Atlantic Business Technologies, Inc.

Category: Cloud Security

  • How to Innovate in a Highly-Regulated Environment

    ABT helped Mutual Drug navigate a highly-regulated environment to provide a modern, user-friendly application which met and exceeded industry standards. Here’s how we modernized this healthcare website.

    Needed: A Secure and Streamlined Ordering System

    Pharmacists and pharmacy managers must maintain an inventory and order replenishment stock, just as any business selling physical products. However, pharmacies have the additional challenge of meeting the regulatory requirements of dealing with controlled substances (drugs that require a doctor’s permission to use). Specifically, any electronic ordering system they build or use must be compliant with the Controlled Substances Ordering System (CSOS) requirements of the Drug Enforcement Administration (DEA). This basically requires pharmacists to digitally sign orders for controlled substances in order to verify the authenticity of the order.

    Atlantic BT’s client, NC Mutual Drug, is a pharmaceutical distributor with $1.2B+ in B2B volume. Their existing system, while CSOS-compliant, was cumbersome to use and required logging in and navigating two different systems. The client tasked us with designing and building a new system that was secure, highly available, fault tolerant, fully compliant with CSOS requirements and, most importantly, simpler and faster to use than their previous system. Achieving these objectives made it easier for the client’s customers to place small orders more frequently, thus reducing the need for bulk orders and product stockpiling.  

    Performing 11 Validations without Losing Your Mind

    Conceptually, the technical challenge was straightforward: enable the standard required use of Public Key Infrastructure (PKI) to manage a system of digital signatures which could then be used to encrypt and ensure the authenticity and security of orders for controlled substances. This kind of technology is often integrated with web applications to facilitate the secure electronic transfer of information for a range of activities such as e-commerce, internet banking and confidential email.

    Straightforward, however, did not mean simple—we had to design, build, and test a robust, scalable, secure system that would perform eleven validations for each transaction, yet be simple and efficient for the user. After working closely with the client to understand all the usability and functional requirements, we proposed a design to meet their needs.

    Following the Rules, Even When They’re Old

    The real challenge was to implement this standard in a way that was efficient and intuitive yet compliant with standards written over a decade ago (and hence technologically outdated).

    Making matters even more complicated, the detailed requirements of implementing a CSOS-compliant system are scattered over 300+ pages of over a half-dozen government documents. On top of that, the final system would have to be certified by a 3rd-party auditor. Given the dispersed requirements and 3rd-party verification, development of a compliant CSOS system could become a very long, expensive process if not managed carefully.

    We needed to design a more modern web application which would perform both the client and server actions on a consolidated platform—while satisfying standards written more than 10 years ago. 

    Solution: Communicate, Iterate, and Evaluate

    To resolve any open questions, early in the process we contracted with an established 3rd party CSOS auditor to evaluate the application. Atlantic BT worked closely with the auditor to share documents and information so they could provide feedback on the development direction. Atlantic BT then performed multiple internal audits and tests to save our client the significant costs of multiple official audits.

    After extensive back-and-forth discussion with the client and the auditor, including a couple of challenges both to the requirements and to the proposed solution, all parties agreed a slight modification to ABT’s original design would meet both the client’s requirements and the standard. We built the system to the agreed-upon design, tested it, and had it evaluated by the auditors, who approved and certified the application as compliant.

    Result: Elegant Compliance Meets Streamlined Usability

    NC Mutual Drug now has a state-of-the-art solution for their customers to easily, securely place orders for their pharmaceuticals, including controlled substances. They can now rest assured they have a much more robust, fault-tolerant, scalable system that can easily grow with them into the future.

    Beyond stability and compliance, a validation process that formerly took 3+ minutes and multiple systems can now be completed in 30 seconds on a single interface. Considering NC Mutual Drug’s  operation runs hundreds of these processes every day, this exceptional boost in efficiency frees up member pharmacists to perform more important tasks to protect customer health.

    Get a more detailed look at the system Atlantic BT delivered by reading our in-depth writeup of Mutual Drug’s new CSOS system.

