You May Not Think You Need a Security Penetration Test – But You Absolutely Do

Cyber awareness

You May Not Think You Need a Security Penetration Test – But You Absolutely Do

 

Humans are notoriously bad at calculating risk – which is part of the reason why our applications, servers, and endpoints keep getting hacked so often. It’s often difficult to keep up with patches and updates to mission-critical programs – and we let them go out-of-date. Many businesses believe they are too small and barely worth a hacker’s efforts so they install antimalware and antivirus and hope that is enough. On the other hand, many small businesses believe they’ve already spent so much on business IT security that it may not be worth investing in more.

Because of these various fallacies, a successful cyberattack will nearly always come as a surprise. Specifically, the surprise is the extent to which the attack is successful, and the damage that it does.

For example, you wouldn’t be surprised to learn about a convenience store robbery, but you might be surprised if a single robbery put a store out of business. A single cyberattack, however, can and will erase a small business – 60% of small businesses close forever six months after a single successful breach.

Similarly, you wouldn’t be surprised to learn about a bank robbery, but you’d be surprised if a single robbery were able to loot a bank’s entire vault. As the result of a single cyberattack, however, over 140 million social security numbers were stolen – accounting for nearly half the country.

Small Businesses Have IT Security Options

What do you do about this? You can buy new security projects until your budgets are exhausted (see: defense-in-depth), but that does nothing to help you if a single successful cyberattack can expose your entire customer base. Any successful security strategy must instead focus on eliminating the element of surprise. Business leaders must understand that:

Whether you’re a small business or a massive enterprise, no amount of security spending will make you safe from hackers.

Therefore, you should take pains to understand where your vulnerabilities lie, and how an attacker will choose to exploit them.

Some vulnerabilities will be fixable, and some won’t. The ones that are fixable should be fixed as soon as possible; if there are vulnerabilities that can’t easily be fixed, solution partners like Prime Telecommunications help small businesses architect security plan to ensure that you meet the gaps in security that enable cyberattacks to penetrate the network.

In technical terms, the disciplines that will allow you to achieve this state of awareness are known as vulnerability scanning, penetration testing, and risk management.

Vulnerability IT Scanning: Building the Foundation of Security Awareness

Your network runs countless applications. If these applications aren’t constantly updated, or if they aren’t updated correctly, they represent a crack in the edifice of your security. On the other hand, new vulnerabilities in these applications crop up on a regular basis. One security vendor now predicts that companies will discover one new zero-day (a previously unknown application vulnerability) per day by 2021.

A vulnerability scan will most likely use automated tools to crawl your internal and external network for unpatched vulnerabilities and tell you what needs to be brought up to date. Your internal network relies on a complex web of application dependencies. Applying a patch to one application may mean that the applications depending on it fail to work in an expected manner. In some cases, there is no easy fix. If your computers are vulnerable to Spectre, for example – a vulnerability affecting three billion computers – they are essentially un-patchable. The Spectre vulnerability cannot be patched.

On the other hand, the Spectre vulnerability is extremely hard to exploit.In order to determine which of your vulnerabilities must be patched – no matter the expense or difficulty – and which may be left alone, you will need to undergo a penetration test.

Vulnerability & Penetration Testing: Hacking for Good

The difference between vulnerability scanning and penetration testing is the difference between knowing that a vulnerability exists and knowing how an attacker would exploit it – or if an exploit is even possible.

Penetration tests are great for businesses because they are the truest example of how an actual attacker would approach them. Your pen tester will use the same tools and techniques that an attacker would use to:

  • Perform reconnaissance on your network
  • Find attack surfaces
  • Exploit vulnerabilities
  • Trace the path from your perimeter to your mission-critical data and applications

While many business leaders may have trepidation about letting an outsider take such a deep look into their organization, the opportunity presented by regular professional penetration tests cannot be understated. Given sufficient time, your penetration tester will almost certainly be able to find their way to critical or compromising data. Along the way, however, you’ll be able to answer questions such as:

  • How long will it take an attacker to go from my network perimeter to my data store?
  • What vulnerabilities in my network are most appealing to attackers?
  • What indicators of compromise (IOCs) will an attacker produce as they infiltrate my network?
  • Will my security operations center (SOC) be able to detect the attacker in any way?
  • When the attacker reaches their target, how much of my critical data will they be able to see?
  • As the attacker exfiltrates data, will there be any signs? How much data will an attacker be able to steal before they are caught?

Vulnerability testing takes a hard look at the vulnerabilities that exist on the network from within. Assessments can be required by regulation or third parties but should be considered a best and recommended business practice for all organizations. Vulnerability assessments measure organizations against over 10,000 possible vulnerabilities and provide a clear path to wellness. Vulnerability Assessments may uncover the need for additional actions such as penetration testing or other network services to improve and organization’s vulnerability profile.

Security risk evaluation : Mitigating Cyberattacks with Risk Assessment

Let’s say that a vulnerability scan indicates a vulnerability in your perimeter and that a penetration test indicates that this vulnerability could be exploited to reveal critical data. A risk assessment would give you a number of possibilities that would minimize you and your customers’ exposure to legal and criminal threats in case of a breach.

For example, a risk assessment could tell you to:

  • Immediately patch the vulnerability – if this temporarily breaks dependent applications, so be it.
  • Map the gap in your security and align an action such as encrypting the data behind it. If an attacker steals that data, it will be of no value to them.
  • Partner with a Security as a Service team that can monitor and proactivelymitigate attacks trough security tools and techniques to safeguard data that can’t be compromised (such as your client’s social security numbers).
  • These are just a few of the range of options that a risk assessment might offer, all of them varying in difficulty and expense.

