The industry news items that appear in this section cover a broad spectrum of events within the cybersecurity industry. Everything from the motivation behind cyberattacks to the latest data breach figures are discussed – along with the developments in the industry to help protect organizations against the threats of web-borne attacks and those launched through email campaigns.
The latest cybersecurity industry news should be essential reading for IT professionals – especially those within the healthcare and financial industries which have long been popular targets for hackers and other cybercriminals. By addressing some of the security flaws highlighted in our news items, it may be possible to prevent your own organization from suffering a similar attack.
At face value, SpamTitan and VadeSecure may appear to be equivalent products. In this post we offer a comparison of SpamTitan and VadeSecure to help managed service providers (MSPs) differentiate between the two solutions.
SpamTitan and VadeSecure
SpamTitan and VadeSecure are two email security solutions that block productivity-draining spam emails, phishing emails, and malspam – spam emails that deliver malware or malware downloaders. These cloud-based solutions assess all incoming emails and determine whether they are genuine communications, unwanted spam, or malicious messages and deal with them accordingly to prevent employees from opening the messages.
TitanHQ is the leading provider of cloud-based email and web security solutions for MSPs that serve the SMB market and has been providing email security for MSPs for more than 2 decades. SpamTitan is TitanHQ’s email security offering, which has been developed for SMBs and MSPs that serve the SMB market.
VadeSecure is a French company that has developed an email security solution for the SMB market. As is the case with SpamTitan, VadeSecure offers protection from email-based threats and provides an important extra layer of security, especially for Office 365 environments. The company is now venturing into the MSP market and has recently raised an additional $79 million in venture capital to help it make inroads into the MSP market. However, at present, the solution is primarily geared toward SMBs rather than MSPs that serve them.
Enhanced Phishing Protection for Office 365 Accounts
Office 365 is the most widely used cloud service by user count and 2019 figures show that Office 365 cloud services are used by 1 in 5 corporate employees, with Office 365 email being the most common. With so many businesses using Office 365 for email, it should come as no surprise that Office 365 email accounts are being heavily targeted by hackers and scammers.
Microsoft does have measures in place to block spam and phishing emails, but the level of protection provided by Exchange Online Protection (EOP) is not sufficient for many businesses. A large percentage of phishing emails manage to sneak past Microsoft’s defenses. According to research from Avanan, 25% of phishing emails are delivered to Office 365 inboxes.
Consequently, additional protection is required, and many businesses choose to implement an anti-phishing solution provided by third parties such as SpamTitan and VadeSecure. MSPs also offer third party solutions to block phishing attacks on Office 365 accounts, not only to better protect their customers, but also to reduce the amount of time they spend mitigating phishing attacks that have not been blocked by EOP.
SpamTitan and VadeSecure have been developed to work on top of Office 365 and add an important extra layer of protection for Office 365 email.
Here we will concentrate on a comparison of SpamTitan and VadeSecure with a specific focus on the features and benefits for MSPs rather than SMBs.
Comparison of SpamTitan and VadeSecure for MSPs Serving the SMB Market
Since VadeSecure has historically focused on the Telco market, the email security solution lacks many features to make MSP’s lives easier and does not provide the level of control, flexibility, or the management tools and reports that MSPs seek. SpamTitan has been developed by MSPs for MSPs, so important features for MSPs have always been offered. We will cover these features below, but initially it is useful to include an infographic that summarizes some of the basic features of SpamTitan and VadeSecure for comparison purposes.
Basic Features of SpamTitan and VadeSecure
SpamTitan Features for MSPs Not Offered by VadeSecure
This comparison of SpamTitan and VadeSecure may seem a little one-sided, and that is because VadeSecure is very much focused on end users rather than MSPs. No doubt the solution will be updated to incorporate more MSP-friendly features over time as the company tries to move into the MSP market, but at present, the features below are provided by SpamTitan but are not offered by VadeSecure.
Configuration Flexibility and Customization Potential
One of the biggest bug bears with VadeSecure is the inability to configure the solution to suit the needs of MSPs. It is not possible to create custom rules for instance, and MSPs must therefore use the Exchange Admin functionality of Office 365.
With SpamTitan, MSPs can create rules based on their own requirements and the needs of each individual client, and those rules can be highly granular and can easily be applied to specific groups, users, and for specific domains. That level of granularity and the ease of customization allows MSPs to fine-tune filtering policies to maximize the detection of threats while minimizing false negatives. MSPs can easily select more permissible or more aggressive policies for each client, but with VadeSecure there is no option for customization for each customer.
SpamTitan includes a full multi-tenancy view of all customers, with multiple management roles. This allows MSPs to easily monitor their entire customer base and trial base, assess the health of the deployments, view activity volumes across all customers, and quickly identify issues that require attention. With VadeSecure, there is no possibility of integrating with PSAs and RMMs, and there is no customer-wide view of the entire system.
Highly Granular Reporting
MSPs can tell their clients how important it is to improve their security defenses, but they must also be able to demonstrate that the solutions are proving effective at blocking threats to ensure they can continue to provide those services and receive regular, repeating revenue.
With SpamTitan, MSPs have highly granular reports that give them full visibility into what is happening and a detailed view of system performance. Client reports can easily be generated to show them how effective the solution is and why it is important to keep it in place. Furthermore, this level of reporting – per domain, per group, and at the group domain level – gives MSPs the information they need to identify potential issues and obtain detailed information on spam emails. The solution also has the management capabilities to allow any issues to be quickly identified and corrected to ensure the solution remains effective over time. With VadeSecure, visibility and control options are lacking and there are no options for demonstrating how effective the solution is and to demonstrate that to clients.
High Margins and Significant Revenue Potential
As previously mentioned, the flexibility and scope for customization is a real benefit for MSPs as it allows them to add more value through superior management capabilities. That means MSPs can build solutions that really benefit their clients and it helps them become more of a strategic partner rather than an IT service provider. It is much harder for clients to change a strategic partner than switch IT service providers. VadeSecure lacks this customization which means it is not possible for MSPs to add value to generate reliable, recurring revenue.
Further, with VadeSecure you get one product, but TitanHQ offers a trio of solutions for MSPs to better protect their clients and add more recurring revenue streams. Through the TitanShield for Service Providers program, MSPs also have access to WebTitan DNS filtering and ArcTitan email archiving. This allows MSPs to maximize revenue from each client by cross-selling new services, while also offering a layered security package to protect clients from the full range of email- and web-based threats.
Fully Transparent Pricing
When it comes to pricing, VadeSecure (and many other email security solutions) lack transparency and the pricing model is complex and expensive. Several features are not included as standard with VadeSecure and come at an additional cost. This makes it hard to perform a SpamTitan and VadeSecure pricing comparison.
For instance, with VadeSecure the solution is priced per module, so the Greymail, Spam, and Virus Protection options are not provided as standard and have to be added onto the cost. Based on feedback we have received from MSPs the solution is expensive, which reduces MSP profits and makes the email security solution more difficult to sell to SMBs.
With VadeSecure, the total number of users is not aggregated, which shows a lack of experience of working with MSPs. An MSP with 100 x 10-seat licenses will have that pay at 10 seats each rather than 1,000 seats overall. As such, discounts will be far lower.
With SpamTitan there is just one price which includes all features, including sandboxing, full support, dual anti-virus protection, all security modules, and updates. Furthermore, the price is exceptionally competitive (less than $1 per user). The pricing model was created to incorporate the flexibility for dealing with fluctuating numbers of customers, which often happens when providing managed email services.
Effectiveness at Blocking Threats
Price, usability, and flexibility are all important for MSPs, but features and benefits are the icing on the cake. Email security solutions are used to protect against threats, so the effectiveness of a solution is critical. SpamTitan and VadeSecure are effective at blocking threats and will provide an important additional layer of security for Office 365 users, but feedback we have received from MSPs show there is a clear winner.
VadeSecure includes ‘time-of-click’ protection against embedded hyperlinks, which rewrites URLs and sends them to a scanner. However, MSPs have reported that it can take a long time for phishing emails to be detected, even after threats would be blocked by Chrome. That means that phishing emails are being delivered and there is a window during which a successful attack could occur. This URL click feature only appears to work in OWA or the Outlook client as it is an API integration with Office 365.
SpamTitan includes more advanced detection methods to ensure that malicious URLs are detected and phishing emails are filtered out. SpamTitan includes SURBL filtering and other malicious URL detection mechanisms that complement the default mechanisms in Office 365 such as Recipient Verification Protocols, Sender Policy Frameworks, and Content Filter Agents. This means end users are better protected and there is a much lower probability of a phishing email evading detection.
Dual anti-virus protection is also provided and SpamTitan features a sandbox where suspicious attachments can be safely analyzed for malicious actions. This provides superior protection against malware, ransomware, and zero-day threats that are not detected by the two AV engines.
Any business that processes card payments is a target for cybercriminals, but restaurants in particular are favored by hackers. Over the past few weeks, cybercriminals have stepped up their efforts to attack these businesses and several restaurant chains have had their systems compromised. In all cases, malware has been installed on point-of-sale systems that steals payment card information when diners pay for their meals.
Many of the attacks have hit restaurant chains in the Midwest and East, with credit card data from diners recently having been listed for sale on the underground marketplace, Joker’s Stash. A batch of approximately 4 million credit and debit cards is being offered for sale, which comes from malware attacks at Moe’s, McAlister’s Deli, Krystal, and Schlotzsky’s.
The cyberattack on Krystal was detected in November, with the other three chains, all owned by Focus Brands, attacked in August. In total, the above chains have more than 1,750 restaurants and almost half of those locations, mostly in Alabama, Florida, Georgia and North and South Carolina, were affected.
Catch Hospitality Group also announced in November that it had suffered a cyberattack which had seen malware installed on its point-of-sale system that scraped and exfiltrated payment card data as diners paid for their meals. The data breach affected customers of Catch NYC, Catch Roof, and Catch Steak restaurants. Fortunately, the devices used to process the majority of payments were unaffected. Malware was on the Catch NYC and Catch Roof devices between March 2019 and October 2019, with Catch Steak affected between September 2019 and October 2019.
Church’s Chicken restaurants were also attacked in a separate incident in October. The majority of its 1,000+ restaurants were not affected, but at least 160 restaurants in Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee and Texas had malware installed on their POS system.
Other restaurant chains that have been attacked in 2019 include Checker’s Drive-In, Cheddar’s Scratch Kitchen, Huddle House, Applebee’s, Chilli’s, and Earl Enterprises (Buca di Beppo, Chicken Guy, Tequila Taqueria, Mixology, Planet Hollywood). Malware n the systems of Earl Enterprises had been present for almost a year before it was detected.
How to Improve Restaurant Cybersecurity
Restaurants process many thousands of card transactions which makes them an attractive target for hackers. Restaurants often use out-of-date operating systems, have vulnerability-ridden legacy hardware, and their cybersecurity solutions often leave a lot to be desired. Consequently, cyberattacks on restaurants are relatively easy to perform, at least compared to many other types of businesses.
In order to infect the POS system, the attackers will need network access. That is most commonly gained via phishing emails, drive-by malware downloads, or by abusing remote access tools. Direct attacks are also possible using techniques such as SQL injection and weak passwords can be easily guessed using brute force tactics.
The malware that sits on systems and exfiltrates data tends to have a very small footprint and is often stealthy as it needs to be present for long periods of time to collect payment card data. That can make it hard to detect when it has been installed. The key to security is therefore improving defenses to make sure the malware is not installed in the first place, which means preventing the attackers from gaining access to the network.
Listed below are some easy-to-implement steps that will help restaurants improve their security posture and block attacks. The key is defense in depth through layered security.
Use an enterprise-grade firewall –Ensure an enterprise-grade firewall is purchased. A firewall will prevent unauthorized individuals from gaining access to your network resources.
Patch promptly and update all software and firmware – Ensure patches are applied promptly and software and firmware updates are implemented when they are released. That includes all systems and networked devices, not just your POS.
Upgrade hardware – When your hardware is approaching end of life it is time to upgrade. Unsupported hardware (and software) will no longer be updated and vulnerabilities will no longer be fixed.
Lockdown your POS: Use whitelisting or otherwise lock down POS systems to make it harder for malware to operate. Only allow trusted apps to run on your POS systems.
Install powerful antivirus software – Ensure all devices are protected by a powerful anti-virus solution and that it is set to update virus definitions automatically. Regularly scan the network for malware, especially your POS.
Implement an intrusion detection system – These systems monitor the network for unusual activity that could indicate a malware infection, attackers searching the network for the POS system, and unusual traffic that could indicate data exfiltration.
Change all default passwords and set strong passwords – To protect against brute force attacks, ensure strong passwords are set on all systems and all default passwords are changed. Also implement rate limiting to block attempts to access a system or device after a set number of failed password attempts.
Implement a powerful spam filtering solution – A powerful email security solution, such as SpamTitan, is required to prevent spam and malicious emails from being delivered to end users. Even if you have Office 365, you will need a third-party email security solution to block email-based threats.
Restrict Internet access with a DNS filter – A DNS filter such as WebTitan provides protection against drive-by malware downloads and web-based phishing attacks. WebTitan will block all known malicious websites and those with a low trust score. The solution can also be configured to prevent employees from accessing categories of websites where malware downloads are more likely.
Disable Remote Access if Possible – Disable Remote Desktop Protocol and all remote access tools. If remote access tools are required to allow essential maintenance work to be completed, ensure they can only used via a VPN and restrict the people who can use those tools.
According to research from Channel Futures, security is the fastest growing service for 73% of managed service providers (MSPs). If you have yet to start offering security services to your clients, you are missing out on a steady income stream that could really boost your profits. But where should you start? What services should you be offering? In this post we will be exploring the ideal security stack for MSPs and the essential services that should form the core of your security offering.
Why is Managed Security is so Important?
As an MSP, you should be aware of the importance of security. Companies are being targeted by cybercriminals and data breaches are occurring at an alarming rate. It is no longer a case of whether a business will be attacked, it is a case of when and how often.
Many SMBs do not have sufficiently skilled staff to handle IT and it is far easier, and often more cost effective, to outsource their IT to MSPs. The same is true for security, but even more so due to the difficulty finding sufficiently skilled cybersecurity staff. With so many positions available and a national shortage of cybersecurity staff, cybersecurity professionals can afford to pick and choose there they work. SMBs must ensure they are well protected against cyberattacks, so they look to MSPs to provide security-as-a-service either as a stop gap measure while they try to fill internal positions or so they can forget about security and let an MSP look after that side of the business.
If you are not providing security services to your clients, they will most likely search for another MSP that can protect their business from threats such as malware, ransomware, phishing, botnets, and prevent costly data breaches.
What do SMBs Want?
SMBs may be aware of the need for security, but they may not be so clued up about the solutions they need to protect them from cyber threats. You may need to explain to them exactly what they need and why. What is vital when explaining cybersecurity to SMBs is to emphasize the need for layered security. No single solution will provide protection against all threats and you will need to educate your clients about this.
Layered security is essential for protecting against ever increasing cybersecurity threats. No single solution will provide total protection. You need overlapping layers so that if one layer is bypassed, others are there to block the attack.
You should certainly be initiating conversations with your clients about security. Many SMBs only look for security services after they experience a costly data breach. By being proactive and approaching your clients and offering security services, you will not only have a much greater opportunity for increasing sales quickly, you will help them avoid a costly data breach and will not have to clear up the mess that such a breach causes.
What is the Ideal Security Stack for MSPs?
The best place to start is with a cybersecurity package that includes the core security services that all businesses need to protect them from a broad range of threats. Different packages can be offered based on the level of protection your clients need and their level of risk tolerance. Extra services can always be provided as add-ons.
There are four key security services you should be offering to your clients to give them enterprise-grade protection to secure their networks and protect against the main attack vectors. The ideal security stack for MSPs will differ from company to company, depending on the kind of clients that each MSP has. It may take some time to find the ideal security stack, but a good place to start is with core security services that every business will need.
Core Security Services for MSPs
Firewalls are essential for securing the network perimeter and separating trusted from untrusted networks. They will protect network resources and infrastructure against unauthorized access. It may even be necessary to implement multiple firewalls.
