Tag Archives: mobile device

Cyber Crime

Network Security Precaution for Meltdown and Spectre Vulnerabilities

The technology industry is working to patch two network security flaws known as Meltdown and Spectre Vulnerabilities. These hardware bugs can expose information being processed or stored in memory on your computer.

While there are no known exploits, malware or phishing schemes specific to these network security vulnerabilities, this reminds us of the importance of Network Security best practices to protect Windows PCs and Macs, as well as Android and Apple iOS Mobile Devices. While the industry rushes to patch these network security vulnerabilities, here are some considerations to protect your network.

Keep your Operating Systems Patches Up to Date

Make sure you install security updates for your operating system and applications. Apple (AAPL), Google (GOOG), and Microsoft (MSFT) have already released some patches. You can do this manually through automated updates, or subscribe to a managed service to keep your network current. Keeping your browser up to date will also prevent websites from attacking your processor to steal your password and other privacy data.

Don’t Forget Updates on Mobile Devices

The Meltdown and Spectre Vulnerabilities serve to remind us of the importance of keeping smartphones, tablet computers, and other mobile devices updated with the latest operating system and related security patches. Also, remember to download software only from trusted sources. Employers should remember to review acceptable use policies to ensure they are up to date and that employees comply with company mobile device acceptable use.

Train Your Employees on the Importance of Network Security

Your employees are on the front line of defense for network security. Through periodic education and training your employees will implement strong passwords and change them regularly. They will also be adept at identifying malware and phishing schemes to better protect your network.

Your network is the backbone of your technology infrastructure. Securing your network is a critical component of your technology strategy. If you have questions or concerns about your network security, contact your technology advisor today.

Migrating to the Cloud – How to Avoid Turbulence

shutterstock_151484726__smallMigrating to the Cloud can be bumpy if you are not prepared. Chances are you have already started migrating to the Cloud. Without realizing it, you may be accessing the Cloud by using mobile and web based applications and services that store and share your data from the Cloud. According to International Data Corporation, (IDC) public IT Cloud services (SaaS, PaaS, and IaaS) spending will reach $127 billion in 2018. The Cloud will outpace the total IT market at a rate of more than five times. With this shift, companies are migrating to the Cloud at a rapid pace, so it is important to plan your Cloud migration to avoid any unnecessary turbulence.

Low Hanging Fruit for Cloud Migration

Many applications lend themselves to Cloud migration. Communications and collaboration applications including Email, Voice and Web conferencing are great places to start your Cloud Migration. The Cloud can offer a secure, reliable and affordable alternative to maintaining these systems on premise. Along with providing additional capability, such as, File Sync and Sharing, previously unavailable from premise based solutions. Many companies have started their Cloud migrations with these subscription services to gain quick benefits from Cloud Computing.

Planning Your Cloud Migration

Moving your applications and their data to the Cloud, along with reliable data protection and online backup, should be carefully planned. First, determine which applications are candidates for Cloud Computing. When moving files, applications and back ups for data protection to the Cloud, consider your data volumes and network bandwidth. When this business infrastructure is in the Cloud you will need reliable connectivity to access critical information.

Maintaining Security in the Cloud

One of the many benefits of Cloud Computing is cross platform access to your applications via mobile devices, including smartphones and tablets. If not carefully planned, deployment of these Cloud Solutions may add additional strain on your wireless network. You may also increase your security risks, as mobile devices are susceptible to loss. Ensure you have a security policy for company owned and individually owned devices that access your company network, to mitigate risks of Cloud Migration.

Cloud Computing will provide your company with many benefits including better collaboration and shifting your capital expense to operating expense. Consult your Cloud Services expert to plan your migration and avoid any turbulence along the way.

Mobile Hotspots – Is Your Business At Risk?

