Recent Computer Security Trends

CyberSecurity August 2019

James Phipps

Computer Security Monitoring      Our engineers have seen an uptick in the computer security needs and request from our customers and potential clients.   We are prepared but it seems last month was particularly strenuous.  Microsoft released patches that closed vulnerabilities which could be widely exploited like BlueKeep.  Our technicians worked around the clock behind the scenes to make sure our customers got the required updates installed successfully on their desktops.  This is after the previous month's "weekend work" required to update Windows 10 to version 1903 for the desktops we manage.  We use automation but that update did require technicians to resolve issues on more than a few workstations.  That 1903 update, by the way, has been reported by some blogs to cause heavy processor utilization resulting in computer slowdowns.  We haven't seen this on our networks but if you are experiencing computer slowdowns please do not hesitate to contact our help desk.

    In addition to our normal preventative maintenance, one of our customers running AWS EC2 servers found an application bug that could cause data loss.  This customer hired BeCloud to do a forensic examination of the servers to see if any data had been compromised.  For our digital forensics and incident response (DFIR) we utilize the SIFT workstation.  The SIFT workstation provides our security analyst with cutting edge and powerful forensic tools related to file, system, network, registry, and memory examination.  SIFT provides the foundation for our comprehensive investigations and response.  Luckily, this software bug was found before a compromise of the network occurred.  Our forensic investigation did not uncover any data compromise but we did make some recommendations to thwart ongoing brute force attempts running against open ports and security log configuration changes.

    Computer Security ManagementWe had a law firm based out of Texas contact us last month.  They had recently experienced a hack attack.  The law firm fired there old managed service provider and hired us to move them securely into the cloud.  One of the first things we did for this client was to install a next-generation firewall and anti-virus solution. 

     Another customer reached out to us last month,  they needed a two-factor authentication system for remote access.  After researching solutions, We decided that DUO was the best option for securing remote access for this customer.  We installed and configured the solution in a couple of days for the customer.  Now all users login to the terminal server gateway and users who have not logged in utilizing DUO's RD Gateway integration will be denied access.

    Microsoft published a security policy document in August that strongly recommends that all cloud partners implement two-factor authentication.  BeCloud is a Microsoft Silver Partner and we are currently auditing all of our cloud-hosted internal and external solutions. We agree that two-factor authentication is the way to go and as a result, we will be implementing two-factor authentication across the board. Our solutions will be similar to the DUO solution we implemented last month.  If you have questions or security concerns, please don't hesitate to contact us about our comprehensive security solutions, digital forensics, and incident response.  At BeCloud, we expect computer security will continue to be a major concern as businesses strive to protect data.