Email security is essential as this is the most common attack vector. Without email security, malware and phishing emails will hit inboxes and employees’ security awareness will be regularly put to the test. The threat of email attacks cannot be understated.
Email security must be explained to clients to ensure they understand its importance and why standard email security such as that provided by Microsoft through Office 365 simply doesn’t cut in anymore. Too many threats bypass Office 365 defenses. A study by Avanan showed that 25% of phishing emails bypass Office 365 security and are delivered to inboxes.
DNS filtering is also a requirement to protect against web-based attacks such as malvertising, drive-by downloads, and exploit kits. Even the best email security solutions will not block all phishing threats. DNS filtering provides an additional layer of security to protect against phishing attacks. While email was once the primary method of delivering malware, now malware is most commonly delivered via web-based attacks. The average business user now encounters three malicious links per day and 80% of malware is downloaded via the internet. Further, with more and more employees spending at least some of the week working remotely, protection is needed for public Wi-Fi hotspots. DNS filtering provides that protection when they are off the network.
Endpoint security solutions add another layer to the security stack. If any of the above solutions fail and malware is downloaded, endpoint security solutions will provide extra protection. This can include basic protection such as antivirus software or more advanced solutions such as intrusion detection systems.
When choosing solutions for your security stack, it is important to make sure they work seamlessly together. This can be difficult if you purchase security solutions from a lot of different vendors.
Additional Services to Add to your Security Stack.
The above security services should form the core of your security offering, but there are many additional services you can easily provide to ensure your clients are better protected. These can be offered as addons or as part of more comprehensive security packages.
Data loss protection
Email archiving and backup services
Vulnerability scanning and patch management
Security policy management
Security information and event management (SIEM)
Incident response and remediation
Security awareness training and phishing email simulations
How TitanHQ Can Help
TitanHQ is the global leader in cloud-based email and web security solutions for the MSP that services the SMB market. TitanHQ products are consistently rated highly by MSPs for the level of protection, ease of use, ease of admin, and the level of support provided.
The TitanHQ portfolio of cybersecurity products consists of three core solutions:
SpamTitan Email Security
WebTitan DNS Filtering
ArcTitan Email Archiving
Each of these solutions has a 100% cloud-based architecture and has been developed for MSPs to easily incorporate into their security stacks. TitanHQ offers seamless deployments and easy incorporation into MSP’s management portals via RESTful API.
The above solutions can be supplied with multiple hosting options. You can host with TitanHQ, on your existing infrastructure or in the cloud with AWS, Azure or any other system.
SMBs want to know they are protected, but many don’t care about what solutions are used. This gives you an opportunity to reinforce your brand. This is easily achieved with TitanHQ as the above solutions can be provided in white label form, ready for you to add your own branding. You can even customize the user interface and only include the features that you need to reduce complexity.
Need reports for your clients? No problem. TitanHQ has an extensive range of pre-configured reports that can be scheduled to ease your admin burden, including board-level reports with scope to create your own reports to meet you and your clients’ needs.
Other key features for MSPs include:
Automated policy management
Full visibility of usage
Flexible, affordable, and transparent pricing with monthly billing
Set and forget solutions to ease the admin burden
World-class customer support included with all solutions
Generous margins for MSPs
Excellent MSP program – TitanShield – with dedicated account managers, assigned sales engineers, scalable pre-sales and technical support, and sales and technical training
TitanHQ has made it as easy as possible for MSPs to start offering security services to their clients. These solutions will also help established security-as-a-service providers ease their management burden and improve their margins.
To find out more about the TitanShield program and for further information on any or all of TitanHQ’s security solutions for MSPs, get in touch with the channel team today. Product demonstrations can be arranged and free 14-day trials are available to allow you to see for yourself why TitanHQ is the leading provider of email and web security solutions for MSPs.
The event will be attended by thousands of IT professionals, business owners, and industry leaders who will be discussing the IT industry, recent advances in information technology, and the latest trends affecting MSPs. The conference provides an excellent opportunity for learning, networking, and collaboration and boasts an extensive program of interactive sessions, keynotes, and in-depth training sessions. The event also showcases the latest IT solutions and provides tips and tricks to ensure every ounce of value is squeezed from those tools.
This year’s event promises to be bigger and better than ever before, thanks to an all-star cast of thought leaders and industry professionals who will provide practical advice to help you improve every aspect of your business.
Connect IT Europe covers the entire Kaseya universe and the diverse ecosystem of solutions that serve IT professionals. The conference will help attendees find new revenue streams, increase their profit margins, and simplify IT management through educational presentations, workshops, roundtables, and interactive challenges.
As the leading provider of cloud-based email and web security solutions for MSPs serving the SMB market, TitanHQ is proud to be a Silver sponsor of the event. Attendees will have the opportunity to discover why TitanHQ is the leading provider of cloud-based email and web security solutions for MSPs servicing the SMB marketplace and the features and benefits of SpamTitan email security, WebTitan DNS filtering, and ArcTitan email archiving that make the solutions such a hit with MSPs and IT professionals.
The event will be attended by TitanHQ Strategic Alliance Manager Marc Ludden and Alliances/MSP Partner Manager Eddie Monaghan. Marc and Eddie will be explaining the recently launched TitanShield program for MSPs and how TitanHQ solutions can help MSPs improve efficiency, profitability, and security of their operations and enhance their customers’ security postures.
If you would like further information on TitanHQ products, feel free to reach out to Marc and Eddie ahead of the event:
Eddie Monaghan, MSP Alliance Manager, LinkedIn
Marc Ludden, MSP Alliance Manager, LinkedIn
TitanHQ is proud to be a platinum sponsor of DattCon19, Paris – The leading event for MSPs looking to keep up to date on the latest industry trends, learn best practices, form new and profitable partnerships, and obtain invaluable advice that will help them grow their business and become more successful.
The event gives the TitanHQ team an opportunity to meet with leading MSPs, MSSPs, and ISPs and explain why TitanHQ is the global leader in cloud-based email and web security solutions for the MSP that services the SMB market.
The team will be available to explain the benefits of the TitanShield MSP program and show just how easy it is to integrate TitanHQ products into your service stacks and start rolling out spam filtering, web filtering, and email archiving to your customers… and the best way to sell those services, reduce the time you spend on providing support, and improve the profitability of your business.
The event will be attended by Rocco Donnino, TitanHQ VP of Strategic Partnerships, Marc Ludden, TitanHQ Strategic Alliance Manager, and Eddie Monaghan. Alliances/MSP Partner Manager.
On Tuesday October 22 between 11:15am and 11:35am, Rocco Donnino will be explaining Email & Web Security for the SMB Market. Rocco will talk about the trends TitanHQ are seeing in the email and web security for SMB markets globally, drawing on the experience from working with over 2,200 MSP customers worldwide.
Marc Ludden and Eddie Monaghan will be on hand to meet with MSPs and ISPs to explain the benefits of joining the TitanShield MSP Program and how best to take advantage of TitanHQ’s proven technology and deliver our advanced network security solutions directly to their client base. The pair will be helping MSP partners push TitanHQ products downstream to their customers and grow their businesses.
The event will be attended by more than 1000 MSPs, ITSPs, and industry leaders. Over the three days of the conference, attendees will get to hear from the most successful MSPs and MSSPs and discover what they are doing differently and how they are driving growth.
The sessions, keynotes, and networking opportunities will help you get better at running your business with Datto Solutions and discover how the addition of key products such as SpamTitan email security, WebTitan DNS filtering, and ArcTitan email archiving can improve profitability and add greater value.
The keynotes will be bigger and better than ever before and will be taken by 80 of the best and brightest business tycoons, MSPs, and Datto executives, who will share valuable real-world insights and best practices.
The Peer Forums are more intimate small-group roundtable sessions that provide high-value networking on key topics. These sessions are driven by attendees who will share pain points, success stories, and best practices that have been proven to help MSPs grow their business. This year’s Peer Forums are on the following topics:
Service Delivery: Driving Efficiency & Automation
Selling Networking as a Managed Service
Women in Tech
French Language Peer Forum: Business Strategy
Service Delivery: Service Desk & Professional Services
M&A: How Do I Acquire or Be Acquired?
Security: Securing Your MSP First
German Language Peer Forum: Business Strategy
Service Delivery: Client Engagement & vCIO
Add to that the networking opportunities and the stunning location and you have an invaluable event that is not to be missed.
DattoCon19 Paris will be taking place on October 21st, 22nd and 23rd at the Palais des congrès de Paris, 2 Place de la Porte Maillot, 75017 Paris, France.
In Idaho, library content filtering is now mandatory. H.B.194, which was signed into law in April, requires llibraries in Idaho to implement a content filtering system by July 2020 that is capable of preventing minors from accessing objectionable content. Not only does that content filtering system need to prevent library computers from being used to access undesirable content, the content filter must also cover library WiFi networks.
The law change was introduced in to prevent children from accessing pornography on library computers, which various studies have shown can cause considerable harm. Without filters in place, children could access adult content or inadvertently see adult content on other users’ screens. There have been many reports in the media and on internet forums of library patrons catching glimpses of pornography being accessed in plain sight of others.
Some library directors and library boards are unhappy with the law change for two main reasons. The first concerns a potential violation of First Amendments rights. The American Civil Liberties Union has voiced its concerns, stating “Ultimately, blocking software prevents users from accessing a wide range of valuable information, including such topics as art, literature, women’s health, politics, religion and free speech, which is in direct violation of our First Amendment rights.”
The view that filtering means other content will also be blocked is outdated. While the overblocking of internet content was once a concern, modern internet content filters for libraries are much more advanced and allow highly granular control of internet content. Modern filters are also much better at categorizing content than they once were. Further, easy-to-use interfaces reduce the potential for user error setting the content controls.
The filters also prevent malware downloads and block access to phishing forms, which further enhances protection for users and protects library networks from malware and ransomware attacks.
The other main issue is one of cost. While libraries can obtain discounts under the e-rate program if they implement content filters to comply with the the Children’s Internet Protection Act (CIPA), Idaho libraries otherwise have to cover the cost of the filtering controls themselves. No additional money has been made available.
Implementing Library Content Filtering for WiFi Networks is Easy
Little guidance has been provided on how libraries should implement the filters and there is confusion over how the filters can be applied to wired and WiFi networks.
Traditional filters require an appliance to be purchased which is costly. The appliance sits between the user and the internet and all traffic passes through that device and content controls are applied. This is problematic, especially when library devices are supplied for use off-site as all traffic must be hauled back to the appliance and then back to the device, which can result in significant latency (slow internet speeds).
A more cost-effective and trouble-free solution is a DNS-based filter. DNS-based filters apply filtering controls at the DNS level. No appliance needs to be purchased – which means a significant cost saving – and there is no latency. All the filtering takes place on the service provider’s server, not locally on an appliance device.
This system also allows filtering to take place on WiFi networks. Any device that connects to the WiFi network will only be able to access the filtered Internet service. Blocks can also be placed on anonymizer services to prevent filtering controls from being bypassed and DNS filtering can also be used to protect mobile devices, even those used off site.
TitanHQ’s content filtering solution for libraries – WebTitan Cloud and WebTitan Cloud for WiFi – not only incorporate highly granular controls to prevent overblocking of internet content, the solution requires no technical skill to operate, no hardware purchases are required, and no software downloads are necessary. WebTitan Cloud and WebTitan Cloud for WiFi are also low-cost content filtering solutions for libraries. Typical licensing costs are less than $1 per user per month.
If you are struggling to find a content filtering solution for your library, give the TitanHQ team a call. You will be able to have your questions answered about how to implement the solution, you can schedule a product demonstration to see how easy the solution is to operate, and can also take advantage of a free trial to see for yourself how precise the filtering controls are.
Over the next three months, TitanHQ will be travelling throughout Europe and the United States to meet with managed services providers (MSPs) at some of the biggest trade shows serving the MSP community.
The trade shows and conferences bring together the best MSPs from around the world and gives them the opportunity to learn about new industry trends, best practices, and proven tactics for increasing growth. The shows provide a tremendous opportunity for networking and bring together MSPs and companies offering MSP-focused cybersecurity solutions.
For the past 20 years, TitanHQ has been developing cybersecurity solutions for MSPs and the SMBs marketplace. From humble beginnings, the company has grown into a leading provider of cloud-based email security, web security, and email archiving solutions for MSPs. TitanHQ products have now been adopted by more than 7,500 businesses and 2,000 MSPs around the globe.
TitanHQ products are much loved by MSPs as they have been developed specifically to meet their needs. The solutions are quick and easy to implement and maintain and they save MSPs a considerable amount of support and engineering time by blocking email and web-based cyberattacks at source.
At these MSP events you will be able to find out more about the benefits of cloud-based spam filtering and the importance of adding web filtering to your service stack. The TitanHQ team will be on hand to answer questions about the products and will explain how the solutions can be seamlessly integrated into your client management platforms and how they can make your life easier and improve your bottom line.
Come and Meet the TitanHQ Team at these fall MSP Trade Shows and Conferences
September 17, 2019
The Alex Hotel, Dublin, Ireland
September 18, 2019
155 Bishopsgate, London, UK
October 6-10, 2019
Dubai World Trade Centre, Dubai, UAE
October 7-8, 2019
CompTIA EMEA Show
Park Plaza Westminster Bridge,
October 16-17, 2019
Canalys Cybersecurity Forum
SOFIA Barcelona, Spain
October 21-23, 2019
Palais des Congrès de Paris, Paris, France
October 30, 2019
MSH Summit North
Hilton Hotel, Manchester, UK
October 30, 2019
IT Nation Evolve (HTG 4)
Hyatt Regency, Orlando, Florida, USA
October 30, 2019
IT Nation Connect
Hyatt Regency, Orlando, Florida, USA
November 5-7, 2019
NH Collection Amsterdam Gran Hotel Krasnapolsky, Amsterdam, Netherlands
If you are planning on attending any of the above events this fall, be sure to come and visit the TitanHQ team to discuss your options and feel free to reach out in advance of the event to arrange a meeting.
Rocco Donnino, Executive Vice President-Strategic Alliances, LinkedIn
Eddie Monaghan, MSP Alliance Manager, LinkedIn
Marc Ludden, MSP Alliance Manager, LinkedIn
If you are unable to attend any of these exciting events, give the team a call for further product information, to book a product demonstration, or to sign up for a free trial of SpamTitan, WebTitan, and ArcTitan.
OneStopIT, one of the leading Managed Service Providers (MSPs) in the UK, has partnered with TitanHQ and will be incorporating TitanHQ cloud-based email and web security solutions into its service stack to better protect its customer base.
Businesses in the UK are increasingly being targeted by cybercriminals. A variety of tactics are used to obtain company funds, sensitive data, and company secrets. Attacks may be diverse, but they typically start with a phishing email and/or visit to a malicious website.
Cyberattacks are now being reported at record levels and business leaders are understandably worried. To better protect their networks and data, many turn to MSPs such as OneStopIT for help protecting their networks and data.
“The proliferation of phishing threats across Office 365 is a real problem for SME’s in the UK and we’re partnering with a key vendor in this space to protect our customers and also give them the OneStopIT premium service they are used to,” said Ally Hollins-Kirk, CEO of OneStopIT.
TitanHQ has developed powerful email and web security solutions for the SMB marketplace that have been developed to be easily delivered via MSPs. SpamTitan is a cloud-based anti-spam and anti-phishing solution that incorporates DMARC authentication and a sandboxing feature to protect against email impersonation, phishing, and email-based malware attacks. WebTitan is a DNS-based web filtering solution for content control and protection from web-based threats. The solution is backed up by a threat intelligence database of 650 million people. TitanHQ’s email archiving service, ArcTitan, allows MSPs to offer a secure, email archiving service to help businesses meet their compliance obligations.
Under the new partnership agreement, OneStopIT will be offering its customers advanced email security and anti-phishing protection, DNS-based web filtering, and an email archiving service powered by TitanHQ technology.