With almost one billion mobile connections in place, it is easy to understand why these devices are targeted by hackers. Employees connecting at Starbucks, in airports, on planes and in hotels open themselves up to additional security breach risk by accessing information through mobile hotspots. Mobile hotspots can be easy targets for hackers by setting up spoofs to get your employees to unknowingly log into unsecure networks, making them vulnerable to Man in the Middle (MitM) exploits. As an employer, it may be impossible to prevent employees from using hotspots, so it is very important to take steps to protect your business. Below is an example of how hotspot hacking works and how businesses with mobile users can protect themselves.

Is Your Mobile Device Hackable?

According to research by Gartner, almost half of us will first turn to a mobile device for online tasks. Business users in particular rely on mobile connectivity to be productive. Using a open Wi-Fi hotspot may put you and your business at risk of hacking. Most people are aware of the risks, however it comes down to convenience. Hackers can use software that makes a mobile device appear to be connected to a familiar Wi-Fi network, but in reality, all traffic is routed through an imposter that captures your data (MitM). Many mobile applications attempt to stop this type of proxy attack by ensuring a secure, end-to-end SSL connection refusing to make an unencrypted login. However, mobile applications may not always verify the secure SSL connection is actually secure.

Does Your Business Needs a VPN to Protect Mobile Users?

A Virtual Private Network  (VPN) is a network that is constructed by using public wires — usually the Internet — to connect to a private network, such as a company’s internal network. There are a number of systems that enable you to create private networks using the Internet as a way for transporting data. These systems use encryption and other security mechanisms to allow only authorized users to have access. One benefit of having a VPN service is the ability to integrate network security policy and enforcement under a single management platform, meaning remote VPN clients automatically inherit a standard set of policies upon login.

Stay Safe by Educating Your Employees

We may know not to use unsecure Wi-Fi, but getting your employees to do so, may be harder. Educating your employees is a first line of defense to prevent data loss and data leak. Training on the threat, exposure and risk of a data leak or loss reminds your employees to be aware.

If you feel your network should be more secure, contact your IT Service Provider to find out how to protect your network within your budget and the security requirements of your business.

Wearables are Fashionable, But Are They Secure?

Wearable technology, especially Smartwatches, including the Apple Watch, the Samsung Gear, and the Microsoft Band, are all the rage and are expected to become even more popular over the coming years. According to the International Data Corporation (IDC), 2015 will see as many as 72.1 million wearables shipped. They are popular and fashionable, but do they leave your network open to potential security breaches?

 Wearables and Security Risks

Wearables represent another attack target for the cybercriminals who are currently enjoying the opportunities presented by mobile devices. Wearables have the same potential for data leakage, data loss, and industrial espionage as mobile devices.

Some security experts agree that the current wearables have a limited attack surface. Other experts believe that there is a risk of a hack and warn that the danger could increase. Future wearables will likely behave as current mobile devices, making them far more appealing than computers for cybercriminals. Like computers, wearable devices are built on familiar operating systems and have vulnerabilities. Because security and privacy are not a priority for developers, these devices are not being built with security front of mind.  Considering that some companies encourage employees to bring their own devices, security threats of wearables should be incorporated into a firm’s policies.

Bring Your Own Device Policy and Wearables

Bring Your Own Device (BYOD) policies, in which companies give employees the choice to use their own iPhones, iPads and Android smartphones for work, is a trend that business cannot avoid. A number of firms still do not have adequate policies, controls, or even the right technology. Some say a BYOD policy should include wearables because of the security threats associated with such technology.

Smartwatches are still in their infancy, and we will see them grow and change. Having a BYOD policy in place for your business will help minimize exposure to security threats. Including wearables in your plan is advised. Please contact your IT expert if you have any questions about how wearables could impact your business.

Windows 10 – Best Windows Ever?

windows-10The new Windows 10 operating system is purported to be the best Windows ever. The combination of ease of use for new users, automatic updates, and built in security features is causing small to medium sized businesses to breathe a sigh of relief as business owners dream about spending less time and money on training and more energy on making money – finally.

