Author Archives: Vic Levinson

Keep your networks and users secure from internal and external threats

9 Signs That Your End Point Security is NOT up to Par

Take a look at this list. If any of these nine signs sound familiar, it’s time to re-evaluate your current endpoint protection.

1. Scans and updates slow your system to a crawl.
One of the leading complaints about endpoint
security is that it negatively impacts speed and
performance. Some endpoint security solutions
will indeed slow your systems and impact
productivity. When evaluating solutions, be sure
to check independent test results that measure
performance and system impact. Look for the lowest
numbers, which indicate light footprint solutions
that won’t affect speed or cause interruptions.

2. Employees complain about using
the antivirus solution.
If resentment builds up, employees will eventually
bypass the solution altogether on their
company-issued or bring-your-own devices,
which can affect both performance and
security for the whole network.

3. Your solution is underperforming.
It isn’t detecting viruses or other pieces of malware
or it’s flagging non-malicious files as malware; it
has a high footprint that equals slower scanning; it
creates AV storms on virtual machines or has high
bandwidth usage that bogs down the entire network.

4. Your solution alerts on too many files or
links that aren’t actually malicious.
Alerting on multiple files or links that are
not actually malicious results in a high
rate of so-called false positives.
Even one false positive can cause serious problems.
If an antivirus solution is configured to immediately
delete or quarantine infected files, a false positive
in an essential file can render the operating
system or crucial applications unusable.
Even if false positives don’t shut down your
system, each one requires an investigation
that wastes valuable IT resources.

5. Removing malicious files and dealing with false
positives is too complicated.
A 2017 study by the Ponemon Institute found that:
• Nearly half of all security alerts are false positives
• 3 out of 4 organizations report having more
difficulty managing endpoint security risks
• Organizations see false positives as the #1 “hidden”
cost of endpoint protection
You need a solution that delivers silent quarantines and
automatic removal of malicious files, not more work
for your IT team.

6. Infections come back after you’ve removed them.
This means the solution isn’t doing a good job of
cleaning or updating its detection often enough.

7. It’s difficult to manage the solution across all your
platforms and devices.
In today’s environments, you need a security solution
that’s easy to manage so the burden of protection is
minimal. Look for a endpoint security product that
includes remote administration, so you can control
your entire network of workstations, servers and
smartphones from a single location.

8. Security event alerts or pop-up prompts interrupt
presentations and sales demonstrations.
This impedes productivity. Every employee needs
uninterrupted computer access. This means having
a malware solution with a “silent” or “presentation”
mode that’s easy to use, as well as a dependable tool to
restore regular mode when the presentation is over.

9. Getting technical support and customer service is
inconvenient, or communicating with the vendor is
difficult.
If it’s challenging to get reliable, customer-oriented
support or you’re having any issues with call centers
outside the U.S., that will impact productivity for
IT teams and end users. It will also contribute to
frustrations that could lead employees to circumvent
your security solution, opening their devices—and your
network—to cyberattacks.

Sign up for a FREE Network Security Assessment

 

Are you at risk? Get a FREE Dark Web Search

 

Free Cyber Awareness Tool Kit

Airport computer use

Airport Travelers BEWARE of Data Security

This article appeared in Tech Republic. Since the summer is when a lot of people travel, a re-post and share is necessary.

Business travelers beware: Connecting your company device to airport Wi-Fi networks could open up a host of cybersecurity issues. While this is a risk on any insecure Wi-Fi network, some airports have more vulnerabilities than others, according to a Wednesday report from Coronet, and professionals should take extra caution when traveling through them.

It’s much easier for attackers to access and exploit data from devices connected to airport Wi-Fi than to do so within the confines of a well-protected office, the report noted. Hackers can use the poor cyber hygiene and insecure Wi-Fi at many airports to inject advanced network vulnerabilities like captive portals, Evil Twins, ARP poisoning, VPN gaps, honeypots, and compromised routers.

Any of these network vulnerabilities could allow an attacker to access credentials for Microsoft Office 365, G Suite, Dropbox, and other cloud apps, or to deliver malware to the device and the cloud, the report found. The attacks could also potentially give adversaries access to the entire organization, leading to damages like operational disruption and financial losses.

“Far too many U.S. airports have sacrificed the security of their Wi-Fi networks for consumer convenience,” Dror Liwer, Coronet’s founder and CISO, said in a press release. “As a result, business travelers in particular put not just their devices, but their company’s entire digital infrastructure at risk every time they connect to Wi-Fi that is unencrypted, unsecured or improperly configured. Until such time when airports take responsibility and improve their cybersecurity posture, the accountability is on each individual flyer to be aware of the risks and take the appropriate steps to minimize the danger.”

The report collected data from more than 250,000 consumer and corporate endpoints that traveled through the 45 busiest airports in the US over the course of five months, and analyzed the device vulnerabilities and Wi-Fi network risks to assign each airport a threat score. Coronet classified any score above 6.5 as unacceptable exposure.

