How We Help Clients Through Security Issues
We pride ourselves on going the extra mile for our customers when their security practices fall short of attackers’ sophistication.
At Network Ninja, we help protect our clients’ data in many ways. Along with standard measures like security scans, event monitoring, encryption, logging, and regular updates, we also go above and beyond should any of our clients suffer a cyberattack - even if it’s not directly related to our software.
Our customers are leaders in their spaces, including civil legal aid, social services, and field marketing. But they aren’t security experts - nor do we expect them to be.
We know that well-meaning people make security missteps all the time, and that’s why we have a plan in place to deploy our expertise to help.
A Typical Attack
Let’s imagine that a Collaborate customer uses the same username and password combination on multiple websites, including their Collaborate application. If one of those outside sites gets hacked, attackers can leverage the re-used credentials to access the user’s Collaborate account.
Credential Reuse Can be Disastrous
Always use a unique username and password combo for your accounts. If one account is compromised, hackers will attempt to use those credentials elsewhere. 👀
This is one reason we encourage all of our customers to use Multi-Factor Authentication (MFA). MFA is a security best practice that requires a second form of authentication at login - in this case, a six-digit code sent to the user’s mobile device - which would prevent the hackers from accessing their Collaborate account.
Without MFA, however, attackers can get in - and do other nefarious things like threatening to extort the customer with Ransomware.
Specialized Security Alerts
Thankfully, our automated tools can tip us off when something like this happens. If attackers use a web scanner, for instance, it’ll generate a flood of support tickets as the scanner attempts to access areas of the application it shouldn’t.
Once alerted, our security staff can:
- Identify the offending traffic,
- Create an Incident Channel to handle the incident,
- Disable all accounts on the customer’s site, and
- Contact the customer to develop a plan of action.
Experts at the Ready
Network Ninja’s security team is experienced, knowledgeable, and enthusiastic about helping our customers. We’ll spring into action with mitigation measures like:
- Video conferencing 👩🏻💻
Collaborating with the customer to make decisions about things like isolating affected instances and enabling MFA for all users.
- Snapshots 📸
Taking real-time snapshots of affected sites for preservation.
- Thorough investigation 🔎
Ensuring that no sensitive data is accessed.
- Security upgrades 🔐
Beefing up tech security when possible, and training the customer on best practices to help prevent future issues.
Security Upgrades Available
Our enhanced security infrastructure - which will be offered to customers in the near future - includes an Application Load Balancer (ALB) and Web Application Firewall (WAF).
The new infrastructure helps prevent hackers from accessing the customer’s application, with multiple layers of additional protection - including blocking IP addresses with bad reputations (which attackers frequently use).
Getting Back to Business
Once the security threat is squashed, and the new environment is tested by our team and customer, applications are brought back online. Subsequent security scans are run to ensure that no further fraudulent activity occurs.
In summary, we’re able to thwart attacks thanks to:
- Our “noisy” security monitoring tools, which quickly identify attackers’ attempts to access and scan customer applications,
- The familiarity and trust that comes with great customer relationships, and
- The quick action of Network Ninja support staff, subject matter experts, and leadership.
Security Tips from the Experts
- Always use unique login credentials across all your accounts.
- Enable MFA everywhere.
- Work with a reputable software vendor that’s ready, willing, and able to help when you need it most.
Want to learn more about how we secure our software and help protect customers’ data? Drop us a line.