Product/Service: Cyber Security

Understanding Least Privileged Access: A Critical Security Principle for Modern Businesses

Posted on July 27, 2023 by Becky - Blogs, Hot Topic

Understanding Least Privileged Access: A Critical Security Principle for Modern Businesses

Home » Cyber Security

Written By

Becky Griffin

Publish Date

27/07/2023

Categories

Blogs Hot Topic

In today’s digital world, where data breaches and cyber attacks are on the rise, ensuring robust cybersecurity measures has become a paramount concern for businesses and individuals alike. One essential concept that plays a crucial role in securing sensitive information and safeguarding critical systems is “Least Privileged Access.”

In this article, we will delve into the meaning of least privileged access and its significance in maintaining a strong security posture for organisations.

What is Least Privileged Access?

Least Privileged Access (LPA), also known as the Principle of Least Privilege (POLP) or the Principle of Least Authority, is a security principle that advocates providing users, applications, or processes with only the minimum level of access required to perform their specific tasks and responsibilities. In simpler terms, it means granting individuals or software just enough permissions to carry out their job functions and nothing more.

The rationale behind this principle is to reduce the potential attack surface and limit the damage that malicious actors or errors can cause if a breach occurs. By adhering to the least privileged access approach, organisations can prevent unauthorised access, data leaks, and unauthorised modifications to critical systems, thereby bolstering their overall cyber security posture.

How Does Least Privileged Access Work?

Implementing least privileged access requires a thorough evaluation of user roles, access rights, and the data or resources they need to perform their duties. Here’s a step-by-step breakdown of how it works:

Identifying User Roles: The first step is to categorise users into specific roles based on their job functions and responsibilities. For instance, employees in human resources may require access to sensitive personnel data, while software developers may need access to the source code repository.
Defining Access Rights: Once user roles are identified, administrators must define the minimum level of access rights necessary for each role to fulfil their duties effectively. This involves analysing the data and resources that each role requires and granting access accordingly.
Implementing Access Controls: Access controls are enforced through security mechanisms like role-based access control (RBAC), access control lists (ACLs), and permissions management. These mechanisms ensure that users are restricted from accessing data or resources beyond what is necessary for their roles.
Regular Auditing and Monitoring: To maintain the effectiveness of the least privileged access approach, regular audits and monitoring are essential. This helps identify any discrepancies, unauthorised access attempts, or potential security breaches promptly.

Benefits of Least Privileged Access

Reduced Attack Surface: By limiting access rights, the potential attack surface for cybercriminals is significantly minimised, making it harder for them to find vulnerabilities and exploit weaknesses.
Enhanced Data Protection: LPA ensures that sensitive information is only accessible to those who genuinely require it, mitigating the risk of data breaches and leaks.
Improved Insider Threat Mitigation: Even if an insider account gets compromised, the damage is limited due to the principle of least privilege.
Compliance and Regulatory Requirements: Many industries have specific compliance standards that mandate the implementation of least privileged access as part of their data protection protocols.

As technology continues to evolve, organisations must remain vigilant in their commitment to upholding strong security practices. Embracing least privileged access should be viewed as an essential part of a comprehensive cybersecurity strategy, ensuring that critical systems and data remain safe from harm in an ever-changing threat landscape.

If you’d like to learn more about how Cobweb can help implement a least privileged access strategy, please get in touch.

Implementing an effective backup strategy

Posted on November 25, 2022 by Becky - Guides

What's inside?

Download our free guide to find out more about how you can implement an effective backup strategy for your business.

The importance of a backup strategy - Explore why the growing range of external threats are making it increasingly important for businesses to have a robust back up strategy.
10 steps to implementing your backup strategy - Read through our steps for what needs to be considered when planning your strategy.
Where to get started - There's a lot to consider when planning your cyber security strategy. Read through our guidance for how and where to get started.

Download a copy

A quick guide to password managers

Posted on November 22, 2022 by Becky - Blogs

A quick guide to Password Managers

Home » Cyber Security

Written By

Richard Meek

Publish Date

22/11/2022

Categories

Blogs

We’re often told that the passwords to access our online accounts should be really strong, and not to use them anywhere else. This is especially true for the password for your email account. If you’ve used the same password across different accounts, cyber criminals only need one password to access all your accounts.

Always use a strong and separate password for your email; that is, a password that you don’t use for any of your other accounts, either at home or at work.

