A black and white icon of a cell phone on a white background.
A black and white envelope icon on a white background.
A white background with a gray gradient is a plain white background.
Stay Up to Date on Cyber-Events

Current Events

21 Oct, 2024
In the wake of recent hurricanes Helene and Milton, the importance of robust email disaster recovery has never been clearer. When email systems go down, the ability of public agencies to communicate effectively grinds to a halt. This not only reduces productivity but also hampers critical communication during emergencies, ultimately affecting the support provided to citizen stakeholders. GOVonomy, along with its suite of cloud-based email partners, offers cloud-based services that help agencies resolve outages swiftly, reduce costs, and improve performance. Our partner network provides all-in-one cloud-based services for email management, offering leading solutions for email security, archiving, and continuity. Beyond disaster recovery, these solutions also provide data security protection, malware protection, and defenses against advanced email security threats. The multiple email continuity and disaster recovery solutions available through the GOVonomy network ensure that agencies and their users can continue to send and receive emails during disasters, Office 365 outages, or planned downtimes. When a downtime event occurs, agencies are protected via immediate switchover, ensuring no interruption in the flow of email. Government employees can continue to access email as usual on any device from any location, often completely unaware that a problem has occurred. Maintaining access to email during an outage also eliminates the flood of calls to the help desk that typically follows a disaster. Email disaster recovery is easy to manage with a network of geographically dispersed data centers, each with built-in redundancy to protect against failure. Cloud-based solutions significantly lower or eliminate the need for complex, on-premises resilient infrastructure. There are many options available, so which one is right for you? At a minimum you should expect the following: • Cloud-based solution • A 100% service availability SLA. • Automatic synchronization of mailboxes after email servers are back online. • Centralized control and management of failover events and outages. • Uninterrupted access to all live and historic email and calendar information. • Instant failover and failback to reduce RPO and RTO for email to near zero. Protect your communications and ensure seamless operations, even in the face of disaster. Contact the GOVonomy team today to review the multiple options available to government organizations. Learn more about email disaster recovery by reaching out to the GOVonomy team.
21 Oct, 2024
In today’s rapidly evolving digital landscape, public organizations are more dependent on technology than ever before. Yet, as technology advances, so do the risks associated with its failure. Whether it’s a natural disaster, a ransomware attack, or an unexpected system failure, downtime can cripple operations, erode customer trust, and lead to massive financial losses. According to a leading Data Protection Trends Report, a staggering 85% of organizations experienced a ransomware attack, with nearly 40% seeing entire production data encrypted or destroyed. The question is no longer if a disaster will strike, but when. That’s where GOVonomy’s experienced comes in. GOVonomy provides public sector IT teams and organizations of all sizes with the tools and strategies needed to not only survive a disaster but thrive in the face of one. By evaluating an organizations' existing disaster recovery plan(or creating one for the client), GOVonomy can help organizations leverage best of breed Disaster Recovery as a Service (DRaaS) solutions, organizations can ensure they are always prepared for the worst. Here’s how GOVonomy helps organizations recover faster from disasters and stay ahead of potential threats. Key Steps for Effective Disaster Recovery 1) Plan Your Recovery Strategy Before disaster strikes, the key to a successful recovery lies in a well-thought-out plan. Not every organization has the capacity or in-house expertise to handle a disaster recovery (DR) process, and the complexity of modern IT environments often requires a more sophisticated approach. A strong disaster recovery plan should be tailored to an organization’s unique needs and should be aligned with business priorities. Key considerations when planning your recovery strategy: • Assess your risks: Understand the potential disasters your business may face, from cyberattacks to environmental hazards. • Evaluate your data and systems: Identify which business functions and systems are mission-critical, and which data needs immediate restoration in the event of a disaster. • Define your RTO and RPO: Recovery Time Objective (RTO) defines how quickly you need your systems up and running, while Recovery Point Objective (RPO) defines how much data loss your business can tolerate. • Select the right DRaaS partner: Not all DRaaS providers are created equal. Ensure your provider offers essential services like offsite virtual machine (VM) replication, one-click failover, and instant file-level recovery. Your provider should offer: • Offsite VM replication: Keeps an exact copy of your source VMs, allowing for faster disaster recovery. • One-click failover: Simplifies the recovery process by allowing instant failover to backup systems with minimal manual intervention. • Instant file-level recovery: Recovers important files quickly without needing to restore entire systems. GOVonomy offers: Customized strategies with offsite VM replication, one-click failover, and tailored backup solutions, helping organizations recover faster. 