Your potential courses of action in response to a potential vulnerability will vary a great deal based on the kind of data you’re protecting and the kind of attackers who may be out to get you. Some forms of personal data may be less sensitive than others – it’s bad if you lose a customer’s address or email, but much worse if you lose their credit card or social security number. Similarly, depending on your company’s profile, you are not able to afford a data breach if your company has certain compliance and regulatory laws it must uphold.

These recommendations and decisions are best guided by risk management professionals. With a skill set that’s one-part hacker and one-part lawyer, these individuals can help you maximize your protection from attackers while minimizing your risks under compliance regimes such as HIPAA, PCI-DSS, and the forthcoming GRPR.

By undergoing regular vulnerability scans, penetration tests, and risk assessments, you’ll massively reduce the likelihood of a damaging security breach. What’s more, you will be less likely to find yourself surprised by a security breach and you are more likely to understand your risk posture by proactively protecting your data to your acceptable security level.

Take the first step by reserving your security-risk evaluation. A Prime Telecommunications security expert will provide options and help you decide which type of security best practice will help you secure your data, mitigate risk and sleep better at night.


cyberattacks

Understanding the Different Types of Cyber Attacks

 

There are three kinds of businesses: those that have been attacked, those that are being attacked and those that are clueless and don’t know anything about cyber attacks.

In today’s high-tech world, we are constantly vulnerable to cybersecurity threats. The ability to identify different types of cyber attacks is a useful way to protect yourself.

There are several types of attacks that commonly occur on the Internet. These attacks include Denial of Service (DoS), Man in the Middle (MitM), phishing and spearphishing.

Denial of Service (DoS) Cyber Attacks

A denial of service attack overwhelms a system’s resources so that it cannot respond to service requests. This type of attack is launched from a large number of host machines infected by malicious software and controlled by the hacker.

Unlike other types of attacks, DoS attacks do not provide hackers with access to personal information. Usually, they are done simply for the satisfaction of causing harm to a company. The may also be launched by a competitor trying to damage the company’s business.

Common types of DoS attacks include:

There are various ways to protect against DoS attacks and the method you choose will vary depending on the type of attack you want to avoid. Firewalls can be useful in TCP SYN and ping-of-death attacks, while various types of filtering can protect against botnets. To protect against teardrop and smurf attacks, you will have to disable various components of your computer system.

Man in the Middle (MitM) Attacks

These attacks occur when the hacker inserts himself or herself between the communications of a client and a server. Session hijacking and Internet Protocol (IP) spoofing are both forms of cyber attacks where the attacker mimics an IP address so that the victim believes that he or she is communicating with a trusted source. The attacker can use this method to gain access to valuable information.

With these types of cyber attacks, encryption can be used to protect yourself. Encryption ensures that any communications come from a trusted source.

Replay attacks are also common MitM attacks. A hacker will save old messages and try to resend them at a later time, once again mimicking a trusted source. These attacks can be avoided by using session time stamps or nonce (a random number of character strings that changes with time).

Phishing and Spearphishing

Phishing involves an email that appears to be sent from a trusted source. However, it is actually delivered with the intent of gaining access to personal information or to panic the user into opening an attachment or clicking on a link.

Often, the attachment or link loads malicious software into the computer. Spearphishing is a similar type of attack, but is personalized to the chosen victim.

Protect Yourself through Common Sense and Sandboxing

Luckily, many attacks can usually be circumvented by using common sense. If you see an email that looks suspicious, stop before opening it. Analyze the email and the header. Hover over links to see where they will take you before clicking on them.

You can also use sandboxing to protect yourself. Testing an email in a sandbox environment allows you to safely open attachments and click on links without making yourself vulnerable to an invasion. Another option is to forward a suspicious email to your IT department for analysis.

Protecting your personal information on the Internet is not easy, but it can be done if you are familiar with the various types of threats and know how to avoid them. Stay safe!


Network RMM

Who’s Monitoring Your Network?

A business’ network is relied upon heavily for many daily functions, and there are many places problems can occur. According to CompTIA, four leading security concerns are attacks from ransomware and malware, viruses that can get into your network and destroy data, and hacking attacks from cybercriminals. Along with these, there is also the possibility of outages caused by poorly-functioning circuits, and these outages result in lost productivity and revenue. Network monitoring can find and resolve these problems before they cause damage. Read on to learn about the role of network monitoring.

Why You Should Monitor Your Network
Network monitoring is a proactive way of detecting threats to the security of your network, resolving them before they cause serious problems. This can save your company both time and money, when network monitoring is part of an overall managed services plan. Possible cyber attacks can be prevented, thereby protecting your company from data loss and compromise of reputation. Not only that, but circuit monitoring can find bottlenecks that slow down your system and cause data loss and leakage. Access to your network can be tracked, finding unauthorized access by former employees, or social media usage that consumes a great deal of bandwidth.

The Advantages of Remote Network Monitoring
By having your IT service provider monitor your network remotely, your business can rest easy knowing that issues are caught and fixed without a trip to your office and can be fixed before data is compromised or systems are slowed down. This helps keep IT costs down by preventing problems before they get out of hand. Your network is protected from viruses and malware because patches are kept up-to-date. Remote monitoring can help keep things running smoothly and enhance productivity by helping your business focus on long-term goals while resting easy about security.

Your network is crucial to the success of your business, and monitoring can help keep it secure. If you have questions, or need to set up a managed service plan including network monitoring, contact Prime Telecommunications today.


Keep your networks and users secure from internal and external threats

9 Signs That Your End Point Security is NOT up to Par

Take a look at this list. If any of these nine signs sound familiar, it’s time to re-evaluate your current endpoint protection.

1. Scans and updates slow your system to a crawl.
One of the leading complaints about endpoint
security is that it negatively impacts speed and
performance. Some endpoint security solutions
will indeed slow your systems and impact
productivity. When evaluating solutions, be sure
to check independent test results that measure
performance and system impact. Look for the lowest
numbers, which indicate light footprint solutions
that won’t affect speed or cause interruptions.

