Skip to content

Does Your Company Use VPN Solutions? Every Minute Is Critical!

According to recent news articles, a large Israeli company Shirbit insurance is being extorted by a group of hackers called the Black Shadow. The hackers are demanding the insurance company pay them more than a million dollars of ransom money in Bitcoin, or they’ll release sensitive corporate data publicly in stages until their demands are met.

According to Clear Sky, Shirbit didn’t update the VPN in time: “All Shirbit needed to do was to download and install a patch for the Pulse VPN’s security hole.”

Additional sources point to the Pulse VPN exploit as a substantial cause of the Shirbit insurance company breach.

A successful VPN ransomware cyber-attack can be devastating, both to the targeted company’s finances and reputation as well as to the public whose personal data is exposed. In the Shirbit attack, the hackers’ identification and motivation are still being investigated.

Using Virtual Private Networks (VPN)

Enterprises deploy an assortment of security technologies and implement policies to safeguard their valuable data. One software tool often used for employee secure remote access is the corporate VPN. VPN technology extends a private network across a public network, enabling users to send and receive data as if their computing devices were directly connected to their company’s private, inner network.

VPN Security Vulnerabilities

A serious problem can arise when corporate VPNs are used as the main remote access solution. Instead of acting as a security control, a VPN gateway becomes a threat surface for hackers. Hackers desiring to breach a company’s network often attack the company’s VPN gateway. If the exploitation is successful, a breach can enable malicious access to a broad range of protected servers, data, and accounts.

The US National Security Agency (NSA) often issues warning that VPNs can be vulnerable to attacks if not properly secured. The alerts are compounded by the COVID-19 pandemic surge with an increasing number of remote ‘work from home’ (WFH) employees adapting to COVID-related office closures and other disruptions.

The latest exposed VPN Common Vulnerabilities and Exposures (CVEs):

  • CVE-2020-13162
  • CVE-2020-12880
  • CVE-2020-8260
  • CVE-2020-15408
  • CVE-2020-5132
  • CVE-2020-5145
  • CVE-2020-2050

What Are Zero-Day Attacks

Zero-day exploits are a particularly dangerous form of attack because the hacker strikes a vulnerability unknown to the software developer or vendor. The ‘Zero’ refers to the number of days the software developer or vendor have been aware of the vulnerability, i.e., zero days. Hackers can exploit a zero-day vulnerability before it is known or patched.

From Zero-Day to Day One – to CVE and Patch

Following a zero-day breach, the vulnerability becomes a ‘One-Day’ vulnerability. Then usually, a CVE is published, and eventually, a security patch is developed and becomes available to users by the relevant vendor. The users need to deploy the patch to prevent hackers from exploiting the vulnerability that is now publicly known – in many aspects, this is even a riskier time than when the vulnerability was only ‘Zero Day’.

There are at least three key factors that make VPN patching difficult for an enterprise:

  • Application compatibility (time investment)
  • Patch testing and rollback (testing investment)
  • Change control (organization downtime)

Patching Is Time, Cost, and Effort Well Spent

Studies continue to recommend that companies must not risk compromising access to back-end services and data by using tools that do not meet established security policies and that do not implement Zero Trust Network Access (ZTNA) principles.

However, IT personnel should not have to chase after a continuous flow of new patches for each new vulnerability. What’s needed is a modern solution that does not rely solely on patches and still addresses each important and crucial layer in your organization’s IT environment.

Safe-T’s ZoneZero® Solution

Safe-T ZoneZero® revolutionizes secure access by providing Zero Trust Network Access (ZTNA) features to enhance your organization’s current infrastructure, with or without VPNs. The ZoneZero® Perimeter Access Orchestration platform provides the central management of all secure access technologies.

Safe-T ZoneZero® integrates seamlessly with your company’s existing VPN and firewall infrastructure for the purpose of adding hardened security features. ZoneZero® is designed to prevent or mitigate unwanted intrusions by utilizing a patented software component implemented together with, and enhancing, your company’s existing IT infrastructure.

A main result of a ZTNA architected network is improved and continuous user authentication. IdM and MFA vendors supply a variety of authentication controls, however, ZoneZero® is unique in offering the ability to add MFA to legacy VPNs and other backend non-web services which usually do not support orchestrated MFA. Such as SMB, RDP, VMWare vSphere, SSH, SFTP, VDI, etc.

ZoneZero® VPN adds an additional layer of verification and control. Once a VPN connection is established it exposes only services the user/device currently needs that meet the criteria to enable the user to connect.