  • The Urgent Need for Vulnerability Scanning

    One might think that IT system vulnerabilities are decreasing. With the spread of virtualization and cloud adoption, we assume that security is getting stronger. Configuration and hardening technologies continue to evolve, resulting in a lower surface vulnerability – right? 

    Wrong! Not even close.

    Hackers are finding new ways to target and exploit your organization’s vulnerabilities. The National Vulnerability Database maintains over 110,000 common vulnerabilities entries. In fact, by January 4th 2019, and the NVB has already logged 39 new vulnerabilities entries for 2019.

    Why You Need Vulnerability Management

    Vulnerability Scanning is vital; it protects the hygiene of your systems by reducing attack surfaces. This protection can (and should) take a number of forms:

    External Protection

    An external attack is one done from the outside. A hacker tries to gain access to your organization’s devices and systems via the Internet. Oftentimes, your environment will have unnecessary ports open. Since they’re not in use, they are easy-to-miss open doors for a potential breach. When a breach occurs, you should disable these ports and any other insecure communications protocols.

    Internal Protection

    An internal attack is when a hacker tries to gain access through your organization’s personal wired and wireless networks. Password credentials can be one of the main issues here. They often allow for more access to systems than is necessary for that user’s role. Your organization should be leveraging identity management tools. These provide the appropriate level of access to systems needed, typically based on an employee’s position.

    Phishing Protection

    No explanation needed here, right? Hackers today are taking advantage of multiple ways to socially engineer access to your organization, and they’re doing it through your employees! Phishing’s reputation precedes it, keeping everyone on high alert. Unfortunately, the majority of breaches still happen at the human level. Educating your employees on phishing remains critical, but you can take this a step farther. Increase awareness by gaining actual business insight with testing results.

    Application Pen Testing

    Whether your application is for your internal operations or customer-facing, pen testing is essential. Vulnerabilities are often present in all application code. Best practices for development involve SecDevOps, or having security built into the development life cycle. If your company has developed an application for client use, be ready. Legal negligence will be your fault if you’re not rigorously performing security testing. While Equifax is a prime example, this can happen to organizations of any size. Hackers don’t care about the general scope of your company. They’re after the data!

    How Vulnerability Scanning Works

    With proper planning, you can do these types of testing in a non-disruptive way. It’s important to notify any Cloud providers when you schedule scans to run. They should be aware of when the scans will take place. Good deliverables should contain specific details about the vulnerabilities. This would include a ranking according to severity. Each vulnerability should have a recommended remediation approach. This is a productive action that your IT teams can tackle. When remediation is not viable, you must stay up to date with documentation. This is especially important if your organization must comply with specific Cybersecurity Frameworks.

    At Atlantic BT, we’re always ready and alert. Our Managed Vulnerability Scanning service is dependable and efficient. It provides our clients with an ongoing peace of mind. Their technical vulnerabilities and security issues are being identified. Best practice remediation is being suggested. Even better, risks are actively minimized around data loss and disruption.

    Security From Top to Bottom and Beyond

    ABT’s Security Solutions leadership and engineers have over 20 years of field experience. Our range of work includes:

    • Information Security Consulting
    • Security Operations
    • Incident Response
    • Managed Security Services

    We would never tell a client to do something we wouldn’t do ourselves. Therefore, we’ve integrated security best practices into our own daily operations. We’ve also navigated a variety of scenarios that our clients have faced. While doing so, we’ve utilized cybersecurity tools that continue to evolve in the marketplace.

    Our security team has helped many customers assess their security posture. We ensure they are covered by implementing security layers around every access point. Protection includes access controls and permissions, data encryption (both on-premise and in the cloud), and in-depth analysis to pinpoint cracks in the wall. To learn the ins and outs of your security needs, contact us today for a security assessment. 

  • 3 Reasons Your Magento Site Isn’t as Secure as You Think

    Is your Magento eCommerce site secure? How do you know?

    Without a code audit, you simply can’t be certain. All it takes is one unmaintained module, extension, or update, and your whole business is at risk. Making matters worse, anyone with an internet connection can find the weaknesses of your platform.

    Skeptical? Try typing your website into Magereport. Any of the red security warnings on the results page can allow a cyberattack into your code. Still not worried about Magento security? Here are 3 reasons your eCommerce platform is at risk.

