Subscribe
Tag

Story of the Week

Browsing

When it comes to cyberthreats and ransomware attacks, we are accustomed to seeing alarming numbers. So, the numbers from the UAE would come as a most welcome surprise.

In the first quarter of this year, the UAE government announced that ransomware attacks in the nation declined by more than 70% compared with the same period a year ago. They owe their cyber resilience to their enhanced cyber awareness and compliance policies, along with dedicated investments in improving their IT infrastructure.

A Check Point report published earlier in the year says that “1 in 31 organizations worldwide experienced a ransomware attack weekly over the first quarter of 2023”. Set against this backdrop of constantly increasing cyberthreats, the UAE numbers are too good to be true. And it is not only true but also a great example to follow.

The UAE Government has done a commendable job at keeping malicious threats at bay; they prevent more than 50,000 attacks each day. But with ransomware and other cybersecurity threats evolving at an alarming rate, organizations should never let their guard down. Every organization, especially telecom service providers, must fortify their cybersecurity posture by leveraging secure and compliant technologies.

One example is Desktop-as-a-Service (DaaS).

DaaS to Defend Against Cyber Threats

In an ever-evolving cyber threat landscape, being cyber compliant and investing in the right technology is the first step towards protection. With Desktop-as-a-Service, you have the goodness of both combined in one!

In an era of heightened risks, the telecom industry needs a game-changing technology to enhance their cyber resilience. In my previous article, I explored how DaaS can be the differentiator for telco service providers in an increasingly competitive landscape. This same transformative technology is once again the ideal tool to safeguard your digital future. Here’s how.

Enhanced Security Features

One of the most compelling attributes of DaaS is its arsenal of enhanced security features.

Centralized Management: With DaaS, you gain the ability to manage desktops from a single, centralized point. This makes it easier to enforce consistent security policies and deploy critical updates across all endpoints.

Data Isolation: In DaaS, sensitive data is stored in secure data centers, substantially reducing the risk of data loss resulting from local device breaches.

Patch Management: DaaS providers take charge of patch management, ensuring that operating systems and software are constantly updated with the latest security patches to shield against emerging threats.

Multi-Factor Authentication (MFA): DaaS solutions typically support Multi-Factor Authentication, adding an extra layer of security to user logins and making it harder for malicious actors to gain access.

End-User Device Independence: DaaS allows users to access their desktops from any device with an internet connection, including mobile phones, reducing reliance on potentially vulnerable local devices and enhancing overall security.

Disaster Recovery and Business Continuity

Cyber resilience isn’t just about preventing attacks; it’s also about effectively responding to them. DaaS plays a pivotal role here as well:

Data Backup: DaaS providers offer robust data backup and recovery solutions, ensuring that critical data remains protected even in the event of a cyberattack.

Quick Desktop Provisioning: In the face of hardware failures or cyber incidents, DaaS can rapidly provision new virtual desktops, minimizing downtime and maintaining business continuity.

Scalability and Flexibility

DaaS excels in helping your business adapt to your changing needs without a delay in time or increase in cost.

Scaling Resources: DaaS enables you to scale your desktop infrastructure up or down as needed, accommodating fluctuations in workforce size, or changing business requirements.

Geographical Flexibility: DaaS empowers remote and mobile workforces, allowing employees to work securely from anywhere. This flexibility proves invaluable, especially in times of crisis.

Meeting Compliance and Regulations

For organizations in regulated industries, compliance is a non-negotiable aspect of their operations. DaaS providers often adhere to industry-specific compliance standards and regulations, facilitating adherence to these requirements.

Build a Resilient Future with Anunta’s DaaS

DaaS providers, like Anunta, are not just technology vendors; they are cybersecurity experts. We bring dedicated teams and resources focused on security, offering you access to the latest expertise and best practices in the field.

At Anunta, we stand at the forefront of DaaS innovation, offering not just a service but a strategic partnership dedicated to fortifying your cyber defenses. DesktopReady, our packaged DaaS offering, integrates best-in-class technology platforms, products, and a comprehensive set of services, and most importantly, is a cost-effective plug-and-play solution.

Anunta is an SOC2 attested ISO/IEC 27001 certified organization. Our commitment to enhanced security, seamless scalability, expert support, and compliance adherence ensures that your organization can thrive in a secure, flexible, and compliant digital environment.

If I have sparked your curiosity on how DaaS – especially in partnership with Anunta – can make you a cyber resilient organization, drop a line at marketing@anuntatech.com and someone from my team will reach out to you.

We are thrilled to announce that Anunta has been named in the inaugural Gartner® Magic Quadrant™ for Desktop as a Service (DaaS). We are deeply honored by this recognition since we believe this is a testament to our exceptional team’s unrelenting dedication, ceaseless efforts, and invaluable trust and support from our esteemed partners like you.

