Encryption At All Times
Blueshift was founded in 2004 by a team of network security specialist. Our staff continues to pay close attention to security market trends and believes in keeping critical data encrypted at all times.
During the service setup process a backup policy is created and customer information is encrypted with a key known only to the customer. Data remains encrypted during the entire data transfer process and while at rest in hardened data centers. These are important points to remember as some software manufacturers and service vendors forgo data encryption steps to speed up other processes. Blueshift doesn’t believe in sacrificing customer data security and integrity.
Blueshift believes in the principle of “defense in-depth” which is the placement of multiple layers of defense to protect critical data assets. This layering tactic is originally a military strategy that has transitioned to describe modern day network security.
If one of your goals is to protect business information assets then having your critical data backed up and securely held at off-site locations should be one of your defense layers. Especially with many of the recently released “zero-day” exploits and “ransomware” phishing attacks which we describe in more detail below.
A History Ｏf Hacking
Since the earliest days of the Internet hackers have attempted to circumvent systems to gain control. In the 1970s the first modern day hackers were able to make free phone calls, a practice that became known as "phreaking." By the 80’s there were computer clubs and the world’s first virus, named "Brain”. The 1990's ushered in the modern information security industry and notable threats like the Michelangelo virus, Melissa, and Concept. DOS attacks began as did the first real phishing attacks. By the turn of the century malicious Internet activity turn into a major criminal enterprise aimed at monetary gain. Adware and spyware entered the scene with such programs as Conducent TimeSink, Aureate/Radiate and Comet Cursor. Adware and spyware, aggressively self-propagating malware also appeared. Big name threats such as Code Red, Nimda, Welchia, Slammer and Conficker all began taking advantage of unpatched machines. Phishing attacks also became mainstream; first heavily targeting online banking then moving onto social networking sites. Today we have zero day attacks, rootkits, rogue antispyware, SPIM, clickfraud and other attacks.
Best Defense Against Zero-Day Attacks Is Yesterday
One of the most indefensible threats enterprises face today is known as a “zero-day attack”. Zero-day attacks are first found as software vulnerabilities or flaws that leave enterprises exposed to an attack before a patch or workaround is available. These vulnerabilities can be found in operating systems, applications and hardware. Sometimes zero-day vulnerabilities are unknown to all but a cyber attacker or a supplier who sells zero-day discoveries on the black market. In other cases, the software vendor knows about the vulnerability but has not yet issued a patch.
Some Useful Hints To Help Mitigate Zero-Day Attacks
Backup all your data
Make a separate backup policy for the vulnerable application(s)
Include versioning for recovery point objectives
Have a virtual or physical standby server ready
Create a clone of the entire OS image