NorthStar Blog

20
Jul

Orion Weekly: Pack your bags!

Watch today's Orion Weekly to learn more about data queries to support GIPS, an Orion Ascent update, and a custom onboarding experience with Catalyst.

The post Orion Weekly: Pack your bags! appeared first on Orion Advisor Services.

18
Jul

Are You All Packed for Your GIPS Verification?

GIPS verification

We worked closely with a verification firm to build GIPS verification queries to help our Advisors get data they need to become GIPS compliant.

The post Are You All Packed for Your GIPS Verification? appeared first on Orion Advisor Services.

14
Jul

Don’t Let Malware Make You “WannaCry”

Content contributed by NorthStar IT

On May 12, 2017, an unpresented wave of ransomware spread via the internet hitting organizations and individuals around the world. The ransomware known as “WannaCry” quickly became front page news.  The purpose of the ransomware, developed by cyber-criminals, was to extort money. The way it accomplished this was to infect unpatched Windows PCs and encrypt 176 different file types (picture files, documents, spread sheets, video files, database files, etc.) leaving the files inaccessible. Then, to unencrypt the files, a ransom had to be paid using the cryptocurrency known as Bitcoin. Average ransom amounts started at $300 and increased incrementally over time until, at seven days, if unpaid, all encrypted files were permanently deleted from the user’s system and lost forever.

The was delivered through a hyperlink that could be embedded in emails, web page advertisements, or in a Dropbox links. If a user clicked on any of these links, the PC secretly accessed a website where the virus resided. If the PC did not have the appropriate PC patches or anti-virus software installed, the PC downloaded malicious code which then started the file encryption process and displayed the following message:

Hundreds of thousands of PCs around the world were impacted by this virus. Hospitals, banks, and telecommunications companies were some of the hardest hit industries.

(CLS, Orion, and The Gemini Companies) avoided this outbreak. But how?

At NorthStar, before any computer traffic enters the network, it has to pass through a series of hardware devices and software which closely inspects all bits and bytes for malicious content. Based on very complex and sophisticated rules, logic, and algorithms, some traffic is blocked outright, some is quarantined for review, and the rest is allowed onto the network. However, even with these tools in place, it is possible for new variants of malware to come up and make it past these tools. In the event something does slip through our perimeter defenses, NorthStar also has tools that reside on servers, desktop PCs, and laptops to contain and mitigate any compromise. These tools add an additional layer of protection to detect, prevent, quarantine, and clean malicious content from end-point devices (PCs, Laptops, SmartPhones, etc.).

For those who are interested in technical details, below is a list of many of NorthStar’s security tools and what they do:

  • Email Security Gateway: this product scans all inbound emails and searches them for malicious attachments and embedded links that could take users to malicious sites. If found, the software will quarantine the emails for review or outright delete them if known to be malicious.
  • Intrusion Detection\Intrusion Prevention Systems (IDS\IPS): These systems inspect network traffic at a very low level (bits and bytes). Upon detection of suspicious content, they will automatically block it before it can enter NorthStar’s systems. In addition, these systems filter out traffic from specific geographical locations known to be the source of malware (e.g. Russia, Iran, etc.).
  • Advanced Network Anti-Malware: These systems scan for and detect attacks and malicious network packets as well as command and control communications. “Command and control communications” is when malware communicates back to a home base for additional attack code or content. WannaCry is an example of malware that uses command and control communications.
  • Web Filtering: Web filtering programs block access to sites that have known malicious content. NorthStar’s web filtering software is actively updated with lists of malicious sites, so as soon as any site is registered or detected to have the ability to spread malicious content, it is automatically updated and will block users from accessing those sites.
  • Advanced EndPoint Anti-Malware: This is advanced anti-malware tools installed on the (PC installed). It works similarly to and in conjunction with NorthStar’s Advanced Network Anti-Malware, but on the PC level as opposed to the network level.
  • Anti-Virus Software: This is a traditional anti-virus program which actively scans and monitors traffic to and from each PC looking for malicious software. In addition, the software utilizes traditional virus scans of a PC’s local hard drive to detect anything that might be on the hard drive, but not active.
  • Log Collection: This is a system which collects and analyzes PC, server, and network logs looking for questionable activity WITHIN the internal networks searching for activity that could get in via an internal source like a PC USB port, a DVD, or personal computer plugged into a company network port (which is strictly forbidden in our Employee Policy Manual).
  • NorthStar also has robust data recovery tools that can be used to quickly recover systems and data if such an attack like this was successful and original files needed to be restored.