Info: Compare this with a typical VPN solution that extends the full, broad network to the VPN connection endpoint.

Orchestrate Perimeter Rule Based Access end-to-end ANY-Service, Context, Identity with Safe-T ZoneZero® Features. A solution that provides your organization secure remote and local access to corporate services while integrating seamlessly across all legacy infrastructure, authentication, and hosting services.

With Safe-T ZoneZero® solution – You can prevent the attack!

The Solution – ‘Safe-T ZoneZero®’

  ZoneZero® solution supports any client-based VPN solution.

  ZoneZero® solution supports any client-less based VPN solution.

  ZoneZero® solution allows the addition of 2FA/MFA to any VPN solution used.

  Deploy ZoneZero® solution as a single appliance, a highly available appliance or as distributed highly available appliances.

  ZoneZero® solution allows integration with any IDP, MFA, and/or VPN.

  ZoneZero® solution provides continuous authentication by adding 2nd stage MFA for any backed services.

  ZoneZero® solution eliminates identity takeover fraud while delivering a seamless user experience.

  ZoneZero® solution separates the authentication layer from the access layer.

  ZoneZero® solution isolates VPN server – reduces vulnerabilities scope.

  ZoneZero® solution delivers an authentication gateway and Application gateway for internal resources.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.

ESET discovers operation SignSight: Supply-chain attack against a certification authority in Southeast Asia

BRATISLAVA, MONTREAL – ESET Research discovered another supply-chain attack in Asia, this time on the website of the Vietnam Government Certification Authority (VGCA). The attackers modified two of the software installers available for download on this website by adding a backdoor in order to compromise users of the legitimate application. Supply-chain attacks appear to be a quite common compromise vector for cyberespionage groups. Cybercrime operation SignSight leverages malware known as PhantomNet or Smanager.

“In Vietnam, digital signatures are very common, as digitally signed documents have the same level of enforceability as wet signatures. In addition to issuing certificates, the VGCA develops and distributes a digital signature toolkit. It is used by the Vietnamese government, and probably by private companies, to sign digital documents. The compromise of a certification authority website is a good opportunity for APT groups, since visitors are likely to have a high level of trust in a state organization responsible for digital signatures,” explains Matthieu Faou, one of ESET’s researchers investigating the SignSight operation.

The PhantomNet backdoor is quite simple and is able to collect victim information (computer name, hostname, username, OS version, user privileges [admin or not], and the public IP address) as well as install, remove and update malicious plugins. These additional and more complex plugins are probably only deployed on a few selected machines. By also installing the legitimate program, the attackers make sure that this compromise won’t be easily noticed by end users.

ESET researchers uncovered this new supply-chain attack in early December 2020 and notified the compromised organization and the VNCERT. We believe that the website ceased delivering compromised software installers at the end of August 2020. The Vietnam Government Certification Authority confirmed that they were aware of the attack before our notification and that they notified the users who downloaded the trojanized software.

ESET has seen victims in the Philippines in addition to Vietnam.

For more technical details about operation SignSight, read the blog post “Operation SignSight: Supply- chain attack against a certification authority in Southeast Asia” on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Google Chrome and ESET collaborate in fight against online threats

BRATISLAVA – ESET, a global leader in cybersecurity, announced today it is continuing to partner with Google to protect Google Chrome users. ESET’s award-winning technology is used by Google to scan, identify and remove unwanted software encountered by users of Chrome for Windows. The extension of the cooperation on Chrome Cleanup, part of Chrome’s Safe Browsing feature, continues the close collaboration between the world’s most popular browser and the leading EU-based IT security vendor’s technology.

As applied in Chrome Cleanup, ESET’s technology is used by Google to alert users about unwanted or potentially harmful software attempting to get on users’ devices through stealth, for example, by being bundled into the download of legitimate software or content. Google Chrome, using ESET’s security technology, then provides users with the option to remove the unwanted software. Chrome Cleanup operates in the background, without visibility or interruptions to the user. It deletes the unwanted software and notifies the user once the cleanup has been successfully completed.

The two companies enjoy a broad relationship that also includes a collaborative role in which ESET works closely with Google to ensure the safety of the Google Play Store as a partner in the App Defense Alliance. ESET also provides data for users of Chronicle, Google Cloud’s security analytics platform, to surface verdicts on malicious files.