Vendors were recognized after a rigorous evaluation based on the Completeness of Vision and the Ability to Execute apart from their innovative DaaS products and services. The inclusion criteria covered Market Participation, Customer Interest Index, Regions, Technical Capabilities relevant to Gartner clients and so on.

A Glimpse at Anunta’s Offerings

Anunta’s Digital Workplace solutions underscore our commitment to business continuity, security, and compliance, assuring clients and partners of a robust and ultra-secure environment. Moreover, it affirms our dedication to fostering digital innovation, enabling organizations to thrive in today’s dynamic business landscape.

Our Digital Workplace Solutions power our customers’ success stories, enhancing employee experiences and competitiveness.

  • Through our VDI/DaaS offerings, we’ve improved productivity, scalability, and IT resource optimization.
  • Our Modern Desktop Management (MDM) solutions streamline device operations, reduce risks, and empower mobile productivity.
  • Anunta’s SASE solutions ensure top-notch security and simplify network management, reducing costs and enhancing user experiences.
  • Our expertise in Cloud solutions enables businesses to accelerate digital transformation and remain competitive.

At Anunta, innovation is in our DNA, and we take great pride in our three patented AI-driven platforms that are solving multiple use cases for our clients.

  • DesktopReady ensures a smooth transition to virtual desktops for SMBs while providing the reliability and support that your business demands.
  • EuVantage leverages advanced AI algorithms to proactively identify and resolve issues, ensuring uninterrupted productivity for your workforce.
  • CloudOptimal, with real-time insights and intelligent recommendations, helps organizations optimize their cloud spending while ensuring that resources are allocated efficiently.

What the Gartner Recognition Means to Us

We believe that our latest Gartner recognition was only possible with your steadfast partnership, invaluable feedback, and seamless collaboration. We take this opportunity to thank you for your continued support and trust in Anunta.

As a trusted advisor for your business, we will continuously strive to offer flexibility and customization while delivering an unmatched end-user experience to maximize the value.

We look forward to the exciting opportunities that lie ahead.

Read the press release here.

Disclaimer

Gartner®, Magic Quadrant™ for Desktop as a Service, Stuart Downes et al., 5 September 2023
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings. Gartner’s research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT and HYPE CYCLE is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Last year, the Australian telecommunications giant, Optus, revealed that the personal data of about 10 million customers was stolen in a cyberattack. Two weeks later, it was considered one of the worst data breaches in the history of the country as it spiraled into ransom threats and a huge public outcry.

Almost at the same time, half a world away in India, one of its largest telecom providers, Vodafone, revealed that the data of nearly 20.6 million customers was leaked in an unrelated, but coincidental, cyberattack.

The telecom industry is the backbone of our infrastructure – from staying in touch with our loved ones to streaming movies online to backing our corporate email networks. Perhaps that’s what makes them such lucrative targets for threat actors.

With the rise of the 5G network, speed, and coverage – something that all telcos now offer – service providers need a new differentiator to stay competitive. Security and customer experience are ideal candidates for this role.

Desktop-as-a-Service and the Telecom Industry

In one of our blog articles earlier this year, we explored how Desktop-as-a-Service (DaaS) is fast becoming a mainstream technology that ensures both data security and great customer experience. By enabling application and data accessibility with a centralized cloud infrastructure, DaaS eliminates the reliance on high-end physical hardware. As a cloud computing solution that provides virtual desktops over a secure network, its innate advantages are quite attractive for telecom providers.

As telcos evolve to “techcos” leveraging technology in a competitive market, DaaS is one of the most beneficial solutions they can rely on to differentiate themselves from their peers.

Here’s a look at how:

Consistent Customer Experience

DaaS enables telcos to ensure that customer support representatives and other customer-facing employees have a consistent and standardized desktop environment. This helps maintain a high customer experience.

Efficient Customer Support

DaaS enables customer support representatives to access necessary tools and resources from any location, improving response times and the overall efficiency of customer support services.

Data Privacy and Compliance

Telcos deal with highly sensitive customer data and a breach of it will have a significant impact on the brand. With threats of identity theft looking large, the Optus breach caused a massive fall in the brand’s reputation. DaaS can provide better control over data privacy and compliance by centralizing data storage and implementing robust security measures.

Scalability

Telcos often experience fluctuations in customer demand. DaaS allows them to quickly scale up or down the number of virtual desktops based on demand, ensuring optimal performance and resource allocation.

Faster Deployment of Services

The centralized nature of DaaS enables telecom companies to deploy new services, updates, or software to their customer support teams more rapidly. This ensures that support agents always have access to the latest tools and resources to better serve their customers.

