Support • (786) 621-8600 Contact us
Demo

Recent Posts

General Data Protection Regulation, or GDPR, is coming May 25th. Are you Ready?

The European Union will begin enforcement of its General Data Protection Regulation (GDPR) on May 25. Is your organization ready?

What does this mean? How will it impact your organization – and how to prepare for it? Here’s what every company that does business in Europe needs to know about GDPR:

May 25th is coming up on us all very soon. Do you know why that date is important? It is the date when the new EU privacy regulations take effect for any data holder or processor of personal data of an EU member. This regulation is separate and more comprehensive than US standards for privacy and those directives hold quite the weight. Non-compliance will lead to stiff penalties of up to 4% of gross profits or 20 million Euros.

You have several considerations if you use a third party service provider and it gets breached because you are still liable for this together with the third party. Contracts will need to be amended in order to properly balance these responsibilities. Adherence for the first 2 years was optional but that timeline is quickly coming to an end as stated above. So what do we do right now? There are specific articles that indicate what you must be able to demonstrate you and any of your third parties are doing with any personal data, the scope of which includes digital identification, mobile numbers and equipment that can tie a person to that data. We will focus on the solutions we recommend to have in place below.

The ability to audit and report who has accessed and whether they were a data controller or processor is one of the main named abilities you need to have in order to ensure compliance. The main difference in this directive is who owns the data and who accesses it and for what purpose and times when those permissions get revoked. This requires you to have a named Data Protection Officer to perform these tasks and inform controllers and processors ensuring that they know what the corporate policy is and what GDPR requires of them as well as be the main point of contact for any supervisory authority wanting to discuss issues or audit.

Another point is the protections needed to do this. We recommend using a framework such as HIPPA, PCI or NIST 800-53. We also recommend Data Leakage Protection (DLP) and an Identity Access Management (IAM) solution. These 3 things will give you protections needed for the reporting piece of the puzzle. Both Data and Access would be easily controlled and reported on and your processes would be easily documented with a verified solution. As a caveat you should also have a vulnerability management program to compliment the reporting for this directive.

DLP should be a standard to ensure that you can report and potentially block any unauthorized access to personal data. With this directive personal data and it’s meaning has expanded. This is not just Personally Identifiable Information (PII) but also any electronic data or device information that can be linked with the personal data to a particular user. This means DLP rules will need to be customized to include fields outside of the norm and new regular expression (regex) patterns that can detect the location and access of the personal data.

Identity Access Management (IAM) is the other side of what is important with this GDPR directive. What it addresses is the easy reporting of authentication on sensitive systems containing the personal data. The reason this is important is that depending on your need to access this data access to personal data should be granted to process for the needed amount of time then revoked and documented forensically. This will give you the ability to review authentication, authorizations, administration, and audit of the identities or users that are accessing the personal data easily.

While time is short it is important to note that there is still time. Putting in these protections to discover what is there is the starting point. We aim to assist with any questions you may have from a security perspective, please contact us. Also below is a quick breakdown of the articles into sections where you can learn more.

GDPR Article Breakdown

  • Articles 1-22 discuss the data and other meanings for personal data and overall definitions of terms.
  • Articles 23-37 govern the persons involved and their roles and responsibilities.
  • Articles 38 and 39 show certification requirements. Articles 40-45 discuss the transfer of data to organizations.
  • Articles 46-53 discuss the role and a description of who can be a supervisory authority and their charge.
  • Articles 54-72 discuss interactions and the cooperation of the European Data Protection Board within the supervisory authority to investigate and certify adherence.
  • Articles 73-79 discuss the ramifications and penalties for a breach and not complying.
  • Articles 80-85 discuss provisions for special situations where data may be touched for purposes like employment or churches.
  • Article 86-87 discuss how delegation acts and implementation acts are handled by committee.
  • Articles 88-99 discuss the repeal of the old Directive 95/46/EC and this policies enforcement.

###

 

DigitalEra partners with Duo Security to offer customers Two-factor Authentication

     

I’m pleased to announced our partnership with DUO Security, a cloud-based access security provider that protects the fastest-growing companies and thousands of organizations worldwide. DigitalEra is proud to offer it’s customers two-factor authentication which ensures only legitimate users and appropriate devices can access their company’s sensitive data and applications – anytime, anywhere.

Duo two-factor authentication brings strong, scalable security to any organization. Duo’s cloud-based and easy-to-use technology protects users, data and applications from breaches, credential theft and account takeover.

Two-factor authentication, is the simplest, most effective way to make sure users really are who they say they are. It protects applications and data against unauthorized access due to credential theft by verifying users’ identities before they access your data. Protecting a company’s application logins using either hard or soft tokens such as a smartphone app or a physical token, prevents attackers from remotely accessing both on-premises and cloud applications.