Here are the least cybersecure airports in America, according to the report:

  1. San Diego International Airport, San Diego, CA (Score: 10)
  2. John Wayne Airport-Orange County Airport, Santa Ana, CA (Score: 8.7)
  3. William P Hobby Airport, Houston, TX (Score: 7.5)
  4. Southwest Florida International Airport, Fort Myers, FL (Score: 7.1)
  5. Newark Liberty International Airport, Newark, NJ (Score: 7.1)
  6. Dallas Love Field, Dallas, TX (Score: 6.8)
  7. Phoenix Sky Harbor International Airport, Phoenix, AZ (Score: 6.5)
  8. Charlotte Douglas International Airport, Charlotte, NC (Score: 6.4)
  9. Detroit Metropolitan Wayne County Airport, Detroit, MI (Score: 6.4)
  10. General Edward Lawrence Logan International Airport, Boston, MA (Score: 6.4)

In terms of the most secure airports, Chicago-Midway International Airport, Raleigh Durham International Airport, Nashville International Airport, and Washington Dulles International airport topped the list, the report found.

Do you want to see if your email credentials have been compromised? Get a free Dark Web scan from us!


Your employees

Why don’t your Employees Care About Cyber Security

Tags :

Category : Cyberawareness

Whether you realize or not, your employees are a critical part of your layered defense against phishing attacks, malware, ransomware, and more. So why aren’t they concerned?

In just about every news story you read today about another phishing attack, malware infection, ransomware attack, or data breach, there’s a part of the story that’s either covered or implied – a user was involved. The user – whether malicious, negligent, or unwitting – clicked on a link, opened an attachment, visited a webpage… something that allowed a cybercriminal access to execute their malicious actions.

And with attacks having devastating results, like the most recent ransomware attack on global shipper Cosco, that has brought operation to its knees, the question should be raised:

Why don’t employees care about CyberSecurity?

It all comes down to one reason: your company doesn’t have a security culture. In essence, they don’t care, because the organization hasn’t told them they need to care as part of their job. Hire someone to do accounts payable and what do they think their job is? To do accounts payable. That’s it, security is IT’s job, not theirs. But hire someone into accounts payable in an org that has a security culture, and they now do account payable, but are also constantly watching for cyberattacks, phishing scams, and the like.

So, what does it take to create a security culture?

I’m going to abbreviate the 10 tips to make your employees care about cybersecurity found over at TechRepublic down to just 3 high-level steps:

Make Employees Aware – The average employee doesn’t brush up on cyberattack methodologies on their own, you know. They need to be made aware that cyberthreats to the organization exist… and that they are the target.

Communicate Expectations – Beginning with their first day of employment, employees need to understand that the organization requires a level of employee vigilance when it comes to cyberthreats. Help employees to better understand how they are at risk at home and work – and how their actions can make the difference in both locations.
Train and Test Them – Using Security Awareness Training, employees need to regularly go through online training, with phishing testing used to identify where your organization’s weakest links are.

While there’s much more you can do to create a more formal security awareness program, the steps above provide the basics necessary to create a security culture.


UCAAS

3 Way Unified Communications Helps Your Business

UCAAS

 

Enterprise businesses have been known to have complex needs when it comes to their business communications.  But, thanks to the cloud and specifically unified communications as a service (UCaaS), enterprise businesses are able to take advantage of more efficient and cost-effective methods to integrate their communications and respective applications.

Here are a few 3 ways UCaaS solutions are proving they are equipped to handle the varying challenges of enterprise businesses.

Unifying Locations and Employees 

Enterprise organizations often struggled to unify their communications infrastructure in an affordable way.  With multiple locations and remote and traveling employees, keeping everyone connected was complicated. That is, before UCaaS entered the marketplace. As the workforce continues to be more mobile and distributed, the growing need for mobility and flexibility has driven the UCaaS market into even greater demand, especially for large businesses. UCaaS enables voice, fax, video conferencing, presence, chat, file and desktop sharing, and mobility both in and outside of the workplace. The workforce today thrives on this type of multi-channel communications and collaboration and UCaaS is the catalyst.  With every employee, service and feature unified onto the same system and accessible from any device, productivity and internal communications are drastically enhanced. With the most advanced UCaaS solutions where the user profiles lives in the cloud and are not tied to a specific device, employees are even able to move seamlessly between locations, enabling phones and workspaces to be shared interchangeably which drastically reduces equipment and IT support costs.

The Enhancement of Existing Technology Investments

Enterprise businesses are relying more on cloud services and third-party networks for their mission-critical applications. Almost every enterprise utilizes some form of a customer relationship management (CRM) solution. A huge advantage of UCaaS solutions is their ability to integrate seamlessly with leading CRM solutions that many of these businesses rely on.  This is a win-win for many reasons. Enterprise businesses not only improve their overall communications, but they enhance the functionality of their existing applications as well. Talk about ROI! Improving employee workflows and productivity, while at the same time providing a greater return on both technology investments. It doesn’t get much better than that.

