Tag Archives: anti-malware

The Importance of Maintaining Network Compliance

Network SecurityLast month’s blog provided information about ways to “Avoid Being Held Hostage by Ransomware.” Eight days later, on May 12, 2017, there was a global outbreak of the Wanna Cry Virus. With Cyber Threats on the rise, the importance of maintaining network compliance is top of mind with business owners and IT professionals alike. Industry compliance regulations, including PCI, HIPAA, and SOX, drive best practices in Network Compliance. However, most businesses today rely heavily on their systems to access Cloud Services, Voice, and Data Networks for mission-critical applications that run their business. What can you do to maintain network compliance?

Automate Your Network Administration

Keeping operating systems and network configurations up to date is a top priority for network compliance. Each device that connects to your network needs to have up-to-date operating system security patches, anti-virus definitions, and malware threat prevention in order avoid un- intended intrusion of your network. There are abundant tools and managed services to help your business stay up to date without adding to your internal labor cost.

Proactively Monitor Your Network

Monitor your network to identify any systems that are out of compliance. Proactive monitoring can also identify unauthorized devices connected to your network. You can monitor your network traffic to identify unusual use of network bandwidth. Aside from slowing down your systems, excessive bandwidth may be the result of a malware-infected device that is exploiting your network.

Documenting Your Network Security Controls

Achieving compliance with documented security procedures including password policy, systems maintenance, backup procedures, and compliance measures, is critical to following most industry compliance regulations. It is a  best practice to update these procedures annually. Reviewing your Network Compliance policies gives your business an opportunity to stay up to date and serves as a reminder of the importance of maintaining network compliance.

Contact your Technology Advisor if you have questions about maintaining network compliance or other concerns regarding ransomware and other related Cyber Threats.

How to Avoid Being a Ransomware Hostage

RansomwareRansomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage?

Not All Ransomware is Created Equal

Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data.

An Ounce of Protection is Worth a Pound of Ransom

Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense.

Don’t Forget the Human Element

Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage. There are many resources to get training for your team. Periodic updates about threats and security procedures serve as a reminder to your employees to ensure they adhere to best practices.

If you need security training or are interested in a review of your network, security vulnerability, or other technology infrastructure, contact your Technology Advisor today.

Cyber Threats You Should Protect Against

Cyber SecurityDefending against Cyber threats is no easy task. Understanding the risks and designing a defense strategy are important steps in protecting yourself from Malicious actors and Cybercriminals. Staying current on Operating System and Application Patches, Restricting Network Access, and maintaining antivirus and malware protection are known ways to protect your network. Employee awareness and education on how to identify threats, and the importance of adhering to policies, also bolster your defense against cyber attack. If you’re not convinced, review the following Cyber threats you need to protect against.

 

How Malicious Software (Malware) Works

Malware is self-propagating software designed to infiltrate your network. This software can come in the form of a worm that will infect your network via your router via your Internet Protocol (IP) address. If it doesn’t find a hole in your network it may automatically update to scan for the next sequential IP Address, infiltrating and corrupting networks as it goes along. Avoid Malware by proactively scanning your network and keeping your network in compliance.

 

Why Phishing Could Put You Out of Business

Every year, millions of SPAM emails are sent to unwary recipients with the hope of collecting private and personal information including, account/password, privacy data and other information that can be exploited for profit. What’s more, Phishing is a popular way for Cybercriminals to distribute Ransomware, a form of malware that holds your systems hostage in exchange for payment. In the event of a data breach, your company may need to disclose the impact to customers and other stakeholders. In addition to ransom and legal fees, your company’s reputation may be on the line. Email protection and web content filtering are ways to protect against phishing schemes. It is also important to train your employees in how to identify and avoid these types of attacks.

 

Distributed Denial of Service Attack (DDoS)

Think of a Distributed Denial of Service Attack (DDoS) as a flood of system-generated traffic attacking your business infrastructure, designed to take you offline from the Internet. Hackers may try and extort your business or use DDoS in retaliation. Many Cloud Providers have excellent resilience and redundancy to defend against DDoS. If you rely on your own infrastructure, be sure to monitor for unusual activity and have a plan for failover in the event of a DDoS attack on your business.

 

Cyber attack threatens businesses large and small. Planning and network protection, combined with training, are your keys to defending against unintended data loss and business interruption due to Cyberthreats. Contact your Network Security specialist to find out what you can do to prevent a Cyber attack on your business.