Choosing the Ideal DaaS Provider

Anunta is a leading provider of managed DaaS solutions, providing full life-cycle services to our customers for more than a decade. Our solution, DesktopReady, is designed specifically for the telecom industry, and it offers several features that are tailored to the specific needs of telecom providers, like:

  • Build a more scalable and flexible business.
  • Keep systems secure and compliant with integrated security management.
  • Safeguard your business against data breaches and data loss.
  • Simplify the complex IT systems and management.
  • Enable work from anywhere, anytime and on any device.

It is the simplest truth that customers will always be loyal to the service provider who gives them the best service – and in today’s world, as you know, this best service is centered around data security and customer service. If you are a telecom provider looking for a way to differentiate yourself from your competition, DaaS might just be the best solution for you – and Anunta’s DesktopReady more so.

If we have convinced you, don’t hesitate to reach out to us at marketing@anuntatech.com. We would be happy to help you out.

Managing employee experience and workstation security was simple when physical workstations were located at central offices. With the disruption of digital workplace technology, employees can work from anywhere, on any device and at any time. While this is great for end users, IT admins will find it a bit tedious to manage data security without compromising on employee experience.

Modern day organizations are continuing to stay up to date to enhance employee experience, streamline their IT operations, and fortify their security measures to increase productivity. With so many endpoints used to access work through multiple networks, sensitive corporate data is dangerously at the risk of breach. At the same time, IT admins have a plethora of endpoints floating around to manage and update. And to this mix, we must add employee experience and satisfaction as well, ensuring that end users have seamless access to all relevant applications and data without any bottlenecks.

This might sound like an absolute nightmare, but it doesn’t have to be. This is where Modern Desktop Management saves the day.

What is Modern Desktop Management?

Desktop management used to involve manually configuring individual machines and deploying software updates through physical media. IT administrators had to wade through multiple challenges like high maintenance costs, security vulnerabilities, and diversity of devices. Advancements in technologies like cloud computing and infrastructure virtualization have contributed to a novel and modern way of anywhere work and this has made traditional desktop management approaches obsolete.

Modern Desktop Management (MDM) is an approach to managing and securing desktops and laptops within an organization using cloud-based platforms and centralized administration. It involves the use of MDM solutions that enable IT administrators to remotely deploy software, enforce policies, monitor device health, and apply updates and patches.

MDM solutions streamline device management processes, thus enhancing end user productivity and data security, and providing a unified experience across devices.

Why Modern Desktop Management?

User endpoints form a critical vulnerability risk because they are the primary access points for threat actors. According to a Cyber Risk Alliance Business Intelligence Survey conducted in September 2022, 60% of the participants said that the expanding attack surface (including mobile and IoT) is one of their major cybersecurity concerns.

If corporate devices are not managed well, one attack can take down the brand reputation and customer trust in a matter of minutes. This makes it crucial to have complete visibility and control of corporate endpoints.

This is where MDM offers the perfect solution by providing comprehensive visibility into all endpoints and the ability to fix any critical issue anytime and anywhere within minutes. MDM has the capacity to safeguard the organization’s IT assets in a way traditional desktop management doesn’t.

Let me share a few compelling reasons to adopt Modern Desktop Management.

Enhanced Security

MDM solutions have robust security features such as advanced endpoint protection, encryption, centralized security policy management, and vulnerability assessments. They protect the organization’s sensitive data and systems, provide defense against cyberattacks, and ensure compliance with industry regulations.

With MDM solutions, IT admins can centrally manage and control desktop configurations, policies, and security settings uniformly on all desktops. They can also enforce strong password policies, restrict specific software installations, and control access to sensitive data and resources.

Simplified Device Management

Traditional desktop management involves manually configuring individual desktops, which is a time-consuming process and requires physical accessibility to these devices. MDM solutions enable IT administrators to efficiently deploy software applications, manage user settings, and enforce security policies across a large number of devices, thus streamlining the deployment process, reducing errors, and improving overall productivity.

By automating time-consuming processes, MDM solutions also ensure that all systems are up-to-date, secure, and less susceptible to vulnerabilities.

Enhanced User Experience

Modern Desktop Management effectively supplements anywhere work by enabling employees to securely access their desktop environments, improving their productivity, collaboration, and work-life balance. It also enables quick and streamlined provisioning of new desktops, minimizing downtime, and allowing users to get their desktop environments running quickly.

MDM solutions often provide self-service portals and automated workflows, empowering end users to perform certain tasks themselves. By reducing dependency on IT staff, users experience faster response times, greater flexibility, and better satisfaction.

In today’s digitally driven workplaces, technologies like Modern Desktop Management are fast becoming a necessity. By providing a proactive approach to desktop management, MDM solutions enable IT departments to focus on strategic initiatives, rather than investing in routine maintenance tasks. They provide enhanced security, employee experience, and cost efficiency in one go, thus addressing almost all the most pressing challenges of a modern workplace in one shot.

Interested in adopting Modern Desktop Management in your organization? Reach out to Alicia from our team (alicia.lobo@anuntatech.com) and we would be happy to help.