    1. Security Breaches Happen All the Time

    Security breaches aren’t rare. According to Experian and Identity Force,

    • In January 2016, FACC, an Austrian-based aerospace parts manufacturer, had $54.5 million stolen from them by hackers.
    • Just 2 months later, 700 current and former Snapchat employees had their personal information stolen through a phishing scam.
    • During an ongoing investigation of a data breach in June 2016, the fast food chain Wendy’s disabled some newly discovered malware while admitting “the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated.”

    Notice that those examples don’t even include the troubles Target has faced, the Equifax madness, or the recent Facebook bomb. Cyber attacks happen every day, and often owners don’t even know they’re happening. It’s not just big enterprises and major businesses—everyone is at risk.

    2. You Have What Hackers Want

    So what if you’re not a massive corporation? You’re not Wendy’s or Facebook—what are you really worried about? What do you have that any of these hackers could possibly want?

    Two words: online payments.

    Wherever there are online payments, that means there’s online account information. Think: why would someone hack a website? To make money. The easiest way to do that is to steal credit card information.

    If you have weaknesses in your code, hackers could gain access to all of the accounts on your site. Without the right patches, someone can run a script that will scrape credit cards of every user. That’s your customer base. What do you think they’re going to do if they become victims of theft right after they use your website? They’re definitely not going to shop from you again. However, lost sales aren’t the only thing at risk.

    3. You Could Lose Everything

    If online theft goes unchecked, your company could be looking at a lawsuit. Companies are often sued for damage inflicted by the scraping. On top of that, online payment processors could pull out of your site. This could have a crippling result on your business.

    That’s how high the stakes are. Forget the money you could lose from having poor performance; security issues could take away every cent you’ve ever made. So, why should you get a code audit? Your entire business could be at stake.

    Take the Next Step in Securing Your Business

    With a code audit, you get an itemized list of every weakness of your site in terms of performance and security. With a code audit, you get the means to protect your business and ensure that it grows. When you take that step, we also partner with you to find solutions to all of your security problems. To get started, contact us.

  • How To Secure the IoT For Your Organization

    By 2020, Gartner estimates there will be 20.4 billion connected devices in the global Internet of Things. Augmenting the Internet of Things with sensors and actuators changes the game. The IoT becomes an example of the more general class of cyber-physical systems. This includes smart grids, homes and cities. It also connects virtual power plants and intelligent transportation. The potential of this technology is exciting. But we can’t avoid asking one question. “What happens when these interconnected devices get hacked?”

    The scale of security risks in the IoT era is much greater than in the pre-IoT environment, and the “attack surface” is much larger. Therefore, there is a need to protect ALL IoT devices from unknown vulnerabilities. Consider how many of these devices collect and store sensitive user data such as email addresses and credit card numbers. If that isn’t problematic enough, read this nightmarish scenario. Imagine how a coordinated cyberattack could bring New York City to its knees.

    It’s critical for any business who wishes to take advantage of IoT technology to have a detailed plan for how to secure these devices and systems. Choosing the right security solutions and/or vendors is an important part of any IoT plan. Here are some guidelines to help you make the right decisions about how to pick the best security systems and vendors for your IoT strategy.

    How to Choose an IoT Security Vendor

    First, the good news. Consulting services in the IoT security market can help everyone. Companies of all sizes can secure a variety of functions at the endpoint and in the cloud. But, there is also bad news. Most IoT security products from established IT security vendors are still developing. Some even remain in the proof-of-concept stage. That in mind, here is our advice on how to get the best value and fit from potential IoT security vendors.

    Lead with Security Assessments

    Vendors are hard at work, improving their security product and service offerings. In the meantime, you can still rely on experienced consultants to assess your IoT vulnerabilities. Hiring an outside company is worth it. They can assess integration points in your network for IoT implementations. Also, they can determine gaps in capability and infrastructure. There are other areas they can look into as well. The consultants can assess your risk exposure from IoT-related initiatives. They can also examine your organization’s security posture.