Both DigitalEra and Duo are excited about this new partnership and the addition of two-factor authentication as part of our expanded portfolio of security services. By adding Duo to our security services portfolio, DigitalEra offers customers a one stop shop for securing business. We will continue to partner with experienced technology companies to provide optimal solutions for our customers.

We’re thrilled to be able to offer a modern two-factor authentication solution to deliver added levels of security for our customers. For questions or information on DUO Security solutions with DigitalEra, contact our sales team today.

 

About DigitalEra and Duo Security:

DigitalEra is a leading solution provider of network and cybersecurity products and services, serving major business, education and governmental agencies throughout the US. In addition to access to the most sophisticated and effective security products, DigitalEra provides expert guidance on use as well as ongoing security council and insights that help their clients prevent security breaches and mitigate threats. For more information, visit:www.digitaleragroup.com.

Duo Security helps defend organizations against breaches through its easy and effective cloud-based Trusted Access product suite. The company verifies the identity of users and the health of their devices before granting them access to applications. Duo’s intentional balance of security and usability has led the company to be a trusted partner to thousands of customers worldwide, including Dresser-Rand, Etsy, Facebook, K-Swiss, Random House, Yelp, Zillow, Paramount Pictures, and more. The Ann Arbor, Michigan-based company maintains offices in Austin, Texas; San Mateo, California; and London. Visit duo.com to find out more.

An Update on Meltdown and Spectre: What You Need to Know Now

It’s been about a week now since Meltdown and Spectre.

Here’s  what you need to know:

There are no confirmed threats out in the wild being exploited right now. However, for Windows 8 or 10 most fixes to applications, AV and the OS kernels, require either a manual update or hacking your registry. Thus, Windows 7 does not have the update automatically come in yet. MacOS is resolute, upgrade to Sierra to patch Spectre; but if you want Meltdown protections at the kernel you must update your OS to High Sierra 10.13.2.  See the article here.

 

What You Can Do

After a fair amount of research and grinding, Microsoft has released a tool you can run in Powershell. However, thanks to Microsoft user Andy Bentley, who has compiled an executable you can use to check the update.

You can download the verification tool here and use version 20 or 30 for Windows 7, 8 and 10.

Below is a screenshot of an unverified system once this script or executable has been run.

Windows 7

For Windows 7,  download the appropriate version of the update for your system from Microsoft’s update catalog

Once applied and your system restarts, check your system again with the script above. When completed, you should see the following on your system that is now patched:

Windows 8 or 10

For Windows 10 there is an automatic update which requires you to change the registry that will allow automatic updates to show as an out of band patch.

The keys to add and remove automatic updates on Windows 8 or 10 are below:

To enable the fix *

  • reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverride /t REG_DWORD /d 0 /f
  • reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f
  • Restart the computer for  changes to take effect.

To disable the fix *

  • reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverride /t REG_DWORD /d 3 /f
  • reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management” /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f
  • Restart the computer for changes to take effect. (There is no need to change MinVmVersionForCpuBasedMitigations.)

There’s also a script you can download from Cylance to simplify the registry edits needed. Please note that this requires you have a Cylance account for support.

Once the registry is updated and the Windows 8 or 10 computer has been rebooted, simply check for available updates. Once completed, verify using the above script to ensure the updates applied have taken effect.

You can also manually download Windows 8, 10 and server updates from Microsoft’s Update Catalog.

Finally, beware that if your AV vendor is not compatible, the registry update could bluescreen your windows pc/server.

Stay Safe! We hope this information helps our community.

###

 

Meltdown and Spectre: If you aren’t monitoring your firmware, now would be good time to start.

So, by now you have heard that a flaw present in most modern Computer Processing Units (CPU) produced in the last decade will require operating system (OS) kernels and system firmware to be overhauled. This flaw is easily exploitable to obtain information from databases, applications and processes running on the system due to the way the CPUs pre-process instructions and access system memory.

The immediate fix is to update the different OS kernels and applicable firmware. However, some security experts are

suggesting that the only real fix is to replace all CPU’s as the only mitigation. In any case, this presents a serious operational challenge to all organizations, including cloud service providers. For example, Azure, AWS and Google have notified customers of major ongoing security updates in the upcoming weeks related to this issue.

And not all devices can be updated. All Apple devices are vulnerable at this time but the kernel fixes will only apply to the latest IOS, macOS and tvOS operating systems. Devices that cannot run the latest OS versions will remain vulnerable.

It is also important to note that there are some needed changes in antivirus tools to properly inspect virtual memory and access. In addition, organizations must now continuously monitor their environments to ensure they are running the latest OS kernel and firmware combinations.

So now what?

First of all, reports indicate that no known exploits have been found at this time. But that just means that none have been detected or seen by security companies or organizations.   In fact, the disclosures include proof-of-concept code that is probably being tested by bad actors as you read this.

