cybersecurity

Next-Gen Webinars

What do webinars and infomercials have in common?

Most of us have to have nothing else to do in order to watch either one of them.

 

If you are like me, you receive invitations to webinars every day.  If you are like me, however, you delete most of them without even seeing what it is about.  Why do we do that? Because we just don’t have the time.

 

Well, the truth is, we all have the same amount of time every day.  We have to determine what is worth our time and what isn’t.  For instance, I would probably rather have an uncomfortable hour at the dentists than spending a day at a seminar.

 

And then, the oddest thing happened.  I had to HOST a webinar.  The things I had to say were of VITAL importance.  But, it was ill-attended, and I know why.  We, as business people, are past saturation with these things.  So what do folks do to overcome this?  They offer bribes, in the form of gift cards, or product, that is awarded at the end of the webinar.  Other folks use the promise of discounts, and still others try to convince you by misleading folks as to the point of the webinar.

 

So, what is the answer? Most webinars are over in under an hour.  Many webinars are best attended by competitors to get an edge on what others are saying and doing.  In my industry, all you need to do is mention the word “cyber-security”, and suddenly, everyone is an expert, or is so daunted by the topic that they just walk away.  Is it a really important topic?  Yes.  Do most of them say the same thing?  Yes.  “Have a good anti-virus / anti-malware, and have good backups”.  I just saved you from attending 95% of cybersecurity webinars.  You are welcome. They tell you about how to mitigate the risks of the day.  What we really need is a webinar that is going to tell us the future.  If I had a stock analyst that could accurately predict the future, I would be very well off.  If you had an IT partner that could accurately predict the future, you would be better off too.

 

So, we are shining up our crystal ball.  We are looking at the changing landscape with respect to technology.  We are consulting with law enforcement and evaluating international trends.  What we *won’t* do is to promote what we call ‘cyber-info terrorism’.  This is where folks try to scare you into buying their products.

 

So, lets try something new.  If you would like to know some vital information about the future and how it WILL affect your business technology, then respond to this.  We will be happy to share with you what is coming, and discuss possibilities to make certain that it doesn’t adversely affect your business.

 

What you do with that information is up to you. It is, however, better to be informed, than not

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , ,

Friday, May 26th, 2017 Cybersecurity, General, Internet No Comments

Stability Sense

Introduction

Imagine losing $100,000,000 in revenue in two days: 1/10th of a billion dollars gone in two business days. This was the reality for Delta Airlines in September of 2016, when a loss of power shut down many of their servers, causing thousands of flight delays.  Everyone enjoys using the term “crash” when referring to basic program and process failures, but do not often convey the impact that crashes can have on a company. Expanding on this; companies that are not prepared with backups and continuity solutions are risking hemorrhaging resources like money and time the entire time their network is down.

“Crash” Course

One of the contributing factors to “crash” being such an overused term is that fact that a crash can be caused by many different things, and can come from both internal and external sources. A crash is, at its’ basics; an unwanted and sudden shutdown or cessation of function by a program or process. This can be cause by many different core issues, but amongst