Security Updates - September/October 2024

Due to the recent increase in cyberattacks worldwide, especially with the auto market having been targeted recently, we are revising our systems with increased security.  There are several factors with this, many of which include new software or changing the software we currently use to a new system.  We'll be going over them here in this article.

Windows Hardening

We are revising our Group Policy system to include many reccomended changes from the Department of Defense (DOD) Security Technical Implementation Guide (STIG).  Most of these changes will not affect end users.  So far, the only effect these have had on our test groups are that some executable files are being blocked and require adminitrative approval for download.  Please let us know if you run into this problem.

DattoRMM

Datto Remote Monitoring and Management software will be replacing the TeamViewer platform.  We will be rolling this out to all machines by October 4th.  You'll see TeamViewer disapear from your machine after DattoRMM is installed.  From an end user standpoint, there will not be much change to the remote connection process..  For connections, we'll still ask for the same computer number as we do for TeamViewer connections.  You can find this information on your desktop in the upper right corner.  Look for one marked "HN".  Your computer number is the 5 digit number on the end of this string.

Datto Antivirus

Datto Antivirus will be replacing the FortiClient antivirus system.  Over the next few weeks, Datto Antivirus will be installing on all systems.  It will run in tandem with FortiClient as we evaluate the viability of this client against our current system.  For those who use the FortiClient VPN, should we change to Datto a specific FortiVPN client will be installed on those systems to replace the full FortiClient.

Datto EDR

Datto Endpoint Detection and Response is being considered to replace FortiEDR.  We will be pushing out Datto EDR, and running it in monitoring mode, collection information about our network using machine learning to best protect our systems.  FortiEDR will be fully functional while this process is taking place.  Like the Datto antivirus, we will be evaluating its performance with that of FortiEDR and will determine which system we will be going with in the future.

VULScan

VULScan is a vulnerability scanner that will be running on our systems to find the holes in our systems and what changes and updates are needed to make our systems more secure.

RocketCyber

RocketCyber is a Managed Detection and Response platform.  This is a platform that provides a 3rd party response when possible breaches occur.  This allows us to have 24 hour monitoring and response to any active threats that occur so that we can protect our systems even while none of the IT department are in the office.

BullPhishID

BullPhish is a cybersecurity training platform and is replacing our current platform, KnowBe4.  At this point, all access to the KnowBe4 platform has been removed, and you will no longer be receiving notices from them to complete your training.  All users will be enrolled in the following few weeks to the BullPhish program and will need to take this new training to remain compliant with corporate requirements.  As before, you will have 30 days to complete the training to remain compliant and risk termination for failure to meet this corporate standard.

Graphus

Graphus is anti-phishing software that will be replacing the ProofPoint system we have now.  It performs the same functionality of filtering out spam, fraud, and malware from your email.  The advantage of Graphus is that it integrates directly with Microsoft 365, so it is easier to use for both users and IT.

Kaseya

Kaseya is a company that hosts a suite of platforms for computer management and protection.  They provide most of the platforms that we are changing to in this move.  This works directly in tandem with our compliancy system to meet FTC regulations.