Search
  • Avantia Threat Update

YOUR PRIVACY COULD BE UNDER SCRUTINY



This Past Week:

Smart Sex Toys leave consumers exposed; Ransomware as a service is the new big problem for business; Google sets up Android group for future car keys, national ID and e-wallets; Myanmar Coup and Internet Censorship Pushes Civilians to Underground Forums on the Dark Web; Critical Zoom vulnerability triggers remote code execution without user input; A massive Facebook leak exposes personal data for millions in the US and India; the Clop ransomware gang had a very good week (and Us universities had a very bad week; and Major Breaches in the United States; France; The Netherlands and Italy.

Smart SexToys: appealing to you - exploitable by Hackers

Some of the most popular sex toys on the market are anything but smart when it comes to security. However, it seems that smart sex toys are still anything but intelligent when it comes to personal privacy, with some of the most popular toys on the market still lagging behind when it comes to basic security measures. Smart sex toys are equipped with a variety of features: internet connectivity, remote control, Bluetooth links, video, messaging, apps for measuring and monitoring responses, and more. However, there are concerns that in the rush to offer more and more connectivity options, sex toys could be leaving users open to "data breaches and attacks, both cyber and physical." Recently, researchers from ESET published a whitepaper exploring the security posture of these devices: in particular, two popular products from WOW Tech Group and Lovense. The first subject is We-Vibe Jive, a Bluetooth-enabled female vibrator that can be connected to the We-Connect mobile app for controlling vibrations and handing over control to a partner. The second product examined was the Lovense Max, a male masturbation sleeve. This device, too, is able to connect to a mobile app, the Lovense Remote, which is described as having features including "local remote control, long-distance control, music-based vibrations, creating and sharing patterns, sending patterns syncing two toys together, [and] sound-activated vibrations." For both the Jive and Max, the researchers examined the security between the devices and Google Play Store apps. Both devices use Bluetooth Low Energy (BLE) technologies, which while useful to keep power consumption low, are not necessarily very secure. The We-Vibe Jive keeps user data collection to a minimum but used the least secure of BLE pairing options -- a temporary code used to link up the Jive is set to zero. As a result, the device was subject to Man-in-The-Middle (MitM) attacks, in which any unauthenticated smartphone or PC could connect to a physical device. As a wearable product, it is possible that users will wear it while out-and-about -- and the Jive broadcasted its presence "continually" to establish a connection, ESET says. "Anyone can use a simple Bluetooth scanner to find any such devices in their vicinity," the researchers say. "[Jive] is designed for the user to be able to wear it as they go about their day -- at restaurants, parties, hotels, or in any other public location. In these situations, an attacker could identify the device and use the device's signal strength as a compass to guide them and gradually get closer until they find the exact person wearing it." Multimedia files can be shared between We-Connect users during chat sessions and while they are deleted as soon as messaging ends -- an effort to protect what is likely to be intimate content -- the metadata remained. In other words, whenever a file is sent, so is a user's device data and geolocation, which did not vanish. Another privacy issue of note was a lack of brute-force protection on app PIN access attempts. The Lovense Max contained a number of "controversial" design choices, ESET says, which could compromise the "confidentiality of intimate images one user shares with another." Among these was the option to download and forward on images to third-parties without the knowledge or consent of the original owner, as well as reliance on just HTTPS and not end-to-end encryption in image transfers. In addition, while users often create fantasy names, the Lovense Max app used their email addresses -- stored in plaintext -- to facilitate messaging. Tokens, which can be shared publicly, were also generated using few numbers and were active longer than claimed, and, therefore, could be susceptible to brute-force attacks leading to information disclosure. Lovense Max also did not authenticate BLE connections and so was vulnerable to the same MiTM attacks as Jive. A lack of certificate pinning in firmware updates was also noted in the report. "The consequences of data breaches in this sphere can be particularly disastrous when the information leaked concerns sexual orientation, sexual behaviors, and intimate photos," ESET says. "As the sex toy market advances, manufacturers must keep cybersecurity top of mind, as everyone has a right to use safe and secure technology." ESET disclosed the vulnerabilities to WOW Tech Group and Lovense in June 2020 and the security issues were acknowledged within several weeks. Lovense patched all of the bugs reported by July 27, whereas We-Connect version 4.4.1, pushed in August, has resolved the PIN and metadata issues. Lovense is now working on enhanced privacy features. "We take reports and findings by external sources about possible vulnerabilities very seriously," WOW Tech Group said in a statement. "We had the opportunity to patch the vulnerabilities before the presentation and the publication of this report and have since updated the We-Connect App to fix the problems that are described in this report." "Putting the health and safety of our users first, Lovense works tirelessly to improve the cybersecurity of its products and software solutions," Lovense commented. "Thanks to productive cooperation with ESET Research Lab, we were able to detect some vulnerabilities which have been successfully eliminated. Lovense will continue to cooperate with cybersecurity testers to ensure maximum security for all users of Lovense products."

