Cybersecurity Insights

Understanding Risk-based Vulnerability Management

Devices, tools and users are constantly being added to your network and widening the attack surface.  Every new addition adds another possibility for misconfiguration and vulnerabilities. The longer a vulnerability goes undetected, the greater the risk. Sound familiar? Security teams across industries all live this reality every day.

That’s where risk-based vulnerability management can help.

You can’t protect what you can’t see. Gaining broad coverage and thorough assessment of traditional and modern assets allows you to create a clear map of your attack surface. This lifecycle provides complete visibility into the attack surface and provides the necessary visibility to prioritize remediation efforts. Then the continuous assessment (because cybersecurity is never set it and forget it) allows for monitoring of new and transitory assets when they become active.

The nuances of risk-based vulnerability management can be summarized in Tenable’s five-stage lifecycle. Each stage makes tackling devices straightforward.

Stage 1| Discover: Identify and map every asset across and computing environment.

Stage 2 | Assess: Understand the state of all assets. This includes the status of vulnerabilities, misconfigurations and other health indicators.

Stage 3 | Prioritize: Understand exposures in context to prioritize remediation based on asset critically, threat context and vulnerability severity.

Stage 4 | Remediate: Prioritize which exposures to fix first and apply the appropriate remediation or mitigation technique.

Stage 5 | Measure: Calculate, communicate and compare cyber exposure and key maturity metrics to drive risk reduction.

The real gem is in the machine learning capabilities. Prioritization of which vulnerabilities to remediate first will drastically lower risk. This is achieved through machine learning models that automatically combine vulnerability severity data with threat intelligence and asset critically to predict each vulnerabilities impact on your organization.

As with most tools today, all this information is summarized in tailored dashboards. At the end of the day, your team can remediate high-priority vulnerabilities while delivering business system risk (not vulnerability counts) to stakeholders.

3 Keys to a Successful Zero Trust Journey

You can’t buy zero trust. We said that in part one and stand by that statement. While you can buy solutions to enforce zero trust, the designing of a successful zero trust architecture is left up to the security teams. And we want to set your team up for a successful zero trust journey with insight on common challenges and how to overcome them.

Top 3 Challenges in implementing zero trust

Zero trust is flipping the way we approach cybersecurity. Many of us built our environments around past approaches that focused on the perimeter and the attack surface. Now with a focus on the data, users and applications, there will be inherent hurdles to overcome. Here are three common challenges when implementing zero trust:

Challenge 1: Complicated application management

With the mindset of protecting data, it requires policies around applications where that data is accessed or stored. The issue is when there are legacy​ or third-party​ applications that restrict the flexibility. Additionally, hybrid technology silos and a lack of technology integrations interfere with seamless implementation.

Challenge 2: Lack of resources

Zero trust is an organization-wide, network-wide program. It requires significant time, effort and skill to properly deploy and maintain. In some instances, it would be better to build a new network, but those teams don’t have that option​. Business and cyberattacks don’t stop for us to rebuild.

Challenge 3: Keeping count

There are more devices and users than ever before, with no plans to slow down soon. Security teams must be agile and prepared for a continued influx of both users and devices.

It’s a marathon, not a sprint. Being aware of these common challenges and the keys to overcoming them will set your team up for a successful zero trust journey from the beginning.

A Successful Zero Trust J0urney with a partner

Security teams were spread thin before zero trust became a priority. Now adding on an entirely new approach is overwhelming for most. That’s why a knowledgeable technology integration partner like Brite has your back.

From advisors and support to engineers and security analysts, our team is prepared to work alongside yours to plan, develop and sustain your zero trust program.

Let’s get started on your journey today.

 

Continue your zero trust journey…

How to Create a Zero Trust Architecture

If you’ve made it to part three of our zero trust series, then congratulations you’ve uncovered what zero trust is and have planned your zero trust strategy. With those steps completed, it is time to get to work on how to create a zero trust architecture.

Unfortunately, since every organization has its own environment and nuances, we can’t share a custom architecture for you today. Instead, we’re going to explore the six tenets of a zero trust architecture and how a few recommended solutions are helping customers achieve zero trust. If you would like help creating your own custom solution set, then reach out and our team of security experts can help!

The Six Tenets of a Zero Trust Architecture

Zero trust is achieved by implementing policies through cybersecurity solutions and actions. To guide security teams, NIST developed the following tenets to highlight as integral components of zero trust.