In addition to having the above tools in place, NorthStar ITOC took the following additional steps and precautions when the WannaCry outbreak was discovered:

  • NorthStar double checked that the appropriate Microsoft patches were installed which stop this virus.
  • NorthStar enabled Snort Rule 42340 – A new rule for our IDS\IPS systems which was developed to stop WannaCry once it was detected and started spreading.
  • NorthStar confirmed firewalls were blocking malicious traffic on the specific ports\channels the virus communicated over.
  • NorthStar confirmed TOR network blocking – TOR is an external anonymous network that is notorious for spreading malicious content, so we doubled checked our settings to make sure we were blocking this traffic.
  • NorthStar confirmed all Advanced Malware Protection systems and software had been updated to detect this ransomware signature.
  • NorthStar confirmed the email security gateway was scanning for this specific

As you can see, NorthStar takes cybersecurity very seriously. From the technical tools in place to the audited and certified ISO 27001 processes and controls, NorthStar is committed to investing the necessary time and money for industry leading technology, processes, and people.

2709-CLS-7/12/2017

13
Jul

Join Orion SMEs and a World Extreme Ski Champion at Ascent 2017

Join Orion SMEs and a World Extreme Ski Champion at Ascent 2017! Our keynote speaker is one of the most adventurous people in the world. Watch the Weekly to learn more.

The post Join Orion SMEs and a World Extreme Ski Champion at Ascent 2017 appeared first on Orion Advisor Services.

11
Jul

Fuse 2017 Judge Profile: Tina Powell

Fuse Judge Tina Powell

Learn more about Fuse 2017's Tina Powell, one of the judges for this year's event. Find out what Tina is looking forward to most this year.

The post Fuse 2017 Judge Profile: Tina Powell appeared first on Orion Advisor Services.

06
Jul

Fuse 2017 Brings New Fintech Innovation This September

In today's Orion Weekly, get the inside scoop about what to expect from Fuse 2017, our annual development that sets the fintech innovation for the year.

The post Fuse 2017 Brings New Fintech Innovation This September appeared first on Orion Advisor Services.

05
Jul

Using Orion to Track Alternative Investments

Alternative Investments

Alternative investments are on the rise. As an advisor, tracking your client's alternative investments allows you to report on their full financial status.

The post Using Orion to Track Alternative Investments appeared first on Orion Advisor Services.

29
Jun

Don’t Let Orion Ascent Early Bird Pricing Fly By!

Orion Ascent Early Bird pricing comes to an end tomorrow. Don't let this deal on our national user conference fly by before you register!

The post Don’t Let Orion Ascent Early Bird Pricing Fly By! appeared first on Orion Advisor Services.

27
Jun

Simplify ADV Reporting, View Moody’s Ratings, and More with These New Software Updates

Explore features from our May software update that will streamline your performance. Learn how to simplify ADV reporting, view Moody's ratings and more.

The post Simplify ADV Reporting, View Moody’s Ratings, and More with These New Software Updates appeared first on Orion Advisor Services.

22
Jun

How to Build Your Digital Client Experience with Orion’s Tech Solutions

Watch today's video to learn about using our tech to build a digital client experience, and get more info on one of our Orion Ascent 2017 learning trails.

The post How to Build Your Digital Client Experience with Orion’s Tech Solutions appeared first on Orion Advisor Services.