Cybersecurity is Everybody’s Business

Cyber SecurityIt is no surprise, technology flattens the world for many businesses. What’s more, nearly every business sector finds it necessary to collect, maintain, analyze, and monetize user data. Many think Cybersecurity risks only apply to highly regulated industries, such as legal, healthcare and financial services.

Cybersecurity Risks Go Beyond Borders

Factors outside industry, including geographic considerations and sensitive consumer data, can create cybersecurity risks that need to be managed. These factors run the gamut of domestic and international laws, regulatory bodies, and private-party business agreements. Cybersecurity compliance can touch every business to some degree.

Internet of Things (IoT) and Cybersecurity

Adding to the list of concerns are non-traditional technologies entering your businesses network. IP-enabled technology called Internet of Things (IoT) is rapidly being adopted in the workplace.  The Cybersecurity threat is moving beyond desktops, laptops and services. A new generation of mobile devices–Point of Sale (POS), IP video surveillance, embedded sensors, VoIP, and others–is just the first wave of emerging technologies that need to be secured.

How to Minimize Cybersecurity Risks

There are many things a business can do to reduce Cybersecurity threats. According to the Computing Technology Industry Association (CompTIA), the following elements are the building blocks for a cybersecurity program:

  • Documented policies, procedures & standards

  • Asset management

  • Identity & access controls

  • Risk management

  • Vendor management

  • Physical & environmental security

  • Compliance

  • Privacy

  • Remote access

  • Data backups

  • Data destruction

Cybersecurity threats are a reality of today’s world. The risks of data compromise and/or loss can cost more than dollars; such risks can cost your reputation. Your business is only as secure as your Network. If you have questions about your business needs, ask your technology advisor about how to manage Cybersecurity threats to your business.

What is Distributed Denial of Service, and What Does it Mean to You?

Cyber SecurityWe all know, not being able to get on the WiFi is annoying. But worse still, Distributed Denial of Service (DDoS) attacks can impact  your business and even interfere with vital infrastructure such as electrical grids. According to Forbes’s Michael Krancer, an attack in 2015 knocked 80,000 electrical customers offline for three hours. Other recent attacks put several eCommerce and Internet Server Providers out for hours. In a world where people are always connected to computers, such an attack is becoming all the more common.

What is Distributed Denial of Service?

A Distributed Denial of Service (DDoS) attack occurs when devices connected to the Internet are used to flood a business’s server with data, and make it unavailable to customers (and potential customers). Unlike a simple Denial of Service, a Distributed Denial of Service is an attack on a large, perhaps global, scale. Botnets, networks of devices controlled remotely, are used by malware authors to send huge amounts of junk data to servers. Devices can include cameras, smartphones, or PCs—any device connected to the Internet. Internet of Things (IoT) and other IT trends will fuel the expansion of connected devices. The effect is to exhaust server resources with fake or incomplete information requests, and render the business’s website unavailable to legitimate customers. Attacks can happen on the bandwidth or application layer, or from sheer volume.

What Does a Distributed Denial of Service Mean to You and Your Business?

First, it means loss of legitimate traffic. Your customers can’t access your website, and of course can’t buy products and services from you, costing your company revenue. According to a report by Incapsula cited in a Security Week post, a typical attack lasting 6 – 24 hours can result in a loss of half a million dollars. Second, non-financial costs–loss of trust from customers, loss of intellectual property, and exposure of confidential data–also result.

What Can You Do to Be Prepared for a DDOS Attack?

The primary purpose of protection is to detect and mitigate attacks. As DDoS attacks target multiple systems, be sure to protect on multiple fronts. Be sure to monitor call centers and other customer-facing systems. Mission-critical systems should have redundancy and failover. All of these defenses should be part of your business continuity plan, in the event of a natural—or man-made—disaster.

If you are unsure about your readiness to survive a DDOS or need assistance in protecting yourself, contact your trusted technology advisor today.

Having Trouble Managing Cyber Attacks? You’re Not Alone!

Cyber SecurityWe all read about Cyber attacks in the news. There is no denying the loss of productivity from a virus-infected laptop or the embarrassment of hacked email. With threats from Ransomware on the rise, it is no surprise leading market analysts Juniper Research, predict the cost of data breaches to $2.1 trillion globally by 2019, an increase of nearly four times the cost of breaches in 2015.