Below is an outline of the tenets including tips and insights into how our client organizations are successfully implementing zero trust.

Tenet 1: Defining devices

Gain an accurate scope of the devices on the network by defining and classifying all devices. This includes devices that send data to aggregators, SaaS and systems sending instructions to actuators.

Brite’s insight: Defining devices has become an essential component of many cybersecurity plans. With zero trust, it’s critical to have a solution with real-time device visibility. Additionally, functionality to classify devices on and off the network ensures devices are defined correctly.

Tenet 2: Securing communications

This set of policies and solutions address network location and communication. A device located on the network does not imply trust. Instead, actions must be taken to secure all communications to protect confidentiality and integrity.

Brite’s insight: Secure communications is not optional. This is necessary no matter where the device or user is. Implement successfully with private access always on and always inspecting.

Tenet 3: Session-based resource access

Now we’re getting into true application of zero trust. The process of evaluating trust and granting access each time a user attempts to access a resource. In addition, access is granted with the least privileges needed to complete the task.

Brite’s insight: Preparation is key. Take the time to clearly map out all applications, users and privileges to have a concrete foundation to build from.

Tenet 4: Attribute-based policy reinforcement

This is a dynamic policy in which resources are protected by defining what resources it has, who its members are and what access to resources those members need. These are checked against the user account, asset state and device characteristics and behavioral attributes.

Brite’s insight: Achieve attribute-based policy reinforcement with a real-time asset discovery tool.

Tenet 5: Dynamic authentication and authorization

To strictly enforce zero trust, it requires a constant cycle of authentication and authorization. This includes obtaining access, scanning and assessing threats, adapting and continually reevaluating trust.

Brite’s insight: Implementing an Identity Access Management (IAM) program is a comprehensive approach to achieving dynamic authentication. Like zero trust, IAM is a program, not a single tool or project. We share tips for implenting a successful program here. As well as Multifactor Authentication (MFA) tools continue to play a powerful role in securing authorization.

Tenet 6: Policy fine-tuning

As we know from other security tools, “set it and forget it” will not stop breaches. Utilize insights to continuously develop and improve policies. This ensures that policies are working and still applicable to ever-changing environments.

Brite’s insight: Assess your team’s workload and responsibilities. If they’re at capacity, then a managed security partner is a viable option to relieve pressure from your team and help maintain and fine-tune policies over time.

To summarize, creating a zero trust architecture doesn’t require a ‘rip and replace’. Instead, it’s reimplementing solutions you’re already using by organizing them into the six tenets of zero trust and redeploying them with a new objective.

 

Continue your zero trust journey…

The Guide to Planning a Zero Trust Strategy

“Never trust, always verify” is the zero trust concept and modern-day approach to combatting cyberattacks. In part one of our zero trust series, we uncovered the what and why of zero trust. Naturally, it is time to dive into the how and learn the four steps to planning a zero trust strategy.

Since zero trust is all-encompassing and is executed through policies and workflows across tools and the environment, it is important to note that each organization’s zero trust journey is going to look different and dependent on the unique nuances to what is being protected.

However (and luckily), NIST (National Institute of Standards and Technology) created a basic framework with steps to planning a zero trust strategy to use a baseline. NIST-800-207 is a special publication that outlines how enterprises can implement zero trust. Here are the highlights.

Four steps to a zero trust strategy

Step 1: Define the attack (and protect) surface

This step is all about the big picture. Examine and define not only your attack surface but also the protect surface. It boils down to “You can’t protect what you can’t see” and intimately knowing what valuable users and data your organization needs to protect.

The mindset of zero trust is the assumption that there’s always an active breach. Ask yourself: What are the avenues in? What information are attackers after? How do we protect it?

Step 2: Implement controls around network traffic

With the attack and protect surfaces defined, it’s time to start getting granular. Implementing controls around network traffic allows for security teams to monitor and manage the environment.

Step 3: Plan your zero trust network

After completing the first two steps, security teams can use the insights gathered to plan a zero trust network. A key factor of zero trust is granular access control, so knowing traffic flows is essential to begin mapping as granular as possible.