Ransomware as a service is the new big problem for business

Easy-to-use ransomware as a service schemes are booming, accounting for almost two-thirds of ransomware campaigns during the past year, warn researchers. Ransomware as a service is proving effective for cyber criminals who want a piece of the cyber-extortion action but without necessarily having the skills to develop their own malware, with two out of three attacks using this model. Ransomware attacks are still proving extremely lucrative, with the most well-organised gangs earning millions per victim, so many cyber criminals want to cash in – but don't have the ability to code and distribute their own campaigns. That's where ransomware as a service (RaaS) comes in, with developers selling or leasing malware to users on dark web forums. These affiliate schemes provide low-level attackers with the ability to distribute and manage ransomware campaigns, with the developer behind the ransomware receiving a cut of each ransom victim's pay for the decryption key. Researchers at cybersecurity company Group-IB have detailed that almost two-thirds of ransomware attacks analysed during 2020 came from cyber criminals operating on a RaaS model. Such is the demand for ransomware as a service, that 15 new ransomware affiliate schemes appeared during 2020, including Thanos, Avaddon, SunCrypt, and many others. Competition among ransomware developers can even lead to the authors providing special deals to wannabe crooks, which is more bad news for potential victims. "Affiliate programs make this kind of attack more attractive for cybercriminals. The tremendous popularity of such attacks made almost every company, regardless of their size and industry, a potential victim," Oleg Skulkin, a senior digital forensics analyst at Group-IB, said. "Companies had to provide their employees with the capability to work remotely and we saw an increase in the number of publicly accessible RDP servers. Of course, nobody thought about security and many of such servers became the points of initial access for many ransomware operators," said Skulkin. However, despite the success of ransomware attacks and RaaS schemes it's possible to help protect against falling victim to them with a handful of cybersecurity procedures – including avoiding the use of default passwords limiting public access to RDP. "RDP-related compromise can easily be mitigated with the help of some simple but efficient steps like the restriction of IP addresses that can be used to make external RDP connections or setting limits on the number of login attempts within a certain period of time," said Skulkin. Organisations can also help protect the network from ransomware and other attacks via the use of multi-authentication to limit the access an attacker can get if they do breach an account, while applying security patches as soon as possible after they're released prevents criminals from being able to exploit known vulnerabilities. All of this can help prevent organisations from falling victim to ransomware attacks in the first place – and cut off the need to pay ransoms and encourage ransomware schemes. "As long as companies pay ransoms, determined only by attackers' appetite, such attacks will continue to grow in numbers and scale and are likely to become more sophisticated," Skulkin concluded.

Google sets up Android group for future car keys, national ID, e-wallets

Google has set up the Android Ready SE Alliance to support the adoption of Android smartphones and wearables as digital keys, identity documents, and wallets for digital cash. As part of the alliance's inauguration, Google has launched the general availability (GA) version of the StrongBox for SE applet. SE stands for Secure Element, a discrete tamper-resistant piece of hardware, such as Google's Titan M chip. While most modern phones have an SE, the alliance is about standardising multiple Android OEMs around the way Pixel devices use the Titan M chip as a tamper-resistant hardware enclave. Android's StrongBox, which runs on this hardware enclave on Pixel phones, is used for storing cryptographic keys in an environment that's isolated from the CPU. Google notes that StrongBox and Titan M-like hardware will be important for emerging user features, including digital keys for your car, home and office, identification documents such as mobile driver's licence (mDL), National ID, and ePassports, and Wallet for digital money. The SE alliance is working with Google to create open-source and validated SE applets, such as StrongBox for SE. Google is confident in the security of its Titan M chip and sees it as important enough to warrant a $1 million reward for anyone who finds a way to achieve a full chain remote code execution exploit with persistence that compromises data protected by the chip. Additionally, StrongBox is applicable to WearOS, Android Auto Embedded, and Android TV devices. Android phone brands or OEMs will need to pick validated hardware from an SE alliance vendor and to work with Google to provision Attestation Keys/Certificates in the SE factory. Android OEMs will also need use the GA version of the StrongBox for SE applet, adapted to the specific SE in use. Google notes that it is prioritising the development of applets for mobile driver's licence and identity credentials, as well as digital car keys for future Android releases. "A major goal of this alliance is to enable a consistent, interoperable, and demonstrably secure applets across the Android ecosystem," Google says on its page for the Android Ready SE Alliance. "Validated implementations of Android Ready SE applets build even stronger trust in the Android Platform. OEMs that adopt Android Ready SE can produce devices that are more secure and allow for remote updates to enable compelling new use cases as they are introduced into the Android platform."