“TitanHQ is pleased to add our advanced threat protection layer for email and web security to the OneStopIT security stack,” said Rocco Donnino, President of Strategic Alliances, TitanHQ. “OneStopIT has excelled in the areas of customer service and security, our partnership further cements this commitment.”
The excitement is building as DattoCon19 draws ever closer. Starting on June 17, 2019 in San Diego and running for three days, DattoCon19 is an unmissable event for managed service providers (MSPs).
At the conference, attendees benefit from practical advice and best practices to grow their businesses, increase sales, and boost monthly recurring revenue (MRR). A huge range of vendors will be on hand to offer information on exciting products and attendees will have the opportunity to learn strategies to increase business impact growth, boost profitability, and broaden their service stacks.
Sessions will be taken by industry experts and leading MSPs who will share tips and tricks to take back home and apply at the office. On average, attendees at DattoCon achieve 41% sales growth year-over-year as a result of attending the conference.
TitanHQ is sponsoring DattoCon19 and is excited about having the opportunity to meet new MSPs and help them grow their businesses. As a Datto Select Vendor, TitanHQ offers MSPs three cloud-based solutions that can be easily integrated into existing MSPs service stacks: Anti-phishing and anti-spam protection, DNS-based web filtering, and email archiving. All three solutions are available through the TitanShield program for MSPs.
MSPs can meet the TitanHQ team at booth 23 at DattoCon19 to find out more about the TitanShield program and the exciting opportunities for MSPs that work with TitanHQ. TitanHQ will be on hand to help MSPs that support Office 365 to improve protection against phishing attacks and malware. MSPs can also find out more about the TitanHQ threat intelligence that protects Datto DNA and D200 boxes, and how TitanHQ’s DNS filter is a direct swap out for Cisco Umbrella and the cost advantages of doing so.
TitanHQ Executive Vice President-Strategic Alliances, Rocco Donnino, is one of the panel members for the Datto Select Avendors event on Monday. The event brings together experts from different fields to help come up with solutions for some of the major problems faced by MSPs in today’s marketplace.
TitanHQ at DattoCon19
TitanHQ will be at booth 23
Special Show Pricing available
Daily TitanHQ vintage Irish whiskey raffle
TitanHQ and BVOIP are sponsoring a GasLamp District Takeover Party on Monday 6/17 and Wed, 6/19.
DattoCon19 will be taking place in San Diego, California on June 17-19, 2019. If you are not yet registered for the event you can do so here
The leading review website, G2, has published its 2019 Best Software Companies in EMEA list. This is the first time that the company has produced the list, which ranks the best software companies doing business in EMEA based on the feedback provided by users of those products.
G2 is one of the most well-respected business software review websites. Software solutions may appear to tick all the right boxes, but in practice the solutions can be time consuming and difficult to use and fail to live up to expectations. Since the G2 reviews are from registered users of the products, businesses can not only rely on the reviews but can also use them to make smarter buying decisions.
To compile the list, G2 compiled the reviews of over 66,000 users in the software category. More than 900 companies were represented, but only those that performed best in the reviews have made the cut in their respective categories.
TitanHQ has been awarded top spot in the list of the best software companies of 2019 in EMEA.
TitanHQ has developed powerful cybersecurity solutions to meet the needs of businesses and MSPs, but the solutions have also been developed to be easy to use. The solutions are versatile, flexible,and scalable, and can be managed via an intuitive web-based management console with a full reporting suite. A full range of APIs are supplied to allow the solutions to be integrated into existing management software and industry-leading customer support ensures that help is always available to resolve any customer issues.
“TitanHQ is delighted to have been included in the 2019 Best Software Companies in EMEA list. The inclusion shows the value our customers place on the uncompromised security and real-time threat detection we provide,” said Ronan Kavanagh, CEO, TitanHQ. “The overwhelmingly positive feedback from on G2 Crowd is indicative of our commitment to ensuring the highest levels of customer success.”
“With 750,000+ user reviews, 80,000+ products and 1,600+ tech and service categories on G2, TitanHQ’s recognition on the prestigious Best Software Companies in EMEA list is an exceptional achievement: One that can only be earned through the endorsement of its users,” said CEO Godard Abel.
TitanHQ has announced a new partnership with the French Value Added Distributor (VAD) Exer that will see the company’s award-winning cloud-based spam filtering, DNS filtering, and email archiving solutions offered to Exer partners throughout France.
Exer is a leading VAD in France. The company currently works with more than 600 value added resellers (VARs) and integrators in France and specializes in network security, enterprise mobile infrastructure, Wi-Fi, and a range of cybersecurity and managed services. The new collaboration will increase the choice of solutions available to French VARs and will help them improve security for their clients and meet their compliance requirements.
For more than two decades, TitanHQ has been developing innovative cybersecurity solutions for SMBs and MSPs to protect against the ever-growing range of cyberthreats. Starting off by offering anti-spam solutions, the company’s product portfolio has been expanded to include DNS filtering and email archiving.
The solutions have now been adopted by more than 7,500 businesses and are offered by over 1,500 MSPs around the globe. SpamTitan now blocks more than 7 billion spam emails each month, WebTitan blocks more than 60 million malicious websites every month, and ArcTitan is used to securely archive and store more than 10 million emails a month.
Over the past few years, TitanHQ has enjoyed excellent growth and has expanded its global footprint considerably. One of the company’s aims in 2019 is to increase its client base in France. The partnership with Exer was therefore a no brainer.
“Our advanced threat protection for email and web security was designed to keep businesses productive and information secure. We are pleased to be offering the Exer partner community choice, enhanced functionality and greater overall value,” explained TitanHQ Executive VP, Rocco Donnino.
Exer was keen to expand its range of cybersecurity solutions to better protect its clients from an ever-increasing range of web-based and email-based threats. The volume of cyberattacks now being conducted means cybersecurity has never been so important.
“Collaboration with TitanHQ is an opportunity to represent a brand internationally recognized on 3 key technologies: Web Content Filtering, Anti-Spam, and Email Archiving. We are eager to propose these security solutions to ours VARs,” explained Exer CEO, Michel Grunspan. “Our regional presence and our expertise will be our strength for asserting the presence of TitanHQ in the French market”
French VARs can find out more about TitanHQ’s email security, web security, and email archiving solutions at Exer’s Tour De France events over the next few months. The events start in Lille on May 23, 2019 at Hameau de la Becque and will be taking place at various cities throughout France over the following months.
TitanHQ, the leading provider of cloud security solutions for SMBs, has announced a new partner program has been launched to support Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), Cloud Distributors, Wi-Fi Providers, OEM Partners and Technology Alliance Partners..
TitanHQ started its journey in 1999. Initially, the company provided anti-spam solutions to local businesses in Ireland. Over the next two decades, the company expanded its range of products to include DNS filtering and email archiving solutions and is now a leading global player of cloud-based cybersecurity solutions.
While TitanHQ initially focused on meeting the needs of the SMB market, its products have been developed to meet the needs of MSPs. For instance, TitanHQ solutions are available with a range of hosting options, including the ability to host the solution within the MSPs own environment, and they can be provided in white-label form ready to take MSP’s branding.
TitanHQ’s cloud-based solutions have been developed to be easy to implement, use, and manage and are already a firm favorite with MSPs.
To make TitanHQ cloud security solutions even more attractive for MSPs, the existing partner program has been significantly enhanced and relaunched as TitanShield.
The TItanShield Partner Program makes it even easier to offer TitanHQ cloud security products to clients. Partners benefit from access to engineers, a highly capable support team that understands the needs of MSPs, and a dedicated account manager.
Partners have access to APIs to allow them to easily sell, onboard, manage and deliver advanced network security solutions directly to their client base from within their own user interfaces. In addition, partners receive free access to sales and technical resources, deal registration and lead generation resources, and benefit from flexible, volume-based monthly pricing models and profitable margins.
Under the new, enhanced partner program, customers are separated into their specific areas of expertise to ensure that each can be provided with focused information for the markets and customers they serve.
“Our program takes a unique and strategic approach for our partners and can be customized to fit all business models,” said Rocco Donnino, Executive VP of Strategic Alliances at TitanHQ.
If you want to become a highly valued member of the TitanHQ TitanShield Partner Program, enrollment is now open. Call TitanHQ today or email email@example.com for further information.
In our previous post we explained why managed service providers (MSPs) should be offering a web filtering service to their customers and the benefits that can be gained by customers and MSPs alike. In this post we explain what makes WebTitan Cloud the go-to web filtering solution for MSPs and why so many MSPs have chosen TitanHQ as their web filtering partner.
Why WebTitan Cloud is the Best Web Filter for MSPs
One problem MSPs face before they can start offering a web filtering service to their clients is how to incorporate the solution into their service stacks and their existing cloud offerings. While there are many providers of web filtering services, not all solutions have been developed with MSPs in mind. TitanHQ differs in that respect.
TitanHQ’s web filtering solution, WebTitan Cloud, has been developed specifically to meet the needs of MSPs and make it as easy as possible for the solution to be added to their existing cloud offerings. WebTitan Cloud seamlessly integrates within existing workflows regardless of whether MSPs self-host, use AWS, Azure, or other cloud platforms.
How Does WebTitan Cloud Integrate into MSPs Management Systems?
To make integration as easy as possible, TitanHQ uses RESTful API, which allows fast and risk-free integration into MSPs management systems. WebTitan Cloud uses the OAuth 1.0 protocol for authentication and has a full set of keys and secrets in the WebTitan Cloud user interface (UI). Once an MSP has signed up, no further registration or authentication is necessary. The API client provides the appropriate oauth_signature to authorize requests to protected resources.
Overly complex user interfaces are a problem with many cloud-based solutions. With WebTitan Cloud, the UI is made as clean and easy to use as possible. MSPs can remove all elements from the UI that are not required to keep the UI clean and simple. WebTitan Cloud can also be integrated into MSP cloud interfaces to create a better user experience and greater consistency for customers.
Having information at your fingertips is important when customers send in requests or when reports are required on web use and blocking. WebTitan Cloud allows MSPs to create and integrate a full suite of high-level system and customer reports into their own management consoles.
Onboarding new customers is also a quick and simple process, which can be integrated into current MSP on-boarding processes. New customer accounts can easily be created (or deleted) from within an MSP’s own UI, in addition to performing updates and listing all current customer accounts.
MSPs can connect to WebTitan Cloud to manage their customers settings, including locations, whitelists, and blacklists. Customers that would prefer to manage their own settings can perform a limited number of operations themselves using APIs. Since WebTitan Cloud is available in a full white label, customers who do access their own settings can be given a UI with MSP branding rather than TitanHQ’s to maintain consistency and help reinforce the MSPs brand.
TitanHQ also operates an extremely competitive pricing strategy with generous margins for MSPs and aligned monthly billing cycles through the TitanShield MSP Program.
If you have yet to start offering web filtering to your clients as part of your service stack or if you are unhappy with your current provider’s product, contact TitanHQ today and as about becoming a member of the TitanShield MSP Program. Product demonstrations can also be scheduled on request.
A web filtering service allows Managed Service Providers (MSPs) to better protect their clients from accidental malware downloads and phishing attacks while improving their bottom lines. Further, by preventing phishing attacks and malware infections, they can reduce the amount of time they spend fighting fires. For busy MSPs, the latter will be especially beneficial.
Why is Web Filtering Important?
There are several reasons why MSP clients will benefit from a web filtering service. First and foremost, a web filter will help to prevent their customers’ employees from visiting phishing websites and malicious URLs. Most phishing attacks start with a phishing email, so a powerful spam filtering solution is essential. While commercial spam filters such as SpamTitan will block more than 99% of spam and phishing emails, additional protections are required to protect against the 1% that bypass spam defenses.
Naturally end user security awareness training will help in this regard, but as the 2018 Verizon Data Breach Investigations Report shows, 30% of delivered phishing messages are opened by end users and 12% of those users also click on malicious links in the messages.
A web filter is an additional layer of anti-phishing and anti-malware defenses that kicks in when malicious links are clicked and when end users attempt to visit other malicious sites while browsing the Internet. With a web filter in place, when an employee attempts to access a malicious web page, that attempt will be blocked before any content is downloaded. Instead of displaying the web page, a block page will be displayed.
Web filters also allow companies to carefully control the types of content their employees can access. This allows them to enforce acceptable internet usage policies with ease. Employers can prevent their employees from accessing NSFW content such as pornography, illegal content and, if tighter controls are required to improve productivity, other categories of web content such as dating sites, social media networks, gambling sites, and gaming sites.
With a web filter in place, security and productivity can both be quickly improved and the gains in both of those areas is likely to more than pay for the cost of the web filtering package provided by their MSP.
Cloud Based Web Filtering Solutions for MSPs
Convincing customers to implement a web filtering solution should be straightforward given the number of phishing attacks that are now being conducted and the cost of mitigating phishing attacks and malware infections. The cost of web filtering is tiny by comparison.
For MSPs, cloud-based filtering solutions are the natural choice. They can be implemented in minutes once a customer request has been received, no hardware is required, there is no software to install, and patching is handled by the service provider. All that is required from the MSP is a brief set up and configuration for each customer and ongoing management and reporting.
However, not all cloud-based web filtering solutions make set up, management and reporting simple. WebTitan Cloud differs in this respect. Not only does the solution offer excellent protection, the solution has been developed specifically with MSPs in mind. The ease of integration into MSP’s back-end systems and management has made WebTitan Cloud the go-to web filtering solution for MSPs.
In our next post we will explain how WebTitan Cloud differs from other web filtering solutions, why it is the easiest solution for MSPs to integrate into their existing cloud offerings, and how TitanHQ makes getting started, provisioning new customers, and managing customer accounts a quick and easy process requiring the minimal management overhead.
TitanHQ has released WebTitan Cloud version 4.12. The new version of the award-winning 100% cloud-based web filtering solution incorporates new features at tweaks to improve the user experience and make the solution an even more attractive option for managed service providers (MSPs).
One of the most exciting new features that will benefit businesses and MSPs alike is the ability to implement location-based filtering controls, naturally accompanied by granular, location-based reports.
It was already possible to implement organization-wide filtering controls and set different policies for departments, user groups, roles, and individuals in an organization. The new feature increases the flexibility of the solution with location-based controls. The new feature will be of great benefit to businesses operating across multiple locations, where content control requirements may need to be different for satellite offices. MSPs will be able to offer location-based controls to clients and better manage web filtering for customers with a presence in multiple countries. The location controls can be applied to control content whether users are on or off the network.
As with user and role-based content controls, when a user attempts to access a web page that contravenes the policy that they have been assigned, the content will be blocked and no web page content will be downloaded – in contrast to many appliance-based web filtering solutions. The user will be presented with a customizable block screen that can incorporate the company or MSP’s branding.
There will be occasions when an individual or group needs to bypass policy controls. With WebTitan, this can easily be achieved using cloud keys rather than making changes to policies. The cloud key can be used to bypass the block pages and access content that would normally be blocked by location, company, or other policies.
To make management as easy as possible, all policies and locations are managed through a single user interface. MSPs can manage all locations and customer accounts through a single pane of glass, which improves visibility into all customers’ accounts and locations.
Also of interest to MSPs will be WebTitan’s enhanced search functionality. While it was possible to run reports to obtain information about a specific customer and their traffic, a search filter has now been added to the history page. This allows administrators to search by location name with autocomplete. When a customer account is selected, admins can get second-by-second information about all traffic within that location without having to run a location report.
MSPs already have a multi-tenant, highly scalable, brandable, and easy to use web filtering solution with multiple hosting options that can be offered to customers at an attractive price point, which is why the solution has proven so popular with the MSP market. It is hoped that the new additional features will make the solution even more useful for MSPs to allow them to better serve their SMB clients while making web filtering for SMBs even more straightforward.
G2 Crowd, a peer-to-peer review platform trusted by millions of businesses, has named SpamTitan the leading email security gateway solution in its Spring G2 Crowd Grid Report for Email Security Gateways.
TitanHQ’s SpamTitan email security gateway solution was named the leader in the category of secure email gateway performance
SpamTitan was assessed along with other popular email security solutions from big name companies such as Cisco, Barracuda, Proofpoint, Mimecast, and SolarWinds, but took top spot thanks to consistently high ratings for all key metrics assessed for the report.