Windows 10 is Easy to Use

The new OS combines the interface of Windows 8 with the Start menu of Windows 7. This is a godsend for small business, because it means not having to train employees to complete mundane tasks, such as syncing a Bluetooth device. Such options are readily available on the Start menu now. The Windows 10 Start menu is designed to be easy for new users. Check out some of the things users can now do right from the Start menu:

  • Find settings
  • Reboot
  • Launch applications and place apps into the program list
  • Find documents
  • Adjust desktop resolution

In addition, the new OS is designed for all platforms, especially smartphones. When using Windows 10 on your smartphone, it will only display the finger-control interface. All in all, Windows 10 is great for SMBs who want to avoid high training costs.

Automatic Updates!

Microsoft experienced the pain first-hand of customers complaining about having to upgrade from Windows XP and later from Windows 7 to 8. Microsoft Vice President for Operating Systems, Terry Myerson, explained that the company never wants to be in the position of having to convince people to buy the next version of Windows again. The plans for Windows 10 include a continuous series of upgrades performed automatically. This means that in the future, questions about what version of Windows you’re running will become meaningless because everyone will have the same version as universal upgrades begin to take effect, making business as seamless as ever.

Enhanced Security Features

Windows 10 is offering new ways to protect users from dynamic script-based malware and other forms of cyberattack. Specifically, they’re using AMSI (Antimalware Scan Interface), an interface standard that allows applications and services to integrate with any existing antimalware product on your PC. Applications can use AMSI to scan files and employ other techniques to identify malicious behavior. This means that your device will automatically be inspected on a much deeper level than before.

Windows 10 has made quite the leap, and those who have tested the new OS report only good news. To learn more about how the new Windows 10 OS can improve your small to medium sized business, contact your trusted IT advisor today. 

Bandwidth Bottleneck Coming to an End?

Telcos Bandwidth BottleneckIt is predicted that by 2017, there will be around 268 billion app downloads. The average person already uses 26 different apps per month. This growth is clearly driven by the younger work force, who use their mobile devices and tablets for both work and play. All of these apps use a lot of data, and so there is a problem on the horizon: all of this data use will lead to pervasive network strain, which will in turn result in performance problems in both apps and network-based services. This data overload creates frustration in both users and providers. App users will simply delete apps that do not perform well. This means fewer customers for Telcos and app providers.

The Data Challenge for Telcos

Therefore, Telcos have a challenge in front of them: invent new ways to improve user experience by making them more data efficient and scalable. The question on a lot of IT experts’ minds is: is it finally time for Telcos and app providers to work together to unclog the bandwidth bottleneck? The answer is still unclear, but intelligent data distribution is one solution everyone can agree on at the moment, i.e. Telcos can optimize their current network assets while app developers work to design more apps that use less data.

The Importance of Wide Area Networks Within Telcos

In order to stay sustainable, Telcos need to offer more in connectivity. A solid Wide Area Network (WAN) is essential in accelerating applications and keeping traffic separate. It is also critical for day to day business operations; it both reduces operating costs and provides a level of predictability for system performance. Wide Area Networks consolidate costly tools, such as printers, phone lines, file storage, bandwidth, and security, because these items do not have to be purchased for each individual computer. Telcos are also learning that not taking advantage of Multi Protocol Label Switching (MPLS) is putting their business at a competitive disadvantage. Telcos need to be able to interconnect multiple locations and ensure the highest level of data connectivity performance between multiple locations. Equally important for Telcos is the advent of Ethernet over Copper (EoC). For small to medium businesses, EoC can gain greater bandwidth and flexibility in order to support various IP-based applications, including disaster recovery, Cloud, and IP voice services.

Users Drive Telco and App Developer Success

Consumers will ultimately drive Telco and app developers’ transformations. If Telcos and app developers do not address the bandwidth bottleneck, app users will quickly become frustrated. The initial shock will fall to the app providers – users will not go to Telco providers when an app does not work to their liking; they will simply delete the problem application(s). But, ultimately, everybody loses if the bottleneck remains. Eventually consumers will be able to see a data rating for each app in the app store. And, if users stop downloading certain apps, both Telcos and app providers will lose revenue. Consequently, users can expect more streamlined apps from providers and more efficient networks from Telcos in the future. For more information on the future of applications, contact your trusted Telco service provider today.