If you have re-used your email password across other accounts, change your email password as soon as possible. It should be strong and different to all your other accounts.

Ideally, you should use unique passwords for all your important online accounts (such as banking accounts, shopping/payment accounts and social media accounts), not just your email account. You should also provide additional protection by setting up 2-step verification (2SV) on your email account, which will prevent a criminal from accessing your email account even if they know your password.

Weak passwords can be cracked in seconds. The longer and more unusual your password is, the harder it is for a cyber criminal to crack.

The trouble is, most of us have lots of online accounts, so creating different passwords for all of them (and remembering them) is hard.

This is where a password manager can help. A password manager can store all your passwords securely, so you don’t have to worry about remembering them. This allows you to use unique, strong passwords for all your important accounts (rather than using the same password for all of them, which you should never do).

In addition, many password managers are helpful because they can:

synchronise your passwords across your different devices, making it easier to log on, wherever you are, and whatever you’re using
help spot fake websites, which will protect you from phishing attacks
let you know if you’re re-using the same password across different accounts
notify you if your password appears within a known data breach so you know if you need to change it
work across platforms, so you could (for example) use a single password manager that would work for your iPhone and your Windows desktop

To find out more about LastPass, Cobweb’s Password Manager Solution, get in touch with the team today!

Malware, Ransomware & Incident Response

Posted on November 21, 2022 by Becky - Blogs, Hot Topic

Malware, Ransomware & Incident Response

Home » Cyber Security

Written By

Dan Raven

Publish Date

21/11/2022

Categories

Blogs Hot Topic

Malware is malicious software, which – if able to run – can cause harm in many ways, including:

causing a device to become locked or unusable
stealing, deleting, or encrypting data
taking control of your devices to attack other organisations
obtaining credentials that allow access to your organisation’s systems or services that you use
‘mining’ cryptocurrency
using services that may cost you money (e.g. premium rate phone calls).

Ransomware is a type of malware that prevents you from accessing your computer (or the data that is stored on it). The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network, such as the Wannacry malware that impacted the NHS in May 2017.

Usually, you’re asked to contact the attacker via an anonymous email address or follow instructions on an anonymous web page, to make payment.

The payment is invariably demanded in a cryptocurrency such as Bitcoin, in order to unlock your computer, or access your data. However, even if you pay the ransom, there is no guarantee that you will get access to your computer, or your files.

Occasionally malware is presented as ransomware, but after the ransom is paid the files are not decrypted. This is known as wiper malware. 

For these reasons, it’s essential that you always have a recent offline backup of your most important files and data.

It is essential to plan for any incident. When creating your plan consider the following points, which should help you clarify the level of security you require and the budget you will allocate:

How long will it take to restore the minimum required number of devices from images and re-configure for use?
How you would rebuild any virtual environments and physical servers?
What processes need to be followed to restore servers and files from your backup solution?
What processes need to be followed if onsite systems and cloud backup servers are unusable, and you need to rebuild from offline backups?
How would you continue to operate critical business services?
What impact would an incident have on your customers and their business?
What impact would an incident have on your company’s reputation?
What is the cost per hour/day/week of system downtime?

_{^{*Contains public sector information licensed under the Open Government Licence v3.0.}}

Protecting against Phishing Attacks

Posted on November 21, 2022 by Becky - Guides

What's inside?

Inside the guide, we cover:

What phishing attacks are - We explore the various types of attack your business needs to be aware of - including Spear Phishing, Whaling, Smishing, Vishing and Angler Phishing
How you can prepare for phishing attacks - read through our 11 actionable steps to reduce the risk of attack
Where to get started - There's a lot to consider when planning your cyber security strategy. Read through our guidance for how and where to get started.

Download a copy

The 5 minimum security considerations for any business

Posted on November 16, 2022 by Becky - Blogs, Hot Topic

The 5 minimum security considerations for any business

Home » Cyber Security

Written By

Richard Meek

Publish Date

16/11/2022

Categories

Blogs Hot Topic

Back up your data

Think about how much you rely on your business-critical data. Customer details, quotes, orders, and payment details. Now imagine how long you would be able to operate without them.

All businesses, regardless of size, should take regular backups of their important data, and make sure that these backups are recent and can be restored. By doing this, you’re ensuring your business can still function following the impact of flood, fire, physical damage or theft. Furthermore, if you have backups of your data that you can quickly recover, you can’t be blackmailed by ransomware attacks.