The G2 Crowd platform allows businesses to find out important information about software solutions that is not often included in the product spiel offered by software providers: What the solutions are actually like to use and whether they match up to expectations. The platform is trusted by businesses thanks to its honest reviews from genuine customers. The company was formed in 2012 and now attracts more than 1.5 million visitors a month to its website.
For the report, each product was assessed based on market presence and four areas of customer satisfaction: Quality of support, ease of use, meets requirements, and ease of administration. SpamTitan scored highly in all four categories, outperforming all other solutions for customer satisfaction and market presence.
SpamTitan ranked highest for meeting requirements and quality of support, achieving a score of 94% in both categories. The average for all 10 email security gateways was 88% and 84% respectively. SpamTitan achieved a score of 92% for ease of use and 90% for ease of administration. The average for all products in these areas was 82% and 83% respectively.
It was clear from the report that TitanHQ customers were extremely happy with the products and service provided by TitanHQ. The user reviews praised SpamTitan for many aspects of the product, two examples of which have been listed below.
“SpamTitan has some of the best filtering we’ve seen compared to other products, it does an excellent job when configured right of capturing a high volume of spam. It’s relatively simple to get around and set it up, and runs in a very lightweight VMware appliance.”
“The degree of customization and logging is amazing. You can account for everything going in or out of your organization and set filtering rules to match any scenario. Performance of the web UI and functions like searching and reporting are lightning quick.
G2 Crowd also released a Spring G2 Crowd Grid Report for Secure Web Gateways and TitanHQ’s WebTitan solution was rated a high performer, achieving a customer satisfaction score of 94% against an average of 87% across all 10 solutions under assessment.
If you are unhappy with your current email or web security gateway product or you have yet to implement one of these important cybersecurity solutions, contact TitanHQ today to arrange a product demonstration. The full versions of both solutions are available on a free trial to allow you to see for yourself how effective they are and how easy they are to use.
If you have any questions about either product, contact the TitanHQ today to have your questions answered.
Supply chain attacks allow cybercriminals to attack businesses through weak links in the supply network. Smaller companies are attacked, which gives hackers access to larger and better secured businesses: Businesses that would be harder to attack directly.
This attack method was used to spread NotPetya malware in Ukraine. A software supply company was breached which allowed the malware to be spread to the software supplier’s clients. The massive data breach at Target in 2014 was made possible by first attacking an HVAC system provider. The attack allowed hackers to install malware on the Target’s POS system and obtain the credit card numbers of millions of its customers. According to Symantec, supply chain attacks doubled in 2018.
There are many different types of supply chain attacks, but all serve a similar purpose. By attacking one company it is then possible to attack a bigger fish, or in the case of attacks on cloud service providers and managed service providers, a single attack will give a hacker access to the networks of all MSP clients.
Large businesses often have the budgets to hire their own IT and security staff and can implement robust defenses to prevent attacks. Smaller businesses often struggle to recruit security professionals as they are in high demand. With the shortage of skilled cybersecurity staff and an inability to pay the large salaries that skilled cybersecurity professionals demand, SMBs often turn to MSPs to provide those services.
In order to be able to provide those services, managed service providers are given remote access to their client’s networks. Many of the tasks that need to be performed by MSPs require administrative privileges. Managed service providers also hold login credentials to their clients’ routers and cloud accounts. All of those credentials are extremely valuable to hackers.
Given the typical number of clients each MSP has, a successful attack on an MSP could prove very profitable for a hacker. It is therefore no surprise that there has been an increase in cyberattacks on MSPs and CSPs.
While MSPs are usually good at securing their clients’ networks and ensuring they are well protected, they also need to ensure their own house is in order. Patches must be applied promptly, vulnerabilities must be addressed, and security solutions must be put in place to protect MSPs systems.
MSP staff should be security aware, but when they are busy resolving their clients’ problems, mistakes can easily be made such as responding to a well-crafted spear phishing email. All it takes is for one MSP employee to respond to such an email for a hacker to gain a foothold in the network.
Naturally, security awareness training should be provided to all MSP employees and security solutions need to be deployed to protect against email and web-based attacks.
This is an area where TitanHQ can help. TitanHQ’s anti-spam solution, SpamTitan, offers advanced protection against phishing and spear phishing attacks. A recent update has also seen DMARC email authentication and sandboxing features added to better protect users from phishing and malware attacks.
TitanHQ’s DNS-based content filtering solution further enhances protection against phishing attacks and prevents MSP employees from visiting malicious websites. Being DNS-based, malicious websites are blocked before any content can be downloaded.
In addition to helping MSPs protect their own networks, both solutions are ideal for MSPs to offer to their SMB clients and have been developed to perfectly meet the requirements of MSPs.
If you are an MSP and you have yet to implement a web filter or you are looking for an advanced spam filtering solution for you or your clients, give the MSP team at TitanHQ a call today to find out more about both solutions and how they can protect your business and better protect your clients.
TitanHQ has announced its award-winning anti-spam solution, SpamTitan, has been updated and now has two powerful new features to better protect users from phishing, spear phishing, malware, ransomware, botnets, and APT threats.
SpamTitan has long been the go-to solution for SMBs to improve email security and the solution is popular with managed service providers serving the SMB market. SpamTitan is quick and easy to install, simple to use, and provides excellent protection against a wide range of email threats.
As email threats have become more sophisticated and zero-day attacks and new malware variants have skyrocketed, new features are needed to keep end users protected.
To maintain pace and better protect SpamTitan users, two important new features have now been rolled out with the latest release of SpamTitan: Sandboxing and DMARC authentication.
Sandboxing Feature Added to SpamTitan Product Suite
Blocking known threats is one thing, but detecting and blocking brand new threats that evade AV solutions is another matter, yet businesses need protection from these zero-day threats as well. SpamTitan already incorporates a range of mechanisms to detect these new threats but the latest feature takes protection to the next level.
SpamTitan now incorporates a new next-gen sandboxing feature. The Bitfedender-powered sandbox is a virtual environment that is totally separate from other systems. When an email is sent to a SpamTitan user, the message will be subjected to a range of checks to determine whether it is genuine, benign, and should be delivered or if it is malicious and needs to be rejected. If the message contains a suspicious attachment that is not picked up as a threat from those checks, it is sent to the sandbox.
The SpamTitan sandbox service has been designed to appear as a normal endpoint. Malicious files are opened or executed in the sandbox and any malicious code is run as it would on a standard machine. Its actions are logged and subjected to an in-depth analysis, including its self-protection mechanisms and attempts to evade detection. All actions are then assessed by advanced machine learning algorithms and the results of the analysis are then checked against a wide range of online repositories.
Opening potentially malicious files on an endpoint is dangerous, but in the isolated sandbox all risks are eliminated. Once the analysis is complete, which takes just a few minutes, if the file is determined to be benign it will be released and can be delivered to the end user. If it is malicious, the sandbox solution will automatically report the file to Bitdefender’s cloud threat intelligence service. That threat will then be blocked for all SpamTitan users, so the file will not need to be analyzed again.
This new feature greatly increases detection of elusive threats, provides end users with even greater protection, and it also helps to ensure that more genuine messages are delivered.
Businesses that want sandboxing technology usually need to purchase a separate solution. With SpamTitan, advanced emulation-based malware analysis is provided free of charge.
DMARC Email Authentication Now Included in SpamTitan
Email impersonation attacks are a major threat. They abuse trust in a known contact, company, or government organization to fool end users into taking a specific action – disclosing sensitive information, installing malware, or visiting a phishing webpage, for instance.
While SpamTitan already incorporates several mechanisms to identify email impersonation attacks, DMARC authentication has now been added to block even more threats. DMARC is a powerful tool for identifying the true sender of an email to determine if that individual is authorized to use a particular domain.
Detailed checks of the email header are performed and the sender is checked against DMARC records. If the checks are passed, the message can be delivered. If DMARC authentication fails, the message is rejected.
The new anti-spoofing feature protects SMBs and MSPs against data loss, date breaches, zero-day threats, and highly sophisticated email threats, while the sandboxing feature protects against malware, advanced persistent threats (APTs), malicious URLs, and offers insight into new threats to help mitigate risks.
Both of these features have been made available to current and new TitanHQ customers at no extra charge.
The poor state of cybersecurity in K-12 schools is making it too easy for criminals to conduct cyberattacks. As 2018 figures show, attacks are coming thick and fast. Action is needed to shore up security and keep cybercriminals at bay.
2018 Cyberattacks on K-12 Schools
Education has long been one of industries most commonly targeted by cybercriminals and 2018 was no exception. Last year there were several major cyberattacks on K12 schools that resulted in data theft and huge financial losses.
The 2018 State of K-12 Cybersecurity report from the K12 Cybersecurity Resource Center revealed 122 cyberattacks on K-12 schools were reported in 2018. 119 public K-12 education agencies in 38 states reported attacks. 60% of those cyberattacks resulted in the personal data of students being compromised.
North Dakota schools were hit particularly hard. In February 2018, one third of schools in the state experienced malware attacks. In many cases, the malware infections were the result of staff and students clicking on links in emails, visiting malicious websites, or opening malware-laced email attachments.
The 2019 State of Malware report from Malwarebytes reveals that in 2018, education was the number one industry targeted with Trojans and was second for ransomware attacks. Business email compromise scams are also common and many K12 school districts suffered W-2 phishing attacks and were fooled into sending scammers copies of employees’ tax information.
There have also been several successful email scams that have resulted in staff being fooled into making fraudulent transfers of school funds to criminals’ accounts. A school district in Texas was scammed out of $2 million in construction funds as a result of a phishing attack that fooled a staff member into making payments to fraudulent accounts. The high number of these types of scams prompted the FBI to issue a warning to schools in September 2018 about phishing scams that attempt to steal employees’ credentials.
K-12 schools are an attractive target for cybercriminals because attacks are relatively easy and the potential rewards are high. Student information sells for big bucks on the black market. Personal information along with Social Security numbers can be used for identity theft. It typically takes longer for identity theft to be detected with minors. If student data are stolen, thieves can rack up huge debts in students’ names over the course of several years before fraud is detected.
The State of Cybersecurity in K-12 Schools
Even though the risk of cyberattacks is high, many school leaders fail to appreciate the seriousness of the problem and how even simple changes to improve cybersecurity in K-12 schools can prevent most cyberattacks.
A Consortium for School Networking/Education Week Research Center survey in late 2017 showed that only 48% of school leaders considered the threat from phishing to be significant or very significant, with the numbers falling to under 30% for malware and ransomware attacks. Only 15% of K-12 schools have implemented a cybersecurity plan, just 29% have purchased cybersecurity products and services, and 31% had not provided end-user training.
The high value of student data, the opportunity to conduct multiple types of fraud, and poor cybersecurity defenses is a winning combination for cybercriminals. Unfortunately, there is no single solution that can be implemented to improve cybersecurity and prevent costly cyberattacks and data breaches. What is needed is an effective cybersecurity plan, policies and procedures, training, and technology.
How to Improve Cybersecurity in K-12 Schools
School budgets are usually stretched so it can be difficult to find the funds to improve cybersecurity in K-12 schools. It is therefore important to choose cybersecurity solutions wisely and select products that provide protection against the most common methods used by cybercriminals to attack schools.
Many of the attacks start with a single phishing email. It is therefore critical for K12 schools to improve email security, and for that, an advanced spam filtering solution is essential. SpamTitan blocks more than 99.9% of spam and phishing emails and is an ideal, low-cost, easy-to-implement spam filtering solution for K12 schools.
A web filtering solution is also an important cybersecurity measure. In addition to blocking students’ access to obscene content, as required for CIPA compliance, web filters can prevent users from visiting phishing websites and will block ransomware and malware downloads. The cost of a web filter can be partially offset by discounts obtained through the E-rate program.
End user training is also important. K12 schools need to include cybersecurity awareness training as part of their staff development program. Rather than providing a one-off or annual training session, training needs to be conducted regularly to keep staff up to speed on the latest threats.
Doing nothing to improve cybersecurity in K-12 schools is now simply not an option. If costly cyberattacks are to be avoided, is not improved, cybersecurity in K-12 schools must be improved.
If you want to find out more about email and web security and just how affordable these solutions can be for schools, contact the TitanHQ team today.
TitanHQ has launched a busy campaign of MSP roadshows and conferences with two Valentine’s Day events in London and Tampa, Florida.
Over the coming five months, the TitanHQ team will be attending 15 events in Ireland, the Netherlands, the UK, and the USA, and will be meeting with managed service providers (MSPs), Wi-Fi providers, ISPs, and technology partners to introduce and explain about TitanHQ’s award-winning suite of email security, web filtering, and email archiving solutions.
The 2019 roadshow campaign started in London where Alliance Manager Eddie Monaghan met with current and prospective MSP partners at the IT Nation Q1 EMEA Meeting. Eddie will be at the event all week and will be discussing TitanHQ’s MSP solutions and finding out more about what is happening in the MSP world. TitanHQ has learned a great deal since joining the IT Nation community two years ago and has really enjoyed the experience thus far.
TitanHQ Alliance Manager, Eddie Monaghan
On the other side of the Atlantic, Alliance Manager Patrick Regan has been meeting with MSPs from Florida and beyond at the TitanHQ-sponsored Datto Roadshow in Tampa. Since joining the Datto community as a strategic partner, TitanHQ has worked closely with Datto MSP partners helping them to integrate email security, DNS filtering, and email archiving into their product offerings and providing tips and tricks to help them to get the most out of the products.
TitanHQ has been increasing its technology partners over the past year and is now working closely with industry giants Comcast, BitDefender, Microsoft, Kaseya, and ViaSat and is a proud member of IT Nation (HTG Peer Groups), Datto Roadshows, COMPTIA, and ASCII.
From humble beginnings as an indigenous Irish company providing anti-spam appliances to the local market, over the following 20 years TitanHQ has developed an innovative range of cloud-based solutions and has matured into a global provider of network security solutions for enterprises, SMBs, and MSPs. TitanHQs award-winning cybersecurity solutions are now offered by a network of more than 1,500 MSP partners and have been adopted by several thousand businesses in 200 countries around the globe.
The TitanHQ product suite has been developed to meet the exacting needs of MSP partners and are delivered via the TitanShield Program. The products help MSPs to protect themselves and their clients, while saving valuable time and effort by blocking threats at source before they can cause any harm.
TitanHQ’s spam filtering solution – SpamTitan – and web filtering solution – WebTitan – help MSPs keep their clients protected from malware, ransomware, viruses, botnets, phishing attacks and other email and web-based threats.
The cloud-based solutions are easy for MSPs to slip into their service stacks to build a high-margin security practice offering clients world-class network security services.
If you are already a TitanHQ TitanShield partner or want to find out more about the MSP program and TitanHQ products, be sure to attend one of the upcoming events and come and meet the TitanHQ team.
We look forward to meeting you at one of the upcoming roadshow events in 2019.
The U.S. government has issued a warning following a spate of MSP cyberattacks by nation-state sponsored hackers.
Homeland Security Warns of Targeted MSP Cyberattacks
Managed service providers (MSPs), cloud service providers (CSPs), and managed security service providers (MSSPs) have been warned about an increase in malicious cyber activity and targeted attacks on IT service providers. Nation-state sponsored hackers are targeting IT service providers in an attempt to gain access to their networks, and ultimately, those of their clients.
It is not difficult to see why MSPs, CSPs, and MSSPs are such an attractive target. These IT service providers usually have administrator access to their clients’ networks or certainly elevated privileges that could allow an attacker to gain access to servers, security appliances, and databases of multiple clients.
The threat of attack is theoretical. There has been an increase in MSP cyberattacks in recent months, so much so that the U.S. Department of Homeland Security (DHS) has issued a warning to all IT service providers specifically due to an increase in attacks on IT service providers by Chinese government-backed hackers.
The DHS Cybersecurity and Infrastructure Security Agency (CISA) has issued cybersecurity guidance for IT service providers on steps that need to be taken to improve security, detect attacks quickly, and prevent threat actors from gaining access to their clients’ networks. Since companies that use IT service providers have also been warned of the risk of attack through their IT companies, MSPs, MSSPs and CSPs are likely to be contacted by clients wanting reassurances.