“We are proud to partner with Google in helping Chrome users enjoy safer technology,” said Juraj Malcho, ESET Chief Technology Officer. “The ongoing collaboration with Google and Chrome Cleanup demonstrates the importance that both companies place on keeping users safe and secure. With Chrome being the browser of choice for most Windows users, ESET’s technology and engineers are providing frontline protection.”

For additional information about Google Chrome Cleanup, please click here

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

CyberLink Will Showcase New FaceMe® eKYC and Fintech Solutions at CES 2021

The company will also exhibit the latest updates to its industry-leading FaceMe® SDK, as well as its highly praised pandemic control and access security software solutions FaceMe® Health and FaceMe® Security

Taipei, Taiwan— December 15, 2020— CyberLink Corp. (5203.TW), a pioneer in AI and facial recognition technologies, will showcase new applications of its state-of-the-art FaceMe® technology for the banking, financial services and insurance (BFSI) industry at the all-digital Consumer Electronics Show January 11-14, 2021. CyberLink will also feature its innovative software solutions, FaceMe® Health for pandemic control, and FaceMe Security for access control, authentication and security.

CyberLink Will Showcase New FaceMe® eKYC and Fintech Solutions at CES 2021

FaceMe® eKYC and fintech solutions, deployable at the edge, offer the BFSI industries the ability to conduct secure, real-time biometric verification and identity recognition. FaceMe®’s eKYC technology offers financial institutions the ability to match a person’s photo to their ID in person or virtually, protecting customers against identity fraud whether they’re at a branch, or accessing their accounts from home.

The FaceMe® eKYC and fintech solution can be applied for identity verification, or second factor authentication, in opening bank accounts, applying for credit, conducting ATM transactions or mobile banking, buying insurance services, and using remote customer service. FaceMe® facial recognition is one of the most accurate methods of identity verification with up to 99.7% accuracy rate according to the NIST FRVT (Facial Recognition Vendor Test) and with secure built-in anti-spoofing. The cross platform flexibility allows FaceMe® to be integrated into smartphones, computers, ATMs, wall cameras and a variety of other devices.

“In light of COVID-19, financial institutions must digitalize transactions and processes while maintaining the highest level of security,” said Dr. Jau Huang, CEO of CyberLink. “Cutting-edge technologies such as facial recognition are the future of digital identity verification and we’re excited to showcase FaceMe® eKYC and fintech solutions at CES 2021.”

FaceMe’s® edge-based architecture empowers powerful, efficient processing, and higher levels of security compared to cloud-based solutions. FaceMe® can run on low-power CPUs to enable facial recognition on cost-effective IoT/AIoT devices, as well as being integrated with high-end servers, workstations and personal computers equipped with GPU to provide highly efficient performance. The result is a fast, flexible, and precise facial recognition SDK solution applicable for a wide range of scenarios, including: smart banking, security, access control, public safety, smart retail and more.

For more information on FaceMe® eKYC solution, please visit https://www.cyberlink.com/faceme/solution/Fintech_eKYC

For more information about FaceMe®, please visit the official website at www.cyberlink.com/FaceMe

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

GREYCORTEX IS LIKE A DOCTOR, PREVENTING CLIENTS FROM CATCHING A CYBER-DISEASE

What a person encrypts, a person can also decrypt. This was true a couple of years ago. Nowadays, cyber-criminals use advanced technologies and their attacks are much more sophisticated and targeted, and consequences are much worse. “Not only the good guys (i.e. cyber protection companies) but also the bad guys are evolving. Attacks are aimed at weak points and human errors,“ says Petr Chaloupka, CEO of GREYCORTEX, a company that focuses on IT and industrial network security. The story of this company that succeeded among the fastest growing tech companies began long before its foundation. It is a story about passion, vision, skills and a ton of humour. And, in a way, it is connected to the beginning of computerisation in Czechoslovakia.

Maybe you too still have a vivid memory of this history chapter and maybe you remember 8-bit computers – or maybe you don’t. Luckily, there is Petr Chaloupka, the founder and CEO of GREYCORTEX, and his memories of a contest from the ’90s, a text game passed around on cassettes and floppy disks that were created very long ago for 8-bit computers. Cassettes and floppy disks were… well, just google it, kids! “This game was protected by a password that was announced on a certain day in the newspaper, on the radio and on TV to give everyone the same fair start. However, my friend and I didn´t feel like waiting and so, after several hours of reverse engineering, we identified the password and came to the conclusion that what a person encrypts, a person can also decrypt. And that is maybe where my lifelong passion for cybersecurity started and this seemingly innocent story signalled my future professional career“.