Organizations across the globe are fast adapting to a pressing reality. Their stakeholders – investors, employees, and customers – are expressing growing interest in environmental, social, and governance (ESG) targets and compliance.

And in the world of business, numbers don’t lie.

A Gartner article says, “ESG is diligently monitored by 91% of banks, 71% of fixed income investors, over 90% of insurers, and 24 global credit rating agencies.” Whereas a PwC article says, “83% of consumers think businesses should actively shape ESG best practices.”

These numbers reveal a trend that cannot be ignored. As an organization, if you want to be ahead of the pack, you need your stakeholders on your side. And the best way to do this is by learning how to balance your profitability and money-making innovations against your ESG commitments.

This is where your cloud strategy can help define your future.

Cloud technology has the potential to be your trump card in meeting your ESG priorities by promoting energy efficiency, resource optimization, virtual collaboration, and transparent sustainability tracking.

The Role of Cloud Transformation in Addressing ESG Priorities

According to the market research firm, IDC (as reported by World Economic Forum), “the transition to cloud computing between 2021 and 2024 will prevent at least 629 million metric tons of carbon dioxide”. That’s an impressive number, if ever there was one!

In the race towards net zero emissions and fulfilling your social commitments, cloud technology has emerged as a game-changer in ESG priorities, enabling you to drive positive change. As more businesses move to the cloud to advance their ESG goals, the collective impact will undoubtedly pave the way to building a green and sustainable world.

Here is how your cloud technology helps you play the balancing game of furthering your business goals and fulfilling your ESG commitments:

Energy Efficiency

Significantly reduce your carbon footprint and moderate your environmental impact.
Cloud technology is inherently energy efficient. It substantially reduces energy consumption compared to traditional on-premises data centers as cloud providers optimize power usage, cooling systems, and server utilization in their data centers.

Resource Optimization

Avoid over-provisioning and wasteful utilization of resources, which ultimately leads to lower greenhouse gas emissions.
It offers a more sustainable approach to IT operations by enabling dynamic resource allocation, which means you can scale your computing resources up or down based on your evolving business requirements.

Sustainable Data Centers

Align your cloud operations with your broader goal of reducing carbon emissions.
Major cloud service providers strategically position their data centers in locations with abundant renewable energy supplies. For example, Google’s data centers are famous for sustaining themselves on wind and solar power.

Virtual collaboration

Contribute to lower carbon emissions from daily commuting, ultimately benefiting the environment.
Cloud-based collaboration tools are pivotal in the business world’s transition to remote work. Virtual meetings, online document sharing, and real-time communication reduce the need for employees to travel to work.

ESG Reporting and Transparency

Build trust and credibility with your stakeholders through transparent reporting.
Cloud technology comes with enhanced reporting capabilities. This streamlined cloud-based data management, and reporting helps you transparently communicate your sustainability efforts to your stakeholders.

Social Inclusion and Accessibility

Promote social inclusion at your workplace by ensuring that your cloud-based applications are accessible to the PwD community.
Technology has long been hailed as a democratic equalizing force, and cloud technology is no different. It offers everyone equal access to resources and tools, fostering a more diverse and inclusive workforce in your organization.

Have we convinced you to consider cloud technology to build your organization’s sustainable, responsible future? Contact Alicia from our team (alicia.lobo@anuntatech.com), and we will help you chart a roadmap aligned with your business needs.

Organizational priorities across the globe have massively shifted in the last couple of years and businesses today have a renewed need for enhancing agility and flexibility, improving operational efficiency, and ensuring disaster readiness.

Organizations planning to accelerate their digital workplace transformation are exploring avenues that complement these priorities. And one of these avenues is blended infrastructure in the form of hybrid cloud.

According to Statista research, in 2023, 72% of CIOs and CTOs are going to follow a hybrid cloud strategy to modernize their IT infrastructure. And that might just be the right way to go to make your organization future-ready.

Hybrid Cloud: Combining the Best of Both Worlds

For organizations seeking to optimize their digital workplace, a more open and flexible cloud strategy will be a gamechanger. Which is precisely what hybrid cloud provides. By combining the best of both worlds – public and private cloud – this strategy enables organizations to have the kind of flexible infrastructure that meets their unique needs.

Flexible and Scalable Approach
One of the primary reasons to adopt a hybrid cloud strategy is the flexibility and scalability it offers. With a hybrid cloud approach, you can leverage the scalability of the public cloud to handle peak workloads and constantly changing demands, while maintaining critical data and applications in your private cloud for enhanced security and control.

This flexibility that a hybrid cloud strategy offers helps you adapt to the ever-changing market conditions, scale your infrastructure up or down as you need, and deliver superior performance to your end users.

