When the admin runs out, what about your business continuity

Maintaining business continuity, i.e. the ability to undisturbed implementation of the main processes that bring income to the company, is one of the tasks that are often delegated to representatives of the IT department. Due to the high involvement of information technology in business processes, the IT department seems to be the cell best prepared to handle any unforeseen situations in the form of hardware failure, user errors or deliberate actions by intruders. Is this assumption correct? Unfortunately, not entirely.

Indeed, technology is one of the main factors that have the greatest impact on the performance of any organization and, at the same time, a factor that fails relatively often. Therefore, when we think about business continuity, first of all, solutions aimed at ensuring operation in the event of failure are verified. They are most often limited to redundancy, i.e. redundancy that allows uninterrupted operation in the event of damage to one of the system components. Another category of security are backup systems, which are to make the environment immune to situations related to data loss as a result of a failure, user error or deliberate action to our detriment. Both backup systems and solutions ensuring high availability (HA) are something without which the IT department would not be able to fulfill its business function. If they were not there, the first failure would have serious consequences for those responsible for maintaining the ICT environment. Continue ...

Can patients feel safe? IT systems in the healthcare sector as a target of attacks by cyber criminals.

The health service must immediately implement professional IT security solutions.

According to the current legal status, from August 1, 2017 (i.e. for a little more than a year), medical documentation will have to be kept only in an electronic company.

Although the date of entry into force of the provisions on electronic medical data of the "Act of April 28, 2011 on the information system in health care" has been postponed many times, and this may also be the case this time, we must take into account that this moment will inevitably is coming and will eventually come.

Undoubtedly, the implementation of the provisions of the Act and the ordinances of successive Health Ministers regarding electronic medical documentation imposes a gigantic and very responsible implementation task on the entire healthcare system. I really hope that the whole project will be successful. The consequence of launching electronic medical information systems will be increased requirements for the security of information systems in hospitals, clinics and other health care facilities.

There are several important places in medical information systems that can be vulnerable and vulnerable to cyber threats:

  • Databases of personal data,
  • Patient health databases,
  • Life support systems and patient condition monitoring,
  • HIS (Health Information Systems) in the medical and administrative part,
  • Medical equipment,
  • Other systems that may affect the implementation of key processes.

Ottawa-Hospital

In January 2016, a spokesman for the Hospital in Ottawa reported that 4 of the nearly 10,000 computers in the hospital were attacked with software ransomware. This type of malware, after clicking on an attachment in an email, a link in an email or on a website, blocks files on the infected computer. After paying the ransom, the attack victim receives a key that enables the reopening of encrypted files. In the case of this attack, the hospital did not pay the ransom, and IT services wiped the contents of the disks and restored the data using backups. The hospital said the patient's data was not at risk.

Continue ...

SOC - safety concentrate

Evolution of threats

Malware threats have changed radically over the last several years. Viruses, which at the end of the 20th century took the form of pranks displaying funny messages and sound or visual effects, have become a tool in the hands of organized crime groups. Behind today's malware is a thriving black market, where you can choose from offers to sell 0-days, exploits, exploitpacks, backdoors and even ready-made botnets consisting of thousands of hijacked computers. All of this makes it easier for organized crime groups to run large-scale phishing campaigns or infection with TeslaCrypt, CryptoLocker or CryptoWall ransomers.

Approach to protection

Unfortunately, the evolution that has taken place in the field of threats has not yet been accompanied by a change in our mentality in our approach to protection. If you asked a statistical administrator how his approach to securing IT infrastructure has changed in recent years, he would most likely reply that he replaced the floppy MKS with a network, centrally managed antivirus and a simple firewall with a "next generation" device. More aware administrators would boast about taking local administrator rights from their users and using GPO policies enforcing a secure password policy. Continue ...

Information security in offices

In the period from September to November, UpGreat takes part in three IT conventions (Wielkopolskie, Mazowieckie and Śląskie) - cyclical events organized for employees of offices and public institutions. During these meetings, issues related to the adaptation of local government institutions to the requirements of legal regulations concerning, inter alia, computerization, personal data protection or the National Interoperability Framework. The meetings are also attended by UpGreat experts in the field of ICT security, personal data protection, audits and security policies. Our consultants advise IT specialists from public institutions on how to adapt their systems to the requirements of the KRI regulation related to, inter alia, with the implementation of the Information Security Management System. We discuss issues related to the implementation of information security policies as well as risk estimation and analysis. We also answer questions regarding the amended Personal Data Protection Act and the obligations of the Information Security Administrator.
We pay special attention to security audits and penetration tests, which are an indispensable element of security management in any organization.