Laughing at Hackers: 5 Proactive Steps You Can Take to Secure Your Laptops from External Threats

Here’s a joke that’s not funny: your company’s data was just hacked.

Shock waves, unmitigated panic, and alibis are all fair play when you as the CIO, CISO or Head of IT, wakes up to the news that a hacker has infiltrated their systems. Fingers are pointing in every direction, questions are flying, and your reputation is on the line. What went wrong? It could stem from the fact that you only protected your perimeter with a firewall – your organization thought that it was enough to safeguard its network infrastructure and didn’t think much about user devices. However, laptops are a popular attack vector for an assailant to get into your inner sanctum.

According to a recent report by Verizon, 94% of malware was delivered via email, and user devices like laptops were the primary targets. Moreover, a study by Ponemon Institute found that the average cost of a data breach in 2020 was $3.86 million. It’s vitally important to adopt comprehensive security measures to protect not only your network infrastructure but also individual user devices.

So, what steps can you take to make your laptop more secure? Here are five strategies that you can use to combat external threats:

1. Utilize Strong Passwords

According to a report by Verizon, over 80% of data breaches are a result of weak or compromised passwords. To appreciate the importance of password strength, you must reconsider that hackers have computing power, time, and nerves on their side. But with the built-in technology of a password manager, you can utilize complex sign-in credentials for every account on your laptop, making them too difficult to crack in a reasonable amount of time.

A study by the University of Virginia illustrated that using a password manager can significantly increase the strength and variability of passwords, thereby amping up security. Once in place the password manager will automatically log you in without having to recall them all. It will also send you reminders to change passwords regularly, which is only advisable if you are using a password manager.

Furthermore, research by Pew Research Center indicates that only 12% of U.S. internet users utilize a password manager for remembering their password.

2. Enable Multi Factor Authentication

Fact. You need two factors to verify an identity. The FBI has reported that multifactor authentication (MFA) can block 99.9% of automated cyber-attacks. Moreover, according to Symantec, 80% of data breaches could be prevented with MFA. Therefore, multifactor authorization is the two-in-one (or more-in-one) approach that makes certain it’s you logging into the system.

The standard approach is to think of it as something you know, something you have, and something you are – a password, a smart card, and a fingerprint. Research by Google found that even the weakest forms of MFA, such as SMS-based verification codes, can block 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks.

Despite the clear benefits, MFA is underutilized, with only 57% of people using it for their personal accounts and 30% at work, according to a report by Microsoft. If utilized MFA provides arguably the most effective line of defense in securing your laptop from external threats.

3. Install Updates and Patches

New software vulnerabilities are constantly found. A study by Flexera found that in 2019, 60% of breaches involved vulnerabilities for which a patch was available but not applied. The only way to avoid being exploited by this kind of attack is to install software patches and updates. They will help to fix any known security vulnerabilities in the software you use.

Further underscoring the importance of regular system updates, the Ponemon Institute’s 2019 State of Cybersecurity in Small and Medium-Sized Businesses report revealed that 63% of respondents experienced a data breach due to a known, unpatched vulnerability. Therefore, it’s a no-brainer – keep your software updated!

4. Use Antivirus and Anti-malware software

According to a report by AV-TEST, an independent cybersecurity institute, over 350,000 new malware and potentially unwanted applications (PUA) are registered every day. This alarming number illustrates the importance of antivirus and anti-malware software in protecting your laptop.

The state of the art in defending  against attack vectors and malicious threats keeps changing. Antivirus (AV) has given way to Next-gen Antivirus (NGAV), which has been upped by endpoint detect & response (EDR). You should look into whether NGAV or EDR is right for you, it really depends on the potential damage that a breach to the individual laptop can cause. Regardless of what type you use, installing a current antivirus and anti-malware software will assist in intercepting many external threats.

5. Use a VPN (Virtual Private Network)

A study by the Ponemon Institute revealed that 68% of organizations admit antivirus solutions are not sufficient. Increasing cyber threats and a rising remote workforce, necessitates the use of secure, encrypted connections. There is a growing need for VPNs as a tool for securing internet connections, particularly when accessing public Wi-Fi networks. VPNs create a private network between a company’s network and a remote user to secure the internet connection.

In a nutshell, a VPN is vital for remote workers as it provides a secure, encrypted connection when utilizing a home connection or public Wi-Fi. In the age of remote work and digital nomads, using a VPN has gone from an optional extra to a necessary security measure.

To Summarize

Is gaining peace of mind that your end-user laptops are secure a burden for you? If the answer is yes, then these tips should aid your computing device protection game. You can’t go wrong with utilizing strong passwords, enabling multi factor authentication, installing updates and patches, using antivirus and anti-malware software, and using a VPN.

Take your laptop’s security one step further than your office firewall; take preemptive measures to make hackers regret even trying! Remember, security should always be your top priority as data breaches can have severe consequences for your organization.

If you have questions about getting your laptops secured or need a partner to secure and manage your laptops for you, reach out to us at info@montra.io or +1-404-665-9675.

