Tag Archives: Network Security

Tips to Avoid Security Breaches

According to a recent CompTIA report, even though people know what to do to avoid security breaches, they don’t always put this knowledge into practice. Employees can, however, take advantage of cybersecurity training in the workplace, learn to change passwords frequently, and implement other safeguards.

How to Identify a Phishing Scheme

The mouse arrow can be pointed at a suspected link exposing information you can use to identify an untrusted source. Another clue to be on the lookout for is a misspelling in the ‘reply to’ email address of the email. Third, hackers may use attachments that appear to be trusted (e.g., .txt or .doc)  to try to get personal information. Inspect the extension of the attachment to ensure they do not include “.exe” as this may launch a cyber attack as an executable program.

Be Aware of Spear Phishing

Spear Phishing is a form of social engineering designed to get you and your employees to divulge specific privacy information by using relevant and trusted information to influence your behavior. This could include banking, vendor, customer or other familiar information to trick you into providing account, password and other privacy data. Similar to phishing, these same clues can be a help in avoiding “spear phishing” attacks. You may also consider reaching out to customers, vendors or employees to authenticate an email’s source before taking action.

Monitor Your Network and  Use Security Information and Event Management Technology to  Cyber Attacks

There are many options to monitor your network for intrusions. Network monitoring can identify unauthorized access, unauthorized network login attempts, unexpected network traffic in terms of volume or time of day that all could point to Cyber Attacks. By using Security Information Event Management (SIEM) technologies, possible threats can be assessed, giving your business a holistic view of the most significant threats in real time. You may also consider penetration testing to simulate a cyber attack, in order to determine any vulnerabilities in your system and assess which ones are most crucial.

 

While technology can help deter cyber attacks, human beings always play a role in staying safe. Even if a phishing attempt is directed specifically at an employee, it can compromise an entire network. To learn more about how to respond to upcoming threats, contact your technology advisor today.

Cyber Crime

Keeping Your Network Secure

A network is only as strong as its weakest link, and if that weakest link is your security, that can compromise the revenue and the reputation of your business. Attacks just from ransomware have increased over the years, by 200% between 2015 and 2016 alone.  There are three fronts to consider: identify the hazards, use technical tools to protect your network, and educate your employees on cybersecurity. Read on to find out more about how to protect yourself.

Know the Hazards of Malware and Phishing Schemes

With so many businesses finding it necessary to gather, store and monetize customer data, this is an area of vulnerability. Malicious software, or “malware,” can take various forms, from worms and viruses to ransomware, which can hold your data hostage. Some types can simply make your system run more slowly, and some can steal or destroy data. Phishing schemes are designed to steal private data simply by an unwary recipient clicking a link. Technical tools are part of the protection plan.

Fight Cyber Attacks with Technology

There are plenty of technical tools and applications to keep your system safe. Firewalls and SPAM filters can keep unwanted network communications from coming in and going out. Anti-virus and anti-malware applications keep harmful worms, viruses and other malicious software from infiltrating your network. Be sure also to keep your antivirus and anti-malware programs up-to-date, to guard against the latest threats. Network monitoring can help stop attacks before they start, and operating system patches can fill in any security holes in the network. Along with these tools, be sure to train your employees to recognize security hazards.

Don’t Forget the Human Element

Employees can be the first line of defense against cybersecurity hazards. Teach your employees, through regular training, to recognize threats to your system’s security. Educate them to avoid “phishing” schemes by not clicking on links in email from suspicious sources, and how to recognize a suspicious email (often typographical or factual errors in the email are tip-offs). Finally, emphasize that cybersecurity is a team effort, and get them invested in helping keep your network safe.

Remember, your business is only as secure as your network. You are risking more than money if your network contains weak spots. Contact your technology advisor for assistance with protecting your network’s security.

Technology Trends

Is Your Network Ready for Business?

Your network is under continuous pressure to keep up with the growth of your business. Broadband networks providing instant connectivity are a core requirement for most businesses.  Your network needs to provide fast access to Cloud Services including Email, Online Backup, Unified Communications, Call Center and other applications.  Business systems will be expected to be constantly accessible by customers and employees alike, and your network needs to be ready for this demand. Not only does your network need to be efficient and flexible, it needs to be secure.