Greater Data Security
As cyberthreats continue to exist and evolve in a highly digitized world, data security is a key priority for organizations irrespective of size or industry. A hybrid cloud strategy allows you to strike a balance between security and accessibility. Sensitive and mission critical data and applications that need limited access can continue to remain on prem or in a safe private cloud with trusted vendor while other data can be moved into public cloud to make it accessible for everyone within and outside the organization with a secured access.

This approach ensures that you can maintain compliance, protect highly sensitive information, and safeguard your digital workplace from potential security breaches.

Better Cost Optimization
Business strategy is incomplete without considering cost efficiency. Adapting hybrid cloud strategy helps you optimize your costs as it allows you to scale your infrastructure up or down based on your requirements, eliminating the need for upfront investments in hardware or software. The option to distribute your workload between the two clouds reduces overall infrastructure costs.

Business Continuity and Disaster Recovery
With ever evolving cyber threats and unforeseen global disasters, the business world is expected to have a contingency plan for uninterrupted business operations. Hybrid cloud offers this contingency for businesses by providing robust disaster recovery capabilities through replication of data and applications between public and private clouds. This helps to quickly restore critical services and data in the event of unforeseen system failure or disaster.

Choosing the Right Technology Partner for Your Cloud Journey

To maximize your ROI on cloud solutions, you need a reliable technology partner who brings extensive experience and deep understanding of hybrid cloud architectures, deployment models, and best practices. Your technology partner should provide you with insights and guidance to help you navigate through complexities of hybrid cloud adoption and make informed decisions that align with your business goals.

At Anunta, we provide you with insights and guidance to help you navigate the complexities of hybrid cloud adoption and make informed decisions that align with your business goals. Check out our cloud offerings designed to help you chart your successful cloud adoption journey. If you prefer a one-on-one conversation, please reach out to Alicia from our team (alicia.lobo@anuntatech.com) and we would be happy to help you.

Strong passwords are the guardians of our digital accounts and the primary defense against identity theft. In fact, in one of my earlier blogs commemorating World Password Day, I had talked about the necessity of strong passwords in detail.

In the earlier days, we used to have accounts in just a couple of portals like email or the admin side of a website. But things have changed, and technology has evolved. Now, we have multiple platforms with multiple accounts and passwords, some of which we use rarely. These passwords, regardless of the frequency of use, need to be changed periodically, if you need to keep your digital information safe.

With so many accounts and passwords, naturally, it is nearly impossible to remember every single one of them. Unfortunately, most of us resort to saving this information on an Excel sheet or a Word document in plain text format.

In an era dominated by cyber threats, this is a recipe for disaster.

Password Vaults provide a convenient and secure solution to fortify your online security, and protect your sensitive information, by just remembering a single password.

What is a Password Vault?

Password vaults, also known as password managers, are secure digital repositories designed to store and manage passwords for online accounts. They offer a centralized location where users can securely store their passwords and retrieve them when required.

The passwords stored in password vaults are typically encrypted and protected by a master password. Password vaults also provide added security controls like MFA, or a biometric authentication method, such as fingerprint or facial recognition. This ensures that only authorized individuals can access the vault.

The benefits of using a password vault to save your passwords are numerous.

Assured Security

We resort to using weak and easily guessable passwords because we find them easier to remember. But that also leaves them more vulnerable to cyberattacks. Password vaults generate complex, unique, strong passwords for each account and store them securely. This significantly reduces the risk of unauthorized access.

Convenience

Password vaults eliminate the need to remember multiple passwords for various accounts. You only need to remember one master password, which will give you access to all the other credentials. This saves time, eliminates human error (multiple wrong entries usually locks out the user), and enables the users to efficiently manage their online accounts.

Defense Against Phishing

In phishing attacks, threat actors trick individuals into revealing sensitive information to access their accounts. You can integrate password vaults with web browsers, which enables them to autofill the required credentials for legitimate websites. The autofill feature ensures that credentials are provided for only legitimate websites, providing defense against phishing attacks.

Data Synchronization

Most password vaults synchronize passwords across devices, making it easier for you to access your accounts on any platform. This adds to the convenience part because you don’t have to log in to your password vault to search for credentials every time you switch devices.

Security Best Practices

Password vaults often offer security recommendations and best practices to make your lives easier. They provide password strength analysis, automatic password suggestions, prompts on expiring passwords, and two-factor authentication.

It is worth noting that while password vaults offer substantial benefits, it is essential to choose a reputable and trusted password vault provider. Before choosing one, you need to do proper research on its security features, encryption standards, and privacy policies to ensure that it protects all your sensitive online information.

While the security and reliability of open-source password vaults can vary, here are ten popular open-source password vaults that I recommend and are generally considered secure.

