Natural disasters such as the ongoing Northern California wildfires as well as the ongoing uncertainties surrounding federal drug law enforcement indicate an industry waging defensive battles on many fronts. Indeed, these struggles should not be ignored, as they pose existential threats to the livelihoods of many. But they are not the only threats this industry faces. Amongst the captains of global industries, a deeper, more insidious challenge has arisen: cybercrime. Rogue nations such as North Korea have trained a sprawling network of hackers to virtually rob banks and funnel the proceeds back into their impoverished economies. Hacks against powerful corporations and institutions like Equifax, Yahoo, Sonic and the SEC show the increasing sophistication and reach of digital intruders. And Cisco recently warned in its 2017 Midyear Cybersecurity Report that botnet architects (the utilization of hacked machines to swarm upon unsuspecting websites and servers) have the capacity to shut down the internet itself.
The cannabis industry has not evaded the attention of these cybercriminals. Several well-publicized attacks this year have shown the increasing interest hackers are directing towards the data and intellectual property cannabis entrepreneurs are amassing. As your business grows and scales, you will need to keep constant watch upon your IT infrastructure to prevent against such attacks. In short, it will need management, especially as businesses begin using cloud services more frequently. To fill that need, managed security service providers such as my company, GeekTek, have arisen to provide a robust set of security services, protocols and day-to-day management.
However, if you decide to forego these services, we recommend the following steps as the bare minimum to protect your data. However, do not underestimate the effectiveness of these measures. Many of this era’s most catastrophic digital intrusions occurred because of a simple careless error which exposed the personal information of millions. For instance, Equifax failed to update a key web application software module with the appropriate patch, unwittingly giving hostile intruders access to the identities of over 145 million consumers. Proper data security does not require extensive training to implement, but it does require business people to adopt important protocols. Everyone locks his/her doors before s/he leaves the house. If you’re storing your own proprietary/customer data in your own data center (Part Two of this series will focus on alternative, non-MSSP based protections businesses can take in the cloud), ensure that you’re performing these crucial tasks to keep your own equivalent entry points sealed shut to the wrong people.
- Turn off direct Remote Desktop Protocol (RDP) access to your server: many businesses, including our own, use RDP, and for good reason. It allows seamless access to workstations from anywhere in the world. However, it also exposes a port to any potential troublemaker if your employees access RDP through an unsecured internet connection. So for now, shut it off.
- Enable VPN on your firewall, use that, then use RDP: If you do not use strong encryption to connect to your endpoints, hackers can not only intercept your data, but gain access to your network. RDP sessions occur within an encrypted channel, but VPN adds a crucial layer of security that restricts the connection. You can use RDP safely afterwards.
- Close all open ports on your firewall: For the reasons stated above, open ports invite data breaches, ransomware, viruses and many other network maladies. Of course, they cannot stop employees from clicking on a link in a phishing email. However, due to cases such as the the $1 billion robbery of the Bangledeshi central bank system, where there was NO firewall, the primacy of a well-configured firewall – nay, its very existence – should not be discounted outright.
- Create backups: In the worst case scenario that your data is irretrievably corrupted or encrypted – say, by the devastating WannaCry virus – you’ll need good backups to restore your system to its original state. These backups should occur at regular intervals and copies should be stored in a secure cloud location. Appriver also recommends a dry-run installation of a backup after a simulated cyberattack. This exercise provides a good time estimate for your system’s recovery. Backblaze offers a reliable and inexpensive service for backup storage, but it matters little which one you choose. Just make sure you have one.
- Install Ransomfree on your systems: This free ransomware software application is a good first step towards ransomware attack prevention. It provides adequate coverage from the worst ransomware programs. And best of all, it’s free.
- Enable two-factor authentication for your email accounts: From Google to Facebook, every major online presence has enabled two-factor authentication for its individual users. Those signing into their accounts will also receive either a code texted to their phone or a notification on a security app such as Duo that enables access to one’s account. Many users choose easily hackable passwords and use them across platforms – which they shouldn’t. Two-factor provides another line of defense should they inevitably get hacked. But even if they use unique passwords, two-factor will prevent even more sophisticated hackers from using their user accounts to enter your network.
Most likely, hackers will not explicitly target your business, but they will if you make it easy for them. Cannabis entrepreneurs, particularly those who are learning business skills as they go, may be tempted to treat classic IT security as an afterthought. However, they tend to change their minds once they see their own home address and tax information posted on the Dark Web. By following the steps above, you’ll manage to avoid the most obvious and most common oversights which can lead to a full-on data panic for your employees and clients.
Keep an eye out to see Part 2 of this CyberSecurity intel provided by GeekTek CEO, Eric Schlissel!