Consider SD-WAN for Efficiency and Flexibility

Software-Defined Wide Area Network (SD-WAN) technology, which has been a recently emerging technology, is expected to become common in the next few years. Research firm IDC expects this technology to grow by 69% by 2021. Revenue from this technology is expected to reach $2.3 billion in 2018 alone. Companies pursuing SD-WAN can mix and match networking solutions to get the most efficient and effective wide area connectivity.  Customers and employees have constant access to the Internet. With this access, however, monitoring and network security are vital.

The Role of Network Monitoring and Security

To have your network ready for business, it needs to be safe and secure. Not only does the network need constant monitoring, industry standards require rigorous compliance. For instance, online retailers need to keep their customers’ credit card information secure. Hospitals and doctors’ offices are required to comply with HIPAA. Even if your business is headquartered in the United States, you may need to comply with General Protection Data Regulation (GDPR). Endpoint security concerns include keeping anti-virus and anti-malware protections up-to-date.

Employees are the Front Line of Defense for Network Security

And don’t forget the human element. Train your employees to identify scam emails and phishing schemes, and not to click on unfamiliar links. Emphasize the importance of reporting malware, so you can keep your system secure.

If you are uncertain about whether your network is ready for business, contact your trusted technology advisor today for a network assessment.

Cyber Crime

Network Security Precaution for Meltdown and Spectre Vulnerabilities

The technology industry is working to patch two network security flaws known as Meltdown and Spectre Vulnerabilities. These hardware bugs can expose information being processed or stored in memory on your computer.

While there are no known exploits, malware or phishing schemes specific to these network security vulnerabilities, this reminds us of the importance of Network Security best practices to protect Windows PCs and Macs, as well as Android and Apple iOS Mobile Devices. While the industry rushes to patch these network security vulnerabilities, here are some considerations to protect your network.

Keep your Operating Systems Patches Up to Date

Make sure you install security updates for your operating system and applications. Apple (AAPL), Google (GOOG), and Microsoft (MSFT) have already released some patches. You can do this manually through automated updates, or subscribe to a managed service to keep your network current. Keeping your browser up to date will also prevent websites from attacking your processor to steal your password and other privacy data.

Don’t Forget Updates on Mobile Devices

The Meltdown and Spectre Vulnerabilities serve to remind us of the importance of keeping smartphones, tablet computers, and other mobile devices updated with the latest operating system and related security patches. Also, remember to download software only from trusted sources. Employers should remember to review acceptable use policies to ensure they are up to date and that employees comply with company mobile device acceptable use.

Train Your Employees on the Importance of Network Security

Your employees are on the front line of defense for network security. Through periodic education and training your employees will implement strong passwords and change them regularly. They will also be adept at identifying malware and phishing schemes to better protect your network.

Your network is the backbone of your technology infrastructure. Securing your network is a critical component of your technology strategy. If you have questions or concerns about your network security, contact your technology advisor today.

Cyber Crime

Closing the Door on Cyber Crime

Businesses today are under constant attack from Cyber Criminals. Ransomware,  including the WannaCry Virus , is an example of a top threat to avoid. With the risk of lost data, lost productivity and lost reputation, isn’t it time to close the door on Cyber Crime? Here are a few tips to defend your company from potential cyber attacks.

Document Operating System Security Patch Policies and Procedures

Take the time to review and update your documented security policies and procedures.  Security and related patch policy should identify who is responsible for application and operation of system patches and system updates. Clearly determine whose responsibility it is to apply the latest operating system and related security patches. Whether this process is manual, or done automatically through a managed service, be sure your employees know which is the case. Also, document your policies to verify all your systems are in compliance.

Review your Cybersecurity Framework

Avoid data breaches resulting from lack of Cybersecurity defence. Ensure your AntiVirus and Malware detection definitions are up to date. Utilize spam filtering and other Cyber Threat detection to protect your business. Consider penetration testing to identify any weaknesses on your network. Also ensure your employees are periodically trained to identify and avoid malware and phishing schemes. If you have suffered a data loss due to Cyber attack, ensure you have a communications plan to notify all stakeholders and authorities within adequate time frames. Having a solid data protection plan including Cloud Backup can minimize your exposure and increase your recovery time.

Study Machine Learning to Combat Cyber Threat

Cybercriminals are using automation, artificial intelligence and machine learning to trick you and your employees to take the bait on phishing, ransomware and other cyber attacks. Why not fight fire with fire? Leading Cybersecurity suppliers  are pouring millions of dollars into research and development to embed Machine Learning to detect and combat Cyber threats. This Machine-to- Machine combat will evolve over time and soon combine with artificial intelligence (AI) to train your employees on how to identify and avoid these cyber attacks in the event your perimeter security is breached.

