Find the latest news and information here.
The Dangers of Expired User and PC Accounts
By: Paul Facey, Managed Services/Advanced IT Technician
It’s that time of year where many of us are working on building new habits, getting organized, and starting the New Year off on the right foot. If you are looking to clear out clutter in the new year, we urge you to look beyond what is filling up your cabinet spaces. Clutter in your network could cause you some serious vulnerabilities, especially when it comes to expired user and PC accounts.
So, what are the risks associated with not disabling or removing expired accounts? Let’s first dig into the basics:
What is considered an “account”?
An account is generally a paired set of information (usually an ID and password) that is used to control access to something. For our purposes, it gains access to data in an organization. Most users are aware of user accounts. What users may not be aware of is that not only do users have accounts, but the PCs they are working on have additional accounts as well (this is especially true in an Active Directory Environment). When a computer is functioning in an Active Directory environment it is constantly verifying itself to domain controllers (servers) just like users do to ensure it has permission to access data and resources.
Why is this important?
Account maintenance is an often-overlooked part of organizational health and maintenance that can lead to data breaches. If a user leaves an organization, or a system has retired the accounts for that user, the system should be disabled or deleted as well. If those accounts are left active, that is an easy opportunity for an attacker to try and compromise those accounts and gain access to company data. Attackers can have “all the time in the world” to try and compromise these accounts as they are no longer in use and can go unnoticed for extended periods of time.
How do we prevent or limit this?
- Physical account management when a user departs or a system is replaced. The account should either be disabled or deleted at this time. For users it is recommended they be disabled and moved to an isolated “no-permissions group” for a period of time, then deleted once it is confirmed the account no longer contains any useful data.
- To protect the organization, the administrators or IT team should be conducting periodic audits of all accounts (user and system accounts) to identify old or stale (not frequently used) accounts to determine if they should be disabled or deleted.
- Account policies should be deployed that enforce password age, account lockout, and other security features. This ensures that even if an account is forgotten, it can no longer be accessed after a set amount of time. This way, if an attacker is attempting to compromise an account they will be locked out after a set number of attempts. This is a recommended practice for active accounts as well.
Account management is only one piece in the overall goal of protecting your organization and data, but a vital one. Each organization should define its needs and security goals, then implement the action steps whenever possible. The Networks Plus Team is standing by to assist your organization in evaluating and implementing these measures, and to help make your organization and data as safe and protected as possible.
Want to read more on this topic? Paul recommends you check out this article from InfoSecurity Magazine.
Your Business Will Be Hacked – Part 2
By: Jerry Horton, IT Director
“You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” -Bruce Schneier
Bruce Schneier is a guy you should listen to. He is widely recognized as a cybersecurity expert, wrote the book on cryptography, and is a respected thought leader about digital privacy and the surveillance economy. While I don’t entirely agree with Bruce here – I think defense and prevention to some degree is possible – the final sentence of this quote should be everyone’s focus. Detection and Response are key to minimizing the effects of all cybersecurity incidents. That being said, all of the detection and response in the world aren’t worth much if you don’t do basic prevention/defense strategies. Installing a great intrusion detection system in your office won’t yield results you intended if you don’t first prevent intrusions by locking the doors.
Last month, this blog (read it here) focused on the fact that a cybersecurity incident (or more than one…) is inevitable and began building the foundational elements for good cybersecurity. As a quick recap, you should:
- Change your mindset
- Stop being your own worst cyber-enemy
- Figure out what to protect and what to protect against
- Practice good basic cyber-hygiene, including passwords, patches, least privilege, and touching on backups
This month, we are digging into the basic elements you need to help you do the best detection and response for your business. Next month we will explore security without boundaries, such as work-from-home and a mobile workforce.
Let’s get started!
From this point forward, the assumption is that you have put all of the steps from the first blog into place. If you haven’t yet, go back, re-read that blog, and finish checking those boxes. That being said, you can implement them at the same time you start working through this section, but it is a lot easier if all of the simple things are done first.
Lock the outer doors
The first thing to talk about is the perimeter of your business. In a brick-and-mortar facility, you have doors for both staff and customers. Each of these doors will be treated very differently. Areas for inventory, offices, or workspace are restricted for staff members that have been assigned access, perhaps using a physical key or code, but that door will remain locked 24×7 as it is only intended for authorized personnel; the public entrances are a different matter. Such entrances will need to be open during business hours and locked outside of them. Sounds obvious, right?
Think of your network as the digital brick-and-mortar building. You have areas where only employees should be able to operate, but you still have email servers or websites which the public will need to access in order to communicate with you. The way you lock and monitor these digital doors is with a business-grade firewall, coupled with a secured wireless network.