Why Cyber Attacks are on the Rise

Now here is the surprise: according to a recent report by the Ponemon institute, 79% of IT and IT security professionals report they lack the proper infrastructure to identify and defend against cyber attacks. Lack of tools and resources was cited as a reason why they felt their Cyber defense systems were nonexistent, partially deployed, or inconsistently deployed.

Check your Network For Cyber Vulnerability

Due to the risk and exposure of Cyber Attack, there are a number of tools and techniques you can deploy to identify vulnerabilities. Here is a short list to check your network health:

  • Check firewall security settings. Ensure your company is protected from malware attacks, hackers, and viruses.

  • Scan for spyware. Malware and other unauthorized access can silently steal your company’s bandwidth, which can slow your computer systems while stealing confidential information about you, your employees, and your business.

  • Verify your network’s backup system to ensure it is working properly, and is consistently backing up all of the critical files and information.

  • Ensure you have the up-to-date operating system and security patches on your network.

  • Diagnose slow and unstable PCs that may be vulnerable.

Taking these important steps may save you thousands of dollars, along with hours or days of IT Headaches. If you feel you are lacking the tools or expertise to defend yourself against Cyber attacks, contact your Trusted IT advisor and ask for a comprehensive network health check.

What is Ransomware and How to Protect Against It

RansomwareRansomware is a type of malware designed to block access to your computer until a sum of money is paid. Ransomware issues have impacted many individuals with home computers; however, it is only a matter of time before this malicious software attacks business. Starting with Cryptolocker in 2013, Ransomware exploits have become increasing sophisticated and have cost individual companies thousands of dollars in ransom.

Here are some tips to take to help your business avoid being held captive by Ransomware.

Backup to the Cloud to Recover from a Ransomware Attack.

An inadequate backup strategy without real-time backups or offsite backup could hamper your ability to recover from a Ransomware attack. Being able to recover data from your Cloud Backup could get your systems up and running in a hurry, avoiding the need to pay ransom.

Keep Your IT Assets Up to Date and in Compliance

If your systems get behind in operating system and applications patches and updates, you may create a security hole that can be compromised by Ransomware. Many managed security and managed service offerings include proactive management and delivery of these important updates so your network will not be held hostage by ransomware.

Training Your Employees to Detect and Report Ransomware

Your employees are your front line of defense when it comes to your systems security. Make sure your employees know how to identify a phishing email and understand the risks of opening documents and attachments (including unfamiliar file extensions or .exe file formats) from unauthorized sources. Ensure your employees understand what Ransomware is and how it can impact your company’s productivity and drain financial resources. Make sure employees are clear on procedures to quickly report any security breach to avoid widespread distribution of a Ransomware attack.

To avoid unnecessary downtime and costs associated with Ransomware, it is important to proactively protect your computer systems. If you have any questions about steps to take to avoid Ransomware in your organization, contact your trusted technology advisor.

The Benefits of Fixed-Price IT Managed Services

shutterstock_163229387More and more, we hear of security breaches that are derailing business’s activities, whether such problems are malicious software (“malware”) designed to grab privacy information from an employee, a computer crash or even a natural disaster such as an earthquake. A data breach can put customers’ personal information in peril, thereby causing embarrassment and even costing steep fines. This is why it is important to hire a reputable IT managed service provider before you need one. Businesses rely on their IT systems to do day-to-day business, and most of the time, things go as they should. But what about when they don’t?

Proactive IT Support is Worry Free

Taking a proactive approach to IT assistance is key. Before you need one, find a reputable IT provider. With your IT provider, draw up a managed service agreement/service level agreement so you know what services they will take care of – remote and local backup, recovering lost and corrupted files, network security updates and even unforeseen computer repairs. Keeping systems up to date will help prevent downtime. Proactive IT support converts the unexpected costs of reactive problem-solving into the more stable, budget-friendly cost of preventive maintenance and support. With fixed-price IT support, there are no surprises that can play havoc with the company’s budget and productivity.

Aligning Your IT Service Delivery Costs With Business Value

By fixing IT Service costs with an IT Managed Service agreement,  your service provider has incentive to proactively ensure everything is working smoothly. Instead of billing by the hour related to problems, a fixed-priced arrangement covers most incidents. It is in the best interest of your IT Managed Service Provider to help you proactively prevent IT problems—it keeps their costs (and stress level) down so they can serve you over the long haul.

Remote Support Saves Time and Money

Many problems can be detected and resolved remotely. In addition, services including malware and antivirus protection, O/S patching and other routine services can occur outside of normal business hours to minimize disruption of your employees. This adds up to fewer problems and more productivity for your business.