Step 4: Design your zero trust strategy

Since zero trust is a set of policies and workflows, the final step is to write and design the strategy. The theme of each policy will be to only allow authorized users access to specific resources through designated applications at the right time and place. It is suggested to use the Kipling Method to create policies. The Kipling Methods answers the 5 W’s and 1 H: Who, What, Where, When and How.

Who should access a resource?

What application is used to access the resource?

When do users access the resource?

Where is the resource located?

Why is the data accessed – what is the data’s value if lost?

How should you allow access to the resource?

This method ensures that the policy is effective and always addresses the right information making your zero trust journey successful.

Following these four steps will put your team on the path towards building a zero trust architecture, which we share the six tenets in part three.

 

Continue your zero trust journey…

What is Zero Trust, Actually?

There are three guarantees in cybersecurity: ransomware attacks, changing perimeters and new buzzwords. For the last decade, zero trust has been the buzzword of what every security team, tool, approach and framework should be achieving. Now in 2021, we’re seeing an onslaught of ransomware, work environments still in flux with Forrester, NIST and everyone in-between saying it is the answer. But what is zero trust, actually?

In this four-part series, we’re uncovering everything from the basics of zero trust to walking you through how to build a long-lasting strategy. Buckle up because in this blog we’re diving into:

  • What is zero trust?
  • The problem it is solving and how to achieve zero trust
  • Is this approach right for your organization?

What is zero trust?

As implied by the name, zero trust is a security strategy in which no device or user is to be trusted or allowed access until verified and approved.

Before we further explain, it is important to highlight that this isn’t a tool or set of solutions. You can’t buy zero trust. Rather, it is a framework executed through policies implemented through (existing) tools and workflows.

Essentially, this approach takes everything we know about cybersecurity and flips it. Traditionally, the objective was to protect the attack surface. If we put up gates and locked our doors, then attackers wouldn’t be able to get in.

Recent breaches prove that method isn’t as secure as it should be. Security teams cannot control attacks. Instead, this method prioritizes what we can control, which is protecting valuable assets – data.

The idea is that when data and information are secured by policies, it will not be as catastrophic when an attacker infiltrates the environment.

The challenge it is solving and how to achieve zero trust

Past approaches lived off the motto of “trust but verify”. There was the automatic granting of trust if the user or endpoint was within the perimeter. The continuous digital transformation and evolution of advanced threats create additional risk from malicious actors with rogue credentials.

“Never trust, always verify” is the updated motto and core of zero trust. It is achieved through continuous monitoring and validation of users, devices and privileges. Teams need to identify all service and privileged accounts and then create controls regarding what and where they connect.

Ultimately, the goal is “to prevent unauthorized access to data and services coupled with making the access control enforcement as granular as possible.”[1] This is achieved through the following components:

Zero trust model: The commitment from the organization to deploy policies to work towards achieving zero trust.

Zero trust architecture: A cybersecurity plan based on zero trust principles designed to prevent data breaches and limit internal lateral movement through and encompasses component relationships, workflow planning and access policies.

Zero trust enterprise: The network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as the byproduct of a zero trust architecture plan.

Is this approach right for your organization?

To make it simple, yes. Zero trust strategies apply to all environment types. If your organization and its environment store any valuable information, then this strategy can, and should, be implemented to reduce the risk of a breach.

With that said, what are you trying to protect?

[1] NIST Special Publication 800-207: Zero Trust Architecture

Continue on your zero trust journey…

How to Protect Against Ransomware

Breaches once again dominated headlines. Colonial Pipeline first made headlines after falling victim to a ransomware attack and suffered the consequences. Now, there’s been a growing list of attacks – including the recent Kaseya attack. These are merely two examples of many attacks impacting business operations. The unfortunate reality is no person or organization is immune from attacks. How do you protect against ransomware? Fortunately, there are security tools to put in place to reduce risk and impact.

Ransomware in action: How the Kaseya attack occurred

The latest ransomware attack compromised 1,500 businesses across the globe. Kaseya, an IT management software utilized by MSP and IT teams announced the sophisticated attack on Friday, July 2, and advised all customers to shut down on-prem servers immediately. It was suggested to also take cloud services offline as a precautionary step. Ultimately, taking businesses completely offline.