6 Steps to Great RMAs for Your Devices

If you are in the business of making and selling computers, phones, tablets, IoT, or other devices, you know that eventually some of your devices will get returned. If your devices are being used in critical applications for your customers, you know how hard it can be to process returns well. Handling the returns in a systematic manner will help your company to keep your business running smoothly while ensuring your customer satisfaction numbers do not take a hit. 

What is Return Materials Authorization? 

Return materials authorization (RMA) is part of the process of a customer returning a device back to the manufacturer to get the unit fixed or replaced. On the manufacturer’s side, it is processed by verifying the device returned properly and initiating appropriate actions to troubleshoot, repair, or reimage, the device. This process includes data collection, return eligibility verification, software troubleshooting, reimaging, or issuing a replacement. 

Ultimately, an RMA process exists to make the return seamless to the customer and cost-effective for the manufacturer. However, not all RMA processes are created equal, and there benefits to understanding best practices for device RMAs is different than other product types. Without the right process in place, companies tend to spend an unnecessary amount of time on returns. A well-designed and automated process will help reduce the risks and increase the overall efficiency. 

It is also important to establish expectations for warranty terms, follow-up actions, and return policies. Implementing such a systematic process will also help in keeping track of the various defects across categories and suppliers while leading to quick resolution of issues. 

What is a Device and Why is the RMA Different? 

What we mean by a device is typically anything with a smart chip, some firmware or software, and the ability to communicate over the Internet. Devices are typically covered by warranties and the RMA process is primarily executed when some part or all the device stops working. This is as opposed to something like clothing, in which RMAs are typically executed for an unliked or defective item. The RMA process for devices is inherently more complex and includes data collection, warranty eligibility verification, cross-shipping of devices, and troubleshooting and repairing of returned devices. 

6 Best Practices for the Device RMA Process 

An effective device RMA process can improve the reputation of your company and keep your customers up and running when your devices are being used in important applications. With the right process in place, you will be ready when inevitable defects and returns occur, so your customers can be served quickly and cost-effectively. Here are some of the best practices that can be put in place to create an efficient device RMA process: 

1. RMAs Should Be Integrated to Customer Systems 

If you transact the rest of your business online, then you or your customer should be able to initiate an RMA online also. At a minimum, a good RMA process will include a platform that you or your customer can use to initiate an RMA. In the best case, your RMA process should be directly integrated into the systems and processes you already use. If you use Salesforce Service, for instance, you should be able to generate an RMA request from that application. Once the process has started, RMA updates should flow back to your system also. 

2. Make the RMA Simple to Track 

It must be an easy task for your and your customers to log and track the return requests. It is always good to keep the customer informed at each stage of the process. This makes the entire process clear, easy to track, and provides the customer with confidence in the process. 

Since most devices have serial numbers, your RMA process should use them. By also capturing accurate address information directly from a CRM, your RMA system should generate shipping labels and schedule a pickup of the device from the customer’s site. Efficiencies such as these eliminates time and possible errors that manual RMA processes routinely incur. 

3. Priority Returns Need Cross-Shipping 

When customers deploy your devices into mission-critical applications, they usually expect limited or no downtime when an RMA is being processed. This requires cross-shipping of a working device to the customer site to replace the RMA’d unit before it is shipped back. This may seem simple, but to execute this process well some important things need to happen: 1) the customer site information needs to be accurate; 2) return labels need to be included outbound, and 3) the RMA’d device should be able to fit in the box being used to ship the replacement unit. That requires accurate information about the field unit to get it right! 

4. Return Reasons Must Be Validated 

Your customers may have any number of reasons for returning a device. It may be a hardware issue, software issue, or it may be damaged from weather or third parties. However, as is often the case with complicated devices, the customer’s rationale for returning the device often does not match the actual condition of the device upon return. When the device arrives at the return center, workers must examine and boot the device to verify the return reason matches the actual issue. In best practices, both return reasons are logged for future reviews of the RMA process. 

5. Allow Manual Intervention 

Automation is great and most parts of an RMA process can be automated, but without human oversight at important steps in the process. It is easy to get the process out of control. Certain RMA processes allow the end-customer to initiate urgent returns without approval of the manufacturer. These kinds of returns require oversite during the process, if possible, and certainly after the process to make certain that the returns were truly needed. Inventory in the RMA system and in the warehouse can get off count quickly. Best practices require regular human inventory counts to look for discrepancies. 

6. Proactively Await the Returned Product 

Once a notification of a returned device or devices is in process, best practices have the return team preparing for the returned device(s) before arrival. This may include verifying parts inventory of known replacement parts, or for large returns, preparing space and time to process the returns en masse. If the devices include RFID tags or scannable marks, those IDs should be fed to the receiving system before they arrive to streamline the process and avoid exception handling. 

Download our Device Return Materials Authorization Process Infographic Here. 

Need a Partner to Help? 

Finding the answer to RMA management can seem daunting, but Montra is here to help. With our VIA DX Device Logistics software, you can automatically track and manage your devices from fulfillment to field repairs, to RMAs and warranty tracking. Talk to us today to learn how this invaluable tool and the team that backs it can help your business optimize and streamline the way you handle all the lifecycle processes for your devices.