A STORY OF A COMPANY STANDING ON THE FRONT LINE IN THE BATTLE AGAINST HACKER ATTACKS

The first chapter of the GREYCORTEX story began around 2005. “I was working on an antivirus for Linux, which was a completely insignificant platform for cybercriminals back then and for which there was no malware. There were only a few lab experiments for proving that there could be one. My colleague Michal Drozd used to hack banking systems using social engineering and customised malware“, reminisces Petr Chaloupka about the beginnings with a smile. The group includes another Petr – Petr Chmelař. “Back then, he was working on machine learning principles that would be capable of finding video signal anomalies. A strong technology for which there may have been another use. What about transferring it from the video world into a computer network“? asks Petr Chaloupka rhetorically with a good portion of irony.

However, you are probably more curious about the ending of the first plotline, about Michal Drozd and his bank story. There was no shocker – Michal Drozd stood on the right side and banks paid him to do what he did. We would say today that he was an ethical hacker. “However, if he had decided to become a cybercriminal, he would be very rich by now,“ adds Petr Chaloupka.

But let’s be more serious now. Fast forward fifteen years later. Petr Chaloupka sums up that Linux is a common and widespread platform, interesting enough for cybercriminals to attack. GREYCORTEX is now a well-established company focusing on the development of security products for network protection, machine learning and AI research, and the second fastest growing tech company in the Rising Stars category of the Deloitte Technology Fast 50 competition.

“Were we visionaries back then? I don’t know. Maybe we were just the three right people at the right place, and if we had never met, nothing would have happened. Literally. But we did meet, a couple of good questions were asked and we started to look for answers together.“

THOROUGH AND COMPLETE SECURITY

The second chapter of the GREYCORTEX story was about visionary questions in the end; for example, how can someone manage to break into a bank or any other company without having to leave their home? And how come they don’t get caught? Then the right answers came and with them the first specific solution.

“Somewhere around 2014, things blended really well and when five more friends and colleagues joined us at the end of 2015, everything was ready to establish a company and start our business. It needs to be said that all founders are still with us in different roles in the company, helping it grow.“

Petr Chaloupka

 

Four years later, the company became five times as big. “Our product ‘Mendel’, which can uncover hidden threats in the network, from unknown devices to advanced attacks, has matured. After overcoming some childhood diseases and puberty, it is becoming a model for others – we helped introduce another branch of cyber security into the world! It used to be called NTA (Network Traffic Analysis) in the past; now it is called NDR (Network Detection and Response),“ says Petr Chaloupka.

Don’t worry if you are getting a little lost in all the information, you have a right to that and you deserve an explanation: NDR combines deep visibility into infrastructure with the capability to detect known and unknown attack and malware types and to react to them in real time. So, it is clearer now, isn’t it? Same as the fact that “the world is changing, technologies are changing and we are changing with them. It is important that we have done our bit and continue to give cybercriminals a hard time and ruin their filthy and immoral business,“ remarks Petr Chaloupka.

What was the worst in the beginning? “Even in our case, it holds true that all theory is grey, but the golden tree of life springs ever green, so we do everything in a completely different manner than we used to. However, the most important thing is that we learned to understand what it means not only to have a good product but also to sell it and persuade clients that they need it. You could say that we are selling insurance or that we are like Eastern medicine – we ensure that the client does not become infected and he pays us for not getting ill.“

To sum it up, Petr Chaloupka views success and failure as communicating vessels. “A functioning and growing company is a success, even though it arose from humble financial background and was basically only a dream of a few founders some 6 years ago. From the beginning, we had a vision of building a global company and so our plans now are clear – to strengthen our position in the territories in which we already operate and gradually add other locations to reach our goal. It is definitely important to find balance between this dream goal and the need to have both feet on the ground (or at least one foot).“

This article was originally published here

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

CyberLink’s FaceMe® AI Facial Recognition Engine Ranks as a Top Ten Vendor in Latest NIST Leaderboard

TAIPEI, TAIWAN — December 8, 2020 —CyberLink Corp. (5203.TW), a pioneer in AI and facial recognition technologies, announced it has ranked as a global top ten vendor in the latest Facial Recognition Vendor Test (FRVT) with its FaceMe® AI facial recognition engine. The test is the leading authority on facial recognition precision and is the most rigorous evaluation for facial recognition technology within the industry conducted by the United States’ National Institute of Standards and Technology (NIST)

CyberLink’s FaceMe® AI Facial Recognition Engine Ranks as a Top Ten Vendor in Latest NIST Leaderboard

In the latest FRVT 1:N Identification report, FaceMe® scored an accuracy rate up to 98.11% on its identity recognition against a database of 1.6 million Visa and webcam images, ranking ninth globally out of all tested vendors. When excluding vendors from China and Russia, CyberLink ranks in third for accuracy worldwide with its automated face recognition algorithm. FaceMe® has found immense, real-world practical success due to its flexible edge computing architecture optimized across platforms and devices, enabling a wide range of use cases for smart banking, retail, security, smart cities and more.