By default, a firewall is effectively a one-way door, allowing authorized traffic out and blocking all entry attempts by unauthorized traffic. You need to add specially locked ‘doors’ to allow staff members in when they aren’t physically in the building through a Virtual Private Network (VPN) and some doors that allow certain types of traffic to communicate with your email or web servers. Add a firewall for inbound and outbound traffic and you have a top notch first line of defense.
A business-grade firewall is the first technical control you have to put into place. While it may seem that a consumer-grade router, like the one you have at your home, will do the same job, let me assure they do not. Comparing the two in sports terms, the consumer-grade router is a weekend ball player and a business-grade firewall is an Olympic level athlete. Put another way, using a consumer-grade router in your business is like locking your doors with Velcro strips – sure, it will keep the door closed, but they easy to open.
Lock the inner doors
Now that you have traffic controls in and out of your digital building, think about how best to protect each area. You may have traffic flowing freely between areas, but you still need to know who is going where, when they go there, and what transpires. In a brick-and-mortar building, that means adding additional locks for secure areas, putting in video cameras to watch traffic, or even putting RFID tags on equipment or inventory so you can track it more efficiently.
Your digital building has a lot more openings than your physical one. Each and every workstation, laptop, server, or smart device is a door for the cybercriminals to try to open. Patching, which we talked about last month, is only the first step. You need to have robust protection on every one of these devices, which is an advanced endpoint solution. An advanced endpoint protection product needs to have some of features of traditional anti-malware, but it needs to go much further. New versions of ransomware and other malware are created at far too fast a pace for traditional methods alone to completely protect your environment. A solution that can look at the behavior of your machines and the software on them, make intelligent decisions, block potential malicious actions and record an audit trail of the incident is what is required.
But wait – there’s more!
Lock your inner doors – Part II
If you followed the advice I’ve given so far, there is one more thing that will make cybercriminals give up in disgust – Encryption. There is no slick building metaphor I can think of here, so this is straight up geek stuff…
You’ve probably seen movies where a villain steals digital data and brilliantly cracks the encryption in the nick of time using nothing more than a beefy laptop, chewing gum, and grim purpose. While encryption is crackable, it is also really, really hard to crack, even with the right tools.
You need to protect your data with encryption both in-transit (while it is moving from one location to another, both inside and outside of your network) and at-rest (when it is just sitting around on a hard drive, not doing much of anything.) The ability to encrypt your data is built into the Windows operating systems and so is easy to implement.
Get Virtual Security Guards
Okay, you made the perimeter and offices of your digital building as tightly locked as you can, so you are done, right? Not at all! The time has come to put a few more elements in place to detect and respond to events that will occur. Think of these as the security guards.
Email Security Gateway
Since the vast majority of cyberattacks begin with phishing emails, this is a critical element. An email security gateway acts as that security guard sitting at the desk who only allows authorized traffic and blocks all other attempts to enter or exit the building. A well-designed email security gateway will do that job and more; including blocking spam, checking every URL in an email, preventing spoofed emails, and checking outbound emails to make sure you aren’t sending credit cards or Social Security Numbers.
File Integrity Monitoring
You have your files stored, secured, and encrypted – all snuggled down and safe, correct? Not entirely. How can you be certain this is the exact same file with all of the exact same attributes you stored away? There are thousands of files on your computer before you even turn it on for the first time. The system files are critical to keeping your machine running and secure. These system files will be updated with patches and others are dependent on dynamic content that is specific to the user and the machine. Add the files created or installed when you add applications or hardware, your files, and it is safe to say that there is no practical way for you to determine what might have been modified. Enter File Integrity Monitoring: an automated method of tracking changes made in your system with a complete audit trail of what occurred, when it happened, and who did it. Detection accomplished and responses made quicker and simpler.
System Logging and Auditing
Since your digital building consists of many machines and traffic going every direction, you would be hard pressed to constantly review the logs of all of the machines, firewall rules, file changes, logon/logoff, emails, print jobs, etc. Those logs are generated on every machine all day long. Trying to find an indication that a bad guy was attempting something nefarious would be essentially impossible, especially if the logs are not centralized and filtered to only show critical or suspicious events. This is why Security Incident Event Manager (SIEM) was invented. Needless to say, having all of these logs collated, tagged, and sorted by importance means auditing those records becomes significantly less painful.
Implementing a SIEM is a pretty advanced and expensive step for most organizations, but also the most advanced best practice in cybersecurity.