IT service providers should therefore be proactive and n ensure that CISA guidance is being followed to better protect themselves and their clients.
Feds Launch Campaign to Raise Awareness of Cyber Risks
CISA is not the only government agency to issue a warning in the past few days. The Trump administration has launched a new campaign to raise awareness of cyber risks in all industry sectors. The “Know the Risk, Raise your Shield campaign is being spearheaded by the National Counterintelligence and Security Center (NCSC) at the Office of the Director of National Intelligence. The campaign has been launched in response to increased cyberattacks from state sponsored hackers in Russia, China, Iran, and North Korea and independent hackers.
The aim of the campaign is to ensure that cybersecurity best practices are being followed to make it much harder for the attackers to succeed. The NCSC is aware that improved cybersecurity comes at a cost, but explains that investment in cybersecurity defenses is money very well spent and reminds businesses that an ounce of security equates to a pound of protection.
How Can Businesses and MSPs Improve Their Defenses?
With MSP cyberattacks on the increase it is essential that defenses are improved. While there are many ways that MSPs and businesses can be attacked, one of easiest ways is phishing. Phishing targets a weak link in security defenses: Employees. If a phishing email is delivered to an inbox and an employee responds, credentials will be obtained by the attacker that gives them a foothold to launch further attacks on other employees and MSP clients.
It is therefore important to improve awareness of the risks and train employees how to recognize email threats and how to react. It is also important to ensure that technical spam defenses are implemented to make sure phishing threats are blocked on the server and are not delivered to end users’ inboxes or local spam folders. SpamTitan is an ideal solution for MSPs to implement to block these phishing attacks on their employees and their clients.
A DNS based web filter should also be implemented to ensure that should a malicious email make it past the spam defenses, employees are prevented from visiting malicious websites. A DNS-based web filter blocks attempts to access malicious sites during the DNS lookup process and adds an extra layer of security against phishing.
For further information on spam filtering and web filtering for businesses and MSPs, speak to the TitanHQ team today.
Other important steps to take to improve security include:
Use of strong password policies
Applying the principle of least privilege
Ensuring network and host-based monitoring systems are implemented and logs are regularly checked for signs of malicious activity
Performing regular vulnerability scans to identify security weaknesses before they are exploited.
Educational institutions are being targeted by cybercriminals for all manner of nefarious purposes: To obtain the personal information of staff and students for identity theft and tax fraud, to steal university funds, and to steal university research.
University research theft is an easy income stream for hackers. Research papers can command high prices on the black market and are highly sought after by nation state governments and businesses.
This fall, the UK’s Daily Telegraph revealed Iranian hackers were selling research papers that had been stolen from top British Universities including Oxford and Cambridge. Several Farsi websites were identified advertising free access to university research papers, including an offer of university research theft to order. Provide the details and, for a price, the research be found and sent through an encrypted channel.
There were papers for sale on highly sensitive subjects such as nuclear research and cybersecurity defenses. Even less sensitive subjects are valuable to foreign businesses. The research could help them gain a competitive advantage at the expense of universities. In the case of Iran, universities are being used to gain access to Western research that would otherwise be off limits due to current sanctions.
It is not just British universities that are being targeted. The hackers are infiltrating university research databases the world over, and it is not just Iranian hackers that have tapped into this income stream. University research theft is a growing problem.
How Are University Databases Breached?
One of the main ways access to research databases is gained is through phishing – A simple method of attack that requires no programming know-how and no malicious software. All that is required is a little time and the ability to create a website.
Phishing emails are sent to staff and students that request a visit a webpage where they are required to enter their credentials to academic databases. If the credentials are disclosed, the phishers have the same access rights as the user. The phishers then download papers or advertise and wait for requests to roll in. They then just search the database, download the papers, and provide them to their customers.
Various social engineering techniques are used to entice users to click the links. Requests are sent instructing the user that they need to reset their password, for instance. The web pages they are directed to are exact copies of the sites used by the universities. Apart from the URL, the websites appear perfectly genuine.
Unfortunately, once credentials have been obtained it can be difficult for universities to discover there has been a breach since genuine login credentials are used to access the research databases.
How to Prevent University Research Theft
No single cybersecurity solution will protect universities from all phishing attacks. The key to mounting an effective defense against phishing is layered phishing defenses.
The primary cybersecurity solution to implement is an advanced spam filter to ensure as many phishing emails as possible are blocked and messages containing malicious attachments do not reach inboxes. SpamTitan for instance, blocks more than 99.9% of spam and phishing messages and 100% of known malware. Even advanced spam filtering solutions will not block all phishing emails, so additional controls are required to deal with the <0.1% of phishing emails that are delivered.
While a web filter can be used to block access to categories of web content such as pornography, it will also block access to known malicious websites: Websites used for phishing and those that host malware.
End user security awareness training is also essential. End users are the last line of defense and will remain a weak link unless training is provided to teach them how to identify malicious emails. Staff and students should be conditioned to report threats to their security teams to ensure action can be taken and to alert first responders when the university is under attack.
Multi-factor authentication should also be implemented. If credentials are stolen and used to access a database, email account, computer, or server, from an unfamiliar device or location, a further form of authentication is required before access is granted.
Universities should have security monitoring capabilities. Logs of access attempts and should generated and network and user activity should be monitored for potential compromises.
For further information on anti-phishing defenses and cybersecurity solutions that can help prevent university research theft, contact the TitanHQ team today.
There has been much debate over the use of web filters for libraries. On one side are those that believe that as places of learning, there should be no restrictions placed on the types of information that can be accessed through libraries. Libraries house books that are sexually explicit, racist, or contain material some may find distasteful or offensive, but banning those books would be inappropriate.
That same thinking has been applied to the Internet, access to which is often provided in libraries. The application of a web filter to block certain types of content is viewed as unacceptable by some people, even if as a result of a lack of technical controls library computers are used to access hardcore pornography. The American Library Association does not advocate the use of web filters for libraries, instead suggesting acceptable usage policies and educational programs are more appropriate.
The other camp considers the use of web filters in libraries to be a necessity to ensure libraries can be used by children and adults without others subjecting them to obscene and potentially harmful web content. Acceptable usage policies only discourage users from accessing pornography. Policies do not prevent such activities.
New Hampshire Library Considers Using Web Filtering Technology to Block Porn
The use of public library computers for viewing offensive sexual content is common. There have been many cases of library patrons discovering other users accessing adult content on computers in full sight of other users, as was recently the case at the Lebanon Public Library in New Hampshire.
A complaint was made to Lebanon Public Library about two children (of middle school age) who are alleged to have used the library computers to access pornography. Jim Vanier, youth center coordinator for the Carter Community Building Association, overheard the children discussing pornography at the computers, although they denied accessing adult content.
Vanier’s complaint prompted the Library Board of Trustees to form a task force to investigate current internet usage policies and the task force will consider whether a web filter is appropriate for the library.
While web filters for libraries are available to prevent obscene videos and images from being accessed, relatively few libraries have started implementing even the most basic content controls. The Children’s Internet Protection Act requires the use of web filters in libraries and schools, but only as a condition to obtain e-rate discounts and federal grants. In order to qualify for funds, obscene images, child pornography, and other information deemed harmful to minors must be blocked.
The municipal libraries in Lebanon have taken steps to curb Internet misuse and have introduced policies that prohibit computers from being used for any disruptive or inappropriate behavior, including the viewing of images of a pornographic nature. However, policies alone are insufficient to prevent all cases of inappropriate Internet use.
The reason why many libraries choose not to apply filters is often because web filters for libraries are not perfect, and as a result, they could filter out unintended content.
Accuracy of Content Blocking by Web Filters for Libraries
While there have been issues with web filters for libraries overblocking content in the past, there have been major advances in web filtering technology over the past 10 years. Web filters can now more accurately assess and categorize content.
WebTitan Cloud, for instance, has highly granular controls and allows libraries to carefully control the content that can be accessed without overblocking.
While there is potential for user error when setting policies, WebTitan Cloud solves this issue by having an easy to use user interface that requires no technical skill to use. This helps to eliminate user error that often leads to overblocking of web content.
With WebTitan Cloud, libraries can easily filter out pornography, child pornography, and other obscene and harmful content to comply with CIPA and meet parents’ expectations without restricting access to valuable, educational websites.
WebTitan Cloud also blocks access to websites that host malware to prevent malicious software from being downloaded onto library computers, as well as blocking a wide range of Internet threats such as phishing.
WebTitan Cloud – An Accurate and Easy to Use Web Filter for Libraries
WebTitan Cloud is an ideal web filter for libraries. It is 100% cloud-based so not costly hardware purchases are required. It is easy to implement, simple to use, and allows Internet content to be carefully controlled without blocking access to valuable educational material.
Some of the key features in TitanHQ’s web filters for libraries have been detailed below:
WebTitan Cloud Features
Highly granular controls to allow precise filtering of Internet content
Unmatched combination of coverage, accuracy, and flexibility
Real-time classification of more than 500 million websites and 6 billion web pages in 200 languages
100% coverage of the Alexa 1 million most visited websites
Easy to use interface requiring no technical skill
100% cloud-based filtering – No hardware purchases or software downloads required
Supports Safe Search and YouTube for Schools
Supports whitelists and blacklists for creating exceptions to allow/block content outside general policy controls
Category-based filtering allows blocking through 53 pre-defined website categories and 10 customizable categories
Customizable block pages
Supports time-controlled cloud keys to allow certain users to bypass filtering controls – for research purposes for instance
Provides full visibility into network usage
Full reporting suite including real-time Internet activity
For further information on TitanHQ’s web filter for libraries, to arrange a product demonstration, and to register for a free trial to evaluate WebTitan Cloud in your own environment, contact the TitanHQ team today.
A massive Marriott data breach has been detected which could affect as many as 500 million individuals who previously made bookings at Starwood Hotels and Resorts. While the data breach is not the largest ever reported – The 2013 Yahoo breach exposed around 3 billion records – it shares second place with the 2014 Yahoo data breach that also impacted around half a billion individuals.
Largest Ever Hotel Data Breach
The Marriott data breach may not have affected as many people as the 2013 Yahoo data breach but due to the types of information stolen it is arguably more serious. Approximately 173 million individuals have had their name, mailing address, email address stolen and around 327 million individuals have had a combination of their name, address, phone number, email address, date of birth, gender, passport number, booking data, arrival and departure dates, and Starwood Guest Program (SPG) account numbers stolen. Further, Marriott also believes credit card details may have been stolen. While the credit card numbers were encrypted, Marriott cannot say for certain whether the two pieces of information required to decrypt the credit card numbers was also obtained by the hacker.
In addition to past guests at Starwood Hotels and Resorts and Starwood-branded timeshare properties, guests at Sheraton Hotels & Resorts, Westin Hotels & Resorts, W Hotels, St. Regis, Aloft Hotels, Element Hotels, The Luxury Collection, Tribute Portfolio, Le Méridien Hotels & Resorts, and Four Points by Sheraton have been affected, along with guests at Design Hotels that participate in SPG program.
The data breach was detected by Marriott on September 8, 2018, following an attempt by an unauthorized individual to access the Starwood database. The investigation revealed the hacker behind the attack first gained access to the Starwood database in 2014. It is currently unclear how access to the database was gained.
The Marriott hotels data breach is naturally serious and will prove costly for the hotel group. Marriott has already committed to offering U.S. based victims free enrollment in WebWatcher, has paid for third party experts to investigate and help mitigate the data breach, and the hotel group will be bolstering its security and phasing out Starwood systems.
Even though the Marriott hotels data breach has only just been announced, two class action lawsuits have already been filed. One of the lawsuits seeks damages totaling $12.5 billion – $25 per breach victim.
There is also a possibility of a E.U. General Data Protection Regulation (GDPR) fine. Fines of up to €20 million are possible, or 4% of global annual turnover, whichever is greater. That could place Marriott at risk of a $916 million (€807 million) fine. The UK’s Information Commissioner’s Office – the GDPR supervisory authority in the UK – has been notified of the breach and is making enquiries.
Harder to calculate is the damage to the Marriott brand. Share prices dropped by 8.7% following the Marriott data breach announcement, and they are currently around $5 down. While share prices will likely recovery over time, the breach will almost certainly result in loss of business.
Risk of Marriott Data Breach Related Phishing Attacks
Email notifications sent to breach victims by Marriott came from the domain: email-marriott.com. Rendition Infosec/FireEye researchers purchased the domains email-marriot.com and email.mariott.com shortly after the announcement to keep them out of the hands of scammers. Other similar domains may be purchased by less scrupulous individuals to be used for phishing.
A breach on this scale is also ideal for speculative phishing attempts that spoof the email domain used by Marriott. Mass email campaigns are likely to be sent randomly in the hope that they will reach breach victims or individuals that have previously stayed at a Marriott hotel or one of its associated brands.
Consequently, any email received that is related to the breach should be viewed as potentially malicious.
On May 25, 2018, the EU’s General Data Protection Regulation came into effect. While all businesses should now be compliant, there are still GDPR opportunities for MSPs. Smart MSPs see GDPR as an opportunity for profit and are winning business by helping companies streamline their data management processes. The compliance deadline may have already passed, but there are many GDPR opportunities for MSPs. MSPs can help companies stay compliant, reduce the time their clients have to spend on compliance-related tasks, improve security, and save businesses money.
Key GDPR Opportunities for MSPs
GDPR compliance and security services are a potential gold mine for MSPs. MSPs will have had to go through the GDPR compliance process themselves, so they should already be well versed in what is required. They will have gained valuable insights into GDPR through that process, which can be passed on to their clients.
GDPR compliance solutions that MSPs use could be offered to clients as a service. GDPR also provides an opportunity to sell clients additional security services to ensure the data of their customers are properly protected. With fines up to €20 million or 4% of global income possible, there is a major incentive for ensuring continued compliance with the GDPR.
There are security opportunities such as data encryption, spam filtering, and web filtering, which can be grouped together and sold as a GDPR security package. MSPs can offer auditing services to ensure their clients are fully compliant with GDPR.
It is a requirement of GDPR for companies to appoint a Data Protection Officer (DPO), but many SMBs lack the internal talent. While a DPO may have been assigned, the time that is spent on that role could be put to better use. One of the GDPR opportunities for MSPs is offering a DPO-as-a-service to fulfil that aspect of GDPR compliance for their clients.
Email Archiving for MS Exchange – An Easy Win for MSPs
Any business that collects or processes the data of EU citizens must have mechanisms in place that allow them to find all data related to an individual. An EU citizen can contact a company and request a copy of the information that is held on them, and if they so wish, can request that the processing of their data is stopped and have their data deleted.
When individuals exercise their right to erasure – or right to be forgotten – a company is required to honor that request within 30 days. In order to be able to process those requests efficiently, a company must know the location of all its data. Companies should therefore have conducted an audit of their systems to identify all locations where personal data are stored. When a request is received, the individual’s data can then be quickly found and deleted.
Personal data may also be detailed in emails and locating those emails can be a major challenge. Any company that does not use an email archive is likely to face problems finding all emails in backups. Since an email archive is searchable, it is a quick and easy process to locate all emails related to a specific individual. The introduction of GDPR creates a compelling case for purchasing an email archiving solution – which is another of the GDPR opportunities for MSPs.
By offering email archiving for MS Exchange or other mail services, MSPs can help their clients comply with GDPR requirements for security, data retention, auditing, and the right to erasure.
ArcTitan: An Easy Email Archiving Service for MSPs
ArcTitan is an easy to use and easy to manage email archiving service that has been developed to meet the needs of businesses and managed service providers.
ArcTitan is a cloud-based secure archive deployed on AWS that is compliant with GDPR for email retention and auditing as well and all major regulatory standards. ArcTitan is compatible with all major mail servers and email services and will meet the requirements of the most demanding clients.
The solution provides almost instant access to data, gives instant search results, and allows instant archiving. A search of 30 million emails takes less than a second and messages are archived at a rate of more than 200 per second. The solution is also scalable to more than 60,000 users.
