Step1 Software


Ad Rates Contact ** PLEASE DESCRIBE THIS IMAGE ** Subscribe Industry Events

  

Facebook Subscribe2eNews Facebook

Facebook Subscribe2eNews

 

Facebook Subscribe2eNews

 

By Harrell Kerkhoff, Maintenance Sales News Editor

Cybersecurity is the act of protecting networks, devices and data from unauthorized access or criminal use. It’s also the practice of ensuring confidentiality, integrity and availability of information, according to the Cybersecurity & Infrastructure Security Agency (CISA), part of the U.S. Department of Homeland Security.

There are many risks today to people and companies alike. Among the dangers are malware erasing information, an attacker altering files and/or the dreaded ransomware threat. The latter is when an online thief threatens to hold critical data, or permanently blocks acess to that data, unless a ransom is paid.

National headlines of major companies victimized by cyber attacks are all too common. The threat is also real for smaller companies as well as individuals — and that threat grows with each passing day, according to Tom Kirkham, founder and CEO of IronTech Security (www.irontechsecurity.com).

In a recent presentation titled, “Five Steps To Protect Your Firm From Catastrophic Cyber Attacks,” Kirkham reported the following unsettling statistics:

• 60 percent of small businesses that are victims of a cyber attack go out of business within six months, according to Cybersecurity Ventures;

• Small businesses spend an average of $955,429 to restore normal activities in the wake of successful attacks, according to SecurityIntelligence.

“Hoping is not a strategy. A cyber breach can cost a company four to five times the cost of prevention,” Kirkham said.

He shared the following common myths surrounding cybersecurity:

• Myth — Your business is too small. Why would anybody want to attack you?

“There is no such thing as ‘too small.’ You might assume that no hacker would be interested in your company. The simple truth is, the majority of cyber attacks — especially ransomware — is part of an automated process, sent out in volume. A company’s size does not matter,” Kirkham said. “(Hacking) is a serious industry. Tens of thousands of people, from all over the world, work as professional criminal hackers. They are vertically specialized, and other criminals help them.

“The point is, there is no such thing as ‘too small.’ There is also no such thing as ‘being located in the middle of nowhere.’ It doesn’t matter what business you are in. If your company is on a specific list, it could receive a phishing email and potentially become a victim. Everybody hears about the big companies getting hacked, but the majority of attacks are directed at small and medium-size businesses as well as individuals using home computers. Hackers don’t care who you are, all they are interested in is making a conversion.”

• Myth — You can’t afford enterprise-grade security.

According to Kirkham, enterprise-grade security is the same type of cyber protection used by U.S. federal agencies and Fortune 10 companies. The security involves best-of-breed policies, procedures and technical controls.

“It’s security that should be looked at today as being part of the cost of doing business,” Kirkham said. “It’s no different than having insurance — and it’s affordable.”

• Myth — Antivirus software is good enough.

Kirkham cautioned companies that rely on purchasing antivirus software in a store to protect their businesses from cyber attacks. In his words, “Antivirus (programs) are not good enough. What is good enough is a different class of products.”

• Myth — Cybersecurity insurance takes care of all problems.

“It’s great to have cybersecurity insurance, but don’t stop there,” Kirkham said. “Like all insurance, it’s the last thing you want to rely on to make your company whole again. For instance, a lot of (cybersecurity) policies don’t pay for loss of productivity.”

• Myth — A company surviving one ransomware attack is safe from another attack happening again.

“If you get hit once, chances are you will get hit again. Your company has been marked by criminals,” Kirkham said. “It’s important to change your defensive strategies in order to avoid the same vulnerabilities.”

Most importantly, other malicious items, such as “back door” and “keylogger” devices, could be left behind after an attack. Such devices further compromise a company’s cybersecurity. That is why it’s important companies thoroughly have their computer networks examined by Information Security (InfoSec) professionals, making sure future problems don’t come up.

“Every new client of (IronTech Security) that previously experienced a successful ransomware attack has discovered (other malicious items) leftover from that attack,” Kirkham said. “Sometimes (those items) will be dormant for months, if not years. Regardless, it’s critical to get the network immediately checked out after the initial attack.”