No, we aren’t bringing in references to a hilarious 1960’s sitcom, we are talking about building your knowledge and awareness of cybersecurity. If nothing else I have written resonates with you, this one must – you cannot neglect regular cybersecurity training for you and your staff. Our good friend, Bruce Schneier, says “The user is going to pick dancing pigs over security every time.” It is sad to say that Bruce is correct. You have to learn how to recognize social engineering and phishing attempts in order to combat the evil intentions of cybercriminals.
No matter how many technical safeguards you put in place, the bad guys will walk right in if someone holds the door for them.
Wrapping it up…for now…
“The nature of computerized systems makes it easier for the attacker to find one exploitable vulnerability in a system than for the defender to find and fix all vulnerabilities in the system.”
Bruce is not exactly the most optimistic voice when it comes to cybersecurity, but he is accurate. As I said at the beginning, you can and should do as much as you can to lock your doors and minimize the effect the bad guys can have when they inevitably get to you. Even if Bruce and I disagree on basic protections, we see eye to eye on the fact that we have to get everything right every time and the bad guys only have to be right once. The advantage is theirs, so let’s make sure to make it as tough for them as we can.
Your Secret Weapon in Your War Against Cybercrime
Business downtime is much more common than you may think. Every business faces the risk of business interruption every day, from an employee clicking on something that they shouldn’t have, hardware failure, the list just goes on and on. There are ways to protect your business from this loss of production time and data. We will explore real-world examples of downtime, and how you can protect yourself with a true business continuity solution. Join us to learn how to safeguard your organization in this presentation by Eric Torres, Datto expert.
Watch the replay here.
What We Can Learn from the Robinhood Breach
By: Jerry Horton, Technology Director
Earlier this month, an estimated 2,000 people who use the popular Robinhood stock-trading app had their accounts hacked and looted. Hackers infiltrated trading information, trading account numbers, and bank account numbers.
A New York college student who uses the app said it took just minutes for $4,020 to disappear from his bank account. Another victim in Chicago said she woke up to alerts that her investments were being sold and discovered she was locked out of her account.
Robinhood claims the attack did not stem from a breach of their systems, but was due to compromised email accounts. Because the FTC and SEC will likely weigh in, we don’t have all the details on this breach just yet. We do know that Robinhood is advising clients to step up their account security. Let’s take a look at how each of us should be securing all of our digital accounts to protect ourselves from a cyber-attack.
Improve Your Cyber Hygiene
Cyber hygiene refers to steps taken to improve cybersecurity and prevent common threats. Here are a few of those key steps that will help strengthen your defenses online.
- Password Discipline
- The average online user has somewhere in the vicinity of 130 digital identities. I’d be willing to bet you aren’t using a unique password for each one. When it comes to passwords, length is far more important than complexity. So, to follow this rule and remember your passwords, use a passphrase (i.e. I’m dreaming of a white Christmas). This is easy for you to remember and difficult for others to figure out. From a password cracking ability, brute-forcing is almost impossible. (A brute force attack is when a hacker submits many passwords or phrases, hoping to eventually guess correctly. The longer the password, the more combinations they need to test to guess correctly. More than 15 characters is virtually impossible to guess.)
- To make things even more difficult for them, don’t use the same username (especially email) for every account. This is true for business and personal accounts.
- Pro Tip: Password managers can randomize passwords for your accounts. In addition, if you pay for a good one, you can set up a rescue account, which allows a person of your choosing to have your passwords in case something were to happen to you.
- Turn on multi-factor authentication (MFA)
- When you have the option, turn it on. In fact, as part of their efforts to encourage clients to step up account security, Robinhood is suggesting all users now turn on multi-factor authentication. MFA considers 2 or more of 4 factors: something you have (i.e. a token: one-time password, authentication app push notification, etc.); something you know (password); something you are (i.e. thumbprint, facial recognition, retina scan); or somewhere you are (geolocation).
- Pro Tip: When it comes to using a token for multi-factor authentication, using an app that sends you push notifications for approval authentication is more secure than using a one-time password.
- Keep track of your records, especially when it comes to finances
- Look at transaction logs. Check your credit report occasionally. Check your email on a regular basis for unusual traffic. Make sure that if you have signed up for something you’re not using anymore, you disable or delete that account. In order to be successful as an identity thief, the cybercriminal only needs one entry point. Do not leave any “entry points” hanging out in the cyber world unmonitored.
- Even if you take all these steps and sew everything you have up tightly, that doesn’t mean someone can’t come in through a backdoor and wreck your account. It happens. But, taking all the precautions you can will help minimize your odds of becoming a victim, and help minimize the damage if you do become one.
