Tag Archives: Network Security

Assessing Your Network Health

How do you know how strong, secure and flexible your company’s IT network is? Does network traffic move along seamlessly, or get bogged down by insufficient bandwidth or other bottlenecks? Even more important, can you count on your network to keep your data secure, safe from attack or compromise? Read on to learn more about assessing the health of your network by answering these and other questions.

 

The Marks of Network Health

 

A healthy network has enough bandwidth to handle traffic from mission-critical business activities, the flexibility to provide failover for seamless operation and the security to protect data and applications from compromise. Your network is the backbone of your IT infrastructure, and digital transformation, data protection, cloud computing, communication and collaboration applications all depend upon a strong network to function at their best. 

 

Performing an Audit of Your Network

 

Has it been a while since you’ve assessed your network’s health? An audit is a good place to start. The gathering, analysis and study of network data can show where weak spots lie, whether they’re bottlenecks that traffic can’t clear, or spots in the network that aren’t secure. Operating system patches can be applied, and any versions of anti-virus and anti-malware definitions updated. With a clear idea of your network’s strength and security, it’s easy to know what to fix.

 

Consider the Human Element of Network Security

 

Technological tools aren’t all that’s needed to safeguard your network. Your workers also play a vital role. If they manage their passwords well by establishing hard-to-guess ones at the start and changing them periodically, they can help prevent intrusion from hackers. Not only that, by knowing the marks of a phishing email, they can prevent confidential data from getting in the wrong hands. It’s wise to “audit” the level of knowledge and vigilance of your staff as well as the strength and health of your IT network–and make changes accordingly.

 

Keeping your network healthy is vital to the continued success of your business. For more assistance, contact your trusted technology advisor today.

Keep Your Network Secure Against Cyber Attack

Late last year, as well as more recently, two major cyber attacks occurred–one at SolarWinds via their software platform in December of 2020, and one at Colonial Pipeline just this month. These attacks are even more serious than one performed by a lone attacker, and signal how vulnerable networks can be. Not only do businesses need to use tools to protect their own computer networks, but to share information with other companies. Read on to learn how your company can protect itself against cyber attacks.

 

Recent Cyber Attacks a Wake-up Call 

 

Last December, IT management company SolarWinds was attacked by hackers who inserted malicious code in what seemed a normal software update. What’s ironic is that the very platform used to monitor threats, was the one targeted. The bad code allowed the perpetrators to hack numerous government agencies and private companies, possibly stealing untold amounts of data. The company’s platform  was used in this sophisticated attack, and the software update was downloaded by some 300,000 users. Through the download, the perpetrator was able to penetrate deep into companies’ and agencies’ networks. More recently, Colonial Pipeline was targeted in a potential attack on electrical supply to the East Coast via the gas pipeline. While investigations are still underway in each incident, foreign state actors are thought to be responsible. Both these attacks show how vulnerable companies can be. Could there have been a way to prevent the attacks, to see them coming? In spite of all the precautions companies take to shield their networks, cyberattacks seem almost inevitable. 

 

Ways to Protect Your Company Against Ransomware

 

Of course, companies should continue doing things like remote network monitoring, maintaining current anti-virus and anti-malware definitions and training their staff to recognize possible attacks. Commonly hackers try to get into a system by phishing–trying to trick the recipient of an email into clicking a link, providing the attacker a way in. Employees need to be trained to recognize a phishing email by telltale signs (spelling errors in the email) and to inform a supervisor about the email. Yet there’s another step to take. This involves people–sharing information with other companies about attacks and threats of attacks. Commonly and unfortunately, there is a stigma to experiencing a cyber attack; a company doesn’t want to be considered weak. But think how much stronger companies could be when they depend on each other to be aware of new threats, and can band together against cyber crime. Along with this practice, a company can continue educating their staff to recognize phishing attacks and to be careful with passwords (making them difficult to guess, and changing them frequently). Every device connected to the network needs to be monitored, and ones suspected of being attacked, quarantined (disconnected) to keep the network secure.

 

Tools and technology like malware protection and network monitoring should always be a part of your cybersecurity plan. People can also play a role, by reporting possible attacks and sharing information. To learn more about refining your strategy for network security, contact us today.

Tips to Avoid Security Breaches

According to a recent CompTIA report, even though people know what to do to avoid security breaches, they don’t always put this knowledge into practice. Employees can, however, take advantage of cybersecurity training in the workplace, learn to change passwords frequently, and implement other safeguards.

