Written by: Daniel Haurey on 05/26/17

Baby crying

It’s enough to make you want to… well, you know. The WannaCry virus has wreaked havoc across the globe, shutting down hospitals in the UK, seizing control of displays at train stations, and causing billions in damages across 150 countries. Many organizations paid ransoms of $300 to $600 per PC in bitcoin to regain control and access to their computers.  We are very happy to report that not one of our IT Services customers was infected. (The majority of our clients are located in Northern and Central NJ and Manhattan, NYC).  There is a reason for that, one that every business owner should understand:

Today security is something you do, not something you have.

IT Security (Cybersecurity) Facts New Jersey Business Owners Need to Know

Legions of people around the world now make their living through cyber-crime. They’re pouring all their resources into finding flaws and openings to penetrate the systems of legitimate businesses. Being small or specialized does not matter; hackers target businesses of every size in every industry.

That means every business needs to establish a proactively managed, layered approach to protecting their data and IT assets. Set it and forget it no longer works. Here are two security must-haves to avoid the next WannaCry:

1.)      Layering. Solid security is not just setting a perimeter. It’s setting up many, using several different types of tools and processes layered on top of one another to ensure only legitimate traffic gets to your systems and data.

Important layers include anti-virus, intrusion protection, advanced threat protection, managed firewalls, web content filtering, spam filters and end-point protection, as well as other measures.

At Exigent we’re constantly fine-tuning those layers as security evolves. For example, we recently added Webroot  SecureAnywhere to our Assurance Managed IT Service. That means we can constantly monitor all end-user computers to ensure they have the latest virus definitions, and send updates if they fall behind. Staying up to date is crucial to remain secure.

2.)      Active management. Firewalls used to be something you installed and forgot; they worked quietly in the background. Today a static target is vulnerable to hackers. The best practice is to actively manage the firewall to spot patterns and prevent new attack vectors as they evolve.

We accomplish this through our BOUNDARY Firewall as a Service (FWaaS) powered by SonicWall. SonicWall’s expert security staff proactively monitors emerging security threats and takes action to resist them. We are one of very few NJ based IT companies that are authorized by SonicWall to offer such a service.

BOUNDARY includes SonicWall’s Gateway Anti-Virus, Intrusion Prevention service, and optionally, Capture Advanced Threat Protection. These services protected our customers’ networks from WannaCry ransomware and the worm that spreads it since April 17, 2017. Since then, SonicWall has identified several new variants and released additional counter measures.

Exigent’s BOUNDARY global management system adds value to SonicWall’s firewall by tailoring it to our customer’s specific needs. Say an Exigent client has a customer in Romania, and that country becomes the source of a new threat. Exigent can geo-block all traffic from Romania except that specific customer. We then monitor that traffic to ensure it’s safe, ensuring that  our client can continue to do business.  The BOUNDARY platform utilizes the latest “Next-Generation” firewall technology, employing deep packet inspection (DPI) to monitor application-based threats which would otherwise pass through a stateful firewall (which only looks at addresses and ports, not application content).

We also vet all SonicWall releases and push them out to our customers’ firewalls when appropriate. Our Border-Patrol platform (the policy management component of BOUNDARY), allows us to schedule these updates at convenient times and retains copies of all prior configurations to protect against unexpected outages.

People not in the IT services business do not need deep knowledge about network security.  They do need to understand its basic concepts; doing what is right to keep their business protected. Selecting a NJ or NYC IT security partner that provides actively-managed, layered security is the gold standard for avoiding viruses, worms, and other intrusions that make you, yep, ..WannaCry.