- Cyber breaches have become a real problem as we have moved toward software–as–a–service and cloud-based services. Most of it is due to people not turning on two-factor authentication. When you realize what bad people can do with information that you have unintentionally left out there to be found, they can wreck your business, drain your bank account, file for loans as you… the possibilities are literally endless. Yes, companies have a responsibility to secure their systems, but we as consumers have a responsibility to track and secure our information.
Your Business Will Be Hacked – Part 1
Part One of a three-part series on Best Practices for Keeping Company Data Secure
By: Jerry Horton, IT Director
“One of the main cyber-risks is to think they don’t exist. The other is to try to treat all potential risks. Fix the basics, protect first what matters for your business and be ready to react properly to pertinent threats. Think data, but also business services integrity, awareness, customer experience, compliance, and reputation.”
―Stephane Nappo, Global Head of Information Security, Société Générale
Over the last several years, I have written many blogs, presentations, and articles regarding cybersecurity. In each of them, I have stressed that modern businesses live or die based on the digital records we keep and that cybercriminals really are out to get you, one way or another. As you can see from the above quote, cybersecurity is still the topic and I very much agree with Stephane – we have to fix the basics and protect what matters most.
This three-part series will look like this:
- Part 1: We will explore this topic again from the viewpoint of getting those basics covered.
- Part 2: We will move to building up from your foundational basics into more robust defense in depth.
- Part 3: We will discuss how to address security without boundaries, such as work-from-home and a mobile workforce.
Laying your security foundation
It may come as surprise, but the very first brick of the security foundation doesn’t involve technical geegaws, doodads, or wizardry; it is about changing your way of thinking. I cannot count the times I’ve heard phrases such as, “No one cares about hacking my systems” or “I don’t have anything worth taking” or “We are too small of a target”. Let me be perfectly clear – those sentiments are dead wrong. Even if the typical cybercriminal may not be all that interested in your inventory lists, marketing material, current orders and projects, or payroll information, every cybercriminal understands a brutally simple truth: they know that every bit and bite of that information has value to you. Furthermore, they know that you will pay handsomely to get that data back should something happen to it. This is exactly the reason for ransomware going from a brand new phenomenon in 1989 to a $20 billion-dollar criminal enterprise in 2021. Since virtually every ransomware attack begins with a phishing email or some other social engineering technique, a lack of caution or awareness on the part of a human being is directly responsible.
Change your mindset
At the risk of sounding like an old codger, we live in a world that is radically different than the one in which I was born and grew up. Business then was often conducted face-to-face and the transaction completed with a handshake, a result of interpersonal trust that developed naturally. Today, we frequently communicate and do business with people that we never meet in person and may, in fact, not even reside in the same hemisphere. To wax philosophic for a moment, technology that was intended to “connect us faster and more widely than ever before possible” has actually driven a wedge between us because digital identities are easily spoofed, manipulated, or manufactured out of nothing.
What does this mean for cybersecurity and changing my mindset, you ask? Simple. The old adage of “Trust, but verify” has to change to “Trust nothing until vetted. Verify everything.” Even after you can establish a level of trust, you have to be continuously vigilant because digital identities are not 100% trustworthy and security conditions are fluid.
I’m not recommending total paranoia, but a healthy dose of both wariness and skepticism will take you quite a way down the road toward cybersecurity.
They really are out to get you.
The title of this blog states it plainly – you will be hacked. Accept the fact that whether you are specifically targeted or just a chance opportunity for a cybercriminal, they will get to you. Even if your business is locked down tighter than a CDC biohazard lab, you still do business with companies like Target, Home Depot, Marriot Hotels, or Equifax. Hacked, one and all, and every one of these breaches exposed millions of records. Some of that data might be specific to you or your business.
This is not a defeatist rant – rather see it as a wakeup call. You have to take steps in your personal life, business environment, and interactions with other companies to limit your exposure to the best of your ability.
How to stop being your own worst cyber-enemy
It is well-known that the weakest part of any secure system is the human, including the one looking back at you in the mirror. Trust is a deep human need – both needing to receive it and give it; however, building cybersecurity means that you have to limit trust and then constantly check to make sure that the trust given is still valid. There are behaviors that have to be deliberately modified to achieve this goal.
In cyber-geek speak, these are known as administrative controls. This includes policies and procedures, but most importantly, it expresses the core security principles to keep your business, customers, employees, and your personal life as safe as possible by limiting what we ethical hackers call the ‘attack surface’. Here is a list of best practices you should adopt:
- Know what you need to protect – This isn’t just about the computers on desks and servers in the data room; ask yourself:
- What data/systems/people/processes need to be protected?