To meet the needs of MSPs, ArcTitan is available with a range of hosting options – In the TitanHQ Cloud, a dedicated private cloud, or ArcTitan can be deployed in an MSP’s own data center. API integration allows MSPs to provision customers through their own centralized management system, there is a growth-enabling licensing program, and usage-based pricing and monthly billing. ArcTitan is also rebrandable and can be supplied as a white label ready to take an MSP’s logos and corporate colors.
If you have yet to offer email archiving to your clients or you are unhappy with your current provider’s service or the margin, contact the TitanHQ team today.
TitanHQ has expanded its partnership with Z Services, the leading SaaS provider of cloud-based cybersecurity solutions in the MENA region.
UAE-based Z Services operates 17 secure data centers in the UAE, Saudi Arabia, Qatar, Egypt, Jordan, Kuwait, Oman, Bahrain, and Morocco and is the only company in the Middle East and North Africa to offer an in-country multi-tenant cloud-based cybersecurity architecture.
In February 2017, Z Services partnered with TitanHQ and integrated TitanHQ’s award-winning email filtering technology into its service stack and started offering SpamTitan-powered Z Services Anti-Spam SaaS to its clients. TitanHQ’s email filtering technology now helps Z Services’ clients filter out spam email and protect against sophisticated email-based threats such as malware, viruses, botnets, ransomware, phishing and spear phishing.
The integration has proved to be a huge success for Z Services, so much so that the firm has now taken its partnership with TitanHQ a step further and has integrated two new TitanHQ-powered SaaS solutions into its service stack. TitanHQ’s award-winning web filtering technology – WebTitan – and its innovative email archiving solution – ArcTitan have both been incorporated into Z Services’ MERALE SaaS offering. MERALE is a suite of cybersecurity, threat protection, and compliance solutions specifically developed to meet the needs of small to medium sized enterprises.
“With cybersecurity growing as a critical business concern across the region, there is a clear need to make security an operational rather than a capital expense. Hence the paradigm shift in the delivery of effective security solutions from the traditional investment and delivery model to an agile SaaS model through the primary connectivity provider of SMEs – the ISPs,” said Nidal Taha, President – Middle East and North Africa, Z Services. “MERALE will be a game-changer in how small and medium businesses in the region ensure their protection, and as a subscription-based service, it removes the need for heavy investments and long-term commitments.”
“We are delighted to continue our successful partnership with Z Services and share their vision for serving the SME segment with leading edge SaaS based security solutions,” said Ronan Kavanagh, CEO of TitanHQ. “With this development Z Services is strengthening its leadership position as an innovative cloud-based cybersecurity solutions provider in the Middle East and North Africa.”
TitanHQ’s cloud-based cybersecurity solutions have been developed from the ground up specifically to meet the needs of Managed Service Providers. The email filtering, web filtering, and email archiving solutions are currently being used by more than 7,500 businesses around the world and more than 1,500 MSPs are now offering TitanHQ solutions to their clients.
In contrast to many cybersecurity solution providers, TitanHQ offers its products with a range of hosting options – including within an MSP’s own infrastructure – as full white label solutions ready for MSPs to apply their own branding. By protecting clients with TitanHQ solutions MSPs are able to significantly reduce support and engineering costs by blocking a wide range of cyber threats at source. MSPs also benefit from generous margins and industry-leading customer service and support.
If you are a managed service provider and have yet to incorporate email filtering, web filtering, and email archiving solutions into your service stack, if you are unhappy with your current providers, or are looking to increase profits while ensuring your clients have the best protection against email and web-based threats, contact TitanHQ today for further information.
TitanHQ has announced that the leading satellite operator EutelSat is now protecting its corporate and guest Wi-Fi networks with WebTitan Cloud for Wi-Fi.
Eutelsat is one of the world’s leading satellite operators and provides video, data, broadband, and government services through its high-performance satellites. The company is the leading satellite operator in more than 150 countries throughout Europe, Africa, and the Middle East and employs more than 1,000 commercial and technical staff in 44 countries around the globe.
With so many staff members able to access the Internet at work through company Wi-Fi hotspots, it is essential that cybersecurity solutions are deployed to block access to malicious websites where cybercriminals can phish for sensitive information or malware and ransomware downloads can occur.
In order to protect against these threats, companies need to deploy a powerful and flexible web filtering solution. Eutelsat chose WebTitan Cloud for Wi-Fi – The leading Wi-Fi web filtering solution for enterprises. WebTitan Cloud for Wi-Fi has enabled Eutelsat to crease a safe and secure online environment for all users of its Wi-Fi access points.
With WebTitan Cloud for Wi-Fi deployed, employees are prevented from accessing inappropriate website content and access to websites known to be used for phishing or drive-by malware downloads are blocked.
Naturally different user groups require different levels of content control. Since WebTitan Cloud for Wi-Fi integrates with Active Directory, it is easy for different levels of filtering to be applied by department, user group or individual, in addition to organization-wide controls.
“TitanHQ continues to expand its customer base with the ongoing addition of new customers across multiple industries,” explained TitanHQ CEO Ronan Kavanagh. “Our current levels of achievement and growth, including what we’ve seen in the past six months, prove that companies are recognizing the value of our commitment to Wi-Fi security across our offerings and our customer-first culture. We are extremely excited to see what 2019 will bring for both our newly signed customers and our existing client base.”
If you are interested in securing your wired or wireless networks and blocking access to undesirable and malicious web content, contact the TitanHQ team today for details of pricing, to book a product demonstration, or to sign up for a free trial to see WebTitan in action.
Business and leisure travelers looking for secure hotel Wi-Fi access in addition to fast and reliable Internet access. If you take steps to secure hotel WiFi access points, you can gain a significant competitive advantage.
The Importance of Hotel Wi-Fi to Guests
The number one hotel amenity that most travelers can simply not do without is fast, free, reliable, Internet access. In 2013, a joint study conducted by Forrester Research and Hotels.com revealed that 9 out of ten gusts rated Wi-Fi as the top hotel amenity. 34% of respondents to the survey said free Wi-Fi was a ‘deal breaker.’ Now four years on, those percentages will certainly have increased.
Wi-Fi access is essential for business travelers as they need to be able to stay in touch with the office and be able to communicate with their customers. Leisure travelers need free Internet access to keep in touch with friends, look up local attractions, and enjoy cheap entertainment in the comfort of their rooms. Younger travelers need constant access to social media accounts and online games such as Fortnite as they get at home.
It doesn’t matter whether you run a small family bed and breakfast or a large chain of hotels, Wi-Fi access for guests is essential. Any hotel that doesn’t have reliable and fast Wi-Fi will lose business to establishments that do.
It is now easy for potential guests to check if an establishment has Wi-Fi and even find out about the speed and reliability of the connection. The hotelwifitest.com website lets travelers check the speed of Internet access in hotels before booking.
Guests don’t post rave reviews based on the speed of Internet connections, but they will certainly make it known if Internet access is poor or nonexistent. Many of the negative comments on hotel booking websites and TripAdvisor are related to Wi-Fi. Put simply, you will not get anywhere near the same level of occupancy if your Wi-Fi network isn’t up to scratch.
Secure Hotel Wi-Fi is Now as Important as Offering Wi-Fi to Guests
Businesses are now directing a considerable percentage of their IT budgets to cybersecurity to prevent hackers from gaining access to their networks and sensitive data. Securing internal systems is relatively straightforward, but when employees have to travel for work and access networks remotely, hackers can take advantage.
When employees must travel for business, their hotel is often the only place where they can connect to the office network and their email. They need to know that they can login securely from the hotel and that doing so will not result in the theft of their credentials or a malware infection. A hotel will be failing its business customers if it does not offer safe and secure Wi-Fi access.
All it takes is for one malware infection or cyberattack to occur while connected to a hotel Wi-Fi network for the reputation of the hotel to be tarnished. Hotels really cannot afford to take any risks.
Multiple Levels of Wi-Fi Access Should be Offered
Parents staying in hotels will want to make sure that their children can access the Internet safely and securely and will not accidentally or deliberately be able to gain access to age-inappropriate websites. If a hotel claims to be family-friendly, that must also extend to the Wi-Fi network. Any hotel that fails to prevent minors from accessing obscene images while connected to hotel Wi-Fi cannot claim it is family-friendly.
Hotels can offer Wi-Fi access for families that blocks adult websites and anonymizers, which are commonly used to bypass filtering controls. Safe Search can also be enforced, but not all users will want that level of control.
To cater to the needs of all guests, different levels of Wi-Fi access are likely to be required. Some guests will want to be able to access the types of websites they do at home without restrictions and business travelers will certainly not want anonymizers to be blocked. Some customers insist on the use of VPNs when employees connect to their business network or email.
Hotels that implement a web filtering solution can easily create different tiers of Internet access. One for families and a less restrictive level for other users. Free internet access could be limited to a basic level that includes general web and email access but blocks access to video streaming services such as YouTube and Netflix. Those services could be offered as part of a low-cost Wi-Fi package to generate some extra revenue. These tiers can easily be created with a web filtering solution.
How to Easily Secure Hotel Wi-Fi
Offering secure hotel Wi-Fi to guests does not require expensive hardware to be purchased. While appliance-based web filters are used by many businesses, there is a much lower cost option that is better suited for hotel use.
A cloud-based web filter for Wi-Fi – such as WebTitan for Wi-Fi -is the easiest to implement secure hotel Wi-Fi solution. With WebTitan Cloud for Wi-Fi, your Wi-Fi network can be secured with just a simple change to your DNS records. No hardware is required and there is no need to install any software. One solution will protect all Wi-Fi access points and can be up and running in a matter of minutes. There is no limit on the number of access points that can be protected by WebTitan Cloud for Wi-Fi.
Once your DNS is pointed to WebTitan, you can apply your content controls – which is as simple as clicking on a few checkboxes to block categories of web content that your guests shouldn’t be allowed to access.
You can create multiple accounts with different controls – one for business users, one for families, and one for employees for example. No training is required to administer the solution as it has been developed to require no technical skill whatsoever. All of the complex elements of web filtering are handled by TitanHQ.
If you run a hotel and you are not currently filtering the internet, talk to TitanHQ about how you can your secure your hotel Wi-Fi access points, protect your guests, and ensure all users can access the Internet safely and securely.
Find out why WiFi filters for coffee shops are so important and how the failure to filter the Internet could prove to be extremely harmful to your brand.
Serving the best coffee in town will certainly bring in the crowds, but there is more to a successful coffee shop than providing patrons with a morning jolt of caffeine and comfy chairs. Coffee is big business and there is stiff competition when it comes to providing jitter juice to the masses.
In addition to free newspapers, high quality flapjacks and a fine blend of beans, patrons look for the other necessity of modern life: Free Internet access. Establishments that offer free, reliable WiFi access with decent bandwidth stand a much better chance of attracting and retaining customers.
However, simply setting up a WiFi router is no longer enough. Coffee shops also need to make sure that the WiFi network that their customers connect to is safe and secure. Just as the provision of free WiFi can translate into positive TripAdvisor and Yelp reviews, coffee shops that fail to secure their connections and exercise control over the content that can be accessed can easily get the reverse. WiFi filters for coffee shops ensure that customers’ activities online can be carefully controlled.
Why Unfiltered WiFi Networks Can Result in Bad Reviews
It is important for all shops to ensure that their WiFi networks cannot be used for any illegal or unsavory activities. If a webpage is not suitable for work, it is not suitable for a coffee shop. While there all manner of sites that should be blocked with WiFi filters for coffee shops, one of the most important categories of content is Internet porn.
While enjoying a nice coffee, patrons should not be subjected to obscene videos, images or audio. All it takes is for one patron to catch a glimpse of porn on another customer’s screen to trigger a bad review. The situation would be even worse if a minor caught a glimpse or even deliberately accessed adult content while connected to the WiFi network. A bad TripAdvisor review could easily send potential customers straight to the competition and a social media post could all too easily go viral.
What are the chances of that happening? Well, it’s not just a hypothetical scenario, as Starbucks discovered. In 2011, Starbucks received a warning that minors had been subjected to obscene content in its coffee shops and the chain did little about the complaints. The following year, as the bad feedback continued, the story was picked up by the media.
The bad feedback mounted and there were many calls for the public to boycott Starbucks. In the UK, Baroness Massey announced to the House of Lords that she had boycotted the brand and heavily criticized the chain for failing to set an example. Naturally, competitors – Costa Coffee for example – were more than happy to point out that they had been proactive and already provided filtered Internet to prevent minors from accessing adult content on their WiFi networks.
It was not until 2016 when Starbucks took action and implemented WiFi filters for coffee shops in the UK and started providing family-friendly WiFi access. A chain the size of Starbucks could weather the bad press. Smaller coffee shops would no doubt fare far worse.
WiFi Filters for Coffee Shops are Not Only About Blocking Adult Content
WiFi filters for coffee shops are important for blocking obscene content, but that is far from the only threat to a brand. The Internet is home to all manner of malicious websites that are used to phish for sensitive information and spread malicious software such as malware and ransomware. WiFi filters for coffee shops can be used to carefully control the content that can be accessed by consumers, but they can also keep them protected from these malicious sites.
Just as users have safe search functionality on their home networks, they expect the same controls on public WiFi access points. Phishing attacks and malware infections while connected to coffee shop WiFi networks can also be damaging to a brand. With WiFi filters for coffee shops, instead of being phished, a user will be presented with a block screen that explains that the business has blocked access to a malicious site to keep them protected and that will send a positive message that you care about your customers.
Once WiFi filters for coffee shops have been implemented, it is possible to apply to be assessed under the government’s Friendly Wi-Fi scheme. That will allow a coffee shop to display the friendly WiFi symbol and alert potential customers that safe, secure, family-friendly filtered Internet access is provided.
WebTitan – TitanHQ’s Easy to Implement WiFi Filters for Coffee Shops
Fortunately, WiFi filters for coffee shops are not expensive or difficult to implement. If you use a cloud-based solution such as WebTitan Cloud for WiFi, you will not need to purchase any hardware or install any software. Your WiFi network can be secured in a matter of minutes. A simple change to point your DNS to WebTitan is all that is required (you can be talked through that process to get you up and running even faster).
Since the controls are highly granular, you can easily block any type of web content you wish with a click of a mouse, selecting the categories of content you don’t want your users to access through the web-based control panel. Malicious sites will automatically be blocked via constantly updated blacklists of known malicious and illegal web pages.
With WebTitan you are assured that customers cannot view adult and illegal content, you can block illegal file sharing, control streaming services to save bandwidth, and enforce safe search on Google and apply YouTube controls.
To find out more about the features and benefits of WebTitan, details of pricing, and to sign up for a demo and free trial, contact the TitanHQ team today.
TitanHQ, the leading provider of spam filtering, web filtering, and email archiving solutions for managed service providers (MSPs) recently partnered with Datto Networking, the leading provider of MSP-delivered IT solutions to SMBs.
The partnership has seen TitanHQ’s advanced web filtering technology incorporated into the Datto Networking Appliance to provide secure internet access to all users connected the network.
The new technology providing enhanced protection against web-based threats while allowing administrators to carefully control the web content that can be accessed by employees and guest users.
On October 18, 2018, Datto and TitanHQ will be hosting a webinar that will explain the new functionality of the Datto Networking Appliance to MSPs, including a deep dive into the new web filtering technology.
Its conference season and the TitanHQ team is hitting the road again. The TitanHQ team will be travelling far and wide and will be attending the major MSP industry events in the United States and Europe throughout October and November.
The conferences give new and current MSP partners the chance to meet the TitanHQ team face to face, get answers to questions, pick up tips and tricks to get the most out of TitanHQ products, and find out about the latest innovations for MSPs from TitanHQ.
Conference season kicks off with the third annual Kaseya Connect Europe Conference in Amsterdam (October 2-4) at the NH Collection Amsterdam Grand Hotel Krasnapolsky in Amsterdam. Kaseya is the leading provider of complete IT infrastructure management solutions for MSPs, offering best-in-class solutions to help MSPs efficiently manage and secure IT environments for their clients.
