How To Use Public Wi-Fi Securely!

Posted on by Martin Quinn in Security Blog Leave a comment

By Samantha Woollard (Internet Security Specialist) 17 April 2017

Do you have frequent coffee meetings with colleagues or clients and need to access company information using the cafés free Wi-Fi?  DON’T! Have you ever used free Wi-Fi to log into your online banking? DON’T! Public Wi-Fi is not safe and hackers love to take full advantage of this.

Wi-Fi hotspots are incredibly practical for us be it for social media scrolling, work and private email checking and other business needs. However, they are a potential risk and are just as handy for attackers to steal your private information.

Below are some tips to secure your information if you need to use free Wi-Fi in public places.

Tips to minimise your risk

1. Be smart – Firstly, be aware that any information you send over Wi-Fi hotspots is up for grabs to anyone who has even a bit of an IT background. Your online banking details, usernames and passwords are all out in the open. Try not to use sensitive information or visit anything private whilst using free hotspots.
2. Check Authenticity – Be careful to which hotspot you are connecting. It is possible for a malicious actor to put their own hotspot in place and perhaps disguise as the cafés Wi-Fi. A popular name is ‘_FreeWi-Fi’ as the punctuation puts the hotspot to the top of the list and we are all guilty of being distracted by the word ‘Free’. If you connect through an attacker’s hotspot then everything you do will be recorded by them. Make sure to verify with the café, restaurant, library etc on the name of their network and the password before connecting to any Wi-Fi.

3. Disable File Sharing – If you are a Windows user, make sure to turn off file sharing and mark the connection as a public network. To do this: Control Panel > Network and Sharing Center > Change Advanced Sharing Settings and uncheck the file sharing option. Another extra precaution is to turn on Windows Firewall by: Control > System and Security > Windows Firewall
4. Over HTTPS – Ensure that the sites you are accessing are over HTTPS by looking at the address bar or for the security lock sign.
5. Patch! Patch! Patch! – Always have software up-to-date so that no current exploit can be used against you. Regarding Wi-Fi, keep your web browser, software, anti-virus and other internet-connected devices are all patched.
6. Two-Factor Authentication – It is always good practice to use two factor authentications where you can. If a hacker could obtain your password then there is another layer of protection in place that they will not be able to get past.
7. Use a VPN – A Virtual Private Network encrypts all traffic and ensures a safe way of using the Internet. It also masks your IP address so that phishing and man-in-the-middle attacks are reduced.
8. Log off and Forget– Once you have finished using the Wi-Fi connection, log off from any services you were using and forget the network. This prevents your phone from automatically connecting to it again when you are within range. Remember to always turn off your Wi-Fi if you are not using it to stop it from connecting to random open hotspots when you are out and about. Another tip that helps with this is to disallow your device to connect automatically within your Wi-Fi settings.

Security for us is not only when you have a strong password. Security for businesses is not only what happens within the company building. Protecting yourself and your business is an ongoing process. The tips above can help everyone reduce their risk of attack and loss of personal information and sensitive data to crafty hackers lurking in public areas.

Relax. Your security is Intact.

Author: Intact Security


Intact Attend Partner Summit To Phuket With WatchGuard!

Posted on by Martin Quinn in Security Blog Leave a comment

By Samantha Woollard (Internet Security Specialist) – 12 April 2017

Who are WatchGuard? WatchGuard are a global provider of Unified Threat Management (UTM) and Next Generation firewall solutions. Their UTM is unmatched providing additional firewall services such as IPS, URL filtering, gateway anti-virus, web blocking and a host of other features.

A basic firewall is no longer enough, so more defences need to be implemented into businesses’ systems to layer their security. This can become complex with many devices to configure, implement and monitor. With WatchGuard products, everything you would need and more is provided through one unified device meaning:

  • A layered security for your business
  • No complex configurations
  • Easy to use GUI
  • Low price

Intact Security have been Silver partners with WatchGuard for several years, keeping on top of newly created services and products so that we can educate customers and distribute security solutions to those who need them.

This week WatchGuard flew the Intact team plus their other partners to Phuket, Thailand to inform us of new products and newly developed features so we may find the best suiting answer to your security problems.