- Where is it located? Is it in more than one place?
- Who can access it? Who requires access in order to do their jobs?
- What is critical to keep my business operational and my customers secure?
- Know what threats are real – It is impossible to protect against everything, so make sure you are putting your efforts and resources where they will do the most good. Spending money for hurricane insurance makes sense if you live on the Gulf Coast, but not if you are located in Arizona. On the other hand, you should spend money on an emergency generator if you have perishable inventory or operate a life critical equipment.
- Were you aware that your email is the easiest way for a cybercriminal to get to you? According to Verizon, 94% of all malware arrives in your inbox and phishing email is on the rise yet again. Make sure that you can tell phish from foul (couldn’t resist the pun J) by engaging in security education and phishing tests on a regular basis.
- Practice good cyber-hygiene – Cyber-hygiene is about all of the old tropes you’ve heard a million times, but probably still aren’t doing. There is a reason you’ve heard these things a million times – these are the basics of cybersecurity.
- Manage your account identities – According to Dashlane, the average person has 130 accounts to track and maintain. That’s a lot…
- Use a password manager. Don’t be one of those people who use the exact same credentials for every account. That’s just begging for identity theft.
- Delete/disable unused accounts on a regular basis and limit social media accounts. Social media is free and legal intelligence gathering for cybercriminals.
- Use multifactor authentication (MFA) every time it is offered. If you don’t have MFA at work, especially for Office 365, get it.
- Keep your business and personal credentials completely separate. Cybercriminals look for the easy way into businesses and a CEO or secretary or janitor who reuses their business credentials is the easiest.
- Track your financial records and email accounts tied to the various accounts. The only way you will know if something is odd is to look on a regular basis.
- Manage your account identities – According to Dashlane, the average person has 130 accounts to track and maintain. That’s a lot…
- Principle of least privilege – Don’t give access for anything to anyone who doesn’t need it to do their job. That includes the CEO. Just like a janitor probably doesn’t need access to payroll, a CEO probably doesn’t need access to engineering plans or logins for the firewall. This isn’t just for people: don’t give machines more access or services than they need to do what they are intended. Generally speaking, a server doesn’t really need direct access to the internet and a workstation doesn’t need to share files or printers.
- Keep things patched – The manufacturers don’t write updates because they are bored. Those updates fix tons of security vulnerabilities. The latest Microsoft ‘Patch Tuesday’ fixed 87 of them.
- Back it up – Having known good, offline, and offsite backups are often the ‘Hail Mary’ pass that save a business from total loss and bankruptcy. I’m not talking about the ‘whenever I think about, I’ll copy this to my Google Drive’ kind of backup (boy, I really hope that isn’t your backup plan); this means you need a real backup infrastructure. If you aren’t sure what that means, stay tuned as we will go into depth in the next installment.
“The five most efficient cyber defenders are: Anticipation, Education, Detection, Reaction and Resilience. Do remember: “Cybersecurity is much more than an IT topic.”
―Stephane Nappo, Global Head of Information Security, Société Générale
Cybersecurity isn’t a buzzword to sell you goodies, nor is it a fad. It is a way of life that you have to adopt in today’s always-connected world. Our friend, Stephane, gives more great advice in this quote. Today, we’ve scratched the surface of Anticipation and Education, as well as some of the best practices of good cyber-hygiene. I look forward to sharing more with you in Part Two. In the meantime, if you have any questions or want to explore some products and services we offer to help you build your cybersecurity, please contact our Business Consulting Team.
Oh No…I’ve Been Hacked!
So you clicked on a malicious link, now what? Find out in this replay from our September 2020 webinar featuring Todd Sizer, a world-famous security solution strategist. Watch a hack in action and find out what you can do to be preventative so it doesn’t leave you saying, ‘What have I done?’
Watch the replay here.
How to protect your network when employees bring in their own devices
By: Paul Facey, Advanced IT Technician
Remote work became a necessity for many businesses this year due to the COVID-19 pandemic. With much of the workforce using their own devices to do their work, many employers have taken a new look at what is known as a bring your own device (BYOD) environment. This is nothing new – some companies had already enabled a BYOD environment pre-pandemic. As it suggests, BYOD means employees are allowed to use their own devices (i.e. laptops, tablets, smartphones) for work. A BYOD Environment is a compromise between the organization’s needs, the total cost of ownership, and the risks the organization is willing to accept or mitigate.