As the saying goes, an ounce of prevention is worth a pound of cure. Finding a reputable IT managed service provider and drawing up a service-level agreement, along with a proactive approach, can help prevent potentially costly problems before they start.

New Year’s Resolutions for Your IT Systems

shutterstock_326576246Are your IT Systems on the naughty or nice list? Do you proactively monitor your networks for compliance, cyberthreat and performance? Are your data back ups up to date? Have you begun your migration to the Cloud? Are you getting the most from your broadband network? Have you trained your employees on the risks of cybersecurity attacks and do they change their passwords regularly? Here is a list of things to add to your list of New Year’s resolutions for 2016.

Proactive Network Monitoring

Your networks should be periodically monitored to ensure application and operating system (O/S) patches are up to date. In addition, you should maintain your anit-virus definitions and keep your malware threat detection up to date. By doing so, you could prevent an unwanted cybersecurity breach and data loss. Worse, loss of reputation resulting from data leaks or loss.

Beyond Backup

There are a variety of remote back up and data protection solutions to ensure you can recover your systems to keep your business running. It is a good idea to test those backups periodically to ensure you can restore your data quickly. Many older tape backup solutions can be slow and unreliable. What’s more, there are many new file sync and sharing solutions allowing your employees to securely access information anywhere. We put more and more reliance on our applications to run our daily operations, so make sure your data is protected in 2016.

Lift Your Business to the Cloud

Cloud Solutions offer many advantages over premise based systems. Using subscription based services help ensure you are always on the latest version. What’s more, you can shift some of your IT costs from a capital expense (Capex)  to an operating expense (Opex). Starting with migrating email, which is an easy first step, to clean up inboxes, secure and encrypt your communications and take many hassles out of IT. Considering following on with files, applications, single sign on and other IT infrastructure to gain the full benefit of Cloud Computing.

Broadband Network Review

Business class Internet services are as affordable as they have ever been. Consider a telecom expense audit to see if you are getting the most bandwidth for the buck. You may not only save money, you may increase your bandwidth and network performance. With mobile computing, cloud computing and eCommerce on the rise, it is important to get the most from your Broadband network.

Cyber Security Training for Employees

Ensure your employees can identify malware threats, man in the middle attacks, phishing schemes and other Cyber Security hacks. Your employees should have a good understanding of what to do in the event of a data loss (for example lost mobile device) and change their passwords periodically. Your employees are your first line of defense against Cyber Attack, so take the time to remind them of their role in protecting your IT Systems.

This is the time of year to spend with family and friends and reflect on the past, while looking forward to the future. Resolve to be the best you can be in 2016 and ensure your IT Systems are ready for prosperity in the new year.

Does Your Business Need Network Monitoring?

According to a recent Trends in Information Security report by CompTIA, malware, hacking, privacy and data loss/leakage top the list of serious concerns over security threats. Companies large and small have been victims of these security threats. While large corporate security breaches makes the news, smaller companies may not have the vigilance to detect, and the resilience to survive a network security breach. Hackers have evolved and are now more sophisticated than ever. Network Monitoring can identify security exploits before it is too late.

 

Network Monitoring is Proactive

Just like getting your vital signs checked at the doctor’s office, network monitoring is a proactive way to detect a network security threat. Network Monitoring scans for viruses, malware, patch compliance and any unauthorized access to help determine network health and compliance. By using intrusion detection when a system has been breached, you are immediately notified. It’s important to proactively monitored your network and act swiftly.

Network Monitoring Saves You Time and Money

By remotely monitoring and managing your network and related IT assets, your IT Service Provider may be able to detect and remediate security issues without ever coming to your office. This will result in an overall reduction of IT costs. Routine IT tasks, including Patch Management will ensure that all Application and Operating System (O/S) patches are up to date thus protecting your business against vulnerabilities. In addition, keeping software up to date may give you productivity features and benefits.

Avoiding Downtime and Increasing Security

Secure remote support is an important element for delivering an IT Managed Service. In addition to remote support, many IT Service Providers offer remote network monitoring, managed backup and managed security in their IT Managed Service offerings. By adopting the Managed Service Model your IT Service Provider can proactively manage your IT needs in a secure and cost effective manner.

Don’t wait until you have a security breach to add proactive network monitoring to your line of security defense. If you have concerns about your network security contact your IT service provider today.