A configuration management database (CMDB) is an important component of an organization to ensure they are aware of what assets are in the organization and also the relationships and interdependencies that are in place. Despite being at the core of the ITIL process, many organizations fail to implement a CMDB, this can be due to resource limitations; time, knowledge or money.

These perceived limitations are not as valid as anticipated, implementing a CMDB solution is quite straightforward and cost-effective compared to the risk that is prevalent without one. Opmantek has an extensive CMDB solution that will benefit your organization while reducing the severity of the resource limitations that other implementations can face.

Time Limitations

As IT departments have grown in responsibility there has been a decline in resources and staff in some organizations. These companies don’t view IT as an asset, they view it as a liability and a cost that they wish to reduce. There are resources that showcase how managing IT as a business will actually improve net revenue. A major challenge for these organizations is finding the time to implement solutions today, that will save them tomorrow, it is hard to think ahead when you are fighting daily fires.

Open-AudIT is the perfect solution for teams that are in this situation, the application can be installed on Windows, Linux or on a CentOS 7 VM, up and running in under 10 minutes. After supplying credentials, Open-AudIT will automatically discover everything that is connected to your network and then proceed to audit it. In 10 minutes you will have an effective CMDB storing every asset that is connected to your network.

Further, opConfig acts as a configuration and compliance management tool that will monitor your network devices for configuration changes. Once configured, it will alert on change and can also compare configuration states to its own history or even other machines. Once you have downloaded opConfig, there is minimal set up required and it will start monitoring your network, you will know of anomalies in minutes.

Knowledge Limitations

The same departments mentioned above that have been given more responsibilities, generally aren’t afforded the extra time to thoroughly learn new systems and processes, they have the time to learn to fight the fire not prevent it. This can lead to applications being partially configured, used differently to intentions or not used at all.

Opmantek offer 30-day free support for all new customers to help them get our software working and optimised, Opmantek even offers on-site training to help all staff easily grow accustomed to our platform.

Financial Limitations

The bottom-line when implementing new software is to keep in mind the bottom-line. A CMDB solution will provide a better change management process while also protecting your organization against any disaster scenarios because you will have the ability to roll back. Finding budget to use software for prevention purposes becomes really difficult to justify the ROI because they are systems designed to provide value in a crisis.

However, the combination of opConfig and Open-AudIT boast a wide array of business benefits for immediate, Open-AudIT can be used for asset management and to ensure that you are within license parameters, opConfig can be used to ensure that all of your network devices are configured correctly and compliant to numerous standards. This combination of modules is saving organisations thousands of dollars in licensing fees each year by automating device discovery and audit, storing configurations, monitoring changes and pushing configuration changes out to sets of devices.

Malicious groups and individuals continue to be highly active online in 2019 – highlighting the importance of robust education, processes and technology to organisations in tackling cyber-crime. Fraudulent ‘phishing’ messages that aim to trick people into disclosing sensitive information pose an ongoing and increasingly sophisticated threat. These scam messages – typically delivered over email – use a variety of techniques to convince the recipient they are legitimate communications, including the use of authentic logos, text and designs from trusted organisations.

Phishing messages may also include links to fake versions of legitimate websites. These fake websites aim to trick a visitor into entering details such as usernames or passwords. Messages may also include attachments loaded with malicious software that aims to infect a computer to disrupt its operations or capture sensitive information.

While variations such as ‘spear-phishing’ – that occurs when malicious groups target an individual by using his or her personal information to elicit sensitive information – are well known, business email compromise is a comparatively new but increasingly potent threat. Business email compromise occurs when a group or individual impersonates a business representative – often a senior executive – at an organisation to trick employees, vendors or customers to transfer money or sensitive information to the malicious party. The FBI noted in mid-2018 the incidence of ‘identified global exposed losses’ from business email compromise had risen 136% between December 2016 and May 2018 – with the real estate sector a prime target.

The Australian Cyber Security Centre (ACSC) noted in October 2018 “criminals are constantly developing increasingly sophisticated business email compromise techniques often include a combination of social engineering, email phishing, email spoofing [forging an email sender’s address] and malware [malicious software]” to trick recipients. Importantly for many organisations, the ACSC notes that business email compromise attacks tend to spike around tax time – when many people are busy and under pressure to complete workplace tasks quickly.

So how can your organisation protect itself against business email compromise? The ACSC has posted comprehensive information here about the types of business email compromise; how to recover from an incident; and techniques for minimising the risk of being caught out by this type of attack.

By Roger Carvosso, Product and Innovation Director

WhatsApp is one of the world’s most popular messaging apps, with about 1.5 billion monthly users. The app is marketed as secure with end-to-end encryption that prevents messages, photos, videos, voice messages, calls and documents from falling into the wrong hands. WhatsApp says neither it nor third parties can access these messages.

However, a recent security breach that affected WhatsApp on iOS or Android phones is a clear reminder that no service is 100% risk-free.

The breach may have allowed a malicious actor to install unauthorised software and gain access to personal data on devices running WhatsApp. The attack – attributed in media reports to a private company working with governments on surveillance – is believed to have targeted a group of human rights campaigners. WhatsApp quickly released an updated version of its app to address the vulnerability.

For businesses, the lesson is clear – security plans, platforms and processes need to account for and minimise the risks of using these types of services. We recommend organisations carefully consider the use of proprietary messaging apps to distribute sensitive corporate or customer information, and implement robust policies governing the use of these services for business-related activities.