Beyond CRM application investments, many enterprise businesses have legacy conference and meeting room systems in place. With locations all over the world and many enterprises involved in some type of acquisition and merger, having multiple disparate meeting room systems in place is a common result. The product of this costly and complicated challenge for many is having existing meeting room systems sitting idle collecting dust.  Fortunately, there is a cost-effective and simple resolution.  Advanced HD video, audio and web conferencing solutions that offer features like Room Connector can enable existing meeting room systems like Polycom, Cisco, Tandberg and Lifesize to communicate with one another, as well as with other commonly used devices like smartphones, laptops and tablets, all in the same virtual meeting.  Through the purchase of a few licenses,  meeting participants can share documents, collaborate, and chat with other offices and remote workers easily and efficiently utilizing existing technology investments. Coupling this with the advanced features of an entire UCaaS solution, the cost-effectiveness and boost in productivity and efficiency is off the charts.

Improving Productivity, Scalability and Business Continuity 

With UCaaS solutions, enterprise businesses can achieve a more cost-effective and productive way to communicate and collaborate.  By unifying all of the communications services, business applications and employees onto the same system, everything employees need and use is centralized in one place. The features of UCaaS systems are typically managed online through secure web portals, which enable access to features and the ability to make changes from any device, anywhere. This is especially beneficial for ensuring business continuity. Changes like routing calls, updating greetings, checking voicemails and conferencing can be enabled directly through the industry’s best online portals, ensuring that employees and customers can communicate regardless of the circumstances.  Scaling cost-effectively is another common concern for large organizations. Advanced UCaaS solutions have the ability to enable users, services and equipment to be added or removed at any time, giving enterprise businesses the ability to pay for only the services they need and the flexibility to scale to meet growing business demands.

UCaaS unifies the communications experience, connecting and integrating employees, locations, services and business applications. It’s no wonder that IDC predicts the global UCaaS market will top $35 billion by 2019. Enterprise businesses benefit greatly from this refined method of communications and collaboration and will be a large portion of this anticipated growth.


This week in Breach

This week’s Breach Report

Highlights from The Week in Breach:

– You’d better reboot your router… NOW!

– Nation states injecting malicious apps into play stores to steal your stuff.

– Malware infects healthcare system impacting 500,000 Marylanders.

– Time from detection to acknowledgment and response getting slower and slower and slower. 

It’s back to business as usual in the world of breach, and we are seeing no signs of it slowing down this summer. This week’s headlines have been dominated by targeted attacks of SOHO Routers.  “SOHO” was coined to describe “small office – home office” routers used to set up local area networks by small businesses. According to DHS, “The size and scope of this infrastructure impacted by VPNFilter malware is significant. The persistent VPNFilte malware linked to this infrastructure targets a variety of SOHO routers and network-attached storage devices.” The initial exploit vector for this malware is currently unknown. Here is the link to US-CERT’s alert TA18-145A detailing the threat and what you should do the protect yourself from exploit!   


What we’re STILL listening to this week!

Security Now – Hosted by Steve Gibson, Leo Laporte

Defensive Security Podcast – Hosted by Jerry Bell (@maliciouslink) and Andrew Kalat (@lerg)

Small Business, Big Marketing – Australia’s #1 Marketing Show!


TeenSafe (Update)

Small Business Risk: High: App server hosted on AWS accessible by anyone without a password.
Exploit: AWS/Suspected Misconfiguration
Risk to Exploited Individuals: High: Even though less than 10,000 individuals were impacted, this is a highly vulnerable segment of the population. 

TeenSafe: The TeenSafe app allows parents access to their children’s web browser history, text messages (including deleted SMS and iMessages and messages on WhatsApp and Kik), call logs, and device location, plus lets them observe which third-party apps have been installed.

Date Occurred
Discovered
 Unknown, but accounts from past three months were compromised.
Date DisclosedMay 21, 2018
Data CompromisedHighly personal data including Apple IDs. The compromised data did not include photos, messages, or location data. The server stores parents’ email address used for their TeenSafe account and their child’s email address, the child’s device name, and the device’s identifier.
How it was CompromisedAt least one of the app’s servers, which are hosted by Amazon’s cloud service, was accessible by anyone without a password. The data, including passwords and user IDs, were reportedly stored in plaintext, even though TeenSafe claims on its website that it uses encryption to protect user data. TeenSafe requires two-factor authentication to be switched off for the app to work, so anyone with just a password can easily gain access to compromised accounts. The app is available for both iOS and Android and doesn’t require parents to seek their child’s consent for access to their phone.
Customers Impacted
Around 10,200 accounts from the past three months were compromised, though that number also includes duplicates.
Attribution/VulnerabilityUndisclosed at this time.

https://www.theverge.com/2018/5/21/17375428/teensafe-app-breach-security-data-apple-id

https://www.zdnet.com/article/teen-phone-monitoring-app-leaks-thousands-of-users-data/

Google Play

Small Business Risk: Low: Targeted nation state exploit.
Exploit: Mobile Device Malware Exploit
Risk to Exploited Individuals: High: Nation-state exploit targeting defectors.

