, such as AVG, updated
  • Consider using intrusion detection applications, such as AVG

/var/www/now.avg.com/18.45.0/wp content/uploads/2016/05/ransom 1

Our AVG Web Threats team continue to monitor and track threats such as Angler, so that we can deliver the security you need to keep your devices and businesses safe.

Multi-layered security approach battles Ransomware

From Locky to SamSam, JIGSAW to CryptoLocker, today’s ransomware variants can take down businesses with dramatic consequences.

Ransomware will prevent file access, web browsers, applications, and entire operating systems – holding the lifeblood of a business operation ‘hostage’ until a ransom is paid.

At AVG, we use a multi-layered security approach with multiple layers of inspection and testing to identify and eliminate a wide variety of malware, including ransomware. When accessing a file, our multi-layered security approach uses several different inspection and detection techniques, as detailed below, to determine whether the file is malicious.

This is reflected in our security technology engine powering our AVG Antivirus Business Edition and Internet Security Business Edition software solutions.

Simply described, the process includes these layers:

  • Files are first compared to any known variants in a malware database – both the metadata and content of the files are analyzed
  • Files are then tested in an emulator (a virtual computer)
  • Now that the file is running, its behavior is assessed using a variety of techniques, including Artificial Intelligence algorithms
  • Behavioral assessments occur in the AVG application and in the cloud, but they all work together behind the scenes and in real-time to determine whether a file is malicious
  • If the file is determined to be malware, it is quarantined, and AVG’s Crowd Intelligence feature updates all AVG software

We also regularly submit our security software to independent test labs. Results from these independent tests serve as more proof points to the effectiveness of our technology and multi-layer approach. Our latest round of testing by AV-Test.org earned a six out of six rating – the highest rating for protection. In a recent Real-World Protection Test by AV Comparatives, AVG scored a 99.8% detection rating.

It is difficult to predict and guard against everything hackers may throw our way, but in the face of constantly evolving threats, a multi-layered security approach is a smart strategy.

To find out more about our AVG Business Edition solutions, please visit our business security page.

AVG Business Wins Security Vendor of the Year Award

At AVG, we believe our partners are truly an extension of our ever-growing team. Developing strong relationships with our partners is what keeps us on course to drive mutual growth.

AVG partner Gordon Montgomery, operations director at MCC Computers Ltd., recently shared some excellent feedback. Through the partnership with AVG, MCC has added new services, increased revenue and put new customer retentions strategies in place.

We were impressed by MCC’s results and we submitted these updates to award organizers at the European IT and Software Excellence Awards.  AVG Business was selected as one of 86 finalists from an entry field of more than 400 companies in 31 countries. During the award ceremony on April 14, AVG Business was chosen as Security Vendor of the Year.

We now have another strong accolade that our AVG partners can share with their customers and prospects.

MCC is a perfect example of how partnership accelerates business. We’ve worked with MCC for several years. Using AVG CloudCare, the antivirus side of MCC’s business grew 96% year over year, and anti-spam 29%. Cloud backup, initially a very small part of its business, grew 156% in the first year.

MCC can deploy a range of cloud security solutions for multiple clients from AVG CloudCare’s cloud-based administration platform. AVG CloudCare’s central dashboard and built-in remote access are also key to MCC’s support capabilities.

Gordon shared, “We are revelling in the time AVG CloudCare is saving us. We’ve also reduced our onsite visits, allowing us to focus on productive client service and business growth.”

Gordon also put AVG CloudCare to the test with MCC’s renewal and retention efforts. Through AVG CloudCare’s platform, the MCC team can monitor customers’ systems and identify when renewals or service is needed. After the first year, MCC saw a 97% renewal rate and are now continuing this program each year.

As Gordon sums it up, “Our partnership with AVG Business and products like AVG CloudCare have given us the management control we need to effectively protect our customers and at the same time, build our own business make our customers successful.”

Thank you to MCC and all our partners for their continued support and our joint success.

Please share this award win with your clients.  Thank you!