TitanHQ is an Emerald Sponsor for the event and will be showcasing its SpamTitan spam filtering and WebTitan web filtering solutions for MSPs. TitanHQ will be at booth 4 at the event, next to Datto and Bitdefender – both of which are TitanHQ partners.
Next stop for the TitanHQ tour bus is the CompTIA EMEA Member & Partner Conference at Etc. Venues County Hall on the south bank of the Thames in London (October 16-17). The Computing Technology Industry Association is the world’s leading tech association, providing education, training, certification, advocacy, philanthropy and market research. The conference brings together members and thought leaders from the entire tech industry with panel discussions, keynote speeches, and the latest news and advice about the key trends and topics impacting the tech industry.
TitanHQ is a key sponsor of the event and will be on hand give product demonstrations and explain about the opportunities that exist for MSPs to add web filtering, spam filtering, and email archiving services to their client offerings.
At the end of October, the TitanHQ team will be heading to sunny Spain for DattoCon18 at the Fairmont Rey Juan Carlos I in Barcelona (October 29-31). The conference is focused on helping business owners run their businesses more effectively through the use of Autotask + Datto solutions. There will be a host of educational sessions and keynote speeches at the event, with plenty of opportunities for networking. TitanHQ will be showcasing its security solutions for MSPs at the conference.
At the start of November, TitanHQ will be in attendance at the leading conference for the WiFi industry. The WiFi Now Europe conference is being held in Berlin ((November 6-8) at the Holiday Inn Berlin City-West. The event offers three full days dedicated to all things WiFi. Attendees will find out about key developments in WiFi and the latest industry trends, with opportunities to learn from industry experts, meet key industry influencers, and discover new business opportunities.
TitanHQ will be showcasing its WebTitan Cloud for WiFi solution at the event and will be explaining how MSPs can incorporate web filtering into their service stacks to provide greater value to their clients and improve their bottom lines
Next comes a quick hop across the Atlantic to the HTG Peer Groups Q4 conference in at the Omni Orlando Resort in Orlando, Florida (October 10-16). HTG is an international consulting, coaching and peer group organization that helps business by igniting personal, leadership, business and legacy transformation to get companies to achieve their full potential.
There will be a full program of events throughout the week including peer group meeting and opportunities for learning and building relationships. TitanHQ will be in attendance and will be showcasing its innovative business security solutions.
Summary of TitanHQ Conference Schedule 2018
October 2-4: Kaseya Connect Europe, Amsterdam, Netherlands. Booth #4
October 16-17: CompTia EMEA Member & Partner Conference; London, UK. Booth #28
October 29-31: DattoCon18, Barcelona, Spain.
November 6-8: WiFi Now, Berlin, Germany.
November 10-16: HTG Peer Groups Q4 Conference, Orlando, FL, USA.
A Bristol Airport ransomware attack has resulted in its customer display screens being taken offline for two days. Staff at the airport have had to resort to using dry markers and whiteboards to display flight arrival and departure information while the malicious software was removed and files were decrypted.
Ransomware was installed on its administrative computer system in the early hours on Friday, 14 September. As a result of the attack, several applications had to be taken offline as part of the airport’s efforts to contain the attack and prevent critical airport systems from being affected. The application used to display arrival and departure information throughout the airport was one of the casualties.
A statement was provided to the media confirming that a ransom demand had been received but the decision was taken not to give in to the attacker’s demand. Instead, IT staff at the airport chose to restore affected systems from backups. That process continued throughout the weekend. Screens in key locations throughout the airport were slowly brought back online on Sunday and efforts are continuing to restore files on all other affected computers at the airport.
Bristol Airport spokesman, James Gore, said initial investigations suggest this was a speculative rather than a targeted attack on the airport and that it was an online attack on its administrative systems. The exact nature of the Bristol Airport ransomware attack has not yet been disclosed and it is not known what variant of ransomware was used.
The recovery process has taken longer than was expected as the airport has adopted a particularly cautious approach due to the number of critical and security systems at the airport which could potentially have been affected. As it was, customer and airport safety were not affected by the ransomware attack and flights were not delayed.
Ransomware Still Poses a Major Threat to Businesses
Ransomware attacks have declined in recent months as many cybercriminals have turned to cryptocurrency mining as an easier way of generating an income, but the Bristol Airport ransomware attack shows that the threat of ransomware attacks is ever present. Cybercriminals have certainly not totally abandoned ransomware and it remains a serious threat.
Online attacks are also common. Ransomware is still widely distributed via exploit kits – Software loaded onto compromised websites that probes for vulnerabilities in browsers and plugins. When vulnerabilities are identified, they are exploited and ransomware is silently downloaded.
How to Prevent Ransomware Attacks
Protecting against ransomware attacks requires layered security solutions to block the key attack vectors. Spam filtering software will block the majority of malicious emails and prevent them from being delivered to end users’ inboxes. Security awareness training will help to ensure that employees can identify any malicious emails than make it past perimeter email security controls.
One of the most effective solutions for blocking web-based attacks is a web filter. Web filters can be configured to prevent end users from visiting malicious websites and will block drive-by downloads of malware. Naturally, all software, including browsers and browser plugins, should be kept up to date and fully patched to prevent vulnerabilities from being exploited. Anti-virus software on all servers and end points is also a must.
As was the case with the Bristol airport ransomware attack, files could be recovered from backups without the need to pay the ransom demand. To ensure file recovery is possible, regular backups must be made.
A good backup practice will see at least three backup copies created, on at least two separate media, with one copy stored securely offsite on a device that is not connected to a network or the Internet.
For more information on anti-ransomware solutions for businesses, speak to TitanHQ today. TitanHQ offers award-winning spam filtering and web filtering technology that blocks malware and ransomware attacks and other email and web-based threats.
There are many new services that managed service providers (MSPs) can add to their service stacks, such as cloud migration and digitization services, but the biggest area for growth is currently cybersecurity services.
The number of cyberattacks on SMBs and enterprises has increased substantially in recent years. More attacks are now being conducted than ever before, and many of those attacks are succeeding.
A successful attack can prove extremely profitable for an attacker and extremely costly for an enterprise. When a network or email account is breached, sensitive information can be stolen, such as the personal data of customers and employees and corporate secrets and proprietary data.
When customer information is stolen, the damage to a company’s reputation can be considerable. Customer churn rate increases, business is lost, and there may be regulatory fines to cover and lawsuits to fight. Notifications need to be issued and credit monitoring and identity theft protection services may need to be provided to customers. When proprietary data is stolen, a company’s competitive advantage can easily be lost.
Following any security breach, hours must be committed to forensic analyses to search for possible backdoors and malware. The breach cause must be identified and security holes must be plugged. All those costs (and more) add up. This year’s Cost of a Data Breach study conducted by the Ponemon Institute/IBM Security revealed the average cost of a data breach of up to 100,000 personal records has risen to $3.86 million in 2018 – a 6.4% increase since 2017.
The massive disruption to businesses caused by cyberattacks and the considerable cost of mitigating data breaches means SMBs and enterprises need to take precautions and invest in cybersecurity defenses. However, the shortage of skilled staff in this area and already overworked IT departments has meant many companies have had to turn to MSPs and managed security service providers (MSSPs) to help shore up their defenses, monitor for potential intrusions, and respond to breaches when they occur.
Many MSPs have responded to the demand and are now offering security services to their clients to meet the demand. That demand is so great, that managed security services are now a huge growth area for MSPs.
Each year, Channel Futures conducts its MSP 501 survey, which evaluates the revenue growth, service deliverables, and business models and strategies adopted by the most progressive and forward-thinking MSPs around the globe. This year, the survey revealed that the biggest growth area is security services. 73% of all surveyed MSPs said security was their fastest growing service. As a point of comparison, the next biggest growth area was professional services (55%), followed by Office 365 (52%) and consulting (51%).
With huge demand for managed security services, it is no longer a question of whether they should be added to MSPs service stacks, but more a question of how they can be integrated, how to architect those services, and how to package security services together to meet customers’ needs.
What Security Services are Being Offered by MSPs?
Many enterprises and SMBs that attempt to go it alone end up deploying dozens of different security solutions at considerable cost, only to discover they are still attacked and suffer network breaches. Most businesses do not have the staff to commit to implementing, monitoring, and managing large numbers of cybersecurity solutions. This creates an opportunity for MSPs.
Some MSPs have opted to provide clients with a suite of cybersecurity solutions from a single provider, as the solutions work seamlessly together and there is less potential for security gaps to exist. While this has worked for some MSPs, the problem with this approach is clients could approach that vendor and decide to go direct. MSPs that have succeeded with this model are adding considerable value – such as their expertise in running those solutions.
Logicalis, ranked #10 in the MSP 501 list, has taken a different approach and is bundling together a range of solutions that can be easily managed together and match customers’ needs exactly. “We pick our swim lanes, we pick our areas that are most relevant to our skills, to our customers, and we make sure we have the disciplines and domain expertise to deliver against that,” said Logicalis’ chief sales officer Mike Houghton.
Clients often get the best value – and protection – when MSPs package together cybersecurity products from a wide range of cybersecurity solution providers to provide a comprehensive security service, as Tom Clancy, CEO of Valiant Technology and #206 in Channel Future’s MSP 501 list explained. “Providing a bundle of offerings from different vendors that work well together is the most effective way for an MSP to retain its role as a trusted adviser.”
Valiant Technology has even taken this a step further and is moving towards making security a ‘non-optional’ offering. Clancy explained to Channel Futures that, “Our managed services plans will say, ‘It costs this much per seat, and it’s this much if you want the security package. And by the way, you really want the security package, otherwise here’s my limitation of liability.”
Naturally, putting together a package of security services requires considerable research and planning, new staff may need to be hired, and training on the products must be provided. It is a lot of work, but the potential rewards are considerable.
How Can TitanHQ Help?
TitanHQ has developed a suite of security products that are ideally suited for MSPs, offering a winning combination of easy deployment, remote management, superb protection against a wide range of threats, and excellent margins. The solutions mitigate the threat from web and email-based attacks integrate seamlessly into MSPs existing service stacks.
SpamTitan provides world-class protection from spam and malicious emails, preventing malware, ransomware, and phishing emails from reaching end users’ inboxes. The solution is complimented by WebTitan, a powerful web filtering solution that prevents end users from visiting malicious websites, blocks drive-by downloads of malicious software, and enforces acceptable Internet usage policies.
To find out more about how these two solutions benefit MSPs and their clients, and the tools available to seamlessly integrate these technology-agnostic security services into MSPs security packages, contact the TitanHQ team today.
An email archive is a store for old emails which may need to be accessed from time to time but are not needed on a day to day basis. An email archive securely preserves all email conversations in a searchable format that allows companies to satisfy state, federal, and industry requirements.
Email Archives Save on Storage Space
While messages could be left in personal mailboxes, the number of emails received on a daily basis means the storage space required for each mailbox would be considerable, especially considering the requirement in many industries to retain emails for several years. Even if employees exercised strict control over their inboxes and mailbox folders and diligently deleted spam and non-official emails, storage space will still likely become an issue in a short space of time.
Archives are Searchable Email Stores
One common solution to preserve emails is a mailbox backup. Email backups allow an entire mailbox to be restored in the event of disaster or could be used to recover emails that have been accidentally deleted.
However, as with any store, be it a storeroom at work, or your attic or garage at home, knowing that an item is in storage does not mean it is easy to find. While you may need to invest a little time to find a particular item in your garage, it can be a gargantuan task to find a single email in an email backup containing thousands or even tens of thousands of messages, as backups are not searchable.
An email archive differs from a backup as messages are indexed to allow searches to be performed. Finding a message in a backup file can take hours or even days. Finding a message in an archive takes a matter of seconds or a minute or two. When an email needs to be produced for any reason, an email archive allows it to be quickly found.
Typically, IT staff have much more pressing things to attend to than recovering accidentally deleted emails. An archive can be accessed and searched by employees without any IT department involvement. Further, if a cloud-based archive is used, emails can be accessed from any location and emails found even when the mail server is down.
There are naturally situations when more formal searches are required, such as when issues are identified with an employee and HR needs further information on the matter. Legal eDiscovery requests require large quantities of emails to be found and provided to attorneys, and customer disputes require email conversations to be quickly found. An archive significantly reduces the time taken for these tasks to be performed. A company-wide search of emails typically takes 80% less time when an archive is used.
Email Archives are Important for GDPR Compliance
Since the General Data Protection Regulation has come into effect, email archives are even more important. When a request is received from an individual who wants to exercise their right to be forgotten, all data must be erased, which includes data contained in email accounts. An email archive allows emails to easily be found and deleted.
The email archive serves as a black box recorder for email ensuring that come what may, all emails can be located. Emails in the archive are also tamper-evident and court admissible. This makes email archives important for compliance with state, federal, and industry regulations.
An Email Archive Saves Companies Time and Money
Mail server efficiency is improved by using archives, server management costs are reduced, and storage costs are slashed. Typically, companies can save up to 75% on storage space when an archive is used. Further, when emails need to be migrated to new mail servers, it is a much quicker process when the majority of emails have been placed in an archive. The cost savings from using an email archive are considerable.
In summary, an email archive maintains an audit trail, ensures emails are never lost or deleted, provides a failsafe in the event of disaster, and ensures emails can be found quickly. An email archive saves companies time, money, and helps with compliance with state, federal, and industry regulations.
ArcTitan: A Fast, Efficient, Low Cost Email Archiving Solution for Businesses
If you have not yet started using an email archiving solution, TitanHQ has an ideal solution. ArcTitan is a fast, convenient, scalable, and low-cost archiving solution for SMBs and enterprises.
ArcTitan is a cloud-based email archiving solution that integrates seamlessly with Outlook. ArcTitan allows emails to be quickly and easily archived and retrieved on demand via super-fast, user-friendly search screens.
All emails are de-duplicated and compressed to reduce storage space and all messages and attachments are stored securely in IL5 certified datacenters.
If you want an easy to use email archiving solution that can be implemented in minutes, contact the TitanHQ team today for further information.
Cybersecurity best practices for restaurants that you can adopt to make your network more secure and prevent hackers from gaining access to your POS system and customers’ credit card information.
Cybercriminals are Targeting Restaurants’ POS Systems
If you run a busy restaurant you will most likely be processing thousands of credit and debit card transactions every month. Every time someone pays with a card you have a legal responsibility to ensure that the card details that are read through your point of sale (POS) system remain private and cannot be stolen by your employees or obtained by cybercriminals.
So far this year there have been several major cyberattacks on restaurants that have resulted in the credit and debit card numbers of customers being stolen. In August, Darden Restaurants discovered that hackers gained access to the POS system used in its Cheddar’s Scratch Kitchen restaurants and potentially stole over half a million payment card numbers.
Applebee’s, PDQ, Zippy’s, and Chili’s have all experienced cyberattacks in 2018 which have resulted in hackers gaining access to customers’ payment cards. Last year also saw several cyberattacks on restaurants, including attacks on Shoney’s, Arby’s, Chipotle, and the Sonic Drive-In chain. These restaurant cyberattacks are notable due to the amount of card numbers that were stolen. The cyberattack on Cheddar’s is thought to have resulted in the theft of more than half a million payment card numbers, expiry dates and CVV codes, while the Sonic data breach has been estimated to have impacted millions of customers.
Not all cyberattacks on restaurants are conducted on large restaurant chains. Smaller restaurants are also being attacked. These smaller establishments may not process anywhere near as many payment card transactions as a chain the size of Applebee’s, but the attacks can still prove profitable for criminals. Card details sell for upwards of $7, so the theft of 1,000 card numbers from a small restaurant will still generate a decent profit and the effort required to conduct cyberattacks on small restaurants is often far less than an attack on a large chain.
All restaurants are at risk of hacking. Steps must therefore be taken by all restaurants to make it as hard as possible for hackers to gain access to the network, POS systems, and customer data. With this in mind we have listed cybersecurity best practices for restaurants to adopt to avoid a data breach.
Cybersecurity Best Practices for Restaurants
Listed below are some cybersecurity best practices for restaurants to adopt to make it harder for hackers to gain access to your network and data. There is no silver bullet that will stop all cyberattacks, but these cybersecurity best practices for restaurants will help to improve your security posture.