2. Employees complain about using
the antivirus solution.
If resentment builds up, employees will eventually
bypass the solution altogether on their
company-issued or bring-your-own devices,
which can affect both performance and
security for the whole network.

3. Your solution is underperforming.
It isn’t detecting viruses or other pieces of malware
or it’s flagging non-malicious files as malware; it
has a high footprint that equals slower scanning; it
creates AV storms on virtual machines or has high
bandwidth usage that bogs down the entire network.

4. Your solution alerts on too many files or
links that aren’t actually malicious.
Alerting on multiple files or links that are
not actually malicious results in a high
rate of so-called false positives.
Even one false positive can cause serious problems.
If an antivirus solution is configured to immediately
delete or quarantine infected files, a false positive
in an essential file can render the operating
system or crucial applications unusable.
Even if false positives don’t shut down your
system, each one requires an investigation
that wastes valuable IT resources.

5. Removing malicious files and dealing with false
positives is too complicated.
A 2017 study by the Ponemon Institute found that:
• Nearly half of all security alerts are false positives
• 3 out of 4 organizations report having more
difficulty managing endpoint security risks
• Organizations see false positives as the #1 “hidden”
cost of endpoint protection
You need a solution that delivers silent quarantines and
automatic removal of malicious files, not more work
for your IT team.

6. Infections come back after you’ve removed them.
This means the solution isn’t doing a good job of
cleaning or updating its detection often enough.

7. It’s difficult to manage the solution across all your
platforms and devices.
In today’s environments, you need a security solution
that’s easy to manage so the burden of protection is
minimal. Look for a endpoint security product that
includes remote administration, so you can control
your entire network of workstations, servers and
smartphones from a single location.

8. Security event alerts or pop-up prompts interrupt
presentations and sales demonstrations.
This impedes productivity. Every employee needs
uninterrupted computer access. This means having
a malware solution with a “silent” or “presentation”
mode that’s easy to use, as well as a dependable tool to
restore regular mode when the presentation is over.

9. Getting technical support and customer service is
inconvenient, or communicating with the vendor is
difficult.
If it’s challenging to get reliable, customer-oriented
support or you’re having any issues with call centers
outside the U.S., that will impact productivity for
IT teams and end users. It will also contribute to
frustrations that could lead employees to circumvent
your security solution, opening their devices—and your
network—to cyberattacks.

Sign up for a FREE Network Security Assessment

 

Are you at risk? Get a FREE Dark Web Search

 

Free Cyber Awareness Tool Kit

This week in Breach

This week’s Breach Report

Highlights from The Week in Breach:

– You’d better reboot your router… NOW!

– Nation states injecting malicious apps into play stores to steal your stuff.

– Malware infects healthcare system impacting 500,000 Marylanders.

– Time from detection to acknowledgment and response getting slower and slower and slower. 

It’s back to business as usual in the world of breach, and we are seeing no signs of it slowing down this summer. This week’s headlines have been dominated by targeted attacks of SOHO Routers.  “SOHO” was coined to describe “small office – home office” routers used to set up local area networks by small businesses. According to DHS, “The size and scope of this infrastructure impacted by VPNFilter malware is significant. The persistent VPNFilte malware linked to this infrastructure targets a variety of SOHO routers and network-attached storage devices.” The initial exploit vector for this malware is currently unknown. Here is the link to US-CERT’s alert TA18-145A detailing the threat and what you should do the protect yourself from exploit!   


What we’re STILL listening to this week!

Security Now – Hosted by Steve Gibson, Leo Laporte

Defensive Security Podcast – Hosted by Jerry Bell (@maliciouslink) and Andrew Kalat (@lerg)

Small Business, Big Marketing – Australia’s #1 Marketing Show!


TeenSafe (Update)

Small Business Risk: High: App server hosted on AWS accessible by anyone without a password.
Exploit: AWS/Suspected Misconfiguration
Risk to Exploited Individuals: High: Even though less than 10,000 individuals were impacted, this is a highly vulnerable segment of the population. 

TeenSafe: The TeenSafe app allows parents access to their children’s web browser history, text messages (including deleted SMS and iMessages and messages on WhatsApp and Kik), call logs, and device location, plus lets them observe which third-party apps have been installed.

Date Occurred
Discovered
 Unknown, but accounts from past three months were compromised.
Date DisclosedMay 21, 2018
Data CompromisedHighly personal data including Apple IDs. The compromised data did not include photos, messages, or location data. The server stores parents’ email address used for their TeenSafe account and their child’s email address, the child’s device name, and the device’s identifier.
How it was CompromisedAt least one of the app’s servers, which are hosted by Amazon’s cloud service, was accessible by anyone without a password. The data, including passwords and user IDs, were reportedly stored in plaintext, even though TeenSafe claims on its website that it uses encryption to protect user data. TeenSafe requires two-factor authentication to be switched off for the app to work, so anyone with just a password can easily gain access to compromised accounts. The app is available for both iOS and Android and doesn’t require parents to seek their child’s consent for access to their phone.
Customers Impacted
Around 10,200 accounts from the past three months were compromised, though that number also includes duplicates.
Attribution/VulnerabilityUndisclosed at this time.

https://www.theverge.com/2018/5/21/17375428/teensafe-app-breach-security-data-apple-id

https://www.zdnet.com/article/teen-phone-monitoring-app-leaks-thousands-of-users-data/

Google Play

Small Business Risk: Low: Targeted nation state exploit.
Exploit: Mobile Device Malware Exploit
Risk to Exploited Individuals: High: Nation-state exploit targeting defectors.