While this is a good fit for some organizations, it is not for all. For others, a combination of the two is what works best. In any case, a good understanding of how information is secured and stored, as well as the limitations of the applications involved (not all applications support a distributed environment) is critical to developing the organizations BYOD environment, if one is possible.
What to Consider
There are benefits and challenges to going BYOD.
- Reduced cost to employer
- User is familiar with the device/equipment (phone, etc)
- Can isolate Corporate data using a Terminal or Remote Desktop Environment (RDP) if primary user portal is a web interface
- Flexibility – employees can work from anywhere with an internet connection
- User-provided equipment may not meet minimum system requirements
- Employers cannot set rules for privately owned equipment
- Active Directory enforcement may interfere with a user’s personal preferences
- There’s risk of mixing personal and corporate data, unless users are using RDP or Terminal Sessions (Recommended)
- User may uninstall corporate security features provided by employer
When a company is considering implementing a BYOD policy – whether by choice or necessity, there are several items to consider:
- How are users going to be accessing corporate data?
- Terminal/RDP Local server (more secure)
- Microsoft Azure Environment (many options)
- Direct Access on Local Server (easiest for users to steal/compromise data if using BYOD)
- Web Interface/Portal (most secure for BYOD model)
- What are the security requirements of the data?
- Does data need to be maintained locally?
- Can it be maintained off site either by a vendor (Web Based Apps) or Web Storage (Azure, Amazon Web Services)?
- How much control does the organization want over the user PCs?
- Complete Control (user has direct access to data)
- Minimal Control (users connect through web interfaces or terminal/RDP sessions)
- What are the user’s applications hardware requirements?
- General Data Entry/Web Based Apps – minimal PC requirements $
- CAD / Drafting/Photoshop – more powerful PC requirements $$$
When users provide their own equipment, they have the right to install or remove whatever software they choose. The organization cannot control what web sites or apps employees install outside of the work environment or what external devices they connect (HDs, thumb drives, etc).
If a system becomes infected with a virus or other malicious software, how does the organization prevent the user from infecting the rest of the corporate network? Even if the organization provides the user with AntiVirus or Antimalware software, what prevents the user from uninstalling it?
How to protect your network
If an organization is using Remote Desktop Connections (RDP) or Web Based portals, the security risk to the network is greatly reduced (as is the hardware needs of the user devices). These types of connections also lend themselves to working remotely, however, the initial investment to set them up can be significantly higher. In the case of environments like Microsoft Azure, this expense is usually monthly-based as well as usage-based, so the cost can fluctuate from month to month, but resources can be allocated or reduced quickly if needed.
Networks Plus is experienced in setting up and maintaining a broad range of environment types. We support environments that are completely organization-owned, from the user PC to every Server, as well as environments where users provide their own equipment (Laptop / Desktop) and work completely remotely in a cloud-based environment. We also have experience in managing a hybrid environment of the two: some users work remotely while others are onsite using organizational equipment. We are positioned to provide both the onsite needs of the customer as well as to deploy and support cloud-based environments through our Azure partnership.
Give us a call to talk about your needs.
Why managing your IT infrastructure is crucial to driving business performance
By: Jake Schulte, Networks Plus IT Manager
Because Information Technology (IT) is always evolving, hardware manufacturers and software developers are always coming out with something new to replace what exists today. Consequently, hardware gets old and outdated, and software running on the machines needs updated.
If you don’t have a plan in place to maintain your IT infrastructure, now is the time. Instead of being caught unaware and not being sure what to do next, your company will be in the position to allow IT to drive your business forward.
What is considered IT infrastructure?
IT infrastructure refers to the mechanisms required to operate and manage the IT environment. This includes both infrastructure within the organization’s facility and cloud infrastructure. A few examples include Active Directory servers, App servers, firewalls, switches, wireless, computers, backup services, operating systems, and software. While each component of IT infrastructure has its own unique role, they all work together to deliver performance, efficiency, and uptime to drive business functions.
When it comes to managing business IT infrastructure, companies need to take a holistic approach and think about the big picture, rather than having tunnel vision and only focusing on individual components, such as improving performance. Without all the essentials in place, companies make themselves more susceptible to risks that could halt all business functions.
My recommendation when it comes to setting up and managing IT infrastructure is to consult with an experienced IT Team who can provide the proper guidance and support that’s needed.
Infrastructure’s Role in Business Performance
There are many ways IT infrastructure plays a role in how a business performs by making sure the necessary equipment and software are in place to drive business functions. For example, if a server doesn’t have adequate computing power and storage to fit the requirements of the software applications running, performance will suffer. Each line-of-business application that is used by a company requires resources to operate. If the business fails to meet the system requirements and does not have the needed resources, operating system, or software to make the application work, it can be extremely costly and business performance will be negatively influenced.
