Tag Archives: IT needs

Don’t Push Your Network’s Luck

Look around your office. Isn’t it great to see your team hard at work on their computers? Yet if we take a closer look, let’s see what’s really happening…

Joe, your new sales rep, is poring over last weekend’s game stats…

Amy in marketing is looking for a new job, surfing your competitors’ websites, chatting with their HR people…

Wes, over in customer support, just bogged down your entire network by downloading a video file of Metallica in concert…

Bob in accounting is browsing stock-investing sites, in search of a hot tip…

Okay, so maybe it’s not that bad at your company. But this type of behavior will happen to some degree if you don’t proactively prevent it. The real problem is, unfiltered content often links to malware and other threats. Ignore it and you risk productivity losses, legal liabilities, extortion, blackmail and fraud. And not only that, the resulting data loss and corruption can cost your company big-time. Cyberthreats stemming from unfiltered content aren’t something you can count on your lucky leprechaun or four-leaf clover to protect you from.

In today’s mobile environment, content filtering has becoming a greater challenge than ever before. Your company may already be doing some filtering at the network level. However, when was the last time you checked the number of mobile devices linked to your network? As your workforce goes mobile, your network is exposed to a rapidly expanding “attack surface.” With BYOD (bring your own device) now the norm, the old rules of content filtering just don’t cut it anymore.

Are You Making Any Of These Mistakes?

Old content-filtering models presume your network has a safe “firewall.” But now, with BYOD, you need a different way to protect your data. And that’s where endpoint security comes into play. Endpoint filtering keeps devices on your network safe from infection, no matter where they hook into the Internet.

But make ANY of the following mistakes with endpoint security and your network could be a sitting duck:

  1. Missing even ONE endpoint. This applies to tablets and smartphones as well as home-based machines that VPN into your network.

 

  1. Skimping on security policies, protocols and training. Believing that tech tools alone will keep your network secure is a recipe for breaches. In fact, no technology can keep a network safe if users cut corners.

 

  1. Leaving endpoint filtering out of your overall security plan. Ad hoc security invites disaster. An improperly designed system exposes holes that hackers love to find.

So, What Exactly Should You Filter?

Forrester Research states that companies whose users access the cloud should:

Detect and intercept unusual or fraudulent activities related to data in the cloud.

  • Detect, neutralize and eliminate malware in cloud platforms.
  • Detect and monitor unsanctioned cloud applications and platforms usage.
  • Protect against leaks of confidential information.
  • Encrypt structured and unstructured data in cloud platforms.
  • Investigate suspicious users and incidents.

Between BYOD and ever more complex cyberthreats, you simply can’t afford to run around putting out fires. You absolutely MUST proactively defend your network in depth with endpoint content filtering. We offer content filtering that is customizable to your business while still offering the highest level of protection. We can also help segment your wireless network, so those who do BYOD won’t ever touch the network that your critical business data is on. With a complete proactive managed service provider like ECMSI, you can sleep better at night and stop relying on “luck” to keep your network stable and secure.

Top 5 Priorities for State and Local Government Technology

State and Local Governments have found that in recent years it is becoming easier to serve citizens and enhance the way of life in their cities by utilizing technology. Officials have seen much better city management and planning when they implement new tech. Government offices are also relying more on their IT infrastructure to keep their employees productive in order to better serve their communities. With the recent cyber breach that affected the entire city of Atlanta, state and local governments are starting to realize they are just as vulnerable to cyber attacks just like anyone else. Government offices hold a lot of valuable information and are relied upon to maintain not only their local economies but the safety and standard of living for their residents. This year governments are going to have to prioritize their technology and develop plans that will maintain their IT infrastructure, here are the top 5 things State and Local Governments should consider.

1. The Internet of Things Enhancing Communities

The Internet of things, or (IoT) has been a trending topic in the news recently.  But what is the IoT?  Simply put, it is connecting any device with an on/off switch to the internet. This includes, any household items, fridges, microwaves, to washing machines, lamps, wearable devices and the list can go on forever.  But what does this have to do with State and Local Government one may ask? Well, a whole lot. On a broad scale the IoT can be applied to things like transportation networks and can help create “smart cities” that can help us reduce waste and improve efficiency for thing such as energy use.  Check out the graphic below that shows how a smart city would work. (The graphic below provided by Libelium who specializes in IoT devices.)

2. Beefing Up Cyber Security

The IoT can do great things for a city, however without the right security measures, it could also make a city extremely vulnerable. State and Local governments need to have fail safe back up and disaster recovery plan for all departments to ensure the cities network is protected and does not get compromised. In the face of evolving threats, cities have already fallen victim like the case of Atlanta.  Atlanta has recently fallen victim to a ransomware attack in which the hacker demanded over $51,000 USD in the form of bitcoins. The ransomware stole information and locked out government officials from files and software needed to run city operations. Cyber security is a very sensitive topic for government because when compromised, like a business, people begin to lose trust, which is the opposite of what any local government wants for its residents.