    Rely on a Cloud-Based Security Service

    The IoT is dependent on cloud-enabled devices. Therefore, you can’t go wrong by working with a proven cloud-based security service. These cloud consultants can help you monitor, detect, and respond to security concerns. It doesn’t matter if they’re related to your IoT deployments or not. They also work for more conventional computing devices. We can safely assume cloud-based services will play an indispensable role in IoT security. This is comforting as contractors figure out how to protect all these new interconnected devices.

    Choose IOT Product Vendors with a Hardware Foundation

    Finding the right IoT security product vendor is more challenging. You want a vendor that will provide a hardware root of trust. This is essentially a technical foundation to secure a wide variety of functions at the endpoint. Here is something that is also important. Some vendors promise real-time visibility and oversight over every network-connected IoT device. Make sure they can show you an easy-to-understand interface capable of fulfilling that promise. You want to be able to identify a potential breach or problem with minimal delay.

    How to Select an IoT Security Solution

    When it comes to IoT security systems and technology, cost is not an insignificant factor. When you evaluate possible IoT security solutions alongside your budget, pay attention. Notice how improved visibility and device control will impact your organization’s risk exposure. You most likely want security solutions that come with technical support. The systems that provide this will give you the best possible value. Here are other key considerations:

    Cryptographic Key Provisioning and Management for IOT

    The first place to start with IoT device management is encryption. You want secure cryptographic key provisioning when you deploy a large number of IoT devices simultaneously. This means having a process for provisioning new IoT devices by downloading software, patches, or other updates regularly to keep up with threats. That in mind, I recommend IoT leaders use a scenario-driven approach in selecting discovery and provisioning solutions, and not attempt to acquire a “one size fits all” product or service at this stage.

    Detect IoT Devices in Enterprise Networks

    You also need a system to detect IoT devices in your enterprise network when they are part of proprietary or non-IT-standard engineering networks or if they aren’t continuously connected. Use this system to build an effective IoT “asset database” complete with attributes and entitlements for access by those devices. By defining device access credentials in this way, you can better recognize when a device exhibits abnormal behavior suggesting a possible breach or security risk.

    Secure Your Endpoints

    This is a classic data security best practice, and even more important in the IoT era. You need to protect endpoints across your organization in cases which traditional authentication and cryptography cannot be implemented, whether due to resource constraints or long device life cycles that outlive encryption effectiveness. In high-risk environments or activities, you should also set up anti-tampering functions for your interconnected devices to ensure strong device identity and security. And do not forget to safeguard sensitive data from any humans who interact with interconnected devices!

    Hackers Are Ready for the IoT. Are You?

    Now that you have some guiding principles to understand IoT, I want to leave you with a sense of what you’re facing in terms of cyberattackers. In the first six months of 2017, IoT attacks increased by a staggering 280% over the previous six months. This means that malicious actors are already hard at work finding vulnerabilities in your interconnected devices and systems. We want you to be ready for them.

    Contact our security team. They’re ready to help you be armed and prepared.

  • Network Security Monitoring Demands Your Attention Now

    October is National Cybersecurity Awareness Month. Keeping data safe has always been critical. But as threats continue to increase, as well as the scope of the damage and the impact it has on consumers, knowledge and vigilance must become habitual to any organization online. This month we’ll be sharing our experiences, the stories that have our attention, and plenty of advice on how to navigate the current world of cybersecurity.

    Every Breath You Take by The Police is a disturbing song in every way but one. When applied to the context of cybersecurity, it makes a lot more sense. Your security systems should be watching everything within your network, around the clock. The best way to accomplish this is with a Security Operations Center (SOC). This program’s sole purpose in life is to protect your business operations and data. With the right approach, it’s the strongest tool at your disposal when it comes to Network Security Monitoring.

    Throwing up a wall and hoping it will hold doesn’t cut it anymore in today’s world of cyberthreats. Far too often, we see cybersecurity dismissed as a “would be nice to have” bonus feature. But only if the budget allows for it. Or security measures appear at the end of a large project as an afterthought. The lack of concern and urgency surrounding data protection is flabbergasting. Tech titans, massive banks, and our own system of government fall victim to data breaches and hacking with alarming frequency. We must make the choice to be better and stronger.