Remote Device Management Trends in 2022

In the third of our four-part series on trends for 2022, we are looking at device management trends. When we talk about devices we mean any physical asset that a person uses to connect to a network of information sources. 

Devices are proliferating, getting cheaper, and becoming more diverse, while our use of devices is expanding in frequency, location, and types of use. Whether we are talking about end-user devices or unattended ones, devices are front and center in the IT discussion and will be for 2022. 

With that in mind, the following are our trends for device management and security in 2022: 

1. Cyber-Attacks on Devices Will Get Bigger and Quieter 

With all the device proliferation, it’s no wonder that devices and the people that use them are now the frontline for security threats. The cloud and the systems and services that reside there are getting increasingly hardened against cyber attacks. Companies are continuing to shrink their private data centers while also getting better at securing them. This leaves devices – whether it’s an end-user device or an unattended one – as the current soft targets for cyber-criminals. 

In 2022, we will see more attacks of the sophisticated variety in which devices are compromised quietly until enough devices have been coopted that they can be used together in a coordinated attack. Unattended devices at the edge of the network are particularly vulnerable to this type of attack and are likely to be used in a number edge swarm attacks. 

2. Remote Management Wars Will Escalate 

Everyone wants to manage user devices – the hardware companies, the OS companies, the device owners, the app vendors, and telecom service providers. They all have legitimate business and technical reasons, usually centered around better device uptime, better service availability and device and data security. There is already a turf war for client software that needs to run on each device or gateway software that aggregates information on lower-end devices. It only makes sense for a very few remote management apps to be running on the device, and in 2022, the battle for that precious real estate will escalate. Corporations will increasingly need to turn to neutral third parties to help them understand how they navigate this battle for their devices. Many companies have opted for either no remote monitoring and management or defaulted to the hardware or security vendor. As the remote worker norm sets in, companies will need to make better-informed decisions about remote device management to make certain their uptime and security goals are maintained while also keeping employee productivity high and support costs minimal. 

3. Device-Cloud Will Kill Client-Server. Sort of. 

The future is already here – it’s just not evenly distributed.” William Gibson said that 18 years ago, but it applies to this world of device-cloud and client-server today. Client-server is the computing architecture that replaced mainframe and is basically a PC connecting to a local network on which there is a server (“a big PC”) that runs an application for many people to use simultaneously. That started in the 1980s and the mainframe business has been declared dead every year since. The mainframe market is still alive and kicking, but it ain’t what it used to be. And while many of us work for companies that still have some application that runs on a server, there is not one startup in the past 10 years that have reached unicorn status with a client-server application architecture. 

The replacement for client-server is device-cloud or just “the cloud”. It comes in many flavors but in this context, the device is a laptop, tablet, or smartphone, and the cloud is a SaaS application or “serverless” or “native” cloud application. 

There is not one enterprise software startup that will emerge in 2022 that builds their application on anything other than pure device-cloud architecture. In addition, the remote worker norm pushed client-server even closer to the grave because client-server does not perform well with large-scale remote users. The security layers that need to sit in front of client-server solutions to serve remote users create cost and performance issues. So, 2022 will be a watershed year in the corporate move away from client-server architectures, and we will find more than 80% of the screen-time of a typical user is on device-cloud apps. 

4. The PC CPU War Will Move to the Front Page 

The PC CPU ware has already begun, but only industry insiders have really cared. Anyone who has purchased a MacBook in the past 18 months knows about the M1 CPU and knows why it matters. The latest Macs no longer use Intel CPUs – effectively ending their 15-year run. Instead, they use an ARM chip designed by Apple and built by TSMC. The performance is incredibly fast and for Apple, there is no going back. The way ARM chips are designed and built is fundamentally different than the way traditional CPUs are built. The net of it is that large technology companies like Apple, Lenovo, Microsoft, Google, and others can design their own ARM chips and have them built by lower-cost chip manufacturers than Intel. 

The ARM race has been going for a while, but in 2022 it will explode onto the front page. Apple will expand its ARM strategy, but what will make this truly mainstream is that one of the major PC vendors will launch their first ARM-based laptops. When people experience the speed difference and the faster innovation cycles for new chip designs, it will make CPUs a watercooler topic for the first time in 20 years. 

5. Secure Remote Erasure of Devices Will Become a Thing 

Today devices can be locked and erased remotely. This is mostly executed by companies when a remote worker has left their company and the company wants to secure the device as quickly as possible. Separately, the same devices or other devices will be shipped back to a common location, where they are erased using highly secure erasure techniques recommended by the Department of Defense (DoD 5220.22-M) or the National Institute of Standards and Technology (NIST Special Publication 800-88). 

As more companies increasingly treat remote work as the norm rather than the exception, these workflows will need to merge. In 2022, more and more companies will begin to require remote secure erasure processes. This will allow companies to protect the corporate data that is stored on the remote devices, and either never retrieve the device or allow the device to ship directly to an ITAD service – saving time and money. 

What are you thinking about device management and security in 2022? What are your big concerns for the upcoming year? Let us know what you think at info@montra.io.