“NIST’s independent evaluation establishes CyberLink as one of the de facto leaders in facial recognition research and development globally,” said Dr. Jau Huang, CEO of CyberLink. “To date, FaceMe® has been applied to a range of applications across multiple IoT/AIoT scenarios in the hospitality, retail, law enforcement and financial industries. With the rising adoption of facial recognition in banks and fintech, we are ready to partner with industry leaders and create a safer ecosystem by deploying solutions such as electronic Know Your Customer (eKYC) to protect against identity fraud.”

FaceMe’s® edge-based architecture empowers powerful, efficient processing, and higher levels of security compared to cloud-based solutions. FaceMe® can run on low-power CPUs to enable facial recognition on cost-effective IoT/AIoT devices, as well as being integrated with high-end servers, workstations and personal computers equipped with GPU to provide highly efficient performance. The result is a fast, flexible, and precise facial recognition SDK solution, applicable for a wide range of scenarios, including security, access control, public safety, smart retail, smart banking and more.

For more information on FaceMe®, please visit www.cyberlink.com/faceme

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

About Talma
With more than 29 years offering complete solutions, in Talma we provide safe, fast and efficient airport services. We operate in 19 airports in Colombia.

How to build a comprehensive backup strategy for your company

We as humans live in a very dangerous world, full of unexpected risks. Now imagine a world, where danger hides around every corner, you can’t make any mistake, otherwise, you are gone. In the world, I just described, live all of your company data. You can influence this world by providing your data with adequate protection. The First step is creating a comprehensive backup strategy. In this article, I will guide you through points you have to have in mind while creating your organization’s backup strategy.

What is the backup strategy?

A backup strategy is a tool, you as an administrator can use to make sure all essential data in your organization is protected. That is one sentence explanation, but let’s dig a little deeper. A backup strategy determines which actions to take in case of a disastrous situation. These actions serve you to ensure your business’s continuous performance. To prevent losing precious data, you’ll need to back it up regularly, store it securely, and know-how to recover it in case of a disaster or any event of failure.

Why do you need to back up your data?

But what kind of failure can happen to you? Well, we would say – infinite list – but the most common are human error, hardware failures, cyberattacks, natural disasters. We have described them in our 6 common threat vectors and how to protect against them article.

What data you need to protect

Together with your organization growth, grows the number of devices, services, and generated data. You should determine what kind of information is the most crucial for your organization. Simply – which data you need to keep your business working. Then, create a backup plan that will include all critical data from your endpoints and servers. 

Don’t forget to include in your backup strategy all SaaS services that provide your business with useful features and…generates or store data. Do you use Microsoft 365 suite (former Office 365)? Consider Exchange, OneDrive, and Calendar backup.

That’s a lot of data you need to backup already. There is one more thing to remember. Your co-workers probably use more than one device to work – remember to protect them all. 

All the data you’ve chosen to be backed up need to be stored somewhere. This somewhere is your choice, but first, you need to know a few things about available options.

Backup storage

There is a very wide list of storage possibilities – local, cloud (public or private), hybrid or multi-cloud – just to mention few. You need to consider which option is the most accurate and efficient for your organization. 

  • You can make backups locally on various storage devices, including local servers, USB disks, NAS (Network Attached Storage), or SAN (Storage Area Network). Locally stored backups are fast, convenient, easily managed, maintained, and secure. However, local storage is sensitive when it comes to physical threats and natural disasters, i.ex. flood or fire. Additionally, if all servers and devices are kept in the same place you can lose access to all your critical data. 
  • You can also send you backups to the cloud (public or private) – including Azure, and AWS. Cloud-based backup storage is a more flexible and affordable option, and definitely more safe one – there is barely any possibility to lose backups from professional and redundant data centers. Those providers are resistant to any physical damage. Minus? You need to have a stable and fast internet connection for backup to perform adequately fast as in case of local storage.

Each solution has pros and cons, so choosing the best one for you might be tough. How to make a decision? Listen to the old but good one, the 3-2-1 backup strategy.