Protect your organisation from malware

Protecting your organisation from malware Malicious software (also known as ‘malware’) is software or web content that can harm your organisation, such as the recent Uber hack.

The most well-known form of malware is viruses, which are self-copying programs that infect legitimate software.

Keep your smartphones (and tablets) safe

Mobile technology is now an essential part of modern business, with more of our data being stored on tablets and smartphones. What’s more, these devices are now as powerful as traditional computers, and because they often leave the safety of the office (and home), they need even more protection than ‘desktop’ equipment.

Use passwords to protect your data

Your laptops, computers, tablets, and smartphones will contain a lot of your own business-critical data, the personal information of your customers, and also details of the online accounts that you access.

It is essential that this data is available to you, but not available to unauthorised users. Passwords – when implemented correctly – are a free, easy, and effective way to prevent unauthorised users from accessing your devices.

Avoid phishing attacks

In a typical phishing attack, scammers send fake emails to thousands of people, asking for sensitive information (such as bank details), or containing links to bad websites. They might try to trick you into sending money, steal your details to sell on, or they may have political or ideological motives for accessing your organisation’s information.

Phishing emails are getting harder to spot, and some will still get past even the most observant users. Whatever your business, however big or small it is, you will receive phishing attacks at some point.

If you would like help or advice about implementing these security measures fill in this form to discuss with one of our security experts.

_{*Contains public sector information licensed under the Open Government Licence v3.0.}

What the Uber and IHG hacks last week revealed

Posted on September 20, 2022 by Becky - Blogs

What the Uber and IHG hacks last week revealed

Home » Cyber Security

Written By

Richard Meek

Publish Date

20/09/2022

Categories

Blogs

Online taxi company Uber and the Intercontinental Hotel Group (IHG) were last week the latest victims to be hit by cyber attacks.

In the case of Uber, a teenage hacker posted several screenshots within Uber systems, and appeared to have access to many of their internal platforms.

It has transpired since that the 18-year-old hacker stole an employee’s password through social engineering and also tricked the employee into approving the push notification for Uber’s Multi-Factor Authentication, or MFA. Social engineering is the psychological manipulation of people into performing actions or divulging confidential information.

The hacker confirmed they then used the stolen credentials to send repeated push notifications to the employee. They then sent the employee a WhatsApp message, claiming to be from Uber IT, stating for the authentication notifications to stop, he must accept, which he did.

This shows a classic case of the weakest point in any cyber defence, the human element. There are two points of failure, the inability to stop the details being stolen, and the lack of education for the employee to accept the instructions given in a WhatsApp message.

In the other high-profile hack of last week, 2 Vietnamese hackers infiltrated the Intercontinental Hotel Group (IHG). Initially planning a ransomware attack, IHG cyber security moved quickly to prevent this by isolating servers, however the hackers then deleted large amounts of valuable company data in response.

They initially gained access when an employee downloaded a malicious attachment from a phishing email. They also had to bypass an additional security prompt message sent to the worker’s devices as part of a MFA system.

MFA requires at least two independent factors, either something you know such as a password or pin, or something you have such as a card reader or dongle, or something you are such as a fingerprint or facial recognition.

Once past the MFA layers of security, the two hackers were able to access the company wide (200,000 employees!) password manager using the password…..Qwerty1234, giving access to every single system.

Both the Uber and IHG incidences highlight that even with MFA there are still risks posed. Not all MFA options are created equal with some being stronger than others. The less secure include the something you know, which can be engineered, or something you have where the codes can be intercepted or stolen.

The most secure MFA today is phishing-resistant authentication. This eliminates the use of shared secrets in the login process, removing the ability to intercept and replay access credentials. Even with these processes in place, MFA can be defeated by exploiting vulnerabilities in human behavior.

If you have concerns about your security and would like to enquire about a tenant security review, email protection or would like to arrange security training for your team(s), please fill in this form.

Identity & Access Management

Posted on August 12, 2022 by Becky - Guides

What's inside?

Download our free guide to find out more about Identity & Access Management. We cover:

An introduction to Identity & Access Management - understand what an Identity & Access Management system is, and the main ways in which it is designed to help protect organisations against potential cyber-attacks
What's included within an IAM system - Centralised identity management, secure access, zero-trust policies...and much more - all of which are explained inside the guide.
Where to get started - we'll show you how to get started with implementing an IAM system so you can be sure that your business is taking an important step in reducing the cyber-attack threat.