North Korean Defectors / Google Play malware

Date Occurred
Discovered
The apps had been live in the Google Play store for three months — from January to March.
Date DisclosedMay 2018
Data Compromised
Google Play store has allegedly hosted at least three apps designed to collect data from specific individuals. Two of these apps were posing as security apps, while the third claimed to provide food ingredient information. But what they really did was steal information from devices and receive a certain code that allowed them to further access data like photos, contact lists, and even text messages.
How it was Compromised
A North Korean hacking team was recently able to upload three Android apps to the Google Play Store that targeted people who escaped from the authoritarian country, according to a report from McAfee. The malware campaign, nicknamed RedDawn, involved the hackers contacting the targets through Facebook to invite them to install seemingly innocent apps from the Google Play Store.
Customers Impacted
By the time McAfee privately notified Google as to the existence of these apps, 100 folks had already downloaded them.
Attribution/VulnerabilityBack in January, McAfee noted that it had found malicious apps intended to infect North Korean journalists and defectors’ devices. The group behind these apps was subsequently named Sun Team and is apparently the same group behind these latest apps. The apps were all linked to the same developer email address. McAfee found that the words used in the control servers were common in North Korea. There was also a North Korean IP address discovered in a test log file of some Android devices connected to account used to send out the malware.

https://www.digitaltrends.com/mobile/mcafee-malware-google-play/

http://www.techtimes.com/articles/228100/20180520/north-korea-hackers-use-android-apps-with-malware-to-harass-defectors.htm

LifeBridge Health
Small Business Risk: 
Extreme: Malware designed to inject healthcare systems and extract PHI/PII.
Exploit: Server/Security Exploit with Malware Injection
Risk to Exploited Individuals: Extreme: Although data has not been validated for sale on the Dark Web, the extracted data included “lifelong” PII & PHI that can be used to profile and/or exploit an individual for decades.

Lifebridge Health 

Date Occurred
Discovered
The breach occurred more than a year ago; discovered May 18.
Date DisclosedMay 2018
Data Compromised
The breach could have affected patients’ registration information, billing information, electronic medical records, social security numbers and other data.
How it was CompromisedAn unauthorized person accessed the server through LifeBridge Potomac Professionals on Sept. 27, 2016. Malware infected the servers that host LifeBridge Potomac Professionals’ electronic medical records, and LifeBridge Health’s patient registration and billing systems.
 

Attribution/Vulnerability

Outside actors
Customers ImpactedMore than 500,000 Maryland patients.

https://healthitsecurity.com/news/data-on-500k-patients-exposed-in-lifebridge-healthcare-data-breach

T-Mobile
Small Business Risk: High: Website configuration error revealing customer data for anyone to exploit.
Exploit: Website, Database & Security Misconfiguration
Risk to Exploited Individuals: Moderate: A threat actor would really have to develop a targeted threat plan to fully exploit the exposed population.

T-Mobile

Date Occurred
Discovered
Research done by ZDNet indicates that this T-Mobile.com web data breach was likely active as far back as October of last year.
Date DisclosedApril, 2018
Data Compromised
Allowed people to access the following info easily by attaching a cell phone number to the end of the web address:

  • Customers’ full names
  • Their mailing addresses
  • Account PINs used as a security question for customer service phone support
  • Billing account numbers
  • Past due bill notices
  • Service suspension notices
  • Tax identification numbers (in some instances)

 

How it was Compromised
A website bug on T-Mobile.com allowed anyone with access to a web browser to run a phone number and determine the home address and account PIN of the customer to whom it belonged.
Attribution/VulnerabilityOutside actors / undisclosed at this time.

https://www.statesman.com/business/personal-finance/mobile-website-data-breach-exposed-customer-addresses-pins/Ht3PZSdXMJkEKlDnggh3EL/


What is Spear Phishing?

Spear Phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted source. It’s actually cybercriminals attempting to steal confidential information.

A whopping 91% of cyberattacks and the resulting data breach begin with a “spear phishing” email, according to research from security software firm Trend Micro. This conclusively shows that end-users really are the weak link in IT security.

You may be wondering what it takes to send this type of attack. This is not trivial, and can only be done by someone trained in advanced hacking techniques. We will first take a look at the steps required to send an attack, and then we’ll look at steps to mitigate this threat. For the (simplified) attack steps I am freely borrowing from a great blog post by Brandon McCann, a well-known pentester.

I will try to keep this as non-technical as possible, but there will be a few terms you may have to look up. Here are the steps to begin with. We will go into all of these one by one and explain what they mean.

