Just when you thought the work was done … A Fortinet Success Story

By | Retail, Security, Solutions | No Comments

Not long ago, our Xiologix CTO was working with a new manufacturing client. They initially worked with a different partner and brought us in to work with them on their security posture because the other partner left them still needing more in the manner of configuration, support, and they found some serious deficiencies in their deployment. Happy to work with the client, we got their environment cleaned up, and it laid the foundation for more success that layered on after that.

The admin we worked with moved into a new role in a retail environment and wanted to continue our relationship and wanted our help get them updated and secure. They were running an active Cisco PIX and ASA Infrastructure with Meraki equipment. We migrated over their configuration and set up a new Fortinet Security framework infrastructure.

After the successful cut over, things were working, and the client thought the job was done. Our CTO continued, “let’s take a look at our threat view, just to make sure everything is working fine” and that’s when reality set in. Five minutes before the migration, everything was working the same way it had been five minutes before that point, five days, five weeks, and who knows how many years. But here we are in the future, five minutes in the future, and they found numerous instances of Malware running (but now being blocked) by the Fortinet Firewall. Command and Control, and other instances of bad juju were running on essential business assets and servers.

It was a relief on the one side to know issues like this were now being detected and stopped. Our CTO commented, “See, I just gave you a bunch of work to do!” The client was thoroughly surprised but ready to work through the cleanup process. It is eye-opening when a simple adoption of modern technology like a Fortinet security solution can immediately return its value and provide visibility, insight, and action against malicious activity.

Cybercriminals Use HTTPS Links to Gain Access to Your Data

By | Security | No Comments

Image Source: http://docs.apwg.org/reports/apwg_trends_report_q4_2017.pdf

According to Phishme research, 91% of attack-related data breaches begin with a spear phishing email.  Most of us have heard about phishing and know to stay away from unsafe sites but did you know that 80% of people polled by APWG believe that the HTTPS notation along with the padlock in the URL address means that the site is legitimate and/or safe to visit?

HTTPS (Hyper Text Transfer Protocol Secure) means that the communication between your browser and the website is encrypted. It does not imply that the site you are visiting is safe. If even one of your users believe HTTPS to mean that the site is safe to visit, your organization is susceptible to a data breach.

To mitigate this risk, we recommend multiple layers of protection including:

  • FortiMail which recently received Top AAA Rating in SE Labs Email Security Test demonstrating 100 percent detection of phishing attacks with zero false positives.
  • End-user testing and training which can start with a live phishing test, a custom phishing test template, a custom landing page, and a full report to give you a starting place in knowing your vulnerabilities.

Contact Xiologix to learn more.