What’s known about the Kaseya hack so far:

  • REvil, a known Russian ransomware-as-a-service group claimed responsibility for the attack
  • 60 MSPs were targeted, ultimately allowing the ransomware to spread to fewer than 1,500 businesses in 17 countries
  • Initial research shows multiple zero-day vulnerabilities in Kaseya’s software
  • REvil shared a note that if it was paid $70 million in bitcoin, it would release a decryption tool that would allow businesses to restore data

The takeaway from this recent attack is that ransomware is still prevalent (and damaging). When being targeted, a defensive game is being played. Luckily, proper preparation makes playing the defensive an easy task.

How to protect against ransomware attacks

We would all like to avoid being the next Colonial Pipeline. To do that, a series of cybersecurity tools must be implemented and properly managed for awareness and protection. With a combination of proactive protection, rapid detection and appropriate response tools you can easily create a multi-layered approach.

Email security: Phishing emails and ransomware often go together due to the high success rate of attacks. As a result, upgrade your email security tools for additional coverage against these unsuspecting attacks. We dive into more detail in this blog Your Guide to Email Security”.

User Awareness: In the same breath as email security and phishing is user awareness training. Educate end-users not only on the latest tactics with training modules but with simulated attacks so they can learn to identify phishing emails right in their inbox.

Monitoring and Management: Yes, tools are critical for protection. However, it takes constant monitoring and management of the network to identify threats and attacks, as well as configuration, orchestration and automation to stay ahead of new threats.

Backup: Also known as Business Continuity and Disaster Recovery, constant and consistent backups create a safeguard for if a breach does occur and the attackers hold systems and data hostage for ransom. With the right backup plan, organizations can restore from the latest one with minimal data loss or business interruption.

To be on the targeted side for any cyberattack, it’s inherently a defensive approach. Luckily, with ransomware, there are numerous proactive tools and strategies that can be put in place to maximize protection against such attacks. Find out what your right toolset is with a free assessment from Brite’s team of experts.

Your Guide to Email Security: Tools + Tips

Are email security tools necessary? Well, as ransomware remains to be a top cybersecurity concern, and email being the popular channel of execution, the simple answer is yes. Email security tools help protect the largest collaboration tool. Of course, there’s a long answer in which we’ll explain:

  • Email: The Stealth Attack
  • But what about the spam folder?
  • And what about Microsoft 365 security?
  • What email security tools provide

Email: The Stealth Attack

As the main channel of communication and collaboration, users rely on the platform for everyday tasks. That simple fact opens a door for attackers to take advantage of. These stealth attack tactics prey on human instinct, emotion.

Think about it. You open your inbox to find 20 new emails from the last hour. After a quick scroll through to assess what needs a response, you find an urgent message from a high-level at the company making a request. Instinctively, we act on the request. Commonly, these are monetary requests asking for gift cards, wire transfers, etc.

Upon action, a breach begins, and a door opens into the network. To find how what happens next and fully understand the anatomy of a breach, check out this blog here.

The evolving capabilities to manipulate emails create the perfect sneak attack on unsuspecting victims and organizations – all through the inbox we all know and have learned to trust.

But, what about the spam folder?

Before jumping into the email security toolset, let’s talk about why email programs and native protections aren’t enough in today’s age.

Spam filters assess incoming messages against a predetermined checklist to validate where the email came from. It includes the IP address of every server that touched the email, date and time stamps and security signatures. These are then cross-referenced against known blacklists and when a match is found, it’s sent to the spam folder.

While spam folders are a start, tactics and methods are constantly evolving to outsmart spam filters. Essentially, because it’s such a lucrative means, attackers justify spending the time-evolving tactics to pass through spam filters and go undetected.

And what about Microsoft 365 email security?

Microsoft 365 has greatly improved basic security features. Such as multifactor authentication (MFA) which adds a layer of protection on the user front. DMARC functionality gives organizations control over users allowed to send emails from the brand’s approved domain. While continued updates to Exchange Online Protection (EOP) are attempts at protecting against known spam and malware.

However, Microsoft 365 native email security features are still not enough for full email protection to cover the company against evolving threats.

What email security tools provide

The reality is that native spam filters just aren’t enough. Luckily, there are email security tools to make up for what they lack. These specialized tools can utilize advanced technology, like artificial intelligence and machine learning to stop emerging tactics.