  • Identify Email Addresses
  • Antivirus Evasion
  • Egress Filtering
  • Spear Phishing Scenario
  • Sending The Emails
  • Harvesting Treasure

Identify Email Addresses

There are two ways you can send phishing campaigns: the first is ‘spray-and-pray’ which is a shotgun approach. Get as many email addresses from the organization you can, and send them all an email that they might click on. The second approach is decide what data you are after, then figure out who has access to that data, and specifically target those people. That is the spear phishing approach, and for instance LinkedIn is extremely useful during this targeting step.

There are several ways to get your hands on the email addresses from an organization. The one favored by the bad guys is using scripts to harvest email addresses from the large search engines. You’d be surprised how many emails you can get your hands on and how big your phishing attack surface is. KnowBe4 has a free service called the Email Exposure Check that provides your list of exposed email addresses as a one-time free service. Once you have the email addresses of the few people you are targeting you are ready for step two.

Egress Filtering

You need to make sure that you can get the information out of the organization you are attacking, so the payload you are sending with your attack needs to allow traffic to exit the organization. A popular payload is called ‘reverse_https’ because it creates an encrypted tunnel back to the metasploit server, which makes it very hard for security software like intrusion detection or firewalls to detect anything. For those products your exiting phishing data all looks like normal https traffic.

Spear Phishing Scenario

There are many articles written about this by now, and it’s the essence of social engineering end-users. If they haven’t had high-quality security awareness trainingthey are easy targets for spear phishers. The attacker does research on their targets, find out who they regularly communicate with, and sends a personalized email to the target that uses one or more of the 22 Social Engineering Red Flags to make the target click on a link or open an attachment. Just imagine you get an email from the email address of your significant other that has in the subject line: Honey, I had a little accident with the car, and in the body: I made some pictures with my smart phone, do you think this is going to be very expensive?”

Sending The Emails

You can raise a temporary mail server and blast away, but that mail server will not have a reputation score which will block a lot of email from getting in. A better solution is going to GoDaddy, purchase a valid domain name, use the free email server that comes with the domain and set it up, so that you automatically have an MX record created for you by GoDaddy. While you are at it, also do a Whois lookup and change the GoDaddy Whois information for your phishing domain. All that helps mail getting through, which you can send with any email client, or with a script.

Harvesting Treasure

Let’s assume that your target clicked on the link, and you were able to place a keylogger on their machine. Now it’s a matter of waiting for the hourly burst of keyboard data back to your server, and monitoring for the credentials you are after. Once you have those, it’s a matter of getting into the workstation, get all network password hashes, crack them and get elevated to administrator access to the whole network.

Preventing Successful Spear Phishing Attacks

Now, how to mitigate against attacks like this? First of all, you need all your defense-in-depth layers in place. Defending against attacks like this is a multi-layer approach. Make sure you have in place the following: an Email Gateway Spam Filter and/or a spam filter in your Exchange Server. Turn on the Outlook ‘Junk Email’ Filter, run different antivirus products on the workstation and the mailserver, have an active Intrusion Prevention Systems, use Web Proxy Servers, and ideally have deep-packet inspection Egress filtering, plus there are some more things you could add. The trick is to make it as hard as possible for the attacker to get through.

And now let’s look at some other tactics that will help prevent a successful attack:

  • Do not have a list of all email addresses of all employees on your website, use a web form instead.
  • Regularly scan the Internet for exposed email addresses and/or credentials, you would not be the first one to find one of your end-user’s username and password on a crime or porn site.
  • Enlighten your users about the dangers of leaving all kinds of personal information on social media sites.
  • Last but not least, you could go through all the steps above and start sending simulated attacks to all your end users, but why not use our fully automated service and let us help you with that? We provide security awareness training combined with pre- and post simulated phishing testing to make sure end users stay on their toes with security top of mind. Since 91% of successful attacks use spear phishing to get in, this will get you by far the highest ROI for your security budget, with visible proof the training works!

Keep your networks and users secure from internal and external threats

Best Practices in Cyber Security 2018

The cyberthreat landscape changes on a daily basis.  There is no one size fits all solution and there are no magic bullets. It has been said that the price of liberty is eternal vigilance. The same holds true for cyber security. There are four pillars of security- end point protection, perimeter protection, monitoring and end user vigilance.

They say that those who don’t learn from history are doomed to repeat it, and matters of cyber security are no exception. Threats will often follow trends, and so by reviewing what has happened in the past, we may be able to glean some insight into what will be important in the future.

If the first half of 2018 was any indication, there are a few things that will be of most concern to IT professionals and end users.

Ensure All Endpoints Have Appropriate Security Measures

It’s staggering to consider how many end points any given business could have, each providing a route in for threat actors. Between company-provided devices, personal mobile devices, and Internet of Things devices, there are plenty of opportunities for a company to be attacked.

As a result, as 2018 progresses, businesses must be aware of what threats exist, as well as better prepared to protect themselves against them. This includes strategies that ensure your organization’s digital protections are properly maintained while remaining cognizant of physical security best practices. Pairing encryption and access control, as well as mobile device management, can create a much safer environment for your data.