Cyber threat and related Cyber attacks are a top concern for many business owners. Staying one step ahead to protect your business network is a constant effort. Contact your technology advisor to find out more how you can close the door on cyber crime today.

How is Your Network Health?

Proactive Network MonitoringYour network is the backbone of your IT Infrastructure. Your network health is also an integral part of your defense against Cyber threat. Cloud Computing, Communications and Collaboration, Data Protection, and Digital Transformation put more reliance on your network.  This begs the question, how is your network health? Ask yourself these three questions to find out the answer…

How Well Does Your Network Perform?

You rely on your network to communicate with your employees, customers, prospects, and suppliers. What’s more, your network links your company to public and private cloud services and applications that are critical to your business operations. Performance bottlenecks from social media, streaming applications, faulty hardware, and lost connections can impact your employees’ productivity. Offsite backup and other IT functions also rely on your network. Ensuring network health keeps systems running smoothly and available when you need them.

How Secure is Your Network?

Network security is an imperative for businesses of all sizes. Your business may face additional compliance requirements–for example, Payment Card Industry Data Security Standard (PCI DSS). Data protections standards are rapidly evolving, which could increase your responsibility and exposure to fines and penalties. General Data Protection Regulation (GDPR), the European Union’s data protection rules, could apply to your business regardless of your location.

Keeping your network in compliance through monitoring, endpoint protection, content filtering, and other network security detection and protection technologies is a good start. Train your employees on the implications of phishing emails and how to identify one. Teach them to avoid malicious links in unsolicited scam emails. Underscore the importance of a strong password and steps to take to keep data private.

How Efficient and Flexible is Your Network?

Technology advances at an exponential rate, ensuring access to enhanced technologies at an affordable price. Network solutions continue to evolve, providing better value and performance for your business. Software-Defined Wide Area Networking (SD-WAN) allows companies to mix and match networking solutions from multiple carriers in an efficient and effective manner. If properly optimized, SD-WAN provides you the best performance at the most competitive price.  What’s more, SD-WAN provides capability for failover for your most important voice and data systems.

Your Network Health is critical to your business success. Proactive network management keeps things operating smoothly without failure. If you are concerned about your network health, contact your technology solution provider and ask about a network health check today.

The Importance of Maintaining Network Compliance

Network SecurityLast month’s blog provided information about ways to “Avoid Being Held Hostage by Ransomware.” Eight days later, on May 12, 2017, there was a global outbreak of the Wanna Cry Virus. With Cyber Threats on the rise, the importance of maintaining network compliance is top of mind with business owners and IT professionals alike. Industry compliance regulations, including PCI, HIPAA, and SOX, drive best practices in Network Compliance. However, most businesses today rely heavily on their systems to access Cloud Services, Voice, and Data Networks for mission-critical applications that run their business. What can you do to maintain network compliance?

Automate Your Network Administration

Keeping operating systems and network configurations up to date is a top priority for network compliance. Each device that connects to your network needs to have up-to-date operating system security patches, anti-virus definitions, and malware threat prevention in order avoid un- intended intrusion of your network. There are abundant tools and managed services to help your business stay up to date without adding to your internal labor cost.

Proactively Monitor Your Network

Monitor your network to identify any systems that are out of compliance. Proactive monitoring can also identify unauthorized devices connected to your network. You can monitor your network traffic to identify unusual use of network bandwidth. Aside from slowing down your systems, excessive bandwidth may be the result of a malware-infected device that is exploiting your network.

Documenting Your Network Security Controls

Achieving compliance with documented security procedures including password policy, systems maintenance, backup procedures, and compliance measures, is critical to following most industry compliance regulations. It is a  best practice to update these procedures annually. Reviewing your Network Compliance policies gives your business an opportunity to stay up to date and serves as a reminder of the importance of maintaining network compliance.

Contact your Technology Advisor if you have questions about maintaining network compliance or other concerns regarding ransomware and other related Cyber Threats.

How to Avoid Being a Ransomware Hostage

RansomwareRansomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage?

Not All Ransomware is Created Equal

Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data.

An Ounce of Protection is Worth a Pound of Ransom

Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense.

Don’t Forget the Human Element

Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage. There are many resources to get training for your team. Periodic updates about threats and security procedures serve as a reminder to your employees to ensure they adhere to best practices.

If you need security training or are interested in a review of your network, security vulnerability, or other technology infrastructure, contact your Technology Advisor today.