• Myth — Cybersecurity is an IT issue.

There is a big difference between Information Security (InfoSec) and Information Technology (IT), according to Kirkham.

“It’s been my experience that roughly 90 percent of people who work in IT don’t have the skill set and experience to properly put into place enterprise best-of-breed cybersecurity defenses,” Kirkham said. “A company’s investment in IT involves an operational managerial decision. IT positively affects the bottom line each day. That is why company’s invest in IT, to increase productivity and efficency, while lowering production costs.

“InfoSec, on the other hand, is all about security. That is its only job. It doesn’t positively impact the PNL (profit and loss) every day. It’s in the same category as a company’s electricity bill and insurance expenses.”

Kirkham added a strategic leadership decision must take place to properly protect a company from loss of funds and/or productivity, brought about by a cyber attack.

“If companies manage their cybersecurity unprofessionally, they will get hacked professionally,” he said. “The majority of today’s hackers are criminals.”

5 BEST PRACTICES

In June 2021, a letter from The White House written by Anne Neuberger, deputy assistant to the President and deputy national security advisor for cyber and emerging technology, was sent to many U.S. corporate executives and business leaders. The subject was: “What we urge you to do to protect against the treat of ransomware.”

Among Neuberger’s recommendations, highlighted by Kirkham, are the following “Five Best Practices.”

1.) Deploy EDR (Endpoint Detection and Response).

“Remember to replace your antivirus software with an EDR,” Kirkham said.

EDR refers to cybersecurity technology that monitors an “endpoint” — such as a mobile phone, laptop and desktop — to mitigate malicious cyber threats.

“If you buy (an antivirus) program ‘off the shelf,’ it is not ‘best-of-breed.’ It probably uses virus signature files to see if anything running on a computer is a virus. That is 40-year-old technology. The game has changed. There are offensive military-grade cyber weapons being used against us from all over the world, each and every single day. It’s important to have something stronger for defense. That is an EDR,” Kirkham said. “EDR uses AI (artificial intelligence). It learns and knows, in real time, what is happening with your computer. It learns new story lines. It uses neural nets (computing systems), which involve computer and user behavior, allowing (an EDR) to predict, attack and stop a threat. That is different technology than virus signature detection systems, which I feel are inadequate.”

He added a good EDR function involves an intrusion detection system. It also functions as an intrusion protection system.

“An EDR requires skilled experts to install, configure, monitor and respond. It’s more complicated than an antivirus system,” Kirkham said. “It goes back to the importance of working with a skilled cyber scurity team.

“According to Neuberger, it’s important companies have an EDR to hunt for malicious activity on a network and then block that activity. That is what EDRs do. They receive, kill and mitigate a threat within milliseconds, while alerting an InfoSec team to investigate and examine the network for other malicious things. You have to have an EDR. In fact, (IronTech Security) will not accept a new client that does not have an EDR on its network.”

2.) Use MFA (Multi-Factor Authentication).

MFA is an authentication method that requires a user to provide two or more verification factors to gain access to a resource, such as a website, application and/or account. MFA is a core component of a strong Identity and Access Management (IAM) policy. MFAs provide a second verification method, and can often be turned on through a security setting.

“Neuberger stressed in her letter that companies should turn on MFAs wherever possible, especially for remote access,” Kirkham said.

He also warned against the use of personal/home computers to conduct company business, such as via remote access.

“Once you connect your personal computer to gain access to company work, it becomes part of your company’s network. Does your personal computer have the right protection? Probably not,” Kirkham said. “Only use company-owned equipment when working.”

3.) Use disk storage encryption.

Disk encryption is a technology that protects information by converting it into unreadable code, making it hard for hackers to decipher.

According to Kirkham, it’s important servers, desktops and portable devices — including phones, laptops and tablets — are encrypted.

“One reason to use disk encryption is to protect your company after a server or computer is replaced. The same is true if a phone or laptop gets stolen,” he said. “Often, all a criminal has to do is pull a disc drive out of a server, desktop or laptop, and connect it to a USB port. That is one way data is harvested and sold for profit.