3. Cloud Solutions for Data

Cloud solutions are no more a far-fetched concept.  Migrating data to the cloud is providing a way that government can bypass restrictions created by tightening budgets. More governments are moving their data to the cloud, however with the migration comes some planning. Local governments must consider their environment to ensure they pick the right model, whether being a public, private or hybrid cloud. Moreover, data management can prove itself an issue if governments are relying on multiple cloud management providers.

4. Consolidation and Cutting Redundant Costs

Finding saving and efficiencies is extremely important to governments. When there are too many separate entities all with their own network trying to work together, this can create many holes in a governments system, where one infection can spread like wildfire. In the case of the state of Ohio just five years ago, 26 agencies were using close to 9,000 servers to support more than 32 data centers that were only running at less than 10 percent capacity.  By consolidating and reconstructing these servers the state was able to save more than $100 million and avoid close to $60 million is added costs. Governments will need to look into simplifying their infrastructure to their best ability, not only will it be able to help with costs, but also with security.

5. Collaborating with the Right Tools

Managing and thinking about all of these technical items is the last thing an elected official wants to think about when they run for office. Especially to local governments who focus on their residents and improving their cities. Technology problems are the last on their priority lists, local governments should look to invest in managed service providers that will focus on the technology side, making sure it is safe and reliable, while the government focuses on more pressing community tasks. ECMSI in northeast Ohio can do just that for any local government. If you are a part of a local government that needs IT help. Please feel free to call us today at 330-750-9412. We are always here trying to Make IT Easy!

 

How to Avoid Becoming the Next Hacking Victim

Cyber attacks are so common now that hardly a week passes without news of another major network security breach involving a high-profile company. Well-known brands like Target, Sony and Yahoo have all fallen victim to security breaches in the last few years.

But hackers don’t just limit themselves the market’s major players – they will, and do, attack companies of all sizes, exploiting their weak defenses to infiltrate and steal valuable corporate data. In fact, smaller businesses are seen as much easier targets, because they usually lack the robust defenses that large enterprises routinely use.

So why should you worry about being next? The costs of a network security breach can be enormous, sometimes even crippling. One study from the National Cyber Security Alliance reports that around 20 percent of small businesses fall victim to a cyber attack each year, and of these, just 40 percent are still around six months later.

Can your business foot the bill from a major cyber security breach? Not likely.

Keep the bandits out

At ECMSI, our overriding goal is to help your company thrive, but you won’t stand a chance of doing that if your servers are leaking corporate and customer data all over the place. That’s why we make your network security such a big priority. We want to see our customers to succeed — and enjoy longer-lasting relationships with them.

As one of the leading Managed Services Providers, we’ll strive to protect your network against everything attackers can throw at it.

Our big secret is that unlike other MSPs, we take time to get to know our clients and help them understand how to take full advantage of their technology.

When we uncover your unique risks and concerns, we prepare a plan to help you defend against the wide variety of cyber threats that could slow down and damage your business — and your reputation — including ransomware, insider attacks and other viruses.

And we go further to proactively avoid these threats by teaching you best practices to minimize the risk of becoming a victim in the first place. We’ll also help get you up and running with the latest antivirus software, firewalls and threat detection software to ensure your network security is as tight as it’s possible to be.

Your depend on your business technology to be successful, that much you know already. But it can also become your Achilles’ heel if your network defenses aren’t up to scratch. Contact ECMSI today and we’ll show you how to avoid becoming headline news for the wrong reasons.

Shut Off Your Bluetooth When You’re Not Using It!

Privacy and security seems to always be on everyone’s mind today. Intuitively we are always making sure our homes are locked before we leave and that our cars when left aren’t vulnerable to any intruders. Just like our homes and cars, we keep our technological devices secure and locked with some sort of authentication, but they too have a variety of different entrances for an intruder to sneak their way in.

The most popular digital entrance into a electronic device today is through its Wifi. We have all heard of the horror stories of connecting to a wrong network in a public place and having your personal information stolen. But few people think about how their Bluetooth can be effected. Minimizing your Bluetooth usage minimizes your exposure to the vulnerabilities. Most recently, an attack called BlueBorne allows for any affected device with Bluetooth turned on to be attacked through a series of vulnerabilities. These vulnerabilities don’t stem from the Bluetooth itself but the implementation in all the of the software including Windows, Andriod, Linux and iOS. This potentially puts millions at risk.

 

The Blueborn attack starts by going through the process by scanning devices with Bluetooth on, it then starts probing them for information such as device type and operating system to see if they have the vulnerabilities it can latch on to. The Blueborn bug can allow hackers to take control of a device and access private information. This attack can also spread from device to device in one motion if other vulnerable Bluetooth enabled targets are nearby.