2) Execute in an Emergency: When disaster strikes, execution is key. Your disaster recovery plan must be activated immediately, and with the right DRaaS partner, this can be done with minimal disruption. GOVonomy’s cloud-based partner solutions ensure your systems and data are restored efficiently. Steps to take during an emergency: • Notify your DRaaS partner: In the event of an emergency, your disaster recovery partner should be immediately informed to initiate the failover process. • Recover to the cloud: In most disaster situations, recovering to the original infrastructure is not possible. In such cases, a reliable DRaaS provider like GOVonomy will spin up applications and data in their cloud infrastructure. • Failover processes: Veeam Backup & Replication (as an example) can recover VM replicas to the necessary restore points, shifting all input/output (I/O) processes to the replica. Partial vs. full-site failover: • Partial failover: Only select VMs are failed over and powered on based on the recovery plan. • Full-site failover: The entire site is restored using a pre-configured failover plan with boot orders and IP configurations. Common execution mistakes to avoid: • Encryption passwords and credentials: Ensure essential credentials, like encryption keys, are stored externally in a secure vault. Without access to these, backups may become useless. • Application groups and dependencies: Understand how different systems interact and ensure they are restored in the correct order to avoid failure. • Boot orders and firewall configurations: Misconfigured firewall settings or improper boot sequences can prevent key systems from functioning post-disaster. 3) Failback to Stay Ahead: Once the immediate danger has passed and your business is running again from a backup environment, the next crucial step is to failback to your primary infrastructure. This ensures that you are not permanently relying on disaster recovery resources and that your business can fully return to normal operations. Failback options with Veeam Backup & Replication: • Replica feedback: Synchronizes changes back to the production environment and gradually shifts processes from the replica back to the primary infrastructure. • Reverse seed load: Transmits a backup chain of restored workloads to the production environment, with minimal downtime during the process. This is ideal for large workloads or cases where bandwidth is limited. Benefits of failback: • Minimize downtime: With Veeam’s Instant Recovery, downtime during failback can be minimized by using scheduled windows for data transfer. • Ensure data consistency: Throughout the failback process, Veeam ensures application and data consistency, allowing businesses to return to normal operations seamlessly. Contact GOVonomy to learn more about the Veeam DRaSS solution. 4) Documentation and Analytics: After a disaster recovery event, the work isn’t done. One of the most important steps is to analyze and document the entire process to understand what went right, what went wrong, and what can be improved for the future. This is an essential part of refining your disaster recovery strategy and ensuring smoother recoveries in the future. Post-disaster recovery steps: • Document the disaster event: Record the cause of the disaster, the systems affected, and how the recovery plan was executed. • Assess recovery performance: Measure how well the recovery plan worked by evaluating RPOs and RTOs. Did systems boot in the correct order? Were there any delays or unexpected issues? • Update the DR plan: Make any necessary changes to your disaster recovery plan based on the findings of the post-disaster analysis. This might include adding new failover protocols or adjusting the recovery process based on any gaps identified. • Conduct regular testing: Ensure your team is continuously prepared by conducting at least quarterly tests of your disaster recovery plan. This Four-Step Backup Process and Rapid Recovery Force ensure organizations are always prepared for recovery. With geo-redundant data centers, continuous readiness reporting, and 24/7 recovery support, GOVonomy keeps businesses ready to recover at a moment’s notice. Disaster recovery is more than just a backup plan – it’s a business continuity strategy. Choosing the right partner can make the difference between a smooth recovery and a prolonged downtime that impacts both revenue and reputation. GOVonomy provides: • No Risk, Free Disaster Recovery evaluation and consultation. • DRaaS: Market-leading technology solutions ensuring secure, efficient data recovery. • Customized DR strategies: Tailored recovery solutions based on your business’s unique needs. • Expert support: Certified disaster recovery experts available 24/7 through GOVonomy’s Rapid Recovery Force. GOVonomy’s Four-Step Backup Process includes: 1. Complete data map and inventory: Identifying and securing all critical data. 2. Custom data recovery plan: Developing a plan tailored to your organization’s recovery needs. 