“The best part of disk encryption is you don’t need an InfoSec specialist to turn it on. It’s built into many operating systems, and has been for decades. Basically, if data is stolen, with encryption, that data is unuseable.”

Kirkham added there is a large market comprised of people seeking used electronics so they can mine for data.

“If you responsibly recycle your servers, computers and other devices, make sure a firm is used that documents those items have properly been destroyed. They must also have the right equipment to accomplish such a task,” he said. “The firm will send you a certified copy showing the serial number, make and model of the equipment that was destroyed. Not all recycling firms will take such steps.”

4). Use continuous defense improvements.

The cybersecurity threat landscape changes every day, in some form or another.

“You have to respond and adjust defenses as needed. Sometimes it’s as simple as installing software updates as soon as they become available,” Kirkham said. “Don’t wait to make those updates.”

He added there are a variety of resources that provide a plethora of information on how to keep safe from cybersecurity threats. They include Dark Reading (darkreading.com), Krebs on Security (krebsonsecurity.com), and Kirkham’s own company, IronTech Security (www.irontechsecurity.com).

Federal agencies, such as the CISA and FBI, also have many resources that are available to the public.

5). Use a skilled security team.

According to Kirkham, Neuberger’s letter from The White House stressed the importance of companies to implement 24/7 monitoring, investigating and responding capabilities to fight cybersecurity. He said such work should be properly orchestrated.

Kirkham recommended companies work with a Managed Security Service Provider (MSSP) to alleviate such problems as malware and customer data breaches.

“MSSPs have their own teams, own command centers and are constantly monitoring. What most people don’t realize is MSSPs are also backed by other security operation centers, staffed with InfoSec professionals,” Kirkham said. “MSSPs are litterly backed by hundreds of experts, from around the world, to analyze threats and investigate anomalies.”

FOLLOW-UP
RECOMMENDATIONS

Other cybersecurity steps businesses can take include the use of password managers and to properly secure and manage their websites.

“The learning curve (using a password manager program) can be a little difficult. It may take a week or so to get used to one, but it’s well worth it in the long run,” Kirkham said. “In about a month, you will say, ‘I don’t know how I ever lived without one.’

“Also, don’t forget about your website. There has been a tendency, over the years, for companies to go on the cheap when it comes to website hosting services. Unfortunately, many websites today are not properly updated and professionally managed to protect against downtime or denial-of-service attack. I highly recommend using a professionally-managed secure website hosting service.”







OdoBan® Concentrate Cleans Carpets,
Is American-Made And Certifiably Safer

The OdoBan® 3-in-1 Carpet Cleaner Concentrate features a patented formula, can be used as a traffic lane prespray and extraction cleaner, and is excellent for bonnet cleaning.

The product is Green Seal Certified®, Woolsafe Approved, and meets U.S. EPA Safer Choice product standards.

The OdoBan® 3-in-1 Carpet Cleaner Concentrate is part of the OdoBan® Pro Series line of commercial cleaning products, trusted by industry professionals since 1980.

Visit odobanpro.com for more information.


From Intelligent Design Manufacturing LLC:
The MyHousekeeper Micro Floor Scrubber:
Less Work With Better Results

The MyHousekeeper micro floor scrubber handles any space a traditional mop can, and does a better job of cleaning, according to Intelligent Design Manufacturing LLC.

The scrubber includes an ergonomic handle, locking recovery tank, battery charger port allowing charging without removing battery, 360-degree pivot and comes standard with urethane blades.

The cleaning width of the MyHousekeeper micro floor scrubber is 14 inches and its working capacity is 10,764-square-feet per hour. The brush speed is 180 rpm, brush diameter is 11 inches, and the brush pressure is 28.7 pounds maxs. The machine height is 48.8 inches, weight is 34 pounds with batteries, and its battery voltage is 36v.

Providing commercial cleaning power with ease, the MyHousekeeper micro floor scrubber leaves floors dry after use.

Send email to Leo@IntelligentDesignmfg.com, call 1-833-554-3628,
or visit IntelligentDesignMfg.com for more information.


Golden Star Corporate Headquarters Have Relocated

As of August 1, the new Golden Star office headquarters are located at:
16690 West 116th St., Lenexa, KS, 66219.