Myanmar Coup and Internet Censorship Pushes Civilians to Underground Forums, Dark Web

On February 1, 2021, the Myanmar military staged a government coup, arresting the democratically elected leader, Daw Aung San Suu Kyi, as well as other members of her National League for Democracy (NLD). Min Aung Hlaing, the leader of the military junta, stated that the November 8, 2020 election was fraudulent and that Aung Sang Suu Kyi and her elected party members were not the rightful leaders of the country. Hlaing imposed a 1 year state of emergency which would be followed by another election. The detainment of Aung Sang Suu Kyi, a popular figure within Myanmar and a symbol for Myanmar’s democracy, has led to mass protests by her supporters, with thousands of individuals taking to the streets to protest against her arrest, and other individuals taking part in the Civil Disobedience Movement (CDM). The protesters have been in direct conflict with security forces, and there has been escalating violence and use of force by the military in recent weeks, with over 200 civilians reported killed and over 2,100 detained. The military has also imposed strict rules, such as curfews and censorship laws, aimed at preventing the mass coordination of protests within the country. The initial days of the military coup saw the shutdown of Myanmar’s internet entirely and the ban of many popular social media applications such as Facebook. While Facebook and other social media applications have since been reinstated, there are still nightly blackouts imposed by the military when Burmese are unable to access the internet. The military censorship has not deterred Burmese from finding alternatives to amplify their pro-democracy messaging, with many turning to alternative media sources, underground networks, and downloading tools to bypass censorship restrictions to amplify their narrative. Myanmar’s military takeover of internet and telecommunications, and subsequent internet censorship, has led to a sharp increase in dark web use by Myanmar citizens looking to circumvent government restrictions. Pro-democracy protesters and activists within Myanmar have migrated from social media platforms to fringe communication platforms in an effort to circumvent censorship. Hacktivist groups are driving efforts to raise awareness of alternative technology to circumvent government controls and organize pro-democracy gatherings. Foreign influence will play a large role in the future of the Myanmar government and its people, including that of China, the US, and the UN.

Critical Zoom vulnerability triggers remote code execution without user input

A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. Pwn2Own, organized by the Zero Day Initiative, is a contest for white-hat cybersecurity professionals and teams to compete in the discovery of bugs in popular software and services. The latest competition included 23 entries, competing in different categories including web browsers, virtualization software, servers, enterprise communication, and local escalation of privilege. For successful entrants, the financial rewards can be high -- and in this case, Daan Keuper and Thijs Alkemade earned themselves $200,000 for their Zoom discovery. The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction. As Zoom has not yet had time to patch the critical security issue, the specific technical details of the vulnerability are being kept under wraps. However, an animation of the attack in action demonstrates how an attacker was able to open the calculator program of a machine running Zoom following its exploit. As noted by Malwarebytes, the attack works on both Windows and Mac versions of Zoom, but it has not -- yet -- been tested on iOS or Android. The browser version of the videoconferencing software is not impacted. In a statement to Tom's Guide, Zoom thanked the Computest researchers and said the company was "working to mitigate this issue with respect to Zoom Chat." In-session Zoom Meetings and Zoom Video Webinars are not affected. "The attack must also originate from an accepted external contact or be a part of the target's same organizational account," Zoom added. "As a best practice, Zoom recommends that all users only accept contact requests from individuals they know and trust." Vendors have a 90-day window, which is standard practice in vulnerability disclosure programs, to resolve the security issues found. End-users just need to wait for a patch to be issued -- but if worried, they can use the browser version in the meantime. "This event, and the procedures and protocols that surround it, demonstrate very nicely how white-hat hackers work, and what responsible disclosure means," Malwarebytes says. "Keep the details to yourself until protection in the form of a patch is readily available for everyone involved (with the understanding that vendors will do their part and produce a patch quickly)."


