The Center Armor

As the Senior I.T. Manager at The Center, I would like to let our clients know that Cybersecurity and protecting our client’s information is of the highest priority in our technology department. Our security structure encompasses a multi-vendor firewall protected network and off-premise connections are made via secure multi-factor authentication across a virtual private network. The desktop and laptops used at The Center are protected with multiple real-time scanners for viruses, malware and unauthorized applications.

SolarWinds

The SolarWinds attack was a software supply chain attack that could allow malware to be loaded and provide a remote threat agent with access to network data. The breach at FireEye did result in the theft of Red team tools that could cause a problem in the future. The SolarWinds attack compromised government agencies, providers as well as private sector organizations. Though providers and companies began quarantining and patching their systems in the days after the discovery, we are bound to learn more about the effect and depth of the attack.

Attacks such as these often lay dormant but we are confident that our firm data and systems have not been impacted by this attack. Along with our vendors 24 hours a day, 365 days a year monitoring, we perform endpoint analysis to monitor our Internet traffic to look for any anomalies that could be a sign of an exploit.

Defense against the Known and Unknown

Vigilance is the only defense against cyber threats. We will continue to monitor our network and endpoints but we also recommend that our clients stay vigilant and take precautions to protect themselves and their data.

• Monitor your social media and financial accounts for unauthorized changes.

• Use complex passwords, PINs and answers to security questions.

• Enable two-factor authentication on all financial accounts.

• Do not share personal identifying information on social media, email or a Web site.

• If you receive a link in an email about your online account information, do not click on it. A better practice is to go the normal login page that you use for that institution and login with your two-factor authentication as you normally do.