Who did we meet? David Higgins, Regional Director ANZ opened the Cocktail Reception on the first evening to welcome all the partners and distributors to Phuket for the annual Partner Summit, with the Bangtao beach as a stunning backdrop.

The next day the Partner Summit was kicked off with a Keynote Presentation by Prakash Panjwani, CEO of WatchGuard. A number of other presenters took to the stage including Corey Nachreiner, Chief Technology Officer (CTO), Ryan Orsi the Director of Business Development and Brendan Patterson, the Director of Product Management discussing all things WatchGuard over the past year and the year to come.

Left to right: Brendan Patterson, David Higgins and his wife, and Prakash Panjwani (CEO).

David Higgins, Regional Director ANZ opening the Cocktail Reception.


Advantages of WatchGuard Over Competitors

WatchGuard are the ONLY one in the industry to provide a Unified Threat Management (UTM) that:

  • is fully integrated correlation capability – threat detection from network to endpoint in one view
  • processes threat intelligence on behalf of customers, passing on only the security benefits without the complexity or costs
  • provides integrated, automated incident response that works in tandem with existing anti-virus
  • unites prevention, detection, correlation and response under one SKU (Stock Keeping Unit)

UTM Throughput
Network performance with WatchGuard products, including the full UTM and features is nearly 4 times as fast than when other competitors’ products are implemented into systems. This includes Dell SonicWall and Sophos products.

Ease of Licensing   
When licensing a product, with WatchGuard only one device is needed. Other software is needed with other company products making licensing more complex.

UTM Throughput

Top Threats of 2017 and How WatchGuard Can Protect You

1. Ransomware
Defense of UTM – No single security service prevents all threats. WatchGuard’s Unified Threat Management combines many services to offer ‘Kill Chain’ defenses.
Advanced Persistent Threat Blocker – As ransomware is ever-changing, behavioural malware detection in the APT Blocker is needed to catch up to date variants.
Threat Detection and response – TDR’s Host Ransomware Prevention can stop the types of ransomware that encrypt files at an end point.

2. Exploit Kits
WebBlocker & RED – Keeps employees away from sites hosting exploit kits (EK)
Intrustion Prevention Service – IPS prevents many of the exploit kits that are in use.
Gateway Antivirus (GAV) – Regularly catches obfuscated JavaScript exploit kits used to launch exploits.
APT Blocker – If EK succeeds, APT blocker and GAV still have a chance to block the malware it tries to send.

3. IoT Botnets
Network Security Is Device Agnostic – Basic firewalls do protect IoT devices. Segment IoT for best UTM service protection.
Botnet C&C Detection (RED) – If an infected device appears, RED’s botnet C&C detection can catch and stop it.
Access Points Protect Wi-Fi IoT – Access points extend and can enhance your protections to wireless IoT devices

Naka Island stop-off during speedboat trip.

New Product Alert! – Managed Cloud Wifi

Late last month WatchGuard announced the release of a new product, Firebox Cloud. This device brings the same protection as other WatchGuard UTM devices to public cloud environments.

This enables organisations to extend their security perimeter to protect business critical and sensitive assets in Amazon Web Services (AWS), increasing the security beyond what is provided by AWS to ensure your network is secured by more than just simple port scanning and access control.

Cloud Scalability
Easily scale from one to an unlimited number of access points across multiple locations without worrying about the hardware limitations. APs can be grouped in many ways including location, building, floor, for easy management and policy configuration

Grow Managed Services With Wi-Fi
WatchGuard is the only company to provide a managed Wi-fi, WIPS ( Wi-Fi Intrusion Prevention System), guest experiences and analytics.
Other vendors such as, Aerohive, Aruba, Cisco Meraki and Ruckus all have managed Wi-Fi but do not include the other features.

Managed WIPS
WatchGuard’s cloud-managed access points have built-in WIPS to help ensure you have the protection you need. By having WIPS activated, it defends your airspace 24/7 from any unauthorised devices that may try to connect, any rogue access points and from malicious attacks, resulting to close to zero false positives. Other vendors have tried and failed to provide this, WatchGuard on the other hand, has succeeded tremendously.

Managed guest experiences and analytics 
These features can be enabled by upgrading access points to provide captive portals, location analytics and also managed WIPS.