Download a copy

Cobweb awarded Cyber Solution Provider of the Year

Posted on June 30, 2022 by Becky - Company News

Cobweb awarded Cyber Solution Provider of the Year

Home » Cyber Security

Written By

Richard Meek

Publish Date

30/06/2022

Categories

Company News

Cobweb were delighted last week to be awarded Cyber Solution Provider of the Year at The Business Magazine’s South Coast Tech Awards.

Judges were impressed by our latest security offering Cobweb Secure. Available in multiple configurations, Cobweb Secure has become a one-stop security shop for our customers. Cobweb Secure offers identity protection, email protection against all cyber threats including phishing, malware and ransomware, as well as backing up all your Microsoft 365 data to a secure cloud, device protection, web security and endpoint device security.

The panel stated “A visionary tech business investing in the future, often ahead of industry developments. They have launched many global ‘firsts’ over the years. This business has a strong focus on its people and significant spend on staff training, ensuring excellent quality of service and impressive customer satisfaction.”

The team picking up their award at The South Coast Tech Awards

Michael Frisby, Cobweb’s Managing Director commented on the achievement, “Innovation is part of our core values – the IT world is one where change is constant so you have to keep innovating to stay ahead of the bad guys. The Covid-19 lockdown saw a massive transition to hybrid and home working, where our customers went from controlled office environments to remote working with employees using their own devices that we needed to help control and protect. We expanded our portfolio of services to protect customers. Ultimately, we are a people business and it is their knowledge, expertise, passion and obsession for serving our customers that makes the difference.”

Find out more about Award-Winning Cobweb Secure

Cobweb Secure

Is your email putting you at risk?

Posted on May 24, 2022 by karen - Events & Webinars, Videos

Is your email putting you at risk?

Overview

Businesses have become more reliant than ever before on their email and collaboration tools to help their teams stay connected in the hybrid and remote working era.

But as we communicate more online, cybercriminals are finding new and more complex methods of targeting organisations.

In our upcoming webinar, we’re joined by cyber security expert Dr Francis Gaffney, who will be taking us through the state of email security in 2022, and what you can do to keep your business protected against the emerging threats.

What we cover

The cyber security challenges SMBs are facing in 2022
How the increase in email use is creating new opportunities for cybercriminals
The steps you can take to keep your business protected
Understanding the future threat landscape – what we can expect going forward, and what we should prepare for

Product/Service: Cyber Security

Understanding Least Privileged Access: A Critical Security Principle for Modern Businesses

Understanding Least Privileged Access: A Critical Security Principle for Modern Businesses

Implementing an effective backup strategy

Implementing an effective Backup Strategy

What's inside?

A quick guide to password managers

A quick guide to Password Managers

Malware, Ransomware & Incident Response

Malware, Ransomware & Incident Response

Protecting against Phishing Attacks

Protect your business against Phishing Attacks

What's inside?

The 5 minimum security considerations for any business

The 5 minimum security considerations for any business

Back up your data

Protect your organisation from malware

Keep your smartphones (and tablets) safe

Use passwords to protect your data

Avoid phishing attacks

What the Uber and IHG hacks last week revealed

What the Uber and IHG hacks last week revealed

Identity & Access Management

Identity & Access Management

What's inside?

Cobweb awarded Cyber Solution Provider of the Year

Cobweb awarded Cyber Solution Provider of the Year

Find out more about Award-Winning Cobweb Secure

Is your email putting you at risk?

Is your email putting you at risk?

Overview

What we cover

Recent Posts

Recent Comments

Understanding Least Privileged Access: A Critical Security Principle for Modern Businesses

Implementing an effective Backup Strategy

What's inside?

A quick guide to Password Managers

Malware, Ransomware & Incident Response

Protect your business against Phishing Attacks

What's inside?

The 5 minimum security considerations for any business

Back up your data

Protect your organisation from malware

Keep your smartphones (and tablets) safe

Use passwords to protect your data

Avoid phishing attacks

What the Uber and IHG hacks last week revealed

Identity & Access Management

What's inside?

Cobweb awarded Cyber Solution Provider of the Year

Find out more about Award-Winning Cobweb Secure

Is your email putting you at risk?

Overview

What we cover

Want to receive all the latest?

Recent Posts

Recent Comments