All remittance and correspondence should be sent to the above address.

For more information or questions please contact:
Phone: 816-842-0233, Toll-Free: 800-821-2792,
Fax: 800-487-4079,
Email: goldenstar@goldenstar.com.

Visit www.goldenstar.com.


Lindhaus Will Introduce The FLEXY Hybrid Professional Scrubber Drier
In Both 18- And 20-Inch Versions

"Expected to be released later this year under limited distribution, the FLEXY is a game changer for cleaning and maintenance. With the FLEXY, you’re able to clean floors faster and more effectively, compared to traditional labor-intensive methods which take lots of hours, effort and chemicals," according to the company.

“The FLEXY has demonstrated an 80-percent reduction in the time it takes to properly clean floors when compared to outdated methods. This allows workers to do so much more than they’re currently capable of preforming with old equipment. In today’s ever worsening labor shortages, the FLEXY can be one of the most impactful pieces of equipment any facility owns.

"The FLEXY is light weight and maneuverable with a patented 360-degree turning neck and self-propelling brushes. It can operate for a full hour on one tank of solution due to its electro valve solution control design.This allows users to apply cleaners in a more efficient, controlled manner, thereby eliminating constant tank dumping and refilling. The FLEXY can wash and dry an area of ​​over 10,000 square feet in an hour, using as little as six liters of solution.

"The FLEXY also introduces a revolutionary power-saving Eco-Mode. This power-saving feature has achieved the best charge to run time available.

"180 minutes in the charger will provide the user with 90 minutes of run time in Eco-Mode. When paired with the high efficiency Rotafil brushless suction motor the result is amazing performance with longer run times.

"The optional mini inverter, with 41 feet of cord length, will provide users with endless operation when called for."

— STRENGTHS —

• Can be used with battery or electric;
• High efficiency Rotafil brushless suction motors;
• 2 self-cooling Rotafil gearmotors;
• Easy to handle and light, just drive them, they go by themselves;
• Patented FLEXY joint free or lockable in any position;
• Removable solution tank mounted on the body frame;
• Recovery tank with Hepa filter integrated in the base;
• 36V-20Ah lithium-ion battery for 90 minutes of autonomy;
• The base is the lowest on the market (8.6 in;)
• Hourly output above average (8,600 to 10,750 sq.ft./h);
• Front and wall washing and drying;
• Steering nozzle for perfect drying even in curves;
• Immediate replacement of brushes and squeegee without tools;
• It folds up on itself for transport even in a car; and,
• Very low weight and library quiet sound levels.

Call 1-800-498-7526 for further details.


Ha-Ste’s RuFFloor MT™ Microfiber Tube Mop
Takes On The Toughest Floors — And Wins

The new RuFFloor MT™ Microfiber Tube Mop, from Haste Manufacturing, Inc., takes on rough, abrasive floors with ease.

The mop’s microfiber technology picks up the smallest particles and does not lint – even when cleaning abrasive floors. The product is highly launderable and fits conventional mop handles.

Call 1-800-228-6677, send email to service@hastemops.com or visit hastemops.com for more information.


New From APC Filtration:
Janitized® Shop-Vac Bags

New from APC Filtrations, Inc., are Janitized® Shop-Vac Bags.

The vacuums bags come in 5-8 gallon, 10-14 gallon, and 15-22 gallon sizes.

All Shop-Vac bags are made with 2-Ply Combination Paper and Melt Blown Filter.

Visit www.janitized.com to view the entire Janitized® catalog of replacement filters. For complete distribution terms, call 1-888-689-1235 or email customerservice@apcfilters.com.



Rankin Publishing Co., Inc.
| 204 E. Main St., P.O. Box 130 | Arcola, Illinois 61910-0130, USA
(800) 598-8083 (217) 268-4959 Fax: (217) 268-4815 | email: rankinmag@consolidated.net


In the
Sept/Oct 2022
issue
of MSN


ISSA Show
North America

Oct. 10–14, 2022
Chicago, IL

Bonus Circulation


For further
information,
rankinmag@
consolidated.net



Send News Of Your Company To rankinmag@
consolidated.net