These policies need to be backed by education programs that should extend beyond an organisation’s own workforce to partners, suppliers, and other stakeholders.

The incident is also a powerful reminder to IT security specialists of the importance of installing updates as quickly as possible to address vulnerabilities that may leave a corporate network open to attack.

The media reports of the WhatsApp attack present an uncomfortable reminder to businesses that cyber-attacks may be carried out by well-resourced, technically skilled organisations and experts acting on behalf of nation-states, as well as criminal groups and rogue individuals. For businesses involved in critical infrastructure or systems of national importance, this means implementing security platforms, architectures, and processes – and working with relevant government agencies – to reduce the risk and impact of a breach.

NMIS has long been one of the most widely used open-source network management systems in the world, but what many users don’t know is how easy it is to extend the core with the suite of add-on modules that replace other network tools and allow businesses to save on licensing costs and increase overall network performance visibility through system expansion and consolidation of applications.

Building Solutions with NMIS Modules

By combining NMIS with various other modules, FirstWave is able to provide software solutions to suit many different enterprise needs – here are a few of the popular combinations that are delivering strong results and allowing our customers to roll several stand-alone applications into one single NMIS licensing bundle.

Network Performance Management and Diagnostics

NMIS, opCharts and opReports

This combination of modules will provide you with the full NMIS capabilities for monitoring network health, capacity planning and event management and alerting, presented in interactive dashboards and reports that can be customised for user groups so that business users can see relevant performance information and engineers can see more detailed operational and information.

Configuration Management Database:

Open-AudIT Professional and opConfig

Looking to replace your CMDB?  This combination of modules is saving organisations thousands of dollars in licensing fees each year by automating device discovery and audit, storing configurations, monitoring changes and pushing configuration changes out to sets of devices.

Network Configuration and Compliance Automation

NMIS, Open-AudIT Professional/Enterprise, opConfig and opEvents

Save time and money on network administration by using process automation to manage inventory, remediate known issues, consolidate and deduplify events, automatically gather network information, detect and roll back configuration and file changes and more.

Traffic Management

NMIS 

This combination replaces other network monitoring and Netflow tools to give you a consolidated view of flow data including heat maps that visually indicate areas of congestion.

Anomaly Detection, Event Prediction and Remediation

NMIS, opTrend and opEvents

Identify issues and threats before they impact your business by leveraging the device and network data gathered by NMIS along with advanced machine learning to determine minute by minute standard baselines for your environment that can help you to identify new threats, unusual behaviour and escalating problems before they impact operations.

Remote Monitoring and Management

NMIS, opHA, opEvents and opCharts

For Managed Service Providers you can replace multi-million dollar RMM systems by combining NMIS with opHA and opCharts.  opHA allows you to increase the performance of applications and deliver high scale and high availability environments, including geographical distribution of the system and overlapping IP address ranges, while opCharts provides a single pane of glass and tiered user views, so that engineers can drill down from a full view of all managed customer equipment to a single device in a remote location, while customers can view their own sites privately and in real time.

There are a lot of options to improve your network, however, the easiest way to start is with our Virtual Machine. The VM comes preconfigured and is operational in under 5 minutes, Download the Virtual Machine and activate free 20 device licenses of each of the modules that interest you or request a demo from one of our engineers.

Introduction

As at Open-AudIT 2.3.2 and later, we have introduced some easy to use and extremely powerful options for discovering devices. These options centre around directing Nmap on how to discover devices.

We have grouped these options into Discovery Scan Options. We ship seven different groups of options (items) by default that cover the common use-cases.

This benefits Community, Professional and Enterprise customers.

Summary

Data breaches can happen for a variety of reasons. Some companies are hacked. Data can be mishandled or sold to third parties. Holes in a website’s security system can leave information unprotected. Some data breaches are deliberate, while others can occur as a result of outdated or unpatched software. Regardless, the consequences of a breach are usually costly for any business.

2018 proved to be another eventful year for cybercrime, with a number of news-worthy data breaches impacting organisations around the globe. Some of these affected hundreds of millions of customers and users.

Here are three of the major incidents that made headlines:

1.   Cathay Pacific
Hong Kong’s flag carrier experienced a data breach that exposed personal information of almost 10 million passengers. While flight systems and safety were not affected by the breach, information accessed without authorisation included passport and credit card numbers, names, nationalities, dates of birth, phone numbers, as well as emails and addresses.

2.   Facebook
Cambridge Analytica – a data-collecting firm – illegally harvested the information of an estimated 87 million users without their permission. The operation was politically motivated – namely, to influence the 2016 US presidential campaign. While the breach occurred a couple of years ago, investigatory conclusions only emerged in 2018, giving us a clearer picture of what happened.

3.   Marriott
Marriott’s Starwood reservation database was breached by an unauthorised party, affecting up to 500 million guests who had booked at one of its Starwood properties. Around 327 million of these guests had some combination of the following information stolen: name, address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. Some credit card information was also leaked, but card numbers were encrypted.

Conclusion

As technology continues to advance, the need to evolve cyber security strategies is as prevalent as ever. Examining the shortcomings that lead to high-profile cyber breaches can teach us some valuable lessons.

FirstWave can help your organisation bolster its cyber security posture and stay ahead of zero-day attacks. Learn more about our Cloud Email Security.