Dear REIS Informatica Clients,
We all collectively watched in horror yesterday as the invasion of Ukraine occurred and took hold of the world stage. While it feels very strange writing you today as your IT managed services provider to address such a world event, in the current digital age we at REIS and indeed anyone connected to the internet at large are involved.
The Canadian Centre for Cyber Security (CCCS) has put out a bulletin warning of a strong potential for an increase in cybersecurity attacks. You can read that bulletin here.
Ransomware, for example, has long been a tool used by state-sponsored threat actors to raise funds and with this news, we expect that to ramp up. To do our part to help ensure our customers’ security REIS has immediately started the following proactive steps.
- Performing a one-by-one review of all client firewall systems to ensure that only the absolutely necessary ports and traffic are allowed through and that all firmware are to the latest versions.
- Reviewing the license level of every client firewall to ensure Geolocated blocking and advanced Intrusion prevention are both licensed and that blocking of all traffic from the Russian Federation is enabled.
- Where this licensing is not currently in place someone from REIS will reach out to advise on upgrading license level.
- Working with Microsoft and Office365 to enable and configure similar geolocation blocks for email and logins.
- Working via our RMM (Remote Monitoring and Management) systems to ensure all client systems are patched against all known vulnerabilities, starting with systems requiring exposure to the internet.
In addition to these steps by REIS we would also like to request that all clients be at a heightened state of alert. While we are doing everything we can to secure your networks, we cannot secure all the networks of all the people you do business with. To that end we recommend the following:
- Being EXTRA diligent about emails with attachments. Double checking with senders from outside your company, and even internally before opening any attachment.
- Do Not accept any financial directions via email, without following up via phone or in person. Ex: requests to update bank information for accounts payable.
- Making sure to be extra protective of passwords, and not using the same password for multiple sites.
If you have any questions or concerns at all, please feel free to reach out to our Operations Manager, Matt Lavergne. He can be reached by email at firstname.lastname@example.org or phone by 519-579-8777 x 206.