    Network Security Monitoring

    At Atlantic BT, we partner with Arctic Wolf to provide our clients with a 24/7 fully managed SOC that we trust and believe in. The trust your consumers give you is tantamount to lasting brand success. An effective SOC establishes a dependable relationship between you and your clients. The respect you demonstrate for their personal information and intellectual property is evident. Clients can see that you value the safety of their data as much as you do your own. As we discuss the benefits of Network Security Monitoring and SOCs, don’t worry if you notice an increase in your heart rate. When faced with the reality of what the safety of your data is up against, palpitations are normal. Take a deep breath and keep moving forward.

    As broad as it may sound, Network Security Monitoring is more than just a watchful gaze from above. It utilizes an SOC to consistently investigate every log transaction in your network. They’s on the lookout for potential threats and irregularities. Not only will it sound the alarm the instant it finds something nefarious, it will also alert a real live human being (a value unique to Arctic Wolf). Cybersecurity experts cannot recommend this practice enough. But before diving into why that’s true, let’s address one of the biggest factors companies use to balk on security.

    The Cost of Safety

    Cybersecurity is not cheap.

    There. We said it. We’ve seen the strained looks on the faces of clients when they consider the costs of protecting their data. We know it’s not what anyone wants to hear. Alas, sometimes the truth hurts. And the truth here is that effective cybersecurity will cost you, but it’s a drop in the bucket compared to the financial strain of a data breach. 

    The average cost of each stolen record of sensitive information is $148. If you run a law office, consider how many cases and clients you currently have. Perhaps you work for a university. How many students attend? Should a data breach occur, you can expect to dedicate around $148 for every single individual involved. And this is just the starting point. The Equifax breach price tag came in at a whopping $600 million in damages. That’s not a typo. That’s reality.

    Cyberattacks are not going away any time soon. In fact, they’re on the rise. They will continue to be as we put more and more of our lives into computers and the internet. Effective security systems maintained by a team you can trust is an invaluable asset to your organization.

    A Critical Need

    Passivity, with regards to cybersecurity, is frustrating. It’s difficult for us to see a lack of concern from a client as they discuss the safety of their data. As each day brings more news of cyberthieves and their alarming success rate, few changes take place on the battleground. While you may have some security measures in place, there are many gaps and vulnerabilities in your system that lack protection.

    SOCs are designed to seek out those cracks in the walls and advise the appropriate teams how to fill them in. Sophisticated attacks take advantage of every sliver of light. They hunt down non-compliant vulnerabilities. They take advantage of weaknesses missed in a complex infrastructure. SOCs never rest. They continuously ingest and correlate logs all day, every day to ensure no breaches are underway. They also simplify root cause analysis, quickly getting to the source. 

    Visibility and Security

    In order for every corner of your network to be properly protected, it first has to be seen and understood, inside and out. Network Security Monitoring is all encompassing. It’s a solution that provides in-depth insights for every part of your infrastructure. It also allows for the discovery of new devices as they join the network. The SOC accepts those that should be there and rejects suspicious activity. App servers, routers, and switches are all secured through SOCs.
     
    A strong SOC will alert the organization and help minimize dwell time and downtime. It will be able to differentiate legitimate requests from malicious ones and act accordingly. The success of the SOC is largely owed to the amount of information it is able to gather on a regular basis. The more a security system can know about your network, the easier it is for it to be protected in a manner specific to your data. Likewise, knowing as much as possible about the exposure your network has to potential hackers, is a tool. It becomes easier for you to make stronger business decisions regarding security.

    Safety First

    SOCs are expensive yet necessary components of enterprises at any size. Building a team and developing the processes requires focus and effort. SOCs are time-consuming to operate as they cover every inch of an entire network. However, when looking at the big picture, the optimal solution is clear. Any mid-sized business can rely on the lower Total Cost of Ownership and Operational expense of a Managed Service

    The security team at Atlantic BT is ready to answer any questions you may have concerning Network Security Monitoring. SOCs can strengthen and protect your organization’s data and IP. We want you to feel secure in the choices you make on behalf of the consumers you serve.