How New Technology is Changing the Way Your Business Needs to Think About IT Security

New technology trends pose new security threats to businesses. CompTIA reports that 64% of companies report a “drastic or moderate” change to their security approach. In their survey, more than half of businesses recognize opportunities within their organization for security improvement. IT security priorities are currently focused on developing new corporate policies and educating employees. Businesses are no longer solely relying on annual security reviews; the majority of companies are seeking education that is more ongoing and interactive to avoid future security threats.

Modern Day IT Security

With new and evolving technologies, the overall approach to IT security must be re-evaluated from the top levels of a business. As more cloud solutions and mobile devices are being utilized within the workplace, new security products are attempting to meet the needs of modern day IT security, such as firewalls, Data Loss Prevention (DLP), and Identity Access Management (IAM). When strategizing your organization’s IT security plan, two main areas need to be addressed in order to be prepared in today’s security landscape: risk analysis and end user awareness.

Balancing Risk and Security

Risk analysis is becoming a critical activity as companies decide how to handle corporate data, but only 41% of companies are currently performing this in a formal way. Typical risk analysis includes determining the probability of a risk, estimating the potential impact, and then deciding on mitigation strategies. But, the growing trends of cloud computing and mobility have increased the need for careful risk analysis. Since with public cloud computing and personal smart phones and tablets, data resides outside of your company’s control, companies must re-evaluate which data and systems are the most critical to the business. From there, they must decide which areas need the strongest defenses.

End User Training

CompTIA’s research also reveals that companies are behind the times when it comes to training end users. In today’s consumer-driven IT landscape, it’s more important than ever to invest the time and tools to equip end users with knowledge and responsibility when it comes to protecting company data. Do your employees fully understand your company’s security policy and the importance of acting in the best interest of your organization? If your organization needs help updating your IT security policies, contact your trusted IT advisor today.

The Growing Importance of Mobile Security

According to a report by CompTia, 28% of businesses view security as a significantly higher priority today compared to two years ago, and an even greater percentage of businesses expect the importance of security to rise in the next two years. The study also revealed that while many companies assumed a satisfactory level of security, they did not fully comprehend their exposure to potential security threats. The rise in security threats is largely due to emerging technologies, causing businesses to take a new approach to security. End users now have access to powerful devices and business class systems, often without the oversight of an IT team. Therefore, investing in mobile security is one the smartest things your small to medium sized business can do to protect your organization.

The Human Element to BYOD

According to the study, the factors in security breaches fall 45% to technology error and 55% to human error. With the BYOD (Bring Your Own Device) trend, more and more employees are bringing their own mobile devices to work, and end users typically do not have the background knowledge of security that allows them to recognize potential threats. The desire for productivity and flexibility is driving many businesses to adopt a “use first, secure later” attitude when it comes to mobile security, but this approach puts your business in danger.

Most Common Mobile Security Incidents

Mobility forces businesses to consider data leaving the company in the hands of its employees. The top three reasons for mobile security incidents include: lost/stolen devices, mobile malware, and employees disabling security features. Mobile malware is quickly becoming a growing concern, up 19% from 2012. Since there is a much stronger personal connection to mobile devices, employees are apt to want to use their device however they want to. And, since mobile devices are more closed than laptops, IT departments are not able to place the same safeguards on smartphones and tablets as they are on many other devices.

How to Develop a Mobile Security Plan

The biggest goal with mobile security becomes one of education rather than technical improvement. Companies are quickly realizing that their mobile device security education must be interactive, ongoing, and measurable in order to raise awareness about mobile security. Organizations that have made mobile security education a priority indicate that appropriate and effective training has provided a “relatively high value” or “very high value.” In addition to educating your employees, it’s important to encrypt data on mobile devices, keep OS and apps up to date, and prevent jailbreaking on smartphones. Also make sure that your employees keep passcodes on their devices; while this measure has limited security potential, it at least provides some protection against amateur attackers. If your organization needs guidance learning more about mobile security, contact your trusted IT advisor today.