To provide an example of a solution, we’re going to highlight Proofpoint’s approach to email security. A complete solution includes the following protection:

  • Phishing, imposter and email fraud protection: This defense analyzes multiple message attributes including message header data, sender’s IP address, message body for urgency words/phrases.
  • Block malicious emails with multilayered detection: This feature uses baseline reputation and content analysis to defend against evolving threats.
  • Email warning tag: Easily (and automatically) tag suspicious emails to reduce the risk of successful attacks by bringing attention to the end-user.
  • Classify and quarantine email: Gaining granular control of unwanted email is the ultimate spam filter.

The multi-faceted approach combined with email security tools powered by artificial intelligence and machine learning creates a complete strategy to protect against the latest email attack methods.

Anatomy of a breach graphical blog thumbnail

Anatomy of a Breach: Phases of a Phishing Attack

Cyberattacks like ransomware remain a top concern for all organizations with SMBs affected at alarming rates. 46% of small to medium businesses have been the victim of a ransomware attack. Do you know the six phases and what steps organizations can take to stay protected? Luckily, there are several available defense solutions and protection services to reduce risk and the overall impact of an attack.

First, it is very helpful to understand how a ransomware attack occurs. Ransomware is malware that infects the target device. The most common delivery method of malware is phishing attacks.

To assist our most vulnerable audience, we are going to put our expertise to the test and dissect the anatomy and phases of a phishing attack based on the summary of the Mitre ATT&CK kill chain, you can see the full kill chain here. As a bonus, we are sharing BriteStar’s recommended security plan on how to build a mature cybersecurity organization.

After decades of helping small to medium businesses with limited resources work through the IT and cybersecurity struggles of where to start and how to dedicate resources to continuous management, BriteStar’s managed IT service team has picked up a few tips along the way to stay proactive against attacks. And remember, Brite is here to become an extension of your team and provide all the essential IT and security services to keep your business running and protected.

The six phases of a phishing attack + essential cybersecurity tips

Phase 1: Reconnaissance

This stage is the equivalent of a criminal scoping out a location for a robbery. They gather insights into the best ways to enter. For a phishing attack, that could be building/buying a list of names to target. Or guessing at the email handle. Targets are often just a random list of employees, or in more sophisticated attacks, extremely detailed investigations into high-value individuals.

BriteStar tip: Continuously scan your environment to understand the complete hardware and software inventory. You can’t protect what you can’t see. Don’t use a corporate email address for social media nor post on other public-facing sites. Lastly, identify high-risk individuals and add prioritized their alerts based on anomalous activity.

Phase 2: Delivery

One word – email. 91% of breaches originate from a phishing email. This is important to note because a path to cybersecurity maturity starts with knowing where you’re most vulnerable and closing that gap. For most companies that includes emails (and the users). All it takes is for one employee to click on a malicious link.

BriteStar tip: To identify and prevent phishing attacks, use a combination of good technology and knowledgeable people. A complete email security suite combining threat intelligence, source reputation with advanced detection and prevention techniques can filter out a majority of the malicious and unwanted noise.

So, by educating your users with an engaging and intuitive user awareness program, you can improve that last line of defense. Be sure to force the high-risk users from above to complete the program and even enter them into a risk-based user awareness training program that incorporates additional training customized to their usage habits. Read about Brite’s user awareness journey and how we achieved a 0.0% phishing-prone score.

Phase 3: Exploitation

Once the attacker chooses the channel of delivery, then they can find the specific vulnerability to exploit. The one door that isn’t quite locked can be their way in. For breaches, it commonly is a misconfigured device or a software vulnerability that hasn’t been patched.

BriteStar tip: Continuously patch your devices to close unneeded ports, patch outdated software and devices. In addition, document your compliance standards and proactively maintain these systems to those expected levels.

Phase 4: Installation

Once the attacker is able to infiltrate the network, they will drop a payload to kick off a process. For example, it could be installing a key logger to capture credentials or an executable that communicates back to their command and control server. This stage is all about taking an initial action to set up the more advanced stages. Essentially, the prep work is done, and the breach has begun.

BriteStar tip: Perimeter security tools are the game-changer. The more fence you have around a building, the more an attacker must overcome. Today our perimeter isn’t as well defined as it was in the Brick-and-Mortar days. Perimeter security must protect the network, endpoint, cloud and even email. Remember, no matter how good your fence is, it requires ongoing maintenance and tuning to remain effective.