THREAT FOCUS: United States – The New York Foundling

https://cybernews.com/security/new-york-charity-leaves-sensitive-patients-data-unsecured/

Exploit: Unsecured Database

The New York Foundling: Children’s Charity

Risk to Business: 1.662= Severe - The New York Foundling, a venerable children’s charity, has had a significant data exposure. Researchers discovered an unsecured database contained more than 2,000 CSV and TXT files, each with hundreds or thousands of entries related to patients’ medical records, children’s legal guardians, case workers, doctors, and other child welfare specialists.

Individual Risk : 1.707 = Severe - At least 13,000 entries on medical procedures including vaccines, diagnostic tests, patient IDs, referral details, chart notes with descriptions and patient IDs. Another 7,000 entries for patients are in the trove, including: patient names and birthdates, parent/guardian names and phone numbers and insurance or agency information. A TXT file containing SSNs and what appears to be IDs, but without names or other identifying information is in the mix. Employee information is also included with staff names, ID numbers and other details.

Customers Impacted: Unknown

How It Could Affect Your Business: Making simple, avoidable blunders like this is a tragedy. Not only have many families had data exposed, but this charity hospital will also be paying huge fines.

AVANTIA CYBER SECURITY TO THE RESCUE: Make sure that everyone on the IT team is up to date on today’s threats and ready for tomorrow’s with the tips and tricks in “The Security Awareness Champion’s Guide“. GET THIS FREE BOOK>>


THREAT FOCUS: United States – Facebook

https://www.businessinsider.in/tech/news/533-million-facebook-users-phone-numbers-and-personal-data-have-been-leaked-online/articleshow/81889315.cms

Exploit: Hacking

Facebook: Social Media Company

Risk to Business: 1.627 = Severe - A treasure trove of Facebook user data landed in a hacking forum over the weekend. Hackers dropped a slew of PII on Facebook users including phone numbers and some contact information of hundreds of millions of users for free online. A Facebook spokesperson told Insider that the data was scraped due to a vulnerability that the company patched in 2019.

Individual Risk: 1.627 = Severe -This fresh dump of exposed data includes various PII for over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK and 6 million on users in India. Exposed data includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios and email addresses. This information can be used to mount spear phishing and brand impersonation schemes.

Customers Impacted: 533 million

How it Could Affect Your Business Cybercriminals will love this windfall. Data like this lives forever on the dark web, providing ammunition for future cyberattacks and fraud.

AVANTIA CYBER SECURITY TO THE RESCUE: Dark Web ID alerts businesses to credential compromise fast, giving them the edge to fix vulnerabilities before the bad guys even know they’re there.


THREAT FOCUS : United States – University of Maryland Baltimore (UMB)

https://www.govtech.com/education/higher-ed/University-of-Maryland-Student-Data-Exposed-by-Cyber-Attack.html

Exploit: Ransomware

University of Maryland Baltimore (UMB): Institution of Higher Learning

Risk to Business: 2.412 = Severe - The Clop ransomware gang had a banner week. UMB is one of at least 6 US colleges that they’ve hit successfully in the past week after gaining access to systems at data transfer and processing behemoth Accellion in late 2020. At UMB, the gang snatched an assortment of student and staff data including federal tax documents, requests for tuition remission paperwork, applications for the Board of Nursing, passports, ID data and tax summary documents.

Individual Risk: 2.309 = Severe - The saff data featured lists of individuals and their Social Security numbers, retirement documentation, and 2019/2020 benefit enrollment and adjustment requests. In the student data batch, the gang scored photos, dates of birth, home addresses, passport numbers, immigration status, names of individuals and Social Security numbers.

Customers Impacted: Unknown

How it Could Affect Your Business: This is a textbook illustration of what happens when one of your business partners, suppliers or service providers has a data breach – cybercriminals get a le up on breaking into your systems too. AVANTIA CYBER SECURITY TO THE RESCUE: Mitigate the risk of doing business in today’s interconnected world with the expert advice in our ebook “Breaking Up with Third-Party and Supply Chain Risk“. DOWNLOAD IT>>


THREAT FOCUS: United States – 200 Networks LLC

https://www.hackread.com/call-center-provider-experiences-data-leak/

Exploit: Unsecured Database

200 Networks LLC: Call Center Operator

Risk to Business: 2.412 = Severe - A wide-open database belonging to 200 Networks was discovered by security researchers just leaking information freely. The data included logs for at least 1.48 million robocalls The dataset was exposed for almost 24 hours and the database kept growing in real-time as business continued adding thousands of fresh calls and records to the mix every hour. The exposed record contained only swatches of data on the callers but included extensive inside information for the company including technical data.