The 3-2-1 backup strategy stands for:

  • Having 3 copies of your data.
  • Having them stored on 2 different storage types.
  • Having 1 copy of the data offsite.

While choosing where you want to store your backups, you also need to have in mind RTO’s and RPO’s, because they may vary when it comes to data storage.

Recovery Time Objective and Recovery Point Objective

A good backup strategy has to have a well-thought disaster recovery plan that will eliminate downtime and guarantee business continuity in case of any event of failure. What you need to do first is to define the two most important parameters – Recovery Point Objective (RPO) and Recovery Time Objective (RTO). What do they mean? 

Recovery Point Objective defines what is the maximum time that you are willing to lose data from, in case of an incident. It can vary between various systems in your company, for more critical data, you might want to be able to recover data from no more than an hour ago. But for less important systems the 24h period for RPO will be sufficient enough.

Recovery Time Objective defines how fast you can recover your data, to get your systems working as they were intended. To shorten the RTO, you will need faster storage, faster network, and overall more expensive technologies. But it can help your company minimize losses that come with your system being down.

Few more things to have in mind while creating backup strategy

While creating your Backup Strategy, you will also have to consider, having your backup scheduled for your needs. You probably want different priority data, backed up at different schemes. Creating a backup schedule correlates very closely with how you set your company’s RTOs and RPOs.

Another thing you need to have in mind is how long you want to retain copies of your data, and how many versions of them you want to keep. Whether you want to keep copies for a year, or a month, you need to have it thought out.

Many factors are influencing what your backup strategy should look like. And you probably don’t want to worry about running those backups with all those factors in mind all the time. So it might be good to create backup plans that will run according to your set schedules, and take care of all factors that might clutter your head when it comes to data protection. Your backup solutions should enable you to set a backup plan once (or choose a predefined one) and chill out knowing your data is protected, accessible and recoverable.

Testing your backup

So you set up your backup plans, probably performed a couple of backups already, and you think your data is secure. And now a disaster strikes, all your data is gone, but you have a backup. Surely you can recover all of it. But you made a small mistake while creating a plan, and your data is now impossible to recover. 

All of this can be avoided if you test your backup regularly. Make sure your recovery process is working properly in controlled conditions. So when a disaster happens you will be ready to recover your system properly.

Creating a backup strategy with Xopero

In the Xopero ONE Backup&Recovery solution, you can create automatic, policy-based backups.

Choose data and devices you want to protect, storage(s) where you want to keep them, and backup execution manner. Add many devices to one plan or one device to many plans. Take advantage of a wide range of enterprise-class features that let you easily customize your backup policy.

And here are some of those features, you can use to meet your company’s backup plan needs:

  • Physical environment and SaaS backup: protect your Windows, Linux, or macOS-based devices (endpoints and servers) or take advantage of the most intuitive Microsoft 365 backup (former Office 365 backup)
  • Smart File or Image Backup: schedule automatic file-level or image-level backups (full, incremental, differential) whether you need to protect chosen data or the entire system. 
  • Set it and forget it: set your plan once and the backup will perform automatically according to defined schedule, retention, and frequency.
  • On-premise or cloud storage: local, SMB, NAS, AWS, Azure, or all – use your local or/and cloud storage, safe money, and do not invest in additional IT infrastructure.
  • Flexible Versioning and retention allow you to easily adjust versioning and retention settings according to what you need. Store all versions, define the number of copies, or the time a given copy should be kept to optimize storage capacity. GFS, FIFO – choose your rotation scheme. 
  • Military-level encryption: to encrypt your data we use different alterations of the AES algorithm. The time needed to perform a backup will wary depending on whether you chose to encrypt your data using OFB 128, OFB 256, or CBC 256 version of the AES algorithm. The last one of those being considered, to this day, unbreakable.
  • Multiple recovery options: almost instantly recovery of chosen files or entire systems. Both physical machines or Microsoft 365 data. Take advantage of Smart Disaster Recovery technologies and granular, cross-user, point-in-time recovery features.

and much more…

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Xopero
Xopero began in 2009, founded as a company serving primarily SMB users. Our goal was to create more accessible and affordable secure data protection solution for any businesses. In 2015, Xopero started cooperation with QNAP Inc. – one of the key global NAS providers. This addition expanded our portfolio to include a true backup appliance, In 2017, Xopero fully extended into global market thanks to cooperation with ESET. Our company took the place previously occupied by StorageCraft in the ESET Technological Alliance.