Second, OS kernel changes will be a software level change, meaning that the underlying hardware will likely remain vulnerable unless firmware patches are released by the hardware manufacturers and OEMs. In fact, security analysts fear that many cheap IoT devices will never be updated.

This will remain a critical issue for months or years to come because of the sheer amount of hardware that needs to be properly inventoried, updated, monitored and potentially replaced to really enact a proper remediation. Visibility will be key in knowing not only what clean-up has been done, but also what remediation is still needed.

DigitalEra partner Trapezoid offers tools to help. Here’s how:

1)    Trapezoid’s Firmware Integrity Verification Engine (FIVE) is designed to continuously monitor the firmware regardless of manufacturer or OEM.

2)   Trapezoid FIVE can maintain an inventory of hardware platforms and firmware revisions over time to detect whether your systems are threatened by this critical vulnerability, and others like it.

3)   Trapezoid can leverage multiple integrity measurement technologies from different OEM’s to identify changes that could be indicators of compromise, and remotely attest to the integrity of your systems.

###

For more information on these threats and Trapezoid solutions, contact us at sales@digitaleragroup.com.

 

Some links for additional information on Meltdown and Spectre:

https://isc.sans.edu/forums/diary/Spectre+and+Meltdown+What+You+Need+to+Know+Right+Now/23193/

https://www.kb.cert.org/vuls/id/584653

DigitalEra Named Cylance Cybersecurity Partner of the Year

Award recognizes Digitalera as a solution provider for CylancePROTECT®, the industry’s first AI-driven pre-execution endpoint security product.

DigitalEra, a premier IT security technology provider in South Florida, announced today that it has received the coveted “Cybersecurity Partner of the Year” Award from Cylance Inc. The award, which covers North America, specifically recognizes DigitalEra for its security strength and prowess in the cybersecurity community. Cylance has recently gained recognition as the company that revolutionized traditional antivirus with AI-powered prevention that blocks both every day and today’s most advanced cyberthreats.

“DigitalEra stands out as a prime example of an agent of change.” said Didi Dayton, VP of Worldwide Channels for Cylance. “They’re helping customers transform their security risk posture to defend against the constantly changing threat landscape with solutions that work to stop new threats like Ransomware, leveraging Cylance product and services offerings. We look forward to more great strides with Digitalera in preventing cyberattacks and cybercrime in the region.”

Cylance’s Artificial Intelligence-driven Technology Unlocks the Code.

Cylance’s breakthrough product, CylancePROTECT, has been shown by third-party testing agencies to be dramatically more effective at preventing both advanced persistent threats and everyday malware from executing on network endpoints. At the heart of CylancePROTECT is a transformational detection and blocking system based on artificial intelligence, a radically different technological approach to cybersecurity. Cylance eliminates the need for traditional antivirus software, anti-exploit products, whitelisting solutions and host-based intrusion detection and prevention systems.

DigitalEra to Clients: Cylance a Groundbreaking Endpoint Solution.

 “We are truly honored by this award”, said Patrick Dyer, President and CEO of DigitalEra Group.  “Cylance’s solutions are groundbreaking in the global cybersecurity landscape. They’ve rapidly moved to the top of the Gartner Magic quadrant for Endpoint Protection platforms amidst some of the most highly recognizable security brands.  We’re thrilled to partner with Cylance in delivering this powerful solution to our clients, and pleased to be recognized for our partnership.”  DigitalEra is currently providing risk assessments and demo-tours on how CylancePROTECT works.

Cylance: The Stakes Have Never Been Higher.

Cybercrime is a serious threat to industry, government, education and healthcare institutions. Organizations all over the globe have been subject to an increasing number of cyberattacks at the endpoint, crippling operations and resulting in millions of dollars in destroyed networks, lost revenues, ransom, and worse.  “Our mission at Cylance is to protect every endpoint on the planet,” said Dayton. “Forward-thinking, trusted cybersecurity partners like DigitalEra and their robust network of clients and security are essential to meeting that goal.”

About DigitalEra and Cylance:

DigitalEra is a leading solution provider of network and cybersecurity products and services, serving major business, education and governmental agencies throughout the US. In addition to access to the most sophisticated and effective security products, DigitalEra provides expert guidance on use as well as ongoing security counsel and insights that help their clients prevent security breaches and mitigate threats. For more information, visit: www.digitaleragroup.com

Cylance is the only company to offer a preventive cybersecurity solution that stops over 99.9% of advanced threats and malware at the most vulnerable point: the endpoint. Applying a revolutionary artificial intelligence approach, CylancePROTECT, analyzes the DNA of code prior to its execution to find and prevent threats others can’t, while using a fraction of the system resources associated with anti-virus and detect and respond solutions deployed in enterprises today.   For more information, visit: www.cylance.com.