Individual Impact: No sensitive personal or financial information was announced as impacted in this incident, but the investigation is ongoing.

Customers Impacted: 1.48 million

How it Could Affect Your Business: Failing to protect the secrets of your success is problematic for any business. This information will likely make its way to the dark web quickly.

Avantia Cyber Security to the Rescue: Dark web danger is growing for businesses as millions of records landing in dark web markets create new vulnerabilities. PROTECT YOUR BUSINESS>>


THREAT FOCUS: The Netherlands – Royal Dutch Shelll

https://www.theregister.com/2021/03/29/shell_clop_ransomware_leaks_update/

Exploit: Ransomware

Royal Dutch Shell: Oil Company

lRisk to Business: 1.863 = Severe - The Clop ransomware gang is going to need a vacation after this week. They also struck gold at Royal Dutch Shell, scooping up an assortment of business documents and posting a sample on their leak site. Once again, the gangs foray into Accellion paid off, enabling them to gain access to Royal Dutch Shell. Spokesmen for the company admit that data was stolen but are not saying that this was a ransomware hit, although that is this gang’s stock in trade.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Ransomware can cause catastrophic delays in production, crippling factories. Preventing it from hitting systems is just as important as protecting data.

Avantia Cyber Security to the Rescue: Stopping ransomware starts with stopping phishing. in “The Phish Files“, you’ll learn strategies to spot and stop phishing attacks fast. READ THIS BOOK>>


France – Asteelflash

https://www.bleepingcomputer.com/news/security/asteelflash-electronics-maker-hit-by-revil-ransomware-attack/

Exploit: Ransomware

Asteelflash: Electronics Manufacturer

Risk to Business: 1.802 = Severe - REvil has come to call at French firm Asteelflash, specialists in the design, engineering, and printing of printed circuit boards. This is the latest attack in a series of incidents impacting manufacturers and developers adjacent to the beleaguered semiconductor sector. The gang asked for an initial $12 million ransom, but Asteelflash apparently chose not to pay that within the specified timeframe, so the ransom doubled to $24 million. Data proving the incursion was posted to the gang’s website last week.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: An incident like this is even more costly when your industry is under pressure, as electronics companies are right now. Cybercriminals are always looking for the opportunity to hold businesses up in challenging times.

Avantia Cyber Security to the Rescue: Make sure that you’re covering all of the bases with our Cybersecurity Risk Protection Checklist. GET THE CHECKLIST>>


THREAT FOCUS: Italy – Boggi Milano Menswear

https://threatpost.com/ragnarok-ransomware-boggi-milano-menswear/165161/

Exploit: Ransomware

Boggi Milano Menswear: Luxury Fashion Retailer

Business Risk: 2.055 = Severe - Italian clothier Boggi Milano menswear had an unwelcome delivery this wee. The Ragnarok ransomware gang snatched 40 gigabytes of data from the fashion house, including HR and salary details. Researchers looking into the hack found payroll files, payment PDFs, vouchers, tax documents and other business data on the dark web. The incident is under investigation.

Individual Impact: No sensitive personal or financial information was announced as compromised in this incident, but the investigation is ongoing.

Customers Impacted: Unknown

How it Could Affect Your Business: It’s no longer acceptable to just survive a cyberattack – businesses have to be prepared to endure challenges and still keep going.

Avantia Cyber Security to the Rescue: Is your organization ready to repel cyberattacks and keep on going? You are if you’re cyber resilient. Learn how to transform your business in “The Road to Cyber Resilience” today. GET THIS BOOK>>



1 – 1.5 = Extreme Risk

1.51 – 2.49 = Severe Risk

2.5 – 3 = Moderate Risk

Risk scores for this past week are calculated using a formula that considers a wide range of factors related to the assessed breach.