  • KeePass: KeePass is a widely used open-source password vault that stores passwords in an encrypted database. It offers strong encryption algorithms and supports two-factor authentication.
  • Password Safe: Password Safe is an open-source password vault that follows a “defense-in-depth” security model. It provides secure storage for passwords and supports multiple databases.
  • Bitwarden: Bitwarden is a feature-rich open-source password vault that allows users to securely store and sync passwords across multiple devices. It supports various encryption methods and offers options for self-hosting.
  • KeePassXC: KeePassXC is a community-driven fork of KeePass, focusing on cross-platform compatibility. It incorporates additional features and security enhancements while maintaining compatibility with KeePass.
  • Buttercup: Buttercup is an open-source password vault that uses strong encryption algorithms to protect passwords. It supports cross-platform usage and provides browser extensions for convenient access.
  • Pass: Pass, also known as “password-store,” is a command-line-based open-source password vault that stores passwords as encrypted files. It utilizes GPG encryption and integrates well with existing command-line utilities.
  • Enpass: Enpass is an open-source password vault that offers strong encryption and supports various platforms. It provides options for storing data locally or syncing it across multiple devices using cloud storage.
  • Myki: Myki is an open-source password vault with a unique approach. It stores passwords locally on local devices and utilizes end-to-end encryption for secure sharing of passwords across devices.
  • LessPass: LessPass is an open-source password vault that generates unique passwords for each account using a combination of the master password and other parameters. It does not store passwords but generates them on-the-fly.
  • Padlock: Padlock is an open-source password vault that focuses on simplicity and security. It offers AES-256 encryption and provides a clean and intuitive interface for managing passwords.

A word of advice: While these open-source password vaults are generally considered secure, it’s important to stay informed about their latest security updates and community support. Additionally, always ensure that you download the software from trusted sources to minimize the risk of tampered versions or malware.

A strong password protects your online information but rather than hiding it in the crevices of your mind, it is safer to rely on password vaults for enhanced security, convenience, and ease of access. While cyberattacks haunt individuals and corporates alike, it is always better to be safe than sorry.

Your name, your date of birth, your pet’s name, your favorite soccer player, a president you don’t see eye to eye with, or the name of your first crush. Are any of these strong enough to guard your most sensitive personal and financial information?

The answer would be an unequivocal “no”.

And yet, a recent survey by Cybernews reveals that these indeed form a few of the most used weak passwords around the globe. A few creative souls have thrown in swear words as well into the mix, which, unfortunately, are once again easy to crack.

So, as we observe World Password Day this May 4th, let’s get serious with our password game.

What is World Password Day?

In his 2005 book Perfect Passwords: Selection, Protection, Authentication, security researcher Mark Burnett first encouraged people to have a “password day,” to update all their important passwords.

Inspired by his idea, Intel Security took the initiative to declare the first Thursday in May as World Password Day in 2013. The day was intended to raise awareness on the importance of strong passwords in securing personal and corporate information.

In the 10 years that followed, the process of securing your data with a password has evolved to include two factor authentication (2FA) and multi-factor authentication (MFA), promising enhanced security to our digital accounts.

Passwords remain the first line of defense, and as such, good password hygiene is critical for individuals and organizations alike.

What constitutes a weak password?

Every time you are required to set a password by any device or portal, the guidelines are displayed for all to see. Still, a shockingly large number of people use easily guessable passwords and reuse the same for all their devices and accounts.

And thus, our long-gone childhood pets live on in our weak passwords. Or our city of birth makes a flash appearance. Then there are some of us who decorate our idols’ names with a few special characters on either side. And the previously mentioned creative people sprinkle a few numbers in between swear words and call it a day. The least creative ones though, rely on what’s right in front of them to set a password – the letters on their keyboard, in the very same sequence they occur.

This is how, once and for all, we make lives and jobs easier for threat actors around the globe.

Believe it or not, cyber attackers maintain a database of known or the weakest passwords that are regularly used. Here is a list of the 10 most common passwords used in India in 2022.

  • password – used over 34 lakh times
  • 123456 – used over 1.6 lakh times
  • 12345678 – used over 1.1 lakh times
  • bigbasket – used over 75,000 times
  • 123456789 – used over 30,000 times
  • pass@123 – used over 20,000 times
  • 1234567890 – used over 14,000 times
  • anmol123 – used over 10,000 times
  • abcd1234 – used over 8,900 times
  • googledummy – used over 8,400 times

You may also want to check the top 200 most common passwords across the globe in 2022.

Needless to say, using such weak or known passwords does nothing to protect your digital accounts. It is an open invitation to threat actors to access your personal information and financial data.