Cover your 6’s

Your network needs to have not just the firewall appliance – but a comprehensive suite of tools that can help you recognize suspicious behavior. It is more than just a static device. It has to be paired with analytical tools that can give you insight into your network. Additionally, an external firewall or web filtering service can protect you from unseen threats on a multitude of levels. It is not just hardware and software anymore. You need to have the resources available to alert you to threats, cut down the noise from repeated alerts and investigate areas that you should not be in yourself – e.g. the Dark Web.

Get Back to Basics With Security and End User Education – Cyberawareness Training

While it may sometimes be tempting to focus on the massive attacks and breaches that too-often dominate the headlines, no business can afford to devote their full attention to those vulnerabilities and overlook the more common threats. This is primarily because once they do, they become exponentially more vulnerable to these attacks through their lack of awareness and preparation.

Part of being prepared for the threats of the coming weeks and months is to make sure that your employees are also up to speed where security is concerned. Educating them on best practices before enforcing these practices can help to shore up any vulnerabilities you may have and maintain your network security. This includes restricting employee access to certain websites, requiring passwords of appropriate strength, and encouraging your employees to be mindful of exactly what they’re clicking on.

Continuing to Improve Security Measures

Finally, it is important to remember that implementing security features isn’t a one-time activity. Threats will grow and improve in order to overcome existing security measures, and so if they are going to remain effective, these security measures must be improved as well.

While regulatory requirements can provide an idea of what security a network should feature, they shouldn’t be seen as the endpoint. Instead, those requirements should be the bare minimum that you implement, along with additional measures to supplement them.

We are here to help. If you would like to explore the options of a completely managed firewall, DNS filtering, or cyber awareness training- we can assist. First- get a baseline of where your organization is at. We have a suite of FREE tools that can help show you your susceptibility to phishing, spoofing and whether your organization’s credentials are for sale on the Dark Web.  We can also do an onsite security assessment to analyze your network’s vulnerabilities.

For your free tools, please visit:  http://downloads.primetelecommunications.com/CyberAwareness-Free-Tools or give us a call at 847 329 8600.

We are your managed technology solutions professionals and are here to listen!

 

 


phishing / a fish hook on computer keyboard with email sign / computer crime / data theft / cyber crime

Data breach. Customer information stolen.

 

Prime Telecommunications in cooperation with ID Agent is excited to offer this guest blog post from Megan Wells. Megan is a data journalist and content strategist at InvestmentZen who has written content on how data theft impacts Americans, technological interventions for personal and commercial finance and content for IBM and NASDAQ. With her examination of costs and the impact of Data Breaches, she shares how detrimental identity theft can be for businesses and their employees.

Data breach. Customer information stolen. Identity theft. Those words are enough to cause panic to a small business owner or manager. However well protected they think they are, they fail to realize that criminals on the Dark Web are one step ahead.

Many don’t understand what a data breach is and think it only happens to big companies like Equifax, Target and Home Depot. Yet, employee errors account for 30% of data breaches as the following examples show and small businesses have employees, right?

  1. A medical office employee emails patient data without encrypting the email.
  2. An employee attaches a document to an email that contains a customer’s SSN and account number.
  3. Malware enters a company’s servers through an internet download and steals customer and business data.
  4. A hacker breaks into the business network and downloads credit card data.
  5. A company laptop with customer information on it gets stolen.

Any company that stores customer information, regardless of size, is vulnerable and at risk for a data breach. And data breaches lead to identity theft for business owners and customers.

The negative press to a business from a data breach is bad enough. The risk of identity theft to customers and owners takes it to another level. Over $16 billion was stolen from consumers in 2016, roughly $1,300 per victim. While that amount may seem low (in perspective), the time involved is not. Theft caught early might take eight hours to resolve; for many, however, hundreds of hours are spent reclaiming their identity. Then there’s the person that never fully restores his or her identity–one in four victims faces this reality.
It’s in a business’ best interest to do everything possible to reduce its exposure to data breaches and the high cost of damage control (negative press, lost revenue, customer reparation). Businesses and consumers must work together to safeguard nonpublic, personal information. All our identities and millions of dollars are at stake.


Myth in technology

10 Everyday Technology Myths That Could Cost You Your Job

1.) MYTH: The more bandwidth I add, the better my voice quality and cloud performance should be… I will just change my COMCAST cable modem from 50 to 100 without spending a lot of extra money. It’s a cost-savings win.

If only we had a dollar for every time we have been told that a business decision maker (even in the IT department) decided to save money by relying on public cable (like COMCAST) to power their Internet and cloud applications by making a simple modem change from 50 to 100 without spending a lot of extra money. The problem with this thinking is simply that the quality of Internet that powers your business is often dependent upon the regulation of traffic on the network. In many of the situations, the first inclination is to go out and purchase the next tier of Internet speeds available. There are two fallacies with this statement:

  • Increased Internet speeds will improve your cloud and voice performance.
  • You will save money by using a public Internet provider in the process.