Phase 5: Command and Control

The actions from phase four allow the attacker to take command and control of a particular system or environment. Once an authorized account has been created the bad actor is disguised as an employee, giving them free rein to move around the environment virtually undetected.

BriteStar tip: 24/7 network monitoring will help detect abnormal activities within the environment. The sooner detection occurs, the more you can minimize the damage.

Phase 6: Actions and Exfiltration

This is the end game for the attacker. Whether it’s encrypting, stealing and deleting data, or disrupting operations, the damage to the organization is done.

BriteStar tip: When all the defense methods fail, disaster recovery and backup can save companies when the actual breach occurs. Instead of paying a hefty ransom, systems and data can be restored immediately.

While cyberattacks can be costly and detrimental to organizations, the good news is that there are layers of security to implement. The road to cybersecurity maturity can be a long path, depending on where you are starting from. Fortunately, you don’t have to go at it alone – Brite is here to help. Explore the BriteStar service in-depth here.

Finding IT Support Blog Thumbnail

Finding the Right IT Support After Four Failed Providers

Challenge: IT Support

After four different managed service providers, a New York City business solutions firm was unhappy with the level of service and support needed to meet its growing list of IT needs. Coupled with the pressing need for an active security approach, the firm set out once again to find a suitable managed service provider.   

The Battle for IT Support and Service

The battle began after realizing that the one-person in-house IT department was not sufficient for the growing, multi-city organization. Chaotic, ill-planned, unsupported – is how one could describe the IT history of Sharp Decisions. The company then made the decision to outsource IT to a provider.  

“When we were doing it ourselves, everything was inconsistent. There was no documentation. Every computer was set up differently,” Stuart Gottlieb, Chief Financial Officer at Sharp Decisions commented. “On top of that, there was only one person handling it, including the security and the server room. It was not comfortable.”  

From there, the failed relationships with four different providers ensued. The silver lining is that each experience gave the Sharp Decisions team more insight into the criteria and desired outcomes from a provider – timely customer service, enhanced cybersecurity and proactive planning were at the top of the list. Ultimately, found those in a partnership with Brite and its BriteStar service. 

Gottlieb recalled, “The BriteStar service was attractive because it could manage all our assets [from cradle to grave], including the purchasing, configuration and set up in a consistent, reliable manner. The service part has worked out great. With other providers, we experienced calling the service desk and no one getting back for two or more hours. With Brite, I very rarely hear a complaint.” 

After the initial hardware and service expectations met, the relationship quickly developed and Sharp Decisions has been able to tackle the internal strategic projects it never could before.  

“We finally moved our accounting system into the cloud, so we’re eons better than where we were,” Gottlieb said. “We’re in the cloud, we’re backed up. We’re upgraded to the latest version, after being eight years behind. That’s a big win for us.” 

 As for why the company waited to do the project, Gottlieb shared, “We never really had the faith in the last provider that we would actually be comfortable doing it.” 

The battle was won once the company made the decision to work fully remote and experienced a seamless transition.  

“The simple fact that everything was in place, and we were up and running was a huge home run. We didn’t have to worry about anyone being in the office for five months,” Gottlieb said.  

Now, with the core IT support and management needs met Sharp Decisions and Brite will continue to evolve the overall IT approach.  

The Need for Security 

During the initial search for a new provider, the requirement of cybersecurity services was a major requirement. Increasing pressure from Fortune 1000 clients to meet third-party compliance standards prioritized the need for increased security operations and support. After an initial security assessment, it was clear that Sharp Decisions had an immediate need for advanced managed cybersecurity. BriteProtect, Brite’s comprehensive managed security service, separated Brite from the competition 

“Based on our preliminary assessment, built from industry-standard frameworks, we were able to understand Sharp Decisions initial status and build a roadmap to security maturity.” Trevor Smith, EVP at Brite explained. “This planning phase helped prioritize the implement and optimize necessary security tools, improving security posture as well as meeting the compliance requirements.” 

“Clients want to make sure that our systems are backed up properly. They want to confirm that we’re using encryption, firewalls, a valid disaster recovery plan,” Gottlieb shared. “All these things are in place and documented. That is huge since we’ve never had it before.” 

While the client compliance drove the cybersecurity initiative, Sharp Decisions continues to work with Brite to enhance cybersecurity for a comprehensive approach. Monthly calls allow for communication on metrics and remediated situations, as well as continued planning for user awareness training and other projects.  