Some of the risks associated with weak passwords are:

  • Password cracking: Password cracking is a prevalent technique that hackers use to gain unauthorized access to user accounts. It involves the use of automated tools to attempt thousands of possible passwords until the correct one is discovered.
  • Brute force attacks: Brute-force attacks are a type of cyberattack that uses automated tools to try all possible combinations of characters until the correct password is discovered.
  • Dictionary attacks: Dictionary attacks involve using pre-built lists of commonly used passwords, such as words found in the dictionary, to attempt to gain access to user accounts. They are often effective because many users choose simple and easy-to-guess passwords, such as “password123” or “admin”, which are frequently included in these lists.
  • Account takeover: If an attacker gains access to one of a user’s accounts due to password reuse, they may be able to take over other accounts that use the same password. This can be especially dangerous if the user has linked their accounts to financial or sensitive information.

Unique and complex passwords for each of your accounts are the best way to defend against these risks. Most people don’t use complex passwords for the simple reason that they can’t remember them.

Using a password manager can help you generate and store strong passwords for your accounts. Implementing two-factor authentication can also add an extra layer of security to prevent account takeover even if an attacker manages to obtain your password.

What are a few tips to create strong passwords?

  • Length: Use a password that is at least 14 characters long. Longer passwords are harder to guess or crack using automated tools.
  • Complexity: Use a mix of upper and lower-case letters, numbers, and special characters. Avoid using common words, phrases, or personal information that could be easily guessed, which means avoiding names and anniversary dates.
  • Uniqueness: Use a unique password for each account. Avoid reusing passwords across multiple accounts, as this increases the risk of credential stuffing attacks.
  • Avoid Dictionary Words: Consider using a password that does not contain dictionary words. Such dictionary words are common and can get hacked easily.
  • Avoid Patterns: Avoid using patterns in your passwords, such as sequences of numbers or letters. These patterns are easy to guess and may be part of a dictionary attack. In other words, resort to gibberish.
  • Use a Passphrase: Consider using a passphrase, which is a longer combination of mismatch words that are easy to remember but hard to guess. For example, “alien grass coffee” follows no pattern and is therefore impossible to guess.
  • Use Multi Factor Authentication: Multi-factor Authentication (MFA) requires users to provide one or more additional verification factors – more than the username and password – to grant access to an application, online account, etc. MFA decreases the likelihood of a successful cyber-attack.
  • Use a Password Manager: Consider using a password manager to generate and store strong passwords for your accounts. This can help you avoid the need to remember complex passwords and ensure that you use a unique password for each account.
  • Change Your Passwords Regularly: Make it a point, no matter how much hassle it is, to change your password every 30 to 45 days.
  • Don’t Share Passwords: In the name of friendships and online streaming services, many of us share passwords among friends and family. Avoid this as much as you can.

Follow these tips of password hygiene and you will see that your first line of defense against cyberattacks is strong and reliable. What better way to observe the 10th anniversary of World Password Day than to change your passwords into something complex and uncrackable that no automated tool can hack?

One in three customers will leave a brand or a product after just one bad experience, according to a PwC report. When the success of most organizations these days are steered by their level of customer commitment, this seems like a very large number to lose.

To create meaningful experiences and build lasting customer relationships, it is critical for organizations to make customer-centricity a strategy as well as a culture. This is one aspect Anunta is particularly proud of – our customer-centric approach to all our engagements is woven into our culture, mission, and values.

This customer-first culture, which is an integral part of all our processes, is reflected in our overall of CSAT of more than 86% – an impressive number when you consider the market average of 71%.

To ensure that we are guided by the unbiased voice of our customers, Anunta follows a very comprehensive feedback process that covers multiple channels and includes multiple stakeholders.

Measuring Our Customers’ Satisfaction and Experiences through CSAT Feedback

Our customer satisfaction surveys gather point-in-time feedback via multiple channels from various stakeholders – from end users to CIOs – to understand their experiences and expectations.

  • Ticket-based feedback
  • In-person feedback from senior leadership team
  • Real time feedback
  • Email/IVR-based feedback post issue resolution

Ticket-based feedback is triggered at ticket resolution, where customers are asked to rate their experience with respect to the incident. This feedback survey is aimed at end users who work with virtual machines and virtual apps on a daily basis. If a user gives a rating of 1 or 2, our support team reaches out to them to understand what concerns caused them to give low ratings and what learnings we can take away from that.

The in-person feedback, collected quarterly or half-yearly, is targeted at customer IT SPOCs up to the CIOs. It covers topics such as Anunta’s technical skillset and competency, communication and approach, and overall effectiveness in account management. This is the stage where we also ask the customer SPOCs if they would recommend Anunta to their friends and colleagues, effectively running our NPS survey.

Our CSAT User Interface collects real time feedback for 10 weeks after deployment, focused on measuring the satisfaction of direct end users. Another rating-based survey, it ensures that 10% of the audience is covered every week, thus covering all end users in the 10-week period.

On every call where a fresh ticket is created, Anunta collects feedback through IVR with user consent on their experience. For lower ratings, actions are taken to mitigate the concerns.

Why Customers Love Anunta

As a trusted Managed DaaS market leader, we have continually strived to drive innovation and deliver excellence in each one of our customer engagements. From product design to delivery to support, all our processes revolve around customer needs and challenges.