First, whether you are using 1 or 100 Megs of bandwidth, the call performance will be exactly the same regardless of the amount of speed you purchase. Why? Think of your Internet pipe as a street. There can only be so many cars on the street at one time or else the street becomes congested, bottlenecks occur, and everything comes to a halt. If your network is oversold—more Internet won’t help.

Secondly, once you hit the public Internet, all bets are off. While the public Internet can guarantee a certain Internet speed, those of you who rely on COMCAST during busy periods know that the speed of your Internet may vary by time of day and that’s simply because there are many users trying to access the same source. Comcast will claim that the speed is high, but the quality of your Internet is something different.

That’s when you head on over to Speedtest.net and run a speed test. Here’s another secret, if you are located near the source (data center) that Comcast uses to push out Internet, then your connection may be good. The farther you are from that source, or if there is other congestion on the Internet, your speed with vary.

You can solve this problem by implementing a traffic controller on the network that will monitor and maintain consistency for near and far locations and regulate the amount of bandwidth that your boss consumes while at work listening to Spotify. Let us know if you would like more information on how to do this. 

2.) MYTH: VoIP does not use a lot of bandwidth.

One of the first problems you will experience – out of the gates—if you choose to move your traditional PBX (on premises) phone system to the cloud is performance. Why? Because, contrary to widespread belief, VoIP does use bandwidth. One of the biggest challenges you will have to overcome is how to allocate the right amount of bandwidth to your Internet phone service.

But the real issue is not an abundance or deficiency in the quantity of bandwidth. The real issue is quality. When you are working with voice, it is important to prioritize quality over quantity. Adding more quantity will not change when what you are really looking for is a consistent, high-quality supply of Internet without interruption. Learn more.

Begin by asking any VoIP provider how they guarantee the quality of a call. Decide if you will have other services and applications running on the network that will require bandwidth and then work with a professional who can help you configure the right Quality of Service (QoS) settings so that you optimize your performance because VoIP uses a lot of bandwidth.”

3.) MYTH: I’m going to save money by ripping out my phone system and using a free version of Lync…

…My CFO and I both agree this is an effective way to save money.

While the individual price of products like Lync come in considerably lower than maybe a cloud-based phone system, performance of applications and voice calls over the Internet come at a price. To demonstrate, we recently worked with a client who had a solid network that was regularly monitored. The CIO wanted to reduce cost, so he/she decided to rip out the existing phone system and replace it with a less expensive version of Lync. What they did not account for was the Monday morning 1,000 employees who opened facebook right when the CEO was on an important call…long story short, the router could not save inferior quality voice performance; the network could not support and regulate the bandwidth to allocate the right amount to the CEO’s call. When the call is choppy or drops, the boss does not realize that its associated with the cloud performance because shortcuts and other inexpensive technologies cost you in performance when you least expect it.

4.) MYTH: Mac runs on a very secure operating system by Apple. For that reason, I don’t think I need any antivirus for my Mac.

The questions around whether Macs need antivirus software is not a new one, but the answer is changing. Long and short, while Macs are generally more secure than Windows, they are far from being immune to email and security hacks. Bottom line, there is no reason why a Mac cannot be targeted by cybercriminals.

The most obvious target is email. Cryptolocker and other cyber-attacks encrypt your system gaining access through (yep, you guessed it) email. Even more alarming is the fact that once access is gained, a cybercriminal can monitor your PC through your email and lock, steal or corrupt your data. At the end of the day, it seems smart to be safe rather than sorry.

5.) MYTH: I’m an Amazon Prime user, and I plan to save money by buying my computer from Amazon. I’ll just load my business applications on it when it arrives.

Unfortunately, it is not that easy. Daily we encounter smart technical people that purchase equipment like computers, routers, and firewalls at discounts shops like Best Buy and Amazon to earn points or save dollars. What those individuals don’t realize is that these items do not always come with the right version of Windows to work on your business network or lacks the ports and security software to ensure your system is secure. In fact, the money saved on equipment costs you down the road when you must hire an hourly IT professional to route VPN at home so that you can access QuickBooks on your server from the Internet. Technology must all work together.

6.) MYTH: Upper Management told us to migrate our servers and back-up to the cloud. That should be easy, right?

But here’s the rest of that statement: they don’t want to hear what infrastructure changes and cost are required to make this happen.

The cloud is cool, and it is a part of our future, but the cloud requires a retooling of existing infrastructure and systems to get top performance from high-quality Internet service, routers, and switches that can handle intelligent network management including things like bandwidth management, QoS, and proper security.