Technology Outlook for 2015

There are many things on our minds as we enter the New Year. For those of you running a business, a question on the forefront of your mind should be: What can we expect from the world of technology in the coming year? Because technology changes so fast these days, it’s important to be ahead of the game and be ready to adapt to changing times. Here is what to expect from the biggest technology trends in 2015:

Continued Need for Network Security

Mobile applications and mobile search adoption and usage continue to drive the need for network security. Smartphone and tablet shipments are expected to outpace traditional desktops during 2015.  With mobile devices on the rise, businesses need to ensure the security of these devices and prevent business networks from being compromised. Network security, endpoint protection, and other IT Security technologies will be a focus for 2015.

The End of Windows Server Support

Although Server 2003 currently accounts for about 20% of total Windows Server installations, on July 14, 2015, all Windows Server 2003 extended support will end. Therefore, companies transitioning from Windows 2003 in the coming year must be prepared for the move. Due to the end of Windows Server support, many small to medium sized businesses are migrating to the Cloud, which offers backups, better security, regulatory compliance, and the comfort of knowing that your company is always up to date without having to continually invest more time and money. Server migrations require a lot of planning and ample forethought, so make sure to do your research well before July 14.

Cloud Adoption on the Rise in 2015

The International Data Corporation estimates that worldwide spending on hosted private cloud services will exceed $24 billion by 2016. Cloud computing is now an essential ingredient of modern IT, so 2015 will continue to see an increase in businesses shifting their computing infrastructure to the Cloud due to the many benefits, including backups, better security, flexibility, and a simpler way to manage applications and data. Due to the dependence on the Cloud, there will also be a larger focus on Cloud security in 2015: Encryption policies, business continuity and disaster recovery capability, and data protection and data integrity.

Social, Mobile, Analytics, Cloud (aka SMAC)

According to many, we’re moving into a new “digital industrial revolution,” and 2015 will see the more integrated equalizer for small to medium sized businesses through the formula called Social, Mobile, Analytics, Cloud (SMAC) technology. Today’s customers and employees are expecting a new style of commerce that integrates these four elements, which provides the same anytime, anywhere, and any-device convenience they’re familiar with in their personal lives. Among the greatest advantages of SMAC technology for small businesses include the ability to break geographical boundaries, cost effective marketing solutions, and operation enhancement and better data gathering and processing. Most importantly, SMAC technology helps transform small businesses into one with the equal ability to grow its market share within the digital marketing environment.

Do You Have an Effective BYOD Policy?

According to new IDC data, vendors shipped 327.6 million smartphones in the third quarter, an increase of 25.2%, when compared to the same quarter last year. This means that global smartphone shipments have topped 300 million shipments for the second quarter in a row. Although there have been rumors of a slowing market, the data clearly states otherwise. As technology pushes small to medium sized businesses towards smartphones and other mobile devices in the workplace, it is more important than ever to establish an effective BYOD (Bring Your Own Device) policy.

1.     Decide What Mobile Devices Are Allowed

 If your company allows your employees to bring their own devices to work, it can be a nightmare for IT to have to support multiple platforms. Therefore, it is important to decide what devices are allowed to be used for work. Decide whether it is more cost-effective to purchase your own company devices to hand out to employees.

2.     Establish BYOD Security Policies

It is important for your company to establish an “acceptable use policy” for their mobile devices. This will curb employee distractions and reduce risks for harmful viruses and malware. Your company should also develop a monitoring system and disciplinary action for employees who disobey the policy. Although this may seem harsh, it may avoid a security breach down the road.

3.     Employee Exit Policy

In addition to creating an acceptable use policy, it is equally important to come up with an exit policy for when employees leave the company. Document in your employee exit checklist to ensure you remove the employee from access to information on the network, business email, or other applications. If you need help developing an effective BYOD policy for your business, contact your trusted IT advisor today.