Invest In Your Cybersecurity Before It Costs You
Today’s Industry Voices was written by Evan Schwartz, chief enterprise architect, AMCS Global.
Companies across the world, including many in the recycling industry, use Omnibus communication pathways. A connected service that is dedicated to a specific type of data, an Omnibus communication pathway is capable of transporting files, a binary large object (BLOB), images, and even executable scripts.
Ever since information technology began to impact standard businesses in the 1970s, existing piping was needed to deliver information between systems. Electronic data interchange (EDI)-style drop files were prevalent over Omnibus communication pathways like a file transfer protocol (FTP) server or network file location. EDI is a method of interchange. It uses network pathways to communicate. These pathways were easy and quick to set up, but they created conduits not only for an organization’s data, but also for bad actors to use to spread malicious code, as Omnibus communication pathways are highways through which malicious code travel to infect systems.
SQL-to-SQL [structured query language] connections provided a slight improvement, as they allowed databases to connect and share information directly. Unfortunately, this kind of Omnibus connection was also easy for bad actors to abuse and manifest malicious pathways into a company’s data and systems.
In today’s world, it is no longer considered best practice to directly connect to a database or SQL environment over an open, external, or unmanaged port. Today, application programming interfaces (APIs) act as an intermediate connection between two systems, which offers a level of control over what the connection is allowed to do, outside of security. Two SQL servers directly connecting can expose the entire database, and potentially allow data to be directly accessed across those connections or permit SQL code to execute, which could attack other systems. Databases that support executable scripts, like SQL databases, become a weak point where malicious code is injected to the SQL environment and then executed.
Nearly every organization today has an Omnibus communication pathway where critical business functions and data is conducted. As the “click-based” generation, email is the greatest offender in the fight against Omnibus pathways. Whether it’s a secure file transfer protocol (SFTP) EDI-type interface, email, or network call, these types of interfaces are super-highways for bad actors to proliferate through a company’s network and data. It’ll be challenging to wean off some of these pathways, but education is an organization’s best line of defense until they can close these pathways down. Employees should be trained how to spot suspicious emails. They should also be trained to avoid clicking on or opening attachments and embedded links, and to confirm the sender’s exact email address. Awareness training on how to avoid traps is key.
The AMCS Platform is a cloud-based solution that leverages today’s most secure cloud architecture features. Serverless infrastructure limits how much malicious code can invade an ecosystem and attack it. Data in the cloud provides “point-in-time” backups, offering a granularity of roll-back that is nearly impossible to achieve with an on-premises system, within a reasonable cost. AMCS monitors every activity, allowing advanced defense appliances to prevent malicious code before they happen by inspecting the executable code before it executes.
Every day, more than 1,000 regulatory bodies globally release more than 217 security updates and recommendations. As a recycling company, do you want to focus your energy and resources on your core recycling business, or do you want to invest in learning how best to secure your infrastructure and software applications? Do you want to be a software company?
Technology is changing so rapidly that it’s impossible to remain secure unless your business core competency is technology. AMCS fully hosts the solution in the cloud and manages every aspect of how components of your enterprise solution connect to each other, even on-prem legacy solutions. Not everything can migrate to the cloud. Legacy solutions become solid-state at the technological level within which they were made. This crystalizes them and makes them very rigid. Over time, this creates a lack of flexibility and roots them in place forcing you to operate out of an on-prem brick and mortar infrastructure that is often costly to operate and maintain and high-risk against intrusion. Part of the AMCS offering is partnering with us and that includes safely connecting your rigid legacy solutions that are locked as on-prem solutions with our Cloud Offerings. We look at your entire Global Enterprise Architecture, not just our solution.
With the AMCS Platform, you also get a global leader in recycling enterprise resource planning (ERP) software as a service (SaaS) solutions as a partner. As your partner, we can act as the principal consultant to help you with your entire security posture, beyond those pieces that interact with our solution. We review the entire as-is and to-be architecture at the enterprise level and walk with you on the journey. Even manual processes on Excel spreadsheets are included in the enterprise diagram, and security is a principal component of enterprise architecture.
Weigh the costs of cybersecurity against the total cost of being out of business. Bad actors only spend about the cost of a cup of coffee to attack you, but the average return from a successful attack can be millions of dollars. Invest in defense and close out the Omnibus pathways. Flatten files inbound to your email and take the active content out, i.e., remove hyper-links from a document to prohibit clicking them, disable macros to stop automated code from running, remove animated GIFs, and multi-media components that could execute code. Get cybersecurity insurance. Invest in the recovery plan not as if it might happen, but as if it will happen. And test your recovery plan!