How to Identify a Phishing Scheme

The mouse arrow can be pointed at a suspected link exposing information you can use to identify an untrusted source. Another clue to be on the lookout for is a misspelling in the ‘reply to’ email address of the email. Third, hackers may use attachments that appear to be trusted (e.g., .txt or .doc)  to try to get personal information. Inspect the extension of the attachment to ensure they do not include “.exe” as this may launch a cyber attack as an executable program.

Be Aware of Spear Phishing

Spear Phishing is a form of social engineering designed to get you and your employees to divulge specific privacy information by using relevant and trusted information to influence your behavior. This could include banking, vendor, customer or other familiar information to trick you into providing account, password and other privacy data. Similar to phishing, these same clues can be a help in avoiding “spear phishing” attacks. You may also consider reaching out to customers, vendors or employees to authenticate an email’s source before taking action.

Monitor Your Network and  Use Security Information and Event Management Technology to  Cyber Attacks

There are many options to monitor your network for intrusions. Network monitoring can identify unauthorized access, unauthorized network login attempts, unexpected network traffic in terms of volume or time of day that all could point to Cyber Attacks. By using Security Information Event Management (SIEM) technologies, possible threats can be assessed, giving your business a holistic view of the most significant threats in real time. You may also consider penetration testing to simulate a cyber attack, in order to determine any vulnerabilities in your system and assess which ones are most crucial.

 

While technology can help deter cyber attacks, human beings always play a role in staying safe. Even if a phishing attempt is directed specifically at an employee, it can compromise an entire network. To learn more about how to respond to upcoming threats, contact your technology advisor today.

Cyber Crime

Keeping Your Network Secure

A network is only as strong as its weakest link, and if that weakest link is your security, that can compromise the revenue and the reputation of your business. Attacks just from ransomware have increased over the years, by 200% between 2015 and 2016 alone.  There are three fronts to consider: identify the hazards, use technical tools to protect your network, and educate your employees on cybersecurity. Read on to find out more about how to protect yourself.

Know the Hazards of Malware and Phishing Schemes

With so many businesses finding it necessary to gather, store and monetize customer data, this is an area of vulnerability. Malicious software, or “malware,” can take various forms, from worms and viruses to ransomware, which can hold your data hostage. Some types can simply make your system run more slowly, and some can steal or destroy data. Phishing schemes are designed to steal private data simply by an unwary recipient clicking a link. Technical tools are part of the protection plan.

Fight Cyber Attacks with Technology

There are plenty of technical tools and applications to keep your system safe. Firewalls and SPAM filters can keep unwanted network communications from coming in and going out. Anti-virus and anti-malware applications keep harmful worms, viruses and other malicious software from infiltrating your network. Be sure also to keep your antivirus and anti-malware programs up-to-date, to guard against the latest threats. Network monitoring can help stop attacks before they start, and operating system patches can fill in any security holes in the network. Along with these tools, be sure to train your employees to recognize security hazards.

Don’t Forget the Human Element

Employees can be the first line of defense against cybersecurity hazards. Teach your employees, through regular training, to recognize threats to your system’s security. Educate them to avoid “phishing” schemes by not clicking on links in email from suspicious sources, and how to recognize a suspicious email (often typographical or factual errors in the email are tip-offs). Finally, emphasize that cybersecurity is a team effort, and get them invested in helping keep your network safe.

Remember, your business is only as secure as your network. You are risking more than money if your network contains weak spots. Contact your technology advisor for assistance with protecting your network’s security.

Technology Trends

Is Your Network Ready for Business?

Your network is under continuous pressure to keep up with the growth of your business. Broadband networks providing instant connectivity are a core requirement for most businesses.  Your network needs to provide fast access to Cloud Services including Email, Online Backup, Unified Communications, Call Center and other applications.  Business systems will be expected to be constantly accessible by customers and employees alike, and your network needs to be ready for this demand. Not only does your network need to be efficient and flexible, it needs to be secure.

Consider SD-WAN for Efficiency and Flexibility

Software-Defined Wide Area Network (SD-WAN) technology, which has been a recently emerging technology, is expected to become common in the next few years. Research firm IDC expects this technology to grow by 69% by 2021. Revenue from this technology is expected to reach $2.3 billion in 2018 alone. Companies pursuing SD-WAN can mix and match networking solutions to get the most efficient and effective wide area connectivity.  Customers and employees have constant access to the Internet. With this access, however, monitoring and network security are vital.