North Korean Defectors / Google Play malware

Date Occurred
Discovered
The apps had been live in the Google Play store for three months — from January to March.
Date DisclosedMay 2018
Data Compromised
Google Play store has allegedly hosted at least three apps designed to collect data from specific individuals. Two of these apps were posing as security apps, while the third claimed to provide food ingredient information. But what they really did was steal information from devices and receive a certain code that allowed them to further access data like photos, contact lists, and even text messages.
How it was Compromised
A North Korean hacking team was recently able to upload three Android apps to the Google Play Store that targeted people who escaped from the authoritarian country, according to a report from McAfee. The malware campaign, nicknamed RedDawn, involved the hackers contacting the targets through Facebook to invite them to install seemingly innocent apps from the Google Play Store.
Customers Impacted
By the time McAfee privately notified Google as to the existence of these apps, 100 folks had already downloaded them.
Attribution/VulnerabilityBack in January, McAfee noted that it had found malicious apps intended to infect North Korean journalists and defectors’ devices. The group behind these apps was subsequently named Sun Team and is apparently the same group behind these latest apps. The apps were all linked to the same developer email address. McAfee found that the words used in the control servers were common in North Korea. There was also a North Korean IP address discovered in a test log file of some Android devices connected to account used to send out the malware.

https://www.digitaltrends.com/mobile/mcafee-malware-google-play/

http://www.techtimes.com/articles/228100/20180520/north-korea-hackers-use-android-apps-with-malware-to-harass-defectors.htm

LifeBridge Health
Small Business Risk: 
Extreme: Malware designed to inject healthcare systems and extract PHI/PII.
Exploit: Server/Security Exploit with Malware Injection
Risk to Exploited Individuals: Extreme: Although data has not been validated for sale on the Dark Web, the extracted data included “lifelong” PII & PHI that can be used to profile and/or exploit an individual for decades.

Lifebridge Health 

Date Occurred
Discovered
The breach occurred more than a year ago; discovered May 18.
Date DisclosedMay 2018
Data Compromised
The breach could have affected patients’ registration information, billing information, electronic medical records, social security numbers and other data.
How it was CompromisedAn unauthorized person accessed the server through LifeBridge Potomac Professionals on Sept. 27, 2016. Malware infected the servers that host LifeBridge Potomac Professionals’ electronic medical records, and LifeBridge Health’s patient registration and billing systems.
 

Attribution/Vulnerability

Outside actors
Customers ImpactedMore than 500,000 Maryland patients.

https://healthitsecurity.com/news/data-on-500k-patients-exposed-in-lifebridge-healthcare-data-breach

T-Mobile
Small Business Risk: High: Website configuration error revealing customer data for anyone to exploit.
Exploit: Website, Database & Security Misconfiguration
Risk to Exploited Individuals: Moderate: A threat actor would really have to develop a targeted threat plan to fully exploit the exposed population.

T-Mobile

Date Occurred
Discovered
Research done by ZDNet indicates that this T-Mobile.com web data breach was likely active as far back as October of last year.
Date DisclosedApril, 2018
Data Compromised
Allowed people to access the following info easily by attaching a cell phone number to the end of the web address:

  • Customers’ full names
  • Their mailing addresses
  • Account PINs used as a security question for customer service phone support
  • Billing account numbers
  • Past due bill notices
  • Service suspension notices
  • Tax identification numbers (in some instances)

 

How it was Compromised
A website bug on T-Mobile.com allowed anyone with access to a web browser to run a phone number and determine the home address and account PIN of the customer to whom it belonged.
Attribution/VulnerabilityOutside actors / undisclosed at this time.

https://www.statesman.com/business/personal-finance/mobile-website-data-breach-exposed-customer-addresses-pins/Ht3PZSdXMJkEKlDnggh3EL/


Keep your networks and users secure from internal and external threats

Best Practices in Cyber Security 2018

The cyberthreat landscape changes on a daily basis.  There is no one size fits all solution and there are no magic bullets. It has been said that the price of liberty is eternal vigilance. The same holds true for cyber security. There are four pillars of security- end point protection, perimeter protection, monitoring and end user vigilance.

They say that those who don’t learn from history are doomed to repeat it, and matters of cyber security are no exception. Threats will often follow trends, and so by reviewing what has happened in the past, we may be able to glean some insight into what will be important in the future.

If the first half of 2018 was any indication, there are a few things that will be of most concern to IT professionals and end users.

Ensure All Endpoints Have Appropriate Security Measures

It’s staggering to consider how many end points any given business could have, each providing a route in for threat actors. Between company-provided devices, personal mobile devices, and Internet of Things devices, there are plenty of opportunities for a company to be attacked.

As a result, as 2018 progresses, businesses must be aware of what threats exist, as well as better prepared to protect themselves against them. This includes strategies that ensure your organization’s digital protections are properly maintained while remaining cognizant of physical security best practices. Pairing encryption and access control, as well as mobile device management, can create a much safer environment for your data.

Cover your 6’s

Your network needs to have not just the firewall appliance – but a comprehensive suite of tools that can help you recognize suspicious behavior. It is more than just a static device. It has to be paired with analytical tools that can give you insight into your network. Additionally, an external firewall or web filtering service can protect you from unseen threats on a multitude of levels. It is not just hardware and software anymore. You need to have the resources available to alert you to threats, cut down the noise from repeated alerts and investigate areas that you should not be in yourself – e.g. the Dark Web.

Get Back to Basics With Security and End User Education – Cyberawareness Training

While it may sometimes be tempting to focus on the massive attacks and breaches that too-often dominate the headlines, no business can afford to devote their full attention to those vulnerabilities and overlook the more common threats. This is primarily because once they do, they become exponentially more vulnerable to these attacks through their lack of awareness and preparation.

Part of being prepared for the threats of the coming weeks and months is to make sure that your employees are also up to speed where security is concerned. Educating them on best practices before enforcing these practices can help to shore up any vulnerabilities you may have and maintain your network security. This includes restricting employee access to certain websites, requiring passwords of appropriate strength, and encouraging your employees to be mindful of exactly what they’re clicking on.