_________________________________________________________________________



POSTSCRIPT:

Stamp Out Alert Fatigue: Security Automation is a Win for Everyone


Automation technology has become helpful in so many facets of life. Automated vacuums keep our floors clean. Automated pet feeders keep our cats happy. Automated plugs turn our lights on and off. Adding an automated assistant to daily life has been a huge boon when driving or looking up a recipe. So why not take the power of automation technology and put it to work fighting back against the next wave of record-shattering cybercrime by adding affordable, reliable security automation that reduces alert volumes, increases helpdesk efficiency, completes trivial tasks without human guidance and finds threats faster than traditional sources? It’s not something that’s coming in the far-flung future. Security automation has already started making an impact. As more solutions incorporate automation, IT managers are finding out that it’s not just a great way to generate reports or monitor performance. Automated features in an array of security tools enable them to do more with valuable resources like human capital while increasing awareness and efficiency. In a recent study of security leaders, 85% noted that they believe that companies are adding technologies too quickly with 71% admitting that even most existing tools are underutilized. Experts estimate that companies use an average of 19 different security tools, with only 22% of them really important to maintaining security. As businesses add solutions to address new needs and threats, the volume of alerts that IT teams deal with every day is staggering leading topotentially disastrous consequences. That cacophony of beeps, buzzes and bells, spurs staffers into turning off or ignoring alerts, and that can be a dangerous practice because an actual emergency may be missed. In this survey about IT team burnout, more than 45% of respondents said that they regularly turn off high volume alerting features because they’re overwhelming. Almost half of the participants said that they personally investigate 10 – 20 alerts each day, a 12% increase from 2019. Another 25% of respondents said they investigate 21 to 40 alerts each day, up from 14% the year prior, and 66% of survey takers reported seeing a significant increase in alerts since March of 2020 as data breach risks proliferated in the wake of the global pandemic and implementation delays created a cascade effect of incomplete maintenance pitfalls.


Time is Money


Another side effect of the alert flood is a huge time-suck: false positives. In that same survey, security teams said that 25 to 75% of the alerts they investigate on a daily basis are false positives. An in-depth study showed that a security analyst can spend as much as 25% of their time chasing false positives. That’s 15 minutes per payroll hour, per analyst. IT teams can waste about 300 hours per week that can be put to better use elsewhere just wading through a never-ending sea of false positives. That’s a serious problem when there aren’t enough hands to do the work in the first place. Over 70% of IT managers in a staffing survey said that they couldn’t find the personnel they needed last year, leaving 82% of security teams chronically understaffed. Money isn’t the factor that’s stopping them either – 45% of organizations reported having enough budget available. But only 39% of companies feel they have adequate IT expertise on staff to handle increased ticket volumes, distinctly problematic when IT teams are faced with challenges like pivoting from remote workforce security into securing the now hybrid workforce.


Security Automation is a Game-Changer


Automation is the answer to many IT team problems, and IT managers are beginning to realize it. – 68% of IT leaders were bullish on AI and automation technology. More than 60% of executives in that study also said that automated tools and AI technology helped them optimize the value of their existing tools and personnel. IBM notes that automated security reduces trouble tickets by 80% and increases caseload capacity by 300% or more. It also saves money all over your security operation, including in some unexpected ways like saving energy.


Automation Saves Everyone’s Nerves


Are you tired of filing a trouble ticket and waiting for a technician for every little IT issue? When you ake advantage of the automation capabilities that many of today’s smart solutions feature, you don’t have to. Affordable automation means that you can make just few small adjustments to your security plan that bring big results, reducing your trouble tickets while increasing your security posture. By far the most common trouble ticket that helpdesks receive is a password reset. On average, 20% to 50% of all IT help desk tickets each year are for password resets. one password reset can set you back around $100. This calculator using averaged data can help you determine the cost of a password reset for your business. But if you’re using a secure identity and access management solution like Passly, you never have to pay or wait for a password reset – it’s automated, eliminating wait time (and expense) for you and stress on IT personnel. On average, every one of a company’s employees is going to call the helpdesk 11 times per year., so that savings really adds up. Consider using that money to automate a few other security tools. If you add Graphus to your security plan you’ll be upgrading your security and reducing trouble tickets at an unbeatable value . You get automated ant-phishing security that uses AI and more than 50 data points to spot and stop phishing email. It catches 40% more than traditional solutions. Also consider automating security awareness training with BullPhish ID. Choose from an array of plug-and-play phishing kits and set your phishing simulation to deliver the training that your staff needs, then report on their progress – automatically. Automated deployment and no-fuss integration with Dark Web ID also makes it a snap to keep an eye open for dark web credential compromise too Don’t stress out yourself or your security team with a sea of trouble tickets for mundane issues. No one wants to spend the day waiting for IT to reset a password. Affordable automation lowers everyone’s stress. Automate as many routine processes as you can and free up your staff to do something more important with their time.


0 comments

Recent Posts

See All