Network Segmentation is a Must
You will most likely have multiple computers in use in your restaurant as well as many other devices that connect to your network via an ethernet connection or WiFi. Every device that connects to your network is a possible entry point that could be exploited by a hacker. It is therefore important to stake steps to ensure that if one device is compromised, access cannot be gained to your entire network. Your POS system needs to be segregated from other parts of the network and users should only be permitted to access parts of the network that are required to complete their assigned duties.
Patch Management and Vulnerability Scanning
All it takes is for one vulnerability to remain unaddressed for you to be vulnerable to attack. It is therefore essential to maintain an inventory of all devices that connect to your network and ensure that patches and software updates are applied on all those devices as soon as they are released. You should also conduct regular vulnerability scans to identify possible weak points and take prompt action to ensure those weak points are addressed.
Secure the Perimeter with a Firewall
One of the most important cybersecurity solutions to implement to prevent hackers from gaining access to your network is a firewall. A firewall monitors and controls incoming and outgoing network traffic and serves as a barrier between a trusted internal network and an untrusted external network. A firewall is also an important element of PCI compliance.
Implement a Spam Filter to Block Malicious Emails
Email is the most common vector used to install malware. Phishing attacks are commonplace and are an easy way for hackers to gain login credentials and get a foothold in the network. Use a spam filter such as SpamTitan to prevent malicious messages from being delivered to end users’ inboxes and block all malware-laced emails.
Protect Your WiFi Network with a Web Filtering Solution
Your WiFi network is a potential weak spot and must be secured. If you provide WiFi access to your customers, ensure they are only provided with access to a guest network and not the network used by your staff. Implement a web filter to control what users can do when connected to your network. A web filter will help to prevent malware from being downloaded and can be configured to block access to risky websites. WebTitan is an ideal web filter for restaurants to improve WiFi security.
Purchase Antivirus Software
Antivirus software is one of the most basic software solutions to protect against malware. Malware is commonly installed on POS systems to record and exfiltrate payment card information. Not only should you ensure that a powerful antivirus solution is installed, you should also ensure regular scans of the network are performed.
Provide Security Awareness Training to Staff
Your employees are a potential weak point in your security defenses. Don’t assume that your employees are security aware. Teach your staff cybersecurity best practices for restaurants, provide anti-phishing training, and explain about risky behaviors that could easily lead to a data breach.
Backup and Backup Again
You should perform regular backups of all your essential data to protect against saboteurs and provide protection against ransomware attacks. If disaster strikes, you will need to record all your data. Adopt the 3-2-1 approach to creating backups. Create three copies, on two separate media, and store one copy securely off site on an air-gapped device that is not connected to the Internet.
Vet your Vendors
Access to your network may be gained through your vendors. The cyberattack on PDQ restaurants occurred via a remote access tool used by one of its technology vendors. If a vendor is able to connect to your network, it is essential that they have appropriate security controls in place. Be sure to check how secure your vendor is and what controls they have in place to prevent hacking before giving them network access.
Adopt these cybersecurity best practices for restaurants and you will make it harder for hackers to gain access to your network and you should be able to avoid a costly data breach.
Austin, Texas-based managed services provider Acumera has successfully integrated the WebTitan web filtering solution into their service offerings and are now providing advanced web filtering to their clients.
Acumera provides managed security services to a wide range of companies throughout the United States across hundreds of thousands of locations, including healthcare providers, automated parking garages and some of the best-known retailers in the country such as 7-Eleven, Circle K, Subway, Pluckers, Benetton, and Valero service stations.
Many of the companies that have chosen Acumera to provide fully managed security services operate in hundreds or thousands of locations – 7-Eleven has more than 7,700 stores in the United States. Acumera secures payment systems and provides network security, connectivity, and visibility services across these widely distributed networks.
Acumera’s expertise in securing large highly distributed networks ensures its customers have the peace of mind that their networks and systems are fully secured, while avoiding the security headaches that many highly distributed companies face. Acumera’s customers certainly get an excellent return on their investment and tremendous value for money.
The Acumera Team with TitanHQ Alliances Director Mr. Eddie Monaghan in Austin, Texas.
Now, following the integration of WebTitan, Acumera’s customers can now benefit from advanced malware and ransomware protection both on and off corporate networks. WebTitan provides excellent protection from a wide range of web-based threats and allows companies to carefully control the websites that their employees can access. Highly granular controls ensure accurate content control without overblocking.
WebTitan Cloud is an easy to use, multi-tenant solution that MSPs can quickly set up and configure. There is no need for any hardware purchases, software installations of site visits. The 100% cloud-based solution can integrate seamlessly with existing client packages to increase revenue and attract more business.
The solution can be hosted on TitanHQ’s servers or within MSPs own environments, with a full white label version ready to take MSPs own branding.
Thanks to the WebTitan Application Programming Interface (API), managed services providers can easily incorporate WebTitan into their service offerings and provide DNS filtering to their customers.
If you are a managed service provider and you are interested in adding DNS filtering to your service stack and would like to become a TitanHQ Alliance partner, contact the TitanHQ team today for more information.
TitanHQ has announced as part of its strategic alliance with networking and security solution provider Datto, WebTitan Cloud and WebTitan Cloud for Wi-Fi have been incorporated into the Datto networking range and are immediately available to MSPs.
Datto is the leading provider of enterprise-level technology to small to medium sized businesses through its MSP partners. Datto offers data backup and disaster recovery solutions, cloud-to-cloud data protection services, managed networking services, professional services automation, and remote monitoring and management tools.
The addition of WebTitan to its range of security and networking solutions means its MSP partners can now offer their clients another level of security to protect them from malware and ransomware downloads and phishing attacks.
WebTitan is a 100% cloud-based DNS web filtering solution developed with MSPs in mind. In addition to allowing businesses to carefully control the types of websites their employees can access through corporate wired and wireless networks, the solution provides excellent protection against phishing attacks and web-based threats.
With phishing now the number one threat faced by SMBs and a proliferation of ransomware attacks, businesses are turning to their MSPs to provide security solutions to counter the threat.
Businesses that implement the solution are given real-time protection against malicious URLs and IPs, and employees are prevented from accessing malicious websites through general web browsing and via malicious URLs sent in phishing emails.
“We are delighted that Datto has chosen TitanHQ as a partner in web security. By integrating TitanHQ’s secure content and web filtering service, we are well positioned to offer Datto MSPs a best of breed solution for their small to mid-size customers,” said TitanHQ CEO, Ronan Kavanagh.
“We pride ourselves in equipping our community of Managed Service Provider partners with the right products and tools to allow each and every customer to succeed,” said John Tippett, VP, Datto Networking. “With that in mind, I’m delighted to welcome TitanHQ as a security partner and look forward to growing our partnership.”
At the upcoming TitanHQ-sponsored DattoCon 2018 conference in Austin, TX – the largest MSP event in the United States – MSPs will be able to see WebTitan in action. TitanHQ’s full team will be in attendance, including Ronan Kavanagh – TitanHQ’s CEO, Conor Madden – Sales Director, Dryden Geary – Marketing Manager, and Eddie Monaghan – Alliance Manager.
MSPs can visit the TitanHQ team at booth #66 in the exhibition hall for a demonstration of WebTitan, SpamTitan – TitanHQ’s award -winning spam filtering solution – and ArcTitan, TitanHQ’s email archiving solution. All three solutions are MSP friendly and are easily added to MSP’s service stacks.
DattoCon 2018 runs all week from June 18, 2018. The TitanHQ team will be present all week and meetings can be arranged in advance by contacting TitanHQ ahead of the conference.
TitanHQ has announced its 100% cloud-based web filtering platform, WebTitan, has been fully integrated into the Kaseya IT Complete Platform.
The IT Complete platform helps MSPs deliver invaluable cybersecurity and IT services to their clients quickly and efficiently. By using the platform, MSPs can save valuable time, allowing them to concentrate on IT projects strategic to their business.
The addition of a web filtering solution to the IT Complete platform allows MSPs to provide a more comprehensive range of cybersecurity solutions to their clients to help protect against a wide range of web-based threats. The web filtering solution joins cybersecurity solutions developed by Bitdefender, Cisco, and Dell and is now available to all MSPs who use Kaseya VSA.
WebTitan is a powerful DNS-based web filtering solution ideally suited to MSPs. The solution provides proven protection against malware and ransomware downloads, and complements existing anti-virus, email filtering, data backup solutions, and firewalls.
Being 100% cloud-based it is easy to deploy without the need for any hardware purchases, software installations, or site visits. With the new integration, WebTitan can be accessed directly through Kaseya VSA, and can be deployed and configured in minutes, providing near instant protection against web-based threats.
The integration of WebTitan into the Kaseya IT Complete platform is particularly timely, as some of the world’s leading MSPs will be attending the Kaseya Connect conference in Las Vegas, NV this week.
“Kaseya is a partner we have admired for a long time and I’m delighted to announce this integration. With over 10 million endpoints under their management it represents a massive opportunity for our business,” said Ronan Kavanagh, CEO of TitanHQ. “We look forward to working with Kaseya’s MSP partners and adding our personal touch and renowned focus on great customer support.”
The massive increase in cyberattacks on businesses in recent years has made cybersecurity a key area of growth for MSPs. Companies need to implement layered defenses to protect an ever-increasing attack surface and turn to MSPs to help them secure their networks.
“Security is a critical service that all MSPs must deliver,” said Frank Tisellano, Jr., vice president product management and design. “Adding WebTitan to our open ecosystem of partner solutions means our customers now have even greater access to best of breed technologies to meet the needs of their business. With growing concerns over malware, ransomware and phishing as key threats to MSP customers, WebTitan adds a highly effective layer of protection.”
A web-based malware distribution network that was redirecting around 2 million website visitors a day to compromised websites hosting exploit kits has been disrupted, crippling the malware distribution operation. The web-based malware distribution network – known as EITest – was using compromised websites to redirect web visitors to sites where exploits were used to download malware and ransomware, as well as redirect users to phishing websites and tech support scams that convinced visitors to pay for fake software to remove non-existent malware infections.
Due to the scale of the operation, removing the redirects from compromised websites is a gargantuan task. Efforts to clean up those sites are continuing, with national CERTs notified to provide assistance. However, the web-based malware distribution network has been sinkholed and traffic is now being redirected to a safe domain. Proofpoint researchers were able to seize a key domain that was generating C&C domains, blocking the redirects and re-routing them to four new EITest domains that point to an abuse.ch sinkhole.
The sinkhole has only been in operation for a month – being activated on March 15 – yet already it has helped to protect tens – if not hundreds of millions – of website visitors. In the first three weeks alone, an astonishing 44 million visitors had been redirected to the sinkhole from around 52,000 compromised websites and servers.
The majority of the compromised websites were running WordPress. Malicious code had been injected by taking advantage of flaws in the CMS and plugins installed on the sites. Vulnerabilities in Joomla, Drupal, and PrestaShop had also been exploited to install the malicious code.
The web-based malware distribution network has been in operation since at least 2011, although activity increased significantly in 2014. While previous efforts had been made to disrupt the malware distribution network, most failed and others were only temporarily successful.
The malicious code injected into the servers and websites primarily redirected website visitors to an exploit kit called Glazunov, and to a lesser extent, the Angler exploit kit. Those exploit kits probed for multiple vulnerabilities in software to download ransomware and malware.
The threat actors behind EITest are believed to have responded and have attempted to gain control of the sinkhole, but for the time being those efforts have been thwarted.
How to Improve Security and Block Web-Based Malware Attacks
While it is certainly good news that such a major operation has been disrupted, the scale of the operation highlights the extent of the threat of web-based attacks. Spam email may have become the main method for distributing malware and ransomware, but organizations should not ignore the threat from web-based attacks.
These attacks can occur when employees are simply browsing the web and visiting perfectly legitimate websites. Unfortunately, lax security by website owners can easily see their website compromised. The failure to update WordPress or other content management systems and plugins along with poor password practices makes attacks on the sites a quick and easy process.
One of the best cybersecurity solutions to implement to reduce the risk of web-based attacks is a web filter. Without a web filter in place, employees will be permitted to visit any website, including sites known to host malware or be used for malicious purposes.
With a web filter in place, redirects to malicious websites can be blocked, downloads of risky files prevented, and web-based phishing attacks thwarted.
TitanHQ is the leading provider of cloud-based web filtering solutions for SMBs and enterprises. WebTitan Cloud and WebTitan Cloud for WiFi allow SMBs and enterprises to carefully control the website content that can be accessed by their employees, guest network users, and WiFi users. The solution features powerful antivirus protections, uses blacklists of known malicious websites, and incorporates SSL/HTTPS inspection to provide protection against malicious encrypted traffic.
The solution also allows SMBs and enterprises to enforce their acceptable internet usage policies and schools to enforce Safe Search and YouTube for Schools.
For further information on how WebTitan can protect your employees and students and prevent malware infections on your network, contact TitanHQ today.
It has taken some time, and Google did not want to have to take action, but finally the Google Chrome Ad blocker has been released. The new feature of Chrome means intrusive adverts can now be blocked by users if they so wish.
What Will the Google Chrome Ad Blocker Block?
Google makes a considerable amount of money from advertising, so the Google Chrome Ad blocker will not block all adverts, only those that are deemed to be intrusive and annoying. Those are naturally subjective terms, so how will Google determine what constitutes ‘intrusive’?
One of the first checks performed by Google is whether adverts on a webpage violate the standards set by the Coalition for Better Ads – A groups of trade organizations and online media companies committed to improving the online experience for Internet users.
The Coalition for Better Ads has identified ad experiences that rank the lowest across a range of experience factors and has set a bar for what is acceptable. These standards include four types of ads for Desktop users: Popup ads, auto-playing videos with sound, prestitial ads with countdowns, and large sticky ads. There are eight categories covering mobile advertising: Popup ads, prestitial ads (where ads are loaded before content), prestitial ads with countdowns, flashing animated ads, auto-playing videos with sound, full screen scrollover ads, large sticky ads, and an ad density higher than 30%.
Google Chrome assesses webpages against these standards. If the page has none of the above ad categories, no action will be taken. Google says when 7.5% of ads on a site violate the standards the filter will kick in. If the above standards are violated the site get a warning and will be given 30 days to take action. Site owners that ignore the warning and fail to take action will have their sites added to a list of failed sites. Those websites will have the adverts blocked, although visitors will be given the option of loading adverts on that site.
The aim of the Google Chrome Ad blocker is not to block advertisements, but to urge site owners to adhere to Better Ads standards. Google reports that the threat of ad blocking has already had a positive effect. Before the Google Chrome Ad blocker was even released, Google says 42% of sites with intrusive adverts have already made changes to bring their sites in line with Better Ads standards.
The move may not have been one Google wanted to make, but it is an important step to take. Intrusive adverts have become a major nuisance and web users are taking action by installing ad blockers. Ad blockers do not rate ads based on whether they are annoying. They block all adverts, which is obviously bad for companies such as Google. Google made $95.4 billion dollars from advertising last year and widespread use of ad blockers could make a serious dent in its profits. According to figures from Deloitte, 31% of users in the United States have already installed ad blockers and the figure is expected to rise to a third of all computers this year.
So, will the Google Chrome ad blocker mean fewer people will use ad blocking software? Time will tell, but it seems unlikely. However, the move may mean fewer people will seriously consider blocking adverts in the future if companies start adhering to Better Ads standards.
Why Businesses Should Consider Using a Web Filter
For businesses, adverts are more than a nuisance. Some adverts pose a serious security risk. Cybercriminals use malicious adverts to direct end users to phishing websites and webpages hosting exploit kits and malware. Termed malvertising, these adverts are a major risk. While it is possible to use an adblocker to prevent these malicious adverts from being displayed, adblockers will not prevent other serious web-based threats. For greater web security, a web filter is required.
By carefully controlling the web content that can be accessed by employees, businesses can greatly improve web security and block the majority of web-based threats.
For more information on blocking malicious and undesirable content, contact the TitanHQ team today for advice.