  • 4 Ways to Be Prepared for Cybersecurity Threats

    In today’s business environment, much of what we do takes place online. Critical business applications operate within the cloud. The amount of data stored online is staggering. Every organization has customers and consumers interacting with them via the Web. It’s become an integral part of how we interact and function. To not have access to the internet is to be at a significant disadvantage. This is an obvious and hard truth about the world we live in today.
     
    Here is another hard truth. While there are many benefits to the internet, it also brings with it an increased number of threats. Every system connected to the Web is prone to hacking. And these attacks have the potential to bring your business to a halt.
     
    Cybersecurity has continued to advance as new threats appear daily. It is no longer as simple as putting a firewall around a server. Today’s cyber threats develop quickly. In some cases, there still isn’t a solution available for many of these potential attacks. Additionally, there are other threats that unfold over the course of years. These usually result in the loss of millions of dollars. The Equifax breach is still deep into the recovery process, a year later. And now Facebook is scrambling to, well, save face, after a breach that affected more than 50 million users. If tech titans are still, clearly, vulnerable, what does that mean for the rest of us? As a familiar saying reminds us, an ounce of prevention is worth a pound of cure.

    4 Keys to Staying Ahead of Cybersecurity Threats

    While you will never be able to create a completely safe, threat-free environment in your IT infrastructure, there are four steps you can take that will help you stay ahead of emerging cybersecurity threats.

    Know your network and monitor your activity

    One of the best ways to stem the tide of a cybersecurity threat is to regularly monitor your network. Sony certainly could have improved in this area when they were hacked in 2014 as it could have limited the damage and saved the company from a lot of embarrassment. At a minimum, you need to know what “normal” traffic and usage levels look like and be prepared to spot any abnormalities. We have a bank of monitors in our workspace designed to oversee the systems critical to our client’s businesses. Additionally, we use tools that provide automatic alerts around the clock to our IT team whenever issues arise. The goal of our team is to be able to spot a problem with a client’s systems and networks before it is noticed by the client and before it becomes a problem.

    Understand your risk level

    Like it or not, there are some companies, networks and business applications that are more valuable than others. High-value targets in the cybersecurity world are those that handle financial transactions, move large amounts of data, have access to personally identifiable information or have a recognizable name. Hackers go after these systems because there is a lot they can gain from it. To bolster your cybersecurity stance, you need to know your risk level. The more of these valuable assets you have (or handle), the higher your risk level. And the higher your risk level, the more diligent you have to be about locking down access to your critical systems and data.

    Know where your critical data is and who has access to it

    Cybersecurity would be a breeze if we didn’t have to provide access to our systems and data to employees, vendors and partners. Unfortunately, that’s not possible. Every day, employees within your organization use their access to get into these systems to do their jobs. Vendors and partners do the same. And each user, user account, and access point becomes yet another entryway for a hacker to gain access to your system. You must have policies and procedures in place governing who can access your system. Take steps such as locking down the IP addresses that approved individuals can use to access your network and applications.  Also, regularly audit your list of users and access controls to identify gaps. This is one of the most effective ways to keep unauthorized users out of your applications.

    Be prepared for an attack

    As I noted earlier, no application, website or system can be 100% safe from cyberattack. New threats emerge every week and it is too difficult to predict what form the next attack will take. If you’ve taken each of the steps noted above, the final piece of your cybersecurity puzzle is to develop a plan of action in the event of an attack. What will you do? Will you shut down access? Will you stop transactions? How will you notify customers? Affected individuals? What will you do to try to recover the stolen information or assets? We’ve found in our work with clients that developing a solid game plan for what you’ll do in the event of a cyberattack and regularly practicing that plan is a great way to prepare your organization.

    Cybersecurity Assessment and Strategy

    No matter what your organization does, you are at some level of risk for cyberattack. Preparing for an attack, monitoring your regular operations, controlling access to your systems and being able to spot abnormal circumstances are the foundations of a good cybersecurity strategy. If you need help or merely want a second opinion about your organization’s cybersecurity position, reach out to our team at Atlantic BT. We can conduct a cybersecurity assessment and help you develop a strategy that will put you in a position of strength and provide you with peace of mind.