Internet of Things: Reality or Myth

shutterstock_249161197_small4Technology is always evolving, with new ways to benefit always on the horizon. Like Mobility and Cloud, Internet of Things (Iot) is a shift in computing that will impact many businesses and organizations within the next few years. According to research from the Computing Technology Industry Association (CompTIA), IoT is expected to drive over 50 billion connected devices by  2020. Read on to explore why this new emerging area of technology is expected to grow at a dramatic pace.

Internet of Things (IoT): Why Now?

Internet of Things is driven by the ever-rising availability of computing power and storage capacity combined with the ever-lower pricing of these valuable services. Combining the availability of miniaturized low-cost sensors and chips with robust wireless network and software defined networking, the deployment of IoT is practical and affordable. What’s more, the standards for Internet Protocol v6 (IPv6) hurdle the limitation of 64-bit IP Addresses by adding 128-bit addresses to identify IP address connections. This moves the theoretical limits of connected devices from 30+ billion to over 30 trillion trillion trillion. That is a lot of connected devices compared to prior eras of computing.

Isn’t Internet of Things (IoT) Just for Consumer Devices?

We live in an age of consumerization of IT. This means innovations in technology are now derived from consumer applications and applied to business. In past eras of computing, innovations coming from government or universities’ investments trickled into consumers’ hands after passing through the business world. Many consumer-related devices and sensors are already deployed in the home. From climate control to smart TVs, our households are full of Internet of Things. CompTIA research of corporate IT and Business owners cited 6 in 10 organizations reporting some type of IoT initiative underway. Internet of Things is being adopted in a wide range of businesses for a wide range of applications.

What are the Benefits of IoT?

Respondents to the CompTIA survey cited the following top benefits of IoT: New and/or better customer experiences, better asset visibility and monitoring, cost savings and higher efficiency, new product/service revenue, new/better data for decisions, automating business processes, staff productivity gains, and automating factory / transportation /supply chains. Smart cities are using IoT to ease traffic, retailers use IoT to manage inventory, and fleet managers are using IoT to keep track of asset usage, among many other applications.

Whether you are considering a new IT project or adding onto an existing project, IoT may be an affordable addition to save money, improve customer experience, or increase customer loyalty. What’s more, you may benefit from new insights or revenue streams related to IoT technologies. Ask your trusted technology advisor how your company may benefit from Internet of Things.

 

Cyber Threats You Should Protect Against

Cyber SecurityDefending against Cyber threats is no easy task. Understanding the risks and designing a defense strategy are important steps in protecting yourself from Malicious actors and Cybercriminals. Staying current on Operating System and Application Patches, Restricting Network Access, and maintaining antivirus and malware protection are known ways to protect your network. Employee awareness and education on how to identify threats, and the importance of adhering to policies, also bolster your defense against cyber attack. If you’re not convinced, review the following Cyber threats you need to protect against.

 

How Malicious Software (Malware) Works

Malware is self-propagating software designed to infiltrate your network. This software can come in the form of a worm that will infect your network via your router via your Internet Protocol (IP) address. If it doesn’t find a hole in your network it may automatically update to scan for the next sequential IP Address, infiltrating and corrupting networks as it goes along. Avoid Malware by proactively scanning your network and keeping your network in compliance.

 

Why Phishing Could Put You Out of Business

Every year, millions of SPAM emails are sent to unwary recipients with the hope of collecting private and personal information including, account/password, privacy data and other information that can be exploited for profit. What’s more, Phishing is a popular way for Cybercriminals to distribute Ransomware, a form of malware that holds your systems hostage in exchange for payment. In the event of a data breach, your company may need to disclose the impact to customers and other stakeholders. In addition to ransom and legal fees, your company’s reputation may be on the line. Email protection and web content filtering are ways to protect against phishing schemes. It is also important to train your employees in how to identify and avoid these types of attacks.

 

Distributed Denial of Service Attack (DDoS)

Think of a Distributed Denial of Service Attack (DDoS) as a flood of system-generated traffic attacking your business infrastructure, designed to take you offline from the Internet. Hackers may try and extort your business or use DDoS in retaliation. Many Cloud Providers have excellent resilience and redundancy to defend against DDoS. If you rely on your own infrastructure, be sure to monitor for unusual activity and have a plan for failover in the event of a DDoS attack on your business.

 

Cyber attack threatens businesses large and small. Planning and network protection, combined with training, are your keys to defending against unintended data loss and business interruption due to Cyberthreats. Contact your Network Security specialist to find out what you can do to prevent a Cyber attack on your business.