Continuing to Improve Security Measures

Finally, it is important to remember that implementing security features isn’t a one-time activity. Threats will grow and improve in order to overcome existing security measures, and so if they are going to remain effective, these security measures must be improved as well.

While regulatory requirements can provide an idea of what security a network should feature, they shouldn’t be seen as the endpoint. Instead, those requirements should be the bare minimum that you implement, along with additional measures to supplement them.

We are here to help. If you would like to explore the options of a completely managed firewall, DNS filtering, or cyber awareness training- we can assist. First- get a baseline of where your organization is at. We have a suite of FREE tools that can help show you your susceptibility to phishing, spoofing and whether your organization’s credentials are for sale on the Dark Web.  We can also do an onsite security assessment to analyze your network’s vulnerabilities.

For your free tools, please visit:  http://downloads.primetelecommunications.com/CyberAwareness-Free-Tools or give us a call at 847 329 8600.

We are your managed technology solutions professionals and are here to listen!

 

 


phishing / a fish hook on computer keyboard with email sign / computer crime / data theft / cyber crime

Data breach. Customer information stolen.

 

Prime Telecommunications in cooperation with ID Agent is excited to offer this guest blog post from Megan Wells. Megan is a data journalist and content strategist at InvestmentZen who has written content on how data theft impacts Americans, technological interventions for personal and commercial finance and content for IBM and NASDAQ. With her examination of costs and the impact of Data Breaches, she shares how detrimental identity theft can be for businesses and their employees.

Data breach. Customer information stolen. Identity theft. Those words are enough to cause panic to a small business owner or manager. However well protected they think they are, they fail to realize that criminals on the Dark Web are one step ahead.

Many don’t understand what a data breach is and think it only happens to big companies like Equifax, Target and Home Depot. Yet, employee errors account for 30% of data breaches as the following examples show and small businesses have employees, right?

  1. A medical office employee emails patient data without encrypting the email.
  2. An employee attaches a document to an email that contains a customer’s SSN and account number.
  3. Malware enters a company’s servers through an internet download and steals customer and business data.
  4. A hacker breaks into the business network and downloads credit card data.
  5. A company laptop with customer information on it gets stolen.

Any company that stores customer information, regardless of size, is vulnerable and at risk for a data breach. And data breaches lead to identity theft for business owners and customers.

The negative press to a business from a data breach is bad enough. The risk of identity theft to customers and owners takes it to another level. Over $16 billion was stolen from consumers in 2016, roughly $1,300 per victim. While that amount may seem low (in perspective), the time involved is not. Theft caught early might take eight hours to resolve; for many, however, hundreds of hours are spent reclaiming their identity. Then there’s the person that never fully restores his or her identity–one in four victims faces this reality.
It’s in a business’ best interest to do everything possible to reduce its exposure to data breaches and the high cost of damage control (negative press, lost revenue, customer reparation). Businesses and consumers must work together to safeguard nonpublic, personal information. All our identities and millions of dollars are at stake.


Myth in technology

10 Everyday Technology Myths That Could Cost You Your Job

1.) MYTH: The more bandwidth I add, the better my voice quality and cloud performance should be… I will just change my COMCAST cable modem from 50 to 100 without spending a lot of extra money. It’s a cost-savings win.

If only we had a dollar for every time we have been told that a business decision maker (even in the IT department) decided to save money by relying on public cable (like COMCAST) to power their Internet and cloud applications by making a simple modem change from 50 to 100 without spending a lot of extra money. The problem with this thinking is simply that the quality of Internet that powers your business is often dependent upon the regulation of traffic on the network. In many of the situations, the first inclination is to go out and purchase the next tier of Internet speeds available. There are two fallacies with this statement:

  • Increased Internet speeds will improve your cloud and voice performance.
  • You will save money by using a public Internet provider in the process.

First, whether you are using 1 or 100 Megs of bandwidth, the call performance will be exactly the same regardless of the amount of speed you purchase. Why? Think of your Internet pipe as a street. There can only be so many cars on the street at one time or else the street becomes congested, bottlenecks occur, and everything comes to a halt. If your network is oversold—more Internet won’t help.

Secondly, once you hit the public Internet, all bets are off. While the public Internet can guarantee a certain Internet speed, those of you who rely on COMCAST during busy periods know that the speed of your Internet may vary by time of day and that’s simply because there are many users trying to access the same source. Comcast will claim that the speed is high, but the quality of your Internet is something different.

That’s when you head on over to Speedtest.net and run a speed test. Here’s another secret, if you are located near the source (data center) that Comcast uses to push out Internet, then your connection may be good. The farther you are from that source, or if there is other congestion on the Internet, your speed with vary.

You can solve this problem by implementing a traffic controller on the network that will monitor and maintain consistency for near and far locations and regulate the amount of bandwidth that your boss consumes while at work listening to Spotify. Let us know if you would like more information on how to do this. 

2.) MYTH: VoIP does not use a lot of bandwidth.

One of the first problems you will experience – out of the gates—if you choose to move your traditional PBX (on premises) phone system to the cloud is performance. Why? Because, contrary to widespread belief, VoIP does use bandwidth. One of the biggest challenges you will have to overcome is how to allocate the right amount of bandwidth to your Internet phone service.

But the real issue is not an abundance or deficiency in the quantity of bandwidth. The real issue is quality. When you are working with voice, it is important to prioritize quality over quantity. Adding more quantity will not change when what you are really looking for is a consistent, high-quality supply of Internet without interruption. Learn more.

Begin by asking any VoIP provider how they guarantee the quality of a call. Decide if you will have other services and applications running on the network that will require bandwidth and then work with a professional who can help you configure the right Quality of Service (QoS) settings so that you optimize your performance because VoIP uses a lot of bandwidth.”

3.) MYTH: I’m going to save money by ripping out my phone system and using a free version of Lync…

…My CFO and I both agree this is an effective way to save money.