Our product innovations also have customer experience at the center, helping us design unique, customized products in such a way that will give maximum value to the customers. Our products are also customizable and adaptable according to organizational requirements.

Our pro-active day 2 or post-implementation support provides uninterrupted services across geographies, covering end user, infrastructure operations control, operations governance, and relationship management.

All this, combined with our proven 99.99% application availability with 0.03 incident to user ratio, no wonder that our CSAT score is an amazing 86%.

It is this commitment to ensure that our customers do not feel experience disconnect that helped us become a pioneer in the DaaS market to earn the “Customer First” badge from Gartner Peer Insights. We have always encouraged honest and transparent feedback from our customers as we strive to deliver innovative, unique, and customized DaaS products to meet the business needs of every customer. The Customer First badge accentuates this mission and underscores our unwavering commitment to providing the best and the most innovative products to our customers. Our customers rated us an amazing 5-star on Gartner Peer Insights.

Recently, Anunta also won the CIO CHOICE 2023 award in the Desktop-as-a-Service category, making us the most trusted brand in the DaaS market. CIOs and ICT leaders nominated and voted for Anunta as their most preferred technology provider based on their own experience of working with us. Winning the CIO Choice Award elevates our position as a market leader in DaaS and showcases our strong customer focus.

Add our incredible NPS and CSAT scores to the equation, and we have a truly customer-centric virtualization technology partner who helps you effectively drive your digital workplace transformation strategies.

Statistics reveal that ransomware will attack a business, a consumer, or a device every 2 seconds by 2031. And it will cost its victims $265 billion annually.

In the last five years, ransomware attacks have risen by 13% and in the first half of 2022 alone, there were around 236.7 million attacks globally.

These are very distressing numbers. Ransomware is one of the most real and present threats that organizations are facing today.

Ransomware is a type of malware used by threat actors for financial gain. It takes over the victim’s files or systems, and the attacker demands a ransom be paid in exchange for a decryption key, which organization can only hope that will return the files to their original state.

Recently, threat actors have begun to exfiltrate data during a ransomware attack resorting to “double extortion” – to blackmail victim organizations into paying the ransom to avoid having their information posted on leak sites or put up for sale.

LockBit is the world’s fastest and the most stable ransomware since 2019-2020. The LockBit 3.0 ransomware, also known as LockBit Black, operates as Ransomware-as-a-Service (RaaS). It is an improved version of its previous LockBit 2.0 and other versions.

How does ransomware work?

Threat actors infiltrate the victim organization’s network and find its way onto a device. They then encrypt the files and folders on it.

Threat actors don’t stop there. They execute enumeration activities to spread their reach laterally on to the network and can spread the ransomware from device to device, affecting all computers in a network.

How do threat actors infiltrate?

  • Email links or attachments: The user is sent a phishing email with a malicious link or attachment, which leads to either credential harvesting or the downloading of the ransomware from the file they attach on email.
  • Remote Desk Protocol (RDP): Threat actors exploit publicly available or weak credentials and brute-force or password spray via the RDP protocol to gain access.
  • Virtual Private Network (VPN): Threat actors identify and exploit unsecured and unpatched remote access VPN servers – by exploiting publicly available or weak credentials and brute-force or password spray – to gain access to a network, then distribute malware.

Recommendations to protect your data against ransomware

Identity & Authorization

  • Enforce long and complex passwords.
  • Passwords must be set to avoid dictionary words, patterns, or commonly used passwords.
  • Implement Password Change Cycle and avoid accounts with the option of setting passwords that will never expires.
  • Enforce Multi Factor Authentication (MFA) at every logon attempt.
  • Consider Phishing Resistant MFA.
  • Integrate MFA for all remote access, internet accessible and business email accounts.
  • Periodically audit user accounts with administrative privileges and configure access controls according to the principle of least privilege.
  • Periodically identify unused accounts and delete them.

Network

  • Geo Fence network perimeter – Whitelist the Geo where you operate from. Blacklist the rest.
  • House critical infrastructure on to DMZ
  • Segment networks and disable unused ports.
  • Disable inter VLAN communication or restrict to necessary communication only.
  • Disable any direct external RDP access.

Data Backup & Restoration

  • Maintain offline backups of data.
  • Ensure all backup data is encrypted, immutable (i.e., cannot be altered or deleted).

General Safety Measures

  • Keep all operating systems, software, and firmware up to date.
  • Identify, detect, and investigate abnormal activities and potential lateral movements with an appropriate EDR / XDR tool.
  • Periodically review domain controllers, servers, workstations, and active directories for new and/or unrecognized accounts.
  • Consider adding an email banner to emails received from external organizations or domains.
  • Disable hyperlinks in received emails.

SUBSCRIBE TO OUR BLOG

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.