The Role of Network Monitoring and Security

To have your network ready for business, it needs to be safe and secure. Not only does the network need constant monitoring, industry standards require rigorous compliance. For instance, online retailers need to keep their customers’ credit card information secure. Hospitals and doctors’ offices are required to comply with HIPAA. Even if your business is headquartered in the United States, you may need to comply with General Protection Data Regulation (GDPR). Endpoint security concerns include keeping anti-virus and anti-malware protections up-to-date.

Employees are the Front Line of Defense for Network Security

And don’t forget the human element. Train your employees to identify scam emails and phishing schemes, and not to click on unfamiliar links. Emphasize the importance of reporting malware, so you can keep your system secure.

If you are uncertain about whether your network is ready for business, contact your trusted technology advisor today for a network assessment.

Cyber Crime

Network Security Precaution for Meltdown and Spectre Vulnerabilities

The technology industry is working to patch two network security flaws known as Meltdown and Spectre Vulnerabilities. These hardware bugs can expose information being processed or stored in memory on your computer.

While there are no known exploits, malware or phishing schemes specific to these network security vulnerabilities, this reminds us of the importance of Network Security best practices to protect Windows PCs and Macs, as well as Android and Apple iOS Mobile Devices. While the industry rushes to patch these network security vulnerabilities, here are some considerations to protect your network.

Keep your Operating Systems Patches Up to Date

Make sure you install security updates for your operating system and applications. Apple (AAPL), Google (GOOG), and Microsoft (MSFT) have already released some patches. You can do this manually through automated updates, or subscribe to a managed service to keep your network current. Keeping your browser up to date will also prevent websites from attacking your processor to steal your password and other privacy data.

Don’t Forget Updates on Mobile Devices

The Meltdown and Spectre Vulnerabilities serve to remind us of the importance of keeping smartphones, tablet computers, and other mobile devices updated with the latest operating system and related security patches. Also, remember to download software only from trusted sources. Employers should remember to review acceptable use policies to ensure they are up to date and that employees comply with company mobile device acceptable use.

Train Your Employees on the Importance of Network Security

Your employees are on the front line of defense for network security. Through periodic education and training your employees will implement strong passwords and change them regularly. They will also be adept at identifying malware and phishing schemes to better protect your network.

Your network is the backbone of your technology infrastructure. Securing your network is a critical component of your technology strategy. If you have questions or concerns about your network security, contact your technology advisor today.

Cyber Crime

Closing the Door on Cyber Crime

Businesses today are under constant attack from Cyber Criminals. Ransomware,  including the WannaCry Virus , is an example of a top threat to avoid. With the risk of lost data, lost productivity and lost reputation, isn’t it time to close the door on Cyber Crime? Here are a few tips to defend your company from potential cyber attacks.

Document Operating System Security Patch Policies and Procedures

Take the time to review and update your documented security policies and procedures.  Security and related patch policy should identify who is responsible for application and operation of system patches and system updates. Clearly determine whose responsibility it is to apply the latest operating system and related security patches. Whether this process is manual, or done automatically through a managed service, be sure your employees know which is the case. Also, document your policies to verify all your systems are in compliance.

Review your Cybersecurity Framework

Avoid data breaches resulting from lack of Cybersecurity defence. Ensure your AntiVirus and Malware detection definitions are up to date. Utilize spam filtering and other Cyber Threat detection to protect your business. Consider penetration testing to identify any weaknesses on your network. Also ensure your employees are periodically trained to identify and avoid malware and phishing schemes. If you have suffered a data loss due to Cyber attack, ensure you have a communications plan to notify all stakeholders and authorities within adequate time frames. Having a solid data protection plan including Cloud Backup can minimize your exposure and increase your recovery time.

Study Machine Learning to Combat Cyber Threat

Cybercriminals are using automation, artificial intelligence and machine learning to trick you and your employees to take the bait on phishing, ransomware and other cyber attacks. Why not fight fire with fire? Leading Cybersecurity suppliers  are pouring millions of dollars into research and development to embed Machine Learning to detect and combat Cyber threats. This Machine-to- Machine combat will evolve over time and soon combine with artificial intelligence (AI) to train your employees on how to identify and avoid these cyber attacks in the event your perimeter security is breached.