While the individual price of products like Lync come in considerably lower than maybe a cloud-based phone system, performance of applications and voice calls over the Internet come at a price. To demonstrate, we recently worked with a client who had a solid network that was regularly monitored. The CIO wanted to reduce cost, so he/she decided to rip out the existing phone system and replace it with a less expensive version of Lync. What they did not account for was the Monday morning 1,000 employees who opened facebook right when the CEO was on an important call…long story short, the router could not save inferior quality voice performance; the network could not support and regulate the bandwidth to allocate the right amount to the CEO’s call. When the call is choppy or drops, the boss does not realize that its associated with the cloud performance because shortcuts and other inexpensive technologies cost you in performance when you least expect it.

4.) MYTH: Mac runs on a very secure operating system by Apple. For that reason, I don’t think I need any antivirus for my Mac.

The questions around whether Macs need antivirus software is not a new one, but the answer is changing. Long and short, while Macs are generally more secure than Windows, they are far from being immune to email and security hacks. Bottom line, there is no reason why a Mac cannot be targeted by cybercriminals.

The most obvious target is email. Cryptolocker and other cyber-attacks encrypt your system gaining access through (yep, you guessed it) email. Even more alarming is the fact that once access is gained, a cybercriminal can monitor your PC through your email and lock, steal or corrupt your data. At the end of the day, it seems smart to be safe rather than sorry.

5.) MYTH: I’m an Amazon Prime user, and I plan to save money by buying my computer from Amazon. I’ll just load my business applications on it when it arrives.

Unfortunately, it is not that easy. Daily we encounter smart technical people that purchase equipment like computers, routers, and firewalls at discounts shops like Best Buy and Amazon to earn points or save dollars. What those individuals don’t realize is that these items do not always come with the right version of Windows to work on your business network or lacks the ports and security software to ensure your system is secure. In fact, the money saved on equipment costs you down the road when you must hire an hourly IT professional to route VPN at home so that you can access QuickBooks on your server from the Internet. Technology must all work together.

6.) MYTH: Upper Management told us to migrate our servers and back-up to the cloud. That should be easy, right?

But here’s the rest of that statement: they don’t want to hear what infrastructure changes and cost are required to make this happen.

The cloud is cool, and it is a part of our future, but the cloud requires a retooling of existing infrastructure and systems to get top performance from high-quality Internet service, routers, and switches that can handle intelligent network management including things like bandwidth management, QoS, and proper security.

7.) MYTH: I work from home. I will just use my own WIFI router and provide visitors with the password only when needed…

…besides, it is such a pain to change the default passwords on routers, access points. It’s also worth remembering that the end user is always the weakest link. A hacked or compromised router (any device on the network) can be attacked in every known way. It can be used to spy, steal data, collect passwords and trick you into installing encrypted software. Now, image your companies network is being fed into your home WIFI router… just because something is working, doesn’t mean it is working right, or securely.

8.) MYTH: I got a great deal from COMCAST by adding security surveillance to the office.

In one innocent move, you have just made it more difficult for your IT guy to identify what not working when one of your many systems goes down.

For example, if you have Comcast managing the Internet, another resource managing your wireless, and yet another outside company managing your printers.

What happens when the printer stops working? Is it because…

  • …the printer is broken?
  • Maybe the Internet bandwidth is slow and that is impacting printing?
  • Maybe your Comcast service is allowing non-critical traffic that could be opening a security hole in your network?
  • Maybe you are experiencing DHCP conflicts on the network?

Whatever the case, this is no longer a quick fix. You have three different resources that must be called in and paid to troubleshoot the problem. We suggest you use one outsourced IT organization that can monitor, detect and prevent any and all the above from ever happening. Who wouldn’t want one call to make instead of three?  The best course of action is always to simplify with good products that are easy to use from a trusted provider.

9.) MYTH: I thought MPLS was included in the price.

Nope, you declined this offer when you changed your Internet providers and implemented your cloud network. This now means that once your Internet hits the public cloud, the performance of your cloud applications and all online systems are at the mercy of your local provider. If the network is overloaded, there is no quality assurance that the majority of your bandwidth will not be eaten up by employees using apps during working hours like Spotify, facebook, and Youtube. If you would have chosen the cloud Quality of Service overlay and added a cloud dashboard that monitors speeds and feeds, you would not be in this pickle. Going back to management and justifying costs because you declined an offer during implementation can be awkward.

10.) MYTH: I’m saving a lot of money by buying my printer and toner supplies at Office Depot.

Well… only at first. Consider this: If you buy a business printer at $1,200 with replacement toner at $300, you will not need to replace your toner until after 40,000 prints.

In option two, you buy the cheaper printer and toner at Office Depot, giving you 1,200 prints before you need to replace your toner at $99. Seems cheaper, right?

Wrong. After 120,000 prints, the Office Depot printer, while cheaper initially, would cost you a total of $7,899 over time ($99 printer; 100 toner replacements at $78 each). The business printer, for the same number of prints, will cost you $2,100 ($1,200 printer; 3 toner replacements at $300/each).

Do the math, the cheaper printer will eventually cost you $6,699 more. Your total cost of ownership should always be taken into consideration.

We hope you have found many of these myths useful in making your own future decision about technology. 2018 is right around the corner and if you would like to sit down with our team and plan your own 2018 Technology Roadmap, we are here to help. Many businesses find that the planning of resources and technology will save them thousands of dollars in unforeseen emergencies and unnecessary purchases.

Let us help you get the most out of your technology investment.


Digital Transformation

IT Forecast Calls for Digital Disruption

Driving Transformation with Software-Defined Networking

IT personnel and network engineers have a palpable feeling of uncertainty as a new set of challenges confront them. Digital transformation is turning business models on their heads. While enterprises take measures to bolster IT departments and gear up to adapt to the latest technologies, they face fundamental resistance from within.  Hardware-centric enterprise networks are based on static deployments, which makes configuration changes too slow and too costly.  These legacy networks were never designed to evolve at the pace which business requirements are changing today.