“And now we don’t worry” 

Gottlieb summarized the journey, “We are confident security-wise. I feel 100% supported from a customer service aspect. My employees feel it because it flows. And the assistance we got during the transition and then the lack of issues we had during COVID was perfect. So, you know, we’re happy clients.” 

Small Business. Big IT Problems.

BriteStar Protects Small Business from Cyberattacks

Large companies are not the only ones susceptible to cyberattacks.  The 2018 Verizon Data Breach Investigations Report reveals that 58% of all data breach victims are small businesses.  Many of these attacks happen by chance due to the increasing popularity in the “spray-and-pray” attack method.  Since these attacks are random, any business that is not sufficiently protected can be negatively impacted. 

Most small to medium-sized organizations have limitations that restrict their ability to build and/or maintain a mature, experienced IT department required in today’s environment. The lack of an advanced IT strategy leaves the organization most susceptible to random attacks and will sustain significant business losses.   

Enter BriteStar, Brite’s premier managed service offering. BriteStar helps companies protect and manage their IT infrastructure through a superior combination of people, process and technology.  Built off industry-leading IT best practices, BriteStar increases uptime, reduces break/fix issues and offloads day-to-day IT tasks, all at a fixed monthly cost.  With BriteStar, businesses can offload the tactical efforts and focus on strategic projects that propel the business forward.  

“Brite focuses on providing secure, stable and scalable IT environments to all of our customers, no matter the organization size.  After nearly 20 years in the enterprise security space, we realized that small and medium-sized businesses are faced with many of the same problems and threats that large organizations face. BriteStar was created out of the need for both affordable and premium IT support,” stated Justin Smith, Brite’s President and COO.  

A Small Company’s Struggle 

Lupton Associates undertook the everyday burden of managing its IT infrastructure. The company of 20, like many companies of similar size, was not able to dedicate the necessary resources to properly manage and secure the IT infrastructure. The information manager was responsible for all IT duties, along with marketing, the support of new business development. As a result, disruptions would take the entire infrastructure down for days while the company reactively scrambled to find a solution.  

The organization’s information manager said, “As a one-man show, there is just no way for me to keep up. Network administration wasn’t my strong suit. I have a limited IT background, and I am a “hack my way through problems” kind of person. That does not work in today’s world. There are just too many threats and too many ways for disaster to happen. It really does bring your business to a screeching halt when you are interconnected like we are.”  

After recognizing the struggle to manage the day-to-day IT needs the company made the decision to offload tactical daily tasks to a managed service provider. “We always had someone in the role of network administrator, but nobody was really qualified for that position. But I think that it makes perfect sense for our organization,” said the information manager. “Frankly, a lot of times, I just didn’t have answers.” 

The company chose Brite as its managed service provider and was onboarded just in time. 

BriteStar in Action 

The investment in a managed serviced provider was quickly validated. Though multiple zero-day security prevention tools were put in place, an end-user clicked on a malicious email sent in a “spray and pray” attack and started a chain reaction. The company suffered an attack that could have caused the network to crash if it wasn’t for BriteStar.   

A  hacker  silently  infiltrated  the  network. The  malicious attacker changed all administrator passwords, prohibiting users from logging onto the system.  With command and control, the attacker was preparing  to use the company’s environment to launch attacks on others. 

Luckily for this BriteStar customer, while the prevention didn’t stop the attack, one of the many detection tools alerted Brite of the dramatic changes in the environment. Brite’s in-house Network and Operations Center received the alert and responded within 15 minutes of detection. The team immediately began an investigation to evaluate the legitimacy of the threat. Once the team validated the threat, it notified the customer of the incident and began remediation. 

“BriteStar uses a suite of technologies to protect our customers from all kinds of attacks. Understanding prevention is never 100%, we have designed our technology stack to detect anomalies and allow us to restore the parts or the entire environment almost immediately,” said Smith. “We managed to resolve this incident within 45 minutes of being notified with only 15 minutes of downtime.”  

Brite’s unique combination of both proactive and reactive methods ensures that the customer is covered, no matter what happens.   

“From our side, we switched to the backup environment and we really lost no time during that morning, which is huge,” said the information manager. “I’m completely and utterly thankful that we contracted with Brite.  It’s been a great relationship for us.” 

Scroll to Top