The best defense against this Bluetooth security flaw is to make sure your device system is always updated with the latest software and firmware. This make sure there are no vulnerabilities in the implementation of Bluetooth within your operating system. Bluetooth does many amazing things that seem almost magical and the benefits outweigh the calculated risk of turning it on. However when not in use it is best to make sure to keep your Bluetooth setting off and use it when you know you are in a safe and secure area.

Supply Chain Cyber Attack Infects 2.3 Million Users

Hacking comes in many forms, recently the trend in cyber crime has hackers going directly for the supply chain within an organization. The supply chain is a system of activities involved in handling, distributing, manufacturing and processing goods in order to move resources from a vendor into the hands of a final consumer. In reference to cyber-security, a supply chain attack involves tampering with the companies network in order to install malware that brings harm further down the supply chain.

One of the most popular supply chain attacks was data breach that occurred to the retail giant Target in 2013, Over 40 million customers credit card and debit cards were compromised after malware infiltrated one of Target’s third party suppliers and gained access to Targets main data network.

Recently, a computer cleaning software was compromised and left any user who downloaded the software between August 15th and September 12th with malware on their computer. CCleaner is an application that scans your PC for malware and junk files and cleans it up to work at maximum performance. It is an extremely popular software that has over 2 billion downloads, and ironically has caused the problem it tries to prevent. CCleaner was compromised when some unknown hackers infiltrated the download servers to the application and replaced the original version of the software with the malicious one and distributed it to millions of users for a month. The company that own the software is now recommending users to update their software to the latest version to protect their computer from being compromised.

These event have happened all to often, and can affect such a large group of users. These events are particularly a cause for concern to business owners. If your business computers are not being monitored and one of your employees accidentally downloads malicious software unknowingly, all of your important business data is now compromised. Not only is your data at risk, now your business if loosing precious hours trying to fix the problem and recovering from the cyber attack instead of focusing on your core business activities. These event could plummet employee productivity and could end up costing the business money that it simply cannot afford to lose. Be sure to always monitor end user activity and maintain backups of your important data.

 

 

Winter 2017: Disaster For Your Data?

fence with ice hanging off with snow covered trees in background
With winter just around the corner, everyone around you may be getting “all wrapped up” in the upcoming holiday season…

But you’ve got a business to run, customers to keep happy and mission-critical data to keep safe, even if a major blizzard, lightning strike, windstorm or epic flood is taking place right outside your door.

Here are 5 easy steps you can take this holiday season to get your office prepared for this winter’s worst, without seeming like Mr. Grinch.

Be ready for power outages. A power outage can hurt your business in more ways than you think. Besides employee downtime, it takes time to safely get everything back up and running. Then you need to make sure no critical files have been damaged or lost.

Autosave features can help minimize lost files in a sudden power outage. An uninterruptible power supply (UPS) can give your team anywhere from ten minutes to an hour to back up files and properly shut down equipment. If you need longer power durability during an outage, you might want to look into a backup generator.

Keep lines of communication open. Customer frustration due to production delays and not being able to reach key people at your company can be very costly in terms of both revenues and your company’s reputation. Here are three ways to make sure calls to your office don’t get bobbled when a storm rolls in:
1. Create a new automated greeting to let callers know about changes in hours or closings.
2. Set up an emergency override that automatically reroutes key phone lines to one or more numbers that can be reached during an outage.
3. Make sure you and your staff can access voice mail remotely – from a smartphone, by e-mail as an attached sound file or transcribed message, or as a text notification.

Manage employees working from home. Many of your employees can work from home if need be. But you’ll need to prepare in advance if it’s not the norm at your company. Have your IT specialist check with employees who could work from home during rough weather. They’ll need a virtual private network (VPN) to safely access the company network. Be sure it’s set up well in advance to avoid any glitches when that winter storm hits and you need it most.

Have a disaster recovery plan (DRP) ready to go. Unless you can afford to shut down for days at a time, or even just a few hours, it’s absolutely critical to keep a written DRP on hand. Write out step-by-step details of who does what in every type of winter disruption – from simple power outages to blizzards, flooding or building damage caused by heavy winds or lightning. A downed network can cost your company big-time every minute it’s offline. Make sure your plan includes one or more ways to get it back up and running ASAP. Consider virtualizing key parts or all of your network so your team can access it remotely. Once you’ve written out your plan, keep one copy at your office, one at home and one with your IT specialist.

Trying to recover your data after a sudden or serious outage without professional help is business suicide. One misstep can result in losing critical files forever, or weeks of downtime. Make sure you’re working with a pro who will not only help set up a recovery plan, but has experience in data recovery. The old adage about an ounce of prevention applies doubly when it comes to working with the right people who can help you prepare for – and recover from – whatever winter throws your way.