Security, staffing and skills training continuously weigh on IT budgets for all organizations, big and small. Now overlapping layers of emerging technologies such as the cloud and IoT have further added to the woes. It’s clear that enterprise networks have evolved beyond the basic mandate of connecting the head office to branches networks and data centers. CIOs and IT leaders are seeking innovative solutions that will consolidate and resolve some of the biggest IT challenges without increasing their budgets. Enterprises must align technology innovation with cloud performance and network security to preserve customer trust and brand reputation while building shareholder equity through this era of digital disruption.

The quest for foundational innovation is leading CIOs on a Journey to an SD-WAN (free white paper series!) where software-defined networking provides agility, security and cloud integration that propels the entire business ecosystem to a higher level of efficiency and performance. SD-WAN builds dynamic, scalable networks that simplify branch complexity while accelerating cloud applications.  This creates a strategic advantage that boosts worker productivity and empowers enterprise innovation, all without increasing IT spend.

Here’s a quick look at some of the top issues faced by enterprises and how SD-WAN is helping IT leaders to address them:

Migrating to Public and Private Clouds

Cloud networking continues to fundamentally transform the enterprise. According to a recent CIO.com article based on a Forrester Research survey of enterprise decision makers, all enterprises report they are implementing some form of cloud technology this year. While the survey indicates that 38% report they are focused on private clouds, and 32% are focused on public clouds, the majority of respondents (59%) say they’re adopting the hybrid cloud model. Conceptually, hybrid clouds combine the security and control of private clouds with the cost efficiency and scalability of public clouds.

The good news is that your users are evolving with new tools that make your organization more competitive and productive. The challenge is that IT departments are dealing with tremendous amounts of data as a seemingly endless supply of new devices and cloud-based applications continuously appear on the network. Hardware-based enterprise networks are not well suited for connecting users to the public cloud, and moving workloads into private clouds requires careful planning and skilled IT time. To make matters worse, those costly MPLS circuits seem to create a giant sucking sound on your IT budget every time someone even mentions the cloud.  In order to deliver optimal cloud user Quality of Experience (QoE), CIO’s need a solution that cost-effectively scales cloud access while providing granular control of bandwidth resources and application policies.

Where hardware-based networks struggle to adapt, cloud-delivered SD-WAN architectures handle network changes and application performance issues with ease and control. SD-WAN brings your network to the cloud, empowering the enterprise with the agility to dynamically migrate applications and workloads to whichever cloud computing model is the best fit.

Cloud Security and Performance

VINO SD-WAN provides a virtual overlay for the enterprise network, where centralized orchestration is based on business policy intent.  This gives IT leaders the flexibility to implement changes across the entire ecosystem without those costly delays they would face with a traditional hardware approach.  SD-WAN also leverages multiple low-cost broadband connections in ways that drastically boost the speeds, reliability and performance of cloud applications.

As new applications join the network ecosystem, VINO SD-WAN identifies them on-the-fly and automatically applies user-defined policy templates.  Traffic shaping and security rules are instantly enforced throughout your ecosystem to ensure that users get an optimized cloud experience.  Branch network resources can even be orchestrated by VINO SD-WAN to ensure all users and applications get their fair share of bandwidth according to your business intent.

VINO SD-WAN consolidates security policies into a single pane of glass.  All SD-WAN end points are authenticated and SD-WAN traffic is automatically encrypted from end-to-end.  Branch office networks can be securely segmented into VLANs that isolate traffic as required for regulatory compliance. VINO offers branch firewalls which are managed as Virtual Network Functions (VNFs), creating a Software-Defined Perimeter where security policies are centrally updated and dynamically distributed across your entire estate in just a few clicks.

Whether your applications are hosted in public or private clouds, VINO SD-WAN helps you deliver more bandwidth with lower TCO and embedded tools to boost quality, policy control and security.

Branch Network Efficiency

Traditional MPLS networks are carrier-dependent, which usually leads to long wait times as circuits are provisioned. Once your MPLS circuits are finally deployed, several hours of skilled IT time is usually required to configure the routers, firewalls and any WAN optimization appliances. The result is that new sites are costly to set up and deployment cycles take weeks or even months.

SD-WAN can reduce deployment times to about one week or even less.  The flexibility to use any broadband access connections means you’re no longer held hostage to carrier MPLS deployments timetables.  Most sites can get local broadband circuits turned up within a week, and the SD-WAN CPE device can be shipped overnight.  From there, the SD-WAN provisioning is a matter of minutes with centralized and automated installation that requires minimal skilled IT time on-site.

Cloud orchestration also enhances branch network visibility and control.  SD-WAN brings consistency to monitoring and management across all your sites regardless of the local carrier or access connection type.  SD-WAN orchestration provides analytics and visualizations that show real-time network and application performance.  As discussed in a related blog, Cisco ISR customers have big TCO savings potential in the 80% to 90% range with SD-WAN, which is partly due to the operational efficiency gains.  While all SD-WAN solutions can help accelerate site deployments and network management efficiency, the best way to free up skilled IT resources is through Network-as-a-Service solutions like VINO SD-WAN which include professional design and ongoing 24/7/365 support.

Secure Access for Mobile Workers and IoT

Smartphones and tablets are blurring the line between work and play, and new workforce collaboration tools are enabling higher productivity from remote and mobile workers. While legacy networks can provide secure access for these workers, the manual VPN configurations tend to drain IT resources. Beyond the basic challenge of keeping up with the rapid turnover rate of employee devices, the VPN tunnels are back-hauled which creates bandwidth wastage while crushing productivity and performance.