3. Secure geo-redundant backup: Protecting data in multiple locations to ensure availability. 4. Continuous readiness reporting: Keeping clients informed of their recovery readiness through regular updates. The Importance of Regular Testing: o disaster recovery plan is complete without regular testing. If your team is unprepared or your systems haven’t been tested, the chances of smooth recovery diminish. GOVonomy emphasizes the need for quarterly tests, ensuring your team is fully trained and able to execute the recovery plan under pressure. Key aspects to test: • System dependencies: Ensure that all systems, applications, and services are restored in the correct order. • Data integrity: Test the integrity of restored data to avoid restoring corrupted or incomplete files. • Remote access: Ensure employees can access restored systems remotely, as many disasters will require teams to work offsite. Disaster recovery is about more than just getting systems back online – it’s about safeguarding the future of your organization and citizen stakeholders. With GOVonomy as your partner, you can ensure that your organization is always ready to recover, minimizing downtime, protecting data, and ensuring business continuity. GOVonomy ensures public sector organizations can face disasters head-on with confidence and resilience. When disaster strikes, having the right plan and the right partner in place can mean the difference between chaos and calm. Prepare for the worst, but with GOVonomy, recover better than ever. Contact GOVonomy today.
21 Oct, 2024
VIPRE Security Group has published its yearly email threat landscape report, titled Email Security in 2024: An Expert Look at Email-Based Threats. This comprehensive study is built on an analysis of over seven billion emails in 2023. Out of the seven billion emails analyzed , approximately one billion were found to be malicious. An alarming 276% rise in malware was recorded between January and December of 2023. While the Financial Services sector was identified as the most targeted with phishing and malspam emails accounting for 22% of all attacks, it's crucial to note that government and public sector organizations are also among the heavily targeted sectors. In fact, the government sector follows closely behind IT, healthcare, and education in the list of most targeted sectors. The report highlighted that 71% of phishing emails still utilize links as their primary method of baiting recipients. Among the most frequently spoofed URLs were those of prominent organizations such as Microsoft, Apple, DHL, Google, DocuSign, Amazon, and Dropbox. Furthermore, HTML attachments accounted for 52% of all malicious attachments, with PDFs increasing by 100% and EMLs seeing an astounding 4600% increase. In the last quarter, AgentTesla -- a .NET information stealer -- was responsible for the majority of malware attacks. The report also forecasted several troubling trends for 2024: an increase in QR code hacks, often referred to as quishing; a rise in the use of AI to create content for spam emails, including the use of deepfakes; further growth in highly personalized social media mining; and the widespread use of different file types and formats, particularly EML, to propagate phishing and malware attacks. In addition, a significant rise in state-sponsored attacks is anticipated, which poses a direct threat to government organizations. One particularly concerning finding is the increasing popularity of clean links. These links, designed to appear benign, have a higher success rate in duping users. EML attachments, despite being a consistent threat, saw a tenfold increase in Q4 2023. Due to their novelty, these attachments often bypass basic email security measures and pique users' curiosity, leading to increased engagement and risk for government sectors that may already be operating under significant cybersecurity constraints. AgentTesla, which emerged as the top malware family in Q4 2023, infiltrates target machines and harvests sensitive data from numerous qualifying browsers. Although the delivery of malware via email increased by 276% between January and December 2023, it accounted for only 5% of malspam overall. This indicates that it's easier for threat actors to trick end users than it is to bypass security solutions. While security systems are becoming more adept at identifying and curbing malware, they still lag in countering sophisticated social engineering attacks. Public sector IT leadership should consider contacting GOVonomy to take advantage of its free cyber security evaluation and roadmap creation offering. GOVonomy helps public sector organizations look at cyber security (including email) threats, many of which preventable with the right tools Unfortunately most public and private organizations don't know these tools exist because email doesn't always get the same kind of security attention as the rest of the network. Unfortunately, threat actors know this. Contact the GOVonomy team to schedule a free evaluation of your organizations existing cyber security plan. If no plan exists, GOVonomy team will create one for you – free of charge.

Contact Us

Sign Up for Email Cybersecurity Alerts.

Be the first to know of Cybersecurity Events affecting government both local and national departments in our newsletter.

Share by: