Q&A Overview from US Signal’s BWE Security Discussion
August 24, 2021
Data Protection, Disaster Recovery, IT Security, Beers with Engineers
If you’re not familiar with Beers with Engineers (BWE), it’s a series of that US Signal holds in some of our key markets at local breweries. Part networking opportunity, part educational endeavor, BWE events bring together local IT professionals, industry thought leaders, and experts from US Signal and its partner companies to discuss issues and trends impacting the IT profession.
Cybersecurity has recently been a hot topic of discussion at Beers with Engineers, and that’s not surprising given how often stories about ransomware attacks dominate the news. And incidences of cybercrime seem to have become even more prevalent since the beginning of the COVID-19 pandemic. There’s a strong interest in – and need for – information to help organizations bolster their IT defenses.
Meet Our Security Experts
US Signal’s most recent security-centric event, Beers with Engineers – From the Frontlines: Security Expert Panel, took place virtually on August 10th. Panelists included US Signal’s Chief Information Security Officer (“CISO”), Trevor Bidle, and the authors of the CICS 2021 Horizon Report: Technology Trends That Will Shape the Next Decade, Dr. Dennis A. Trinkle, Director – Center for Information and Communication Sciences, and Cyrus Green, Graduate Assistant – Ball State University.
Produced by Ball State University’s Center for Information and Communication Sciences annually, the CICS Horizon Report draws from surveys, interviews and supporting research to identify the major trends in technology, business practices and leaderships practices that will drive and reshape organizations in the coming years. Among them: cybersecurity threats. Watch for a future blog in which we’ll delve into some of the key findings of that report.
During this virtual Beers with Engineers, our panelists took on questions ranging from how to protect against ransomware in remote desktop environments to the value of cyber liability insurance for small businesses. Their answers drew from both the CICS report and their own personal experiences and expertise.
Register for a BWE event. Get details here.
To get the full benefits of the BWE discussion on cybersecurity, you can watch a recording of the BWE virtual event here.
How Do You Protect Remote Desktop Environments from Ransomware?
One of the questions from our audience of IT professionals was “How do you protect against ransomware in remote desktop environments?” With the COVID-19 pandemic pushing an increasing number of organizations to employ work-from-home models, many IT professionals are struggling to balance employee access to the data and applications they need to do their jobs remotely while ensuring the security of those assets.
That’s particularly true for those employing Microsoft’s remote desktop protocol (RDP) or non-Microsoft implementations of RDP clients and servers to enable remote access. As beneficial as RDP is for enabling access and management for off-site workers, it also opens organizations up to the risk of ransomware attacks. Among the suggestions that the panelists offered:
- Disable RDP where not required. Apply secure configurations where RDP is enabled, including use of strong passwords (at least 16 characters in length) and multi-factor authentication (MFA).
- Turn on MFA for internal administrative accounts and for external access to all applications, particularly sensitive ones such as email, RDP, and VPNs.
- Place internet-facing servers behind organizational firewalls, and ensure authenticated users are the only ones who can access them.
How To Protect Software from Vulnerabilities
Another BWE participant asked our expert panelists for the top three ways that organizations can manage and protect their software from vulnerabilities. While there are many ways to protect against software vulnerabilities, the panelists noted that some of the best include:
- Limiting administrative rights to IT roles requiring these privileges and protecting them with multi-factor authentication
- Using vulnerability scanning tools to identify issues for remediation
- Prioritizing what’s most critical to patch, patching as quickly as feasible, and making sure you have rollback functionality.
Panelist Trevor Bidle expanded on the patching recommendation, explaining that US Signal has a vulnerability management policy that requires critical assets to be patched within 30 days. Zero-day and remote code execution vulnerabilities also have defined timelines. Teams are held accountable for adhering to the timelines.
Importantly, cyber risks are translated into business risks and reported up to the executive team so they can see the impact things like software vulnerabilities can have on business performance. He noted that Microsoft alone releases numerous patches, and keeping up with them can be difficult. Not patching in a timely manner opens the company to risks that can affect the business. Yet, the time required for patching can take resources away from other high-priority tasks. By presenting the relevant metrics to the executive team, the team is better able to make appropriate business decisions – which in this case may include increasing headcount.
Computer Forensics Use Cases
Yet another question posed to the panelists focused on potential use cases for computer forensics – the structured investigation and analysis processes used to determine what happened on a computing device and who was responsible for it. The panelists noted many of the typical use cases, such as data breaches, fraud, espionage, forgeries, intellectual property thefts, employee disputes, bankruptcies, regulatory compliance, and inappropriate data usage. The goals in these types of situations typically entail determining the files, applications, network and other IT assets involved or affected and identifying the root causes, usually with the goal of understanding why happened and why and avoiding future incidences.
However, it was also pointed out that sometimes computer forensics is about proving something didn’t happen – such as the exposure of proprietary or private information. In those cases, the information gleaned from computer forensics can help organization avoid lawsuits and more regulatory audits.
More Q&A. More BWE.
What are the recommended certifications for becoming penetration tester? What are best ways to protect against cybercrime? Should small businesses invest in cyber insurance? These and many other questions were posed in the BWE security discussion, with insightful, informative answers and discussion provided by the panelists. That’s what the BWE events are about: sharing insights and information.
A blog recap can only provide so much information, so we hope you’ll take the time to watch the actual BWE event here, as well as take advantage of one of US Signal’s future BWE events. You can also view many of our past BWE presentations and panel discussions on the US Signal YouTube channel.