7.) MYTH: I work from home. I will just use my own WIFI router and provide visitors with the password only when needed…

…besides, it is such a pain to change the default passwords on routers, access points. It’s also worth remembering that the end user is always the weakest link. A hacked or compromised router (any device on the network) can be attacked in every known way. It can be used to spy, steal data, collect passwords and trick you into installing encrypted software. Now, image your companies network is being fed into your home WIFI router… just because something is working, doesn’t mean it is working right, or securely.

8.) MYTH: I got a great deal from COMCAST by adding security surveillance to the office.

In one innocent move, you have just made it more difficult for your IT guy to identify what not working when one of your many systems goes down.

For example, if you have Comcast managing the Internet, another resource managing your wireless, and yet another outside company managing your printers.

What happens when the printer stops working? Is it because…

  • …the printer is broken?
  • Maybe the Internet bandwidth is slow and that is impacting printing?
  • Maybe your Comcast service is allowing non-critical traffic that could be opening a security hole in your network?
  • Maybe you are experiencing DHCP conflicts on the network?

Whatever the case, this is no longer a quick fix. You have three different resources that must be called in and paid to troubleshoot the problem. We suggest you use one outsourced IT organization that can monitor, detect and prevent any and all the above from ever happening. Who wouldn’t want one call to make instead of three?  The best course of action is always to simplify with good products that are easy to use from a trusted provider.

9.) MYTH: I thought MPLS was included in the price.

Nope, you declined this offer when you changed your Internet providers and implemented your cloud network. This now means that once your Internet hits the public cloud, the performance of your cloud applications and all online systems are at the mercy of your local provider. If the network is overloaded, there is no quality assurance that the majority of your bandwidth will not be eaten up by employees using apps during working hours like Spotify, facebook, and Youtube. If you would have chosen the cloud Quality of Service overlay and added a cloud dashboard that monitors speeds and feeds, you would not be in this pickle. Going back to management and justifying costs because you declined an offer during implementation can be awkward.

10.) MYTH: I’m saving a lot of money by buying my printer and toner supplies at Office Depot.

Well… only at first. Consider this: If you buy a business printer at $1,200 with replacement toner at $300, you will not need to replace your toner until after 40,000 prints.

In option two, you buy the cheaper printer and toner at Office Depot, giving you 1,200 prints before you need to replace your toner at $99. Seems cheaper, right?

Wrong. After 120,000 prints, the Office Depot printer, while cheaper initially, would cost you a total of $7,899 over time ($99 printer; 100 toner replacements at $78 each). The business printer, for the same number of prints, will cost you $2,100 ($1,200 printer; 3 toner replacements at $300/each).

Do the math, the cheaper printer will eventually cost you $6,699 more. Your total cost of ownership should always be taken into consideration.

We hope you have found many of these myths useful in making your own future decision about technology. 2018 is right around the corner and if you would like to sit down with our team and plan your own 2018 Technology Roadmap, we are here to help. Many businesses find that the planning of resources and technology will save them thousands of dollars in unforeseen emergencies and unnecessary purchases.

Let us help you get the most out of your technology investment.


Meltdown and Spectre

How To Explain Meltdown And Spectre To Your C-Level and employees

OK, 2018 has just started and it has totally borked all networks in the whole world. That’s a fine mess we’re in to start off the year. 🙂

Meltdown and Spectre are CPU hardware design flaws that we techies understand. In a nutshell, Meltdown breaks the isolation between the user app and the OS, so the app can do a memory dump and steal any data in it. Spectre goes further. It breaks the isolation between apps. It’s harder to exploit but harder to mitigate.

However, how to explain this to your C-level and end-users is another story.

First thing to understand is that the vulnerable machine has to have malware running to exploit this vulnerability. And who are the most prone to let bad guys into their machine to start with? Right… users.

Another excellent reason to step them through new-school security awareness training immediately, because Meltdown and Spectre are going to be with us for a while.

We have just released our brand-new 2018 flagship 45-minute training module and a whole new batch of new videos from a new publisher.

I strongly recommend to not waste this crisis and require all staff to start the new year with a refresher awareness course, pretty much right away.

So now, how to explain this to everyone in your organization?

I suggest you send the following to your C-level execs and employees. You’re welcome to copy, paste, and/or edit:

“Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on our network, including your workstation and all our servers.

 

This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.

 

So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.

 

So, What Are We Doing About This?

 

We need to update and patch all machines on the network. This is going to take some time, some of the patches are not even available yet. We also may have to replace some mission-critical computers to fix this.

In the meantime, we need you to be extra vigilant, with security top of mind and Think Before You Click.

 

[OPTIONAL] To help you stay safe online in the office and also at the house, please step through this new security awareness training module which will take you 45 minutes. Consider it an urgent “lunch & learn” because of this hardware bug.” (Thanks, Mr. Intel…)

Here is a good site with an FAQ and videos about this SNAFU, that you can refer people to if they want to know more. For instance, antivirus does not protect against this vulnerability.

This was written by Stu Sjouwerman, Founder and CEO, KnowBe4, Inc.

 


Click hear fool

Request your Free Network Evaluation