Another example is security services that protect your data. If your company is hacked and your data is compromised, the situation can dramatically impact the company’s ability to perform job functions– not to mention its reputation. Businesses need a layered approach to security that includes both a firewall and advanced endpoint security software on their computers.
Leveraging Infrastructure to Drive Business Performance
With IT infrastructure, technology has significantly evolved in recent years. A business shouldn’t continue making decisions today based off of what made sense 5 or 10 years ago. There are likely better, more cost-effective options available. Explore all the options, both on-premise and cloud solutions, prior to making IT decisions.
Take time to assess all your options. Just because an infrastructure solution works well for one company, does not mean it’s the right fit for your organization. It’s best not to rush into any decisions when considering purchasing or replacing existing infrastructure.
Furthermore, do not make decisions based off of up-front costs alone. Consult with an IT Team that can give the proper guidance to make sure you’re getting the infrastructure you need to run your business, while also not overspending on things that are not needed.
Networks Plus provides services for all aspects of IT Infrastructure. We recognize that every organization is unique in what they have to offer, and we treat IT infrastructure the same way. There is never a “one-size-fits-all” solution. We consult with our customers to put them in a position to make well-education decisions for what makes the most sense for them. Our role is to identify all possible solutions, the costs and benefits associated with each one, the risks associated with each solution as it relates to the customer’s business, and share that with the customer so they know what they’re getting and what to expect of it.
When it comes to IT Infrastructure, my recommendation for all businesses is to plan ahead and budget appropriately. IT budgets are not solely for enterprise organizations. All small and medium-sized businesses should have a plan in place to understand what they need, why they need it, and the budget resources to make it happen.
Choosing the Right Internet Browser for You
By: Nathan Brown, Managed Services Lead/Advanced IT Technician
Web browsers are the gateway to the internet. You are likely familiar with the most popular browsers, but you may not know their differences. Let’s take a look at the pros and cons of some of the more well-known web browsers.
- Probably the most popular browser on the market, Google Chrome has thousands of extensions, which are small software programs that add new features to your browser and personalize your experience. One such extension allows Chrome to automatically translate pages that are not in the native language specified by the browser.
- Another advantage of Chrome is its ability to load Web pages faster than other browsers.
- Chrome’s tabs allow you to work on several tasks at the same time.
- Chrome is compatible on all major operating systems and devices. It also synchronizes easily across multiple devices and platforms.
- The primary drawback of Chrome is that it is very RAM intensive. To give the user the benefit of more tabs and extensions, Chrome uses more memory.
- Over the years Mozilla Firefox has made several upgrades and is one of the faster browsers out there with an easy-to-use interface.
- Firefox is compatible with Windows and Mac OS, as well as Android and iOS devices.
- Allows users to get pretty specific when managing privacy and security settings.
- It is more privacy-centric than Chrome, but not quite as expansive.
- The landing page can contain a lot of recommended links and ads, which users may not appreciate.
- Perhaps the biggest – and only – pro for IE is that many people are familiar with it, as it hasn’t changed much over the years.
- IE is not getting any more major upgrades because it has been replaced by Microsoft Edge.
- It is SLOW.
- Bottom line: don’t use IE unless you absolutely have to.
- Safari works very well with Apple devices as the native browser built into MacOS and iOS.
- It does not record any user data and thus, is very good at protecting the end user’s information.
- Safari works across all Apple devices seamlessly.
- There is no Windows or Android support.
- Safari offers very few add-ons.
- With very few updates, Safari is not as secure as other major browsers.
- Microsoft Edge is built on Chromium, which is essentially an open source version of Google Chrome.
- This is the default Windows 10 browser and is very well-integrated with the operating system.
- Edge is much faster than its predecessor and may consume less memory than Chrome.
- Edge lacks available extensions because it is essentially in its infancy.
- It is not backwards compatible with older versions of Windows.
Which browser is best?
In my opinion, there is not really a clear winner for “best” browser when it comes to business or personal use. Personally, I swap between Chrome as my primary browser, and Edge as a secondary browser on my computers. When it comes to my iPhone, I actually prefer Firefox. When it comes to what’s “best”, I say it’s a personal preference based on how easy the user finds a browser to use and navigate.
Try out all browsers compatible with your operating system and see which one you prefer. My only caveat to that advice is to steer clear of Internet Explorer because it is effectively retired by Microsoft. And did I mention how much SLOWER it is compared to other browsers?