New Feature Alert! – Threat Detection and Response

Late January of 2017, it was announced that WatchGuard had created a new service for its products that correlates network and end point security events. Threat detection is used to detect, prioritize and enable immediate action against threats.

It also is the first service provided by ANY UTM vendor to provide these kind of capabilities to small to mid businesses and at no additional cost!

Outrigger Laguna Resort, Phuket, Thailand.

Here at Intact, we only recommend products that we trust will benefit you, our customers. We resell only the devices that will help your security and WatchGuard are one of them. With WatchGuard you get an all-round security solution with integrated simplicity at a low cost but without the lack of performance. Their technology can be adopted into organisations big or small and will still provide the best in-class security service.

If you are interested in any WatchGuard products, do not hesitate on contacting us!

Relax. Your security is Intact.

Author: Intact Security


Most Effective Security Defences Against Hackers According To Hackers!

Posted on by Martin Quinn in Security Blog Leave a comment

By Samantha Woollard (Internet Security Specialist) 27 March 2017

What better way of finding the best counter measures against hackers than asking the hackers themselves. Penetration testers spend their day-to-day life breaking into computer systems and attempting to get around obstacles put in place to stop the bad guys. But why ask penetration testers? The only difference between black hat hackers and penetration testers (white hat hackers) is that one of them has a statement of work to do it legally and the other does not. The methodology and tools of attack are the same.

A large group of white hat hackers took part in a survey about the results from their penetration tests to identify the main issues they came across and what measures you should implement to not fall victim to the same attacks. 72% stated that their first plan of attack is social engineering. Employees are often regarded as the weak link in the chain which puts them at the top of the list for attack. Most hackers involved mentioned that more needed done about security awareness in the workplace as tricking an employee was an easy way to exploit their target. Having security-educated staff can often be one of the key security defences on preventing company information from going into the wrong hands.

88% of penetration tests done by the surveyed white hat hackers took less than 12 hours to compromise the target. After the initial breach, 81% of testers took under 12 hours to find and steal critical data from the target’s network. 33% stated that they were never detected during the entire assessment. From these results it is easy to see that a lot more still needs done on securing businesses and monitoring of traffic to detect and prevent real attackers in their systems. Another comment made by several penetration testers was that it does not matter what size of organisation they were targeting, the chance of exploitation and compromise was the same.

66% of tests resulted in finding exploitable software related vulnerabilities and network configuration issues that could be used to gain unauthorized access were found in 66% of businesses systems. These exist due to software suppliers caring more for ease of deployment and usability, misconfiguration of network devices and bad patching practices. From these two vulnerability types, over 80% of penetration tests are successful in compromising the target business. These can be easily protected against by implementing good patch management, network segmentation, regular scanning and assessments.

After a full penetration test, the work is not over. Remediation is a key stage after the results are acquired, however from this survey only 10% of clients remediated all vulnerabilities and retested the environment. 5% of businesses only wanted to obtain the ‘check in the box’ to achieve compliance and did not act on the results of the assessment at all. 75% only focused on critical and high vulnerabilities. Although remediating major vulnerabilities is obviously a good start, flaws rated as low or medium does not mean that an attacker use them to their advantage. Individually the chance of exploitation from these may be low but by using several of these vulnerabilities together, an attacker can still sometimes craft a successful exploit.

From the results of the survey, it was revealed that the most challenging layer to bypass in a company’s security model was intrusion detection and prevention systems. However, all controls designed to stop hackers, with enough time and effort, can be bypassed. It all boils down to defence in depth rather than depending on a single measure of security. If one layer fails, it is not game over. With the right educated people and technology combination, the chance of compromise can be minimal.

Not all risk can be removed. Although, most hackers target low hanging fruit and try to find the path of least resistance. If a hacker’s attempt into your systems is making no progress, their patience may run thin and a lot of the time they will move on to another target. For example, if one computer is patched, running up to date security software and has a strong password and another computer has not been patched for a while, has no security software in place and has a weak password, then an attacker will go for the second machine. It is all about being ahead of the game and not being an easy target.

Contact us for advice or with any questions about your security. Intact Security are here to help.

Relax. Your security is Intact.

Author: Intact Security