Cyber threat and related Cyber attacks are a top concern for many business owners. Staying one step ahead to protect your business network is a constant effort. Contact your technology advisor to find out more how you can close the door on cyber crime today.

How is Your Network Health?

Proactive Network MonitoringYour network is the backbone of your IT Infrastructure. Your network health is also an integral part of your defense against Cyber threat. Cloud Computing, Communications and Collaboration, Data Protection, and Digital Transformation put more reliance on your network.  This begs the question, how is your network health? Ask yourself these three questions to find out the answer…

How Well Does Your Network Perform?

You rely on your network to communicate with your employees, customers, prospects, and suppliers. What’s more, your network links your company to public and private cloud services and applications that are critical to your business operations. Performance bottlenecks from social media, streaming applications, faulty hardware, and lost connections can impact your employees’ productivity. Offsite backup and other IT functions also rely on your network. Ensuring network health keeps systems running smoothly and available when you need them.

How Secure is Your Network?

Network security is an imperative for businesses of all sizes. Your business may face additional compliance requirements–for example, Payment Card Industry Data Security Standard (PCI DSS). Data protections standards are rapidly evolving, which could increase your responsibility and exposure to fines and penalties. General Data Protection Regulation (GDPR), the European Union’s data protection rules, could apply to your business regardless of your location.

Keeping your network in compliance through monitoring, endpoint protection, content filtering, and other network security detection and protection technologies is a good start. Train your employees on the implications of phishing emails and how to identify one. Teach them to avoid malicious links in unsolicited scam emails. Underscore the importance of a strong password and steps to take to keep data private.

How Efficient and Flexible is Your Network?

Technology advances at an exponential rate, ensuring access to enhanced technologies at an affordable price. Network solutions continue to evolve, providing better value and performance for your business. Software-Defined Wide Area Networking (SD-WAN) allows companies to mix and match networking solutions from multiple carriers in an efficient and effective manner. If properly optimized, SD-WAN provides you the best performance at the most competitive price.  What’s more, SD-WAN provides capability for failover for your most important voice and data systems.

Your Network Health is critical to your business success. Proactive network management keeps things operating smoothly without failure. If you are concerned about your network health, contact your technology solution provider and ask about a network health check today.

The Importance of Maintaining Network Compliance

Network SecurityLast month’s blog provided information about ways to “Avoid Being Held Hostage by Ransomware.” Eight days later, on May 12, 2017, there was a global outbreak of the Wanna Cry Virus. With Cyber Threats on the rise, the importance of maintaining network compliance is top of mind with business owners and IT professionals alike. Industry compliance regulations, including PCI, HIPAA, and SOX, drive best practices in Network Compliance. However, most businesses today rely heavily on their systems to access Cloud Services, Voice, and Data Networks for mission-critical applications that run their business. What can you do to maintain network compliance?

Automate Your Network Administration

Keeping operating systems and network configurations up to date is a top priority for network compliance. Each device that connects to your network needs to have up-to-date operating system security patches, anti-virus definitions, and malware threat prevention in order avoid un- intended intrusion of your network. There are abundant tools and managed services to help your business stay up to date without adding to your internal labor cost.

Proactively Monitor Your Network

Monitor your network to identify any systems that are out of compliance. Proactive monitoring can also identify unauthorized devices connected to your network. You can monitor your network traffic to identify unusual use of network bandwidth. Aside from slowing down your systems, excessive bandwidth may be the result of a malware-infected device that is exploiting your network.

Documenting Your Network Security Controls

Achieving compliance with documented security procedures including password policy, systems maintenance, backup procedures, and compliance measures, is critical to following most industry compliance regulations. It is a  best practice to update these procedures annually. Reviewing your Network Compliance policies gives your business an opportunity to stay up to date and serves as a reminder of the importance of maintaining network compliance.

Contact your Technology Advisor if you have questions about maintaining network compliance or other concerns regarding ransomware and other related Cyber Threats.

How to Avoid Being a Ransomware Hostage

RansomwareRansomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage?

Not All Ransomware is Created Equal

Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data.

An Ounce of Protection is Worth a Pound of Ransom

Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense.

Don’t Forget the Human Element

Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage. There are many resources to get training for your team. Periodic updates about threats and security procedures serve as a reminder to your employees to ensure they adhere to best practices.

If you need security training or are interested in a review of your network, security vulnerability, or other technology infrastructure, contact your Technology Advisor today.