While I can’t tell you exactly which browser you should use, I will tell you that no matter the browser, be sure to install an ad blocker. This will minimize your risk of exposure to malicious pop-ups. It’s not full-proof, but it will make your life and your friendly IT people’s lives better.
Networks Plus offers managed IT service, IT consulting, and a host of other services to help keep your systems running smoothly and your business performing at the highest level. Give us a call to see how we can support you.
How a Local Business Fell Victim to a Cybersecurity Breach and What You Can Do To Keep It From Happening to You
By: Adam Boyle, Business Account Consultant
Data is both the lifeblood of 99% of businesses today, and a valuable commodity for cyber security attackers.
Phishing and password attacks aren’t the only way hackers try to get to your company’s information. Sometimes they simply call and convince you to give it to them without realizing what is happening.
A local business recently received a call from a person claiming to be a member of the QuickBooks support team. The hacker was connected to an employee in the accounting department.
The caller told the employee that they noticed an issue with the business’ QuickBooks system and needed access to their computer to make the necessary fixes. To do this, the caller told the employee to visit a specific web address, which the employee did, giving the caller access to the employee’s computer. The phony QuickBooks caller was able to get into the business’ security protocols and remove nearly every security measure they had, which left the business unprotected.
Unbeknownst to the employee on the phone, the undercover attacker then exported all their QuickBooks information off-site, including client names, addresses, credit card information, and social security numbers. The caller deleted all the information locally and encrypted it, then told the employee the problem was fixed and got off the phone. The employee was none the wiser. A short time later, the office received an email from the attacker letting the business know what they had done: the attacker now had the business’ information and it was no longer on the company’s site. As proof, they screenshotted some of the information they’d stolen and demanded the business pay a certain amount of bitcoin for the return of the client information. Bitcoin is a common demand in ransomware because it is untraceable.
Cleaning Up After A Cybersecurity Hack
The business called Networks Plus to explain what happened and ask for advice on what to do. The good news is that the business had invested in an off-site backup service with Networks Plus, so they were able to restore the data that was lost.
The bad news is that the damage was done; the bad guys had their clients’ information and the cleanup from the attack was extensive. The business had to notify clients of the breach, handle certain legal requirements as a result, and the incident delivered a blow to the business’ reputation.
How do you help keep your business from becoming a victim of one of these attacks?
The first, and arguably most important, step to cyber safety is to prioritize employee education. Unfortunately, the #1 target of any cyber attack is employees. This makes employee education a key component of any business’ cyber safety. It’s so important, we even wrote a blog about why companies should make education part of their cybersecurity strategy. (Check it out.)
Knowledge is power. In situations like this one, the employee should have told the caller that before they did anything, they were going to verify with the caller’s company (i.e. QuickBooks) that the call is legitimate. The employee should have called QuickBooks directly to confirm. Most of the time, companies like QuickBooks will not reach out to a business directly about an issue. Generally speaking, users need to call them when an issue is detected.
It’s also important to understand the security measures your business has in place and what they do. Because this particular example was not of a software attack, it would not have been noticed by antivirus software, which is what this business had. This type of attack is known as spear-fishing: a targeted attempt to steal sensitive information through voice solicitation.
The attacker knew they wanted the accounting department and that they wanted to use QuickBooks as their point of entry. This type of attack is difficult to protect against. Other than employee education, your best bet for protection may be Advanced Endpoint Security. This software offers real time threat detection and response by learning user behavior. In the example above, the advanced security software would have known that this particular employee does not usually get into security settings and it would have stopped the action once it detected security protocols were changing. This red flag would have sparked a call from Networks Plus and could have prevented the attacker from exporting client data.
Food for Thought
Don’t get stuck in the trap of thinking your business is too small or that something like this couldn’t happen to you. We see small businesses get hit all the time with things like this. Five to ten years ago, hackers were targeting big companies, but those companies are better guarded. Today, hackers realize smaller businesses may not have the budget to protect themselves against this kind of attack, making smaller businesses an easier target.
Another lesson learned from this experience is to make sure your data backups are sufficient. Had this company not had a best-practice solution in place, the damage inflicted would have been even worse since there’d have been no way to retrieve up-to-date data. It’s important to verify that you’re saving and backing up current information.
For businesses that aren’t sure what protection they have or if current protections are adequate, I recommend a free security best practice assessment.
Call Networks Plus and we’ll discuss your current structure, strategy, and worries, etc. After that conversation, we can make recommendations for what we believe the business could or should be doing. From security awareness training for office staff, to layered security and data backups, to Advanced Endpoint Protection, Networks Plus offers a wide range of ways to help keep your business and its data safe and secure.