Meanwhile, analyst are projecting several billion internet connected “things” will be deployed within the next few years, which means IT teams need a network strategy that provides secure connections and bandwidth capacity at IoT scale. Talk of IoT may sound futuristic, but enterprise networks are already struggling to connect all the things that are here today. The first generation of things were computers, printers, VoIP phones and IP cameras. More recently, a new generation of WiFi enabled things have appeared in the form of various BYOD smartphones and wearable electronics than any employee, consultant or customer brings within range of your network SSID.

As these workforce mobility and IoT trends continue to accelerate, IT teams will need the agility and security of SD-WAN to meet the connectivity challenge. Through a secure cloud-overlay network architecture, VINO SD-WAN provides more direct access for remote workers and mobile IoT devices. For on-prem IoT deployments where many things connect to a local IoT gateway hub, SD-WAN provides high scalable bandwidth to backhaul traffic to the cloud.

Next Steps

Digital transformation is driving changes in applications and user behavior, which is in turn placing strain on IT leaders to quickly adapt the enterprise network to meet rapidly shifting requirements. This cycle is accelerating and legacy networks do not provide the scalability or agility necessary to meet the challenges and keep your workforce competitive.

Whichever way your cloud, workforce and IoT requirements evolve, the bandwidth requirements and the number of connected endpoints will continue to increase. It’s time to create a game plan for SD-WAN. Ideal solutions will support mobile workers and IoT devices while optimizing application quality-of-experience for both public and private clouds.  While SD-WAN orchestration enhances operational efficiency, consider Network-as-a-Service solutions to free up skilled IT resources to pursue your strategic digital transformation initiatives.


Network Security

How to Combat Ransonware Viruses

Network Security

Sitting around the family table last night, our discussion turned to network security. Why? Because it affects everyone from my 83 year old father using his iMac to my 16 year old nephew gaming in his basement. My brother in law, who works as an M&A consultant is concerned as is my sister the HR executive. We seem to be surrounded by cyberthreats – that are more real than perceived. The Internet is a nasty neighborhood that we all pass through daily. It is a crime ridden and dangerous Gotham that we are all stuck in, you need to know how to act.

Just like evolution from viruses, to botnets and malware families that we’ve seen over the past decade, bad actors continue to find new ways of reinventing old threats. Today, the top trend in modern malware is the proliferation of ransomware. Ransomware has come a long way from the non-encrypting lockscreen FBI scare warnings like Reveton. In 2016, there has been a constant flow of new ransomware families popping up, like Locky, Cerber, Madeba and Maktub, and this is only expected to pick up steam over the summer. Ransomware is very damaging.

 

Install the latest patches for your software, especially Adobe, Microsoft and Oracle apps

A common way in for ransomware is via exploit kits, like Angler. These bundle many application vulnerabilities into one kit, and try drive-by exploits for each one in sequence. The more your apps are outdated, the more likely, some of these exploits might work and infect you with ransomware.

Use network protection

A very important part of a comprehensive security strategy is to use network traffic monitoring system that is based on machine learning and behavior analysis. As most of these attacks come in via internet channels, make sure your network protection can parse and analyze both email and web traffic.

Use a comprehensive endpoint security solution with behavioral detection

The endpoint (user’s computer) is whether the ransomware infection takes place. So it is important to use a modern security solution here as well, with a signature-less approach. Signature-less approach, aka behavior detection is the only way to catch zero-day threats, that are new and do not have signatures written for them yet.

Turn Windows User Access Control on

Windows has added this security feature to help you stay in control of your computer by informing you when a program makes a change that requires administrator-level permission. UAC works by adjusting the permission level of your user account. If you’re doing tasks that can be done as a standard user, such as reading e‑mail, listening to music, or creating documents, you have the permissions of a standard user—even if you’re logged on as an administrator. Take full advantage of it.

Be skeptical: Don’t click on anything suspicious

Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether. As most of the infections come from user action – opening attachments or visiting websites, being vigilant is the most effective way to minimize damage.

Block popups

Popups are regularly used by criminals to spread malicious software. To avoid accidental clicks on or within popups, it’s best to prevent them from appearing in the first place.

Override your browser’s user-agent

As some exploit kits use your user-agent to tailor the write exploit for your operating system, it pays to trick them by setting the wrong user-agent  on purpose. For instance, when using Firefox on Windows, set your user-agent to say “Firefox on Linux” to confuse malware redirectors and exploits.

Use security content to detect ransomware

You’ll never entirely be able to stop people from opening a malicious email and being tricked into clicking on a phishing link. That act can open a single file that begins acting like a worm and starts propagating through your IT infrastructure or through that of your organization and wreak havoc. It’s critical to have great content so you can start detecting these bugs and squash them before it becomes a problem.

Solid threat intelligence is key

It’s critical that you know who your adversaries are – who these groups are, what ransomware they’re using and what versions, as well as what command and control infrastructure is being used by various groups that are making those calls. It’s also important to understand what the indicators of compromise are so you can set up security content to detect it as your system is being infected.

Don’t underestimate the value of continuous monitoring

Look at security vendors with a “products + services” approach. Market-leading security technologies are critical but combined with 24×7 monitoring by security experts is the best approach to securing your IT infrastructure and stopping threats like ransomware. If you have an 9-to-5 business and no one is watching your shop at night, that’s a lot of hours for a malicious bug to move through your IT infrastructure.

Have a robust, in-depth backup plan

Before your company is attacked by ransomware, it is important to have an existing backup plan in place so you can access your data. It’s imperative that an organization’s backup strategy include offline backup, this may require manual processes, but any online backups will be encrypted by attackers, making it useless to the victim. Know the pain points of restoring and recovering data, and make sure that your plan accounts for those pain points. It is important to classify your systems and data when creating your backup plan. Keep in mind which systems and data are most important to your organization and put extra care around the most critical systems in your infrastructure.

 

 


Click hear fool

Request your Free Network Evaluation