Monday, June 12, 2017

[FINALLY] Next Windows Version 10 Stops Ransomware Cold - article courtesy of KnowBe4

[FINALLY] Next Windows Version 10 Stops Ransomware Cold - by Stu Sjourman

OK, finally there is some good news in the fight against ransomware!

(In case you did not know, I was the Editor-in-Chief for WServerNews for 15 years, and I have been following the Win OS closely since 1995. Glad to be back on my old stomping grounds for a bit here!)

Microsoft has been closely watching the onslaught of this new ransomware epidemic and added a slew of new features to the second major update of Win10 which is called "Creators Update" — Win 10 CU for short — which has been rolling out for a few weeks, consumers first.

Presenting new anti-ransomware protection features added in Win 10 CU, Robert Lefferts, Director of Program Management, Windows Enterprise and Security, said that no Windows 10 customer was affected by the recent WannaCry ransomware outbreak that took place in mid-May and no currently known ransomware strain can infect Windows 10.

From a security perspective, CU is a massive improvement.

The new security features include the following list, apart from a host of non-security related additions like a 3D version of MS Paint. :-)
  • Click-to-run for Adobe Flash in Edge — which prevents ransomware and other malware from landing on Windows 10 PCs via exploits kits and drive-by downloads.

  • Instant cloud protection via Windows Defender — According to Microsoft, starting with CU, Windows Defender AV can suspend a suspicious file from running and sync with the cloud protection service to further inspect the file.

  • Fast remediation mechanism at detection — Microsoft says it has made great strides to "remediate ransomware infection and limit ransomware activity from minutes to seconds, reducing its damage from hundreds of encrypted files to a few." Microsoft credits this to Windows Defender AV’s behavioral engine, who can aggregate malware behavior across processes and stages.

  • Improved detection for script-based attacks — Microsoft says its Antimalware Scan Interface (AMSI) was modified to intervene during the strategic execution points of JS or VBS script runtimes, two infection vectors often used by ransomware.

  • Wow64 compatibility scanning — In CU, Windows Defender AV added a process-scanning feature that uses the Wow64 compatibility layer, enabling it to better inspect system interactions of 32-bit applications running on 64-bit operating systems.

  • Process tree visualizations — feature added to Windows Defender ATP, the commercial version of Windows Defender.

  • Artifact searching capabilities — feature added to Windows Defender ATP.

  • Machine isolation and quarantine — feature added to Windows Defender ATP.

  • Windows Edge browser — better protection against remote code execution attacks.
Overall, your average user will probably not notice the difference

Overall, it's a good update, but it stands out for its incremental tweaks and behind-the-scenes improvements to matters such as security, updates and privacy, rather than for spectacular new features.

Obviously, you will not be able to roll this out immediately in your organization, despite the CU security improvements. Implementing CU is likely not a priority if you have just started to deploy Win10, and you might jump straight to the next major update, codenamed Redstone 3 which is due later this year.

The update is available to MSDN/TechNet subscribers running the Enterprise, Education and IoT Core edition. Organizations that have Windows via the Volume License Service Center have been able to get the update since May 1.

These Goodies Only Come in the Latest Version

Microsoft has a very good 14-page PDF with all these features detailed and illustrated. You can download that at the blog. It is obvious that they are adding all these features only to the most recent version, giving you an incentive to accelerate your wall-to-wall upgrades to the latest rev of the OS, which in this case you should be looking at seriously.
https://blog.knowbe4.com/finally-next-windows-version-10-stops-ransomware-cold

The whitepaper contains excellent ammo for budget requests, but is too technical for average C-level execs since it talks about data science, machine learning, automation, behavioral analysis, and other exotic subjects like that. :-D

End of Article by Stu Sjourman (CEO KnowBe4)

More Information on KnowBe4 from DCS Netlink:

You can get a FREE Phishing test and a FREE email exposure check at KnowBe4.  Two FREE tools to tell you how you measure up again the bad guys.  Need more info on KnowBe4 check this out:  





Stay Safe!  Stay Secure!

Regards,
Dane

Monday, March 20, 2017

Ransomware stopped by WatchGuard

Ransomware Stopped by WatchGuard

As a Watchguard Certified Training Partner, many times we know about new features and capabilities with the WatchGuard firewall products before the general public knows about them.  Such was the case with a new module that WatchGuard released over the last couple of months in its Total Security Suite called Threat Detection and Response (TDR).

As you probably know, Ransomware is exponentially increasing in quantity and severity and has been very effective in doing its job by encrypting customer data and holding it hostage.  Here is a quick WatchGuard video explaining the threat and vulnerability of Ransomware:  https://www.youtube.com/watch?v=xZbTFrmr_0E





If you are not familiar with ransomware, here is a really good video explaining what it is in English...the video features"Ransombear" as a cartoon character.  This video is called "Ransombear is on the hunt":  https://www.youtube.com/watch?v=eEKAlupYgDc

Last week I saw a WatchGuard (WG) engineer demonstrate how extremely effective the WatchGuard firewall and TDR module were together in stopping Ransomware "dead in its tracks."

During this short demo, the WG engineer clicked on a real ransomware file and showed how the WG TDR not only stopped the ransomware but also showed information in a WG console which captured and explained what had just happened.  There was nothing for the user to do, and you could see nothing happening.  The WG TDR module simply just did its job and kept the ransomware from executing and encrypting files.  

To prove that the Ransomware file was real, the WG engineer then turned off the TDR services on his Windows machine and then double-clicked the same file....and whoa la!  Within a matter of a few seconds, a screen popped up letting us know that our files were now encrypted and showed us a ticking clock to let us know how much time we had remaining to pay the ransom.

Now, you can watch it too!  Just visit my YouTube channel at https://youtu.be/ORqaWDvF5nQ and you will get a chance to hear more about WatchGuard Threat Detection and Response, as well as watch the WG Sales Engineer, demonstrate how ransomware is stopped by the WatchGuard Threat Detection and Response Host Sensor.

Extremely effective!  Up until now, I have had to explain that firewalls and anti-virus do little to nothing in protecting you against Ransomware...and could not detect, let alone, prevent a Ransomware attack.  Now, we have WG Threat Detection and Response to detect and respond to threats like Ransomware.  The new TDR module is available for laptops and desktops and is available as part of your Total Security Suite.  TDR is very effective as endpoint protection and the best part is that TDR is effective even if you are operating on Windows or Linux and you are not physically behind a WG firewall!

If you own a WatchGuard firewall but don't know or understand how the TDR module works, give us a call at DCS Netlink -Toll-Free: 877-327-6385.  Our WatchGuard certified engineers will help you determine how you can protect yourself and your network against Ransomware with the new WG TDR module.

Watch for our on-line WatchGuard Certified Training Partner seminar on the new TDR module.... Coming Soon! 

Wednesday, February 8, 2017

The Customer is NOT always right - Partnership versus Customer Service!

I recently read a great article by Danny Iny.  In that article, he points out that the customer is not always right.  He also says there is a big difference between customer service and partnership.

Mt. Ararat - 17,000 ft mountain in Turkey
Mt. Ararat (Agridag)- 17,000 ft mountain in Turkey
Ⓒ Photo by Dane Deutsch

At Deutsch's Inc., we are in the "people business" and all of our businesses (i.e.- DCS Netlink, Deutsch's Gymnastics, and Leadership Management Development Center) focus on partnerships not pure customer service.  So, I totally agree with Danny Iny.

I am not a professional climber by any stretch of the imagination, but I had the privilege of climbing Mt. Ararat (17,000 ft dangerous climb - which in Turkish, Mt. Ararat is called Agridag, which means "mountain of pain") during the 5 years I lived in Turkey.  Having made that climb, I can tell you that what Danny says about the difference between customer service and partnerships is exactly right!  He says, "Think of it this way: If you were climbing Mt. Everest, customer service is your porter. Partnership is your Sherpa climbing guide."  Perfectly said!

In other words, your porter carries your supplies for a fee...strictly transactional.  However, your Sherpa climbing guide is your key to reaching your goal (i.e.- the mountain Peak) and getting back to base camp successfully and safely.  The relationship with the Sherpa is totally transformational and Trust is two way.  Big Difference!

At Deutsch's Inc. we are all about partnerships, NOT customer service as our primary goal.  Why?  Because as Danny says, "The goal of customer service is to make the customer happy. In contrast, the goal of a partnership is for the customer to achieve their goals. Buyer and seller are both focused on a goal that's bigger than the buyer. The customer's happiness is a by-product of achieving that goal."


Dane's climbing team successfully at the top of Mt Ararat with climbing Guides

Ⓒ Photo by Dane Deutsch

I want to encourage you to read Danny's full article here:  http://www.inc.com/danny-iny/the-biggest-customer-service-mistake-you-don-t-know-you-re-making.html?cid=email

I also encourage you to read Danny's book:  https://www.amazon.com/Teach-Grow-Rich-Knowledge-Freedom/dp/1541232518/ref=sr_1_1?ie=UTF8&qid=1486571501&sr=8-1&keywords=danny+iny

And as always, focus on leading with Character First!  To learn more about how to lead with character first, grow relationships, leadership and teamwork, you can pick up a copy of my new book called "The Tricycle Effect" on Amazon:  https://www.amazon.com/Tricycle-Effect-Significant-Productive-Successful-ebook/dp/B01N91PPL0/ref=as_sl_pc_tf_til?tag=coach0e1-20&linkCode=w00&linkId=46359a1675537eea4e7912907092a781&creativeASIN=B01N91PPL0  

or visit my website at:  www.thetricycleeffect.com

Thanks for letting me serve as your Sherpa during this short "blog."  Keep leading with Character First!  Trike On and Smile On!

Wednesday, January 25, 2017

Bad Guys are Getting Badder, Faster then the Good Guys are Getting Gooder!

“Nothing has happened to my network, computer, or email yet, so most likely nothing will happen!”  That phrase is one I hear people make all the time.  Is that something you might say?


If you said “Yes,” then I guess you might also live by “The Odds.”  Are you a gambler?  Would you gamble your business or livelihood away?


At DCS Netlink, we don’t live by “The Odds.”  We don’t gamble when it comes to computer, network or Internet security.  The reason:  the odds are not in any person’s favor when it comes to computer, network or Internet security.  There are lots of explanations on why that is true.  


Think about these it:
  1. You are most likely a smartphone or computer user.  You are not an IT expert or even less likely to know about IT security.  Do you agree?
  2. Like most people, we are HUMAN and we don’t like change.  So, you might ask, “Why do I need to add extra security when I haven’t needed it so far?  Fair question.  Do you agree?
  3. There are lots of explanations, but there is one more…...that is security stuff is TOO expensive!  So, what most people think is that adding security also adds costs, and you want to be responsible with your money, right?  WRONG!  Your reputation in business has more value than a dollar amount.  Once you become a victim, your reputation will suffer and most likely your business will suffer, and that may translate to dollars in the end.


So, what should you do about your computer, network and Internet Security?
  1. Change your  beliefs about the BAD guys!  You need to believe that they are working hard to take you down and many of those users around you.  If you don’t believe that, then you have already most likely lost the battle.  In this day and age of the Internet of Things, the risks, vulnerabilities, and threats are increasing at an ever alarming rate and with greater consequences!  Do you agree?
  2. Find a company that will look out for your best interests, and not give you answer or propose a solution with the least cost.  Getting the right solution is more important!
  3. Partner with a computer, network and Internet Security company that has done background investigations on each and all of their employees.  After all, these engineers and technicians will most likely see some of your most confidential information in the scope of carrying out their duties.
  4. Hire a company that has gone through at least some semblance of security training on firewalls, and Internet Security.  Most IT companies do not have any formal training and/or certifications as a testimonial to their legitimacy in carrying out their duties.

So, that is the nitty gritty of IT!  If you want to know more and would like a network assessment and/or a security assessment, give us a call.  We would be happy to help coach you to a stronger and more secure future….after all, your business and reputation depend on IT!  Visit us at www.dcsnetlink.com or call 877-327-6385.

Sunday, June 30, 2013

Accountability - What's that? And, why should I care?


Accountability....What is that?

Uh Oh!!  Another thing to add to my ToDo List.  I can't keep up now, so how can I manage accountability?  Every hear yourself say or ask something similar in your own life?

This is the reaction to interesting questions almost every leader has made in this day and age.  In reality, the real questions need to be, "How do I lead and manage with accountability?"  Why is it important and why is it important to me and the health of the organization, company and/or family that I lead?

When I am teaching, training, and coaching WatchGuard firewalls, VPNs, and Internet Security, the subject of trust and accountability comes up every time.  So many organizations, companies, and people have come to me in the last 6 months and without directly using the word "accountability," they were very concerned about things going on in their organization.  Think about it...trust can't develop to healthy levels if no one can be trusted to perform and execute on time when promised.  That is why we need accountability.

Leaders at all levels at one time believed that their people and teams were doing the right thing, but they may not have addressed accountability, nor did they "front load" accountability with the job description and expectation.  So now they are finding out that without the accountability, stuff never got done, or managed or executed on time.  That is generally what leads to disappointment and miscommunication in the end, which then keeps a "culture of ownership" from developing.

All of those things that concerned these leaders really referred back to what we call accountability.  That is a big word, and has HUGE implications for the health and vitality of every organization, company, family and person.  Every leader needs to be very good at inserting accountability into their personal lives to grow and develop healthy trusting relationships with themselves, their family, and their companies...and no, it does not mean discipline...it is so much more than that.  Furthermore, they need to "front load" the accountability and expectations up front before the journey or task even starts.  Don't wait until the task is done or the event is over to think about accountability.  Building accountability and building it in pre-loaded beforehand is the tough stuff that great organizations and strong leaders know best and act on.

In this link to Lee Ellis' part 1 of his 6 part blog series on Accountability, he talks about:  Leaders and Accountability.

Lee says, "Even thought there are 14 lessons in my book, Leading with Honor, three foundational attributes rise to the top - character, courage, and competency.  To put it another way, the best leaders push through their selfishness and fear to skillfully do the right thing even when it's painful.  And part of doing the right thing is being accountable for one's actions."

To read more on the tough subject of accountability and why it is critical to healthy relationships in every person's life, visit Lee's blog at:

On Leaders and Accountability:  Notes from the Cliff - Lee Ellis on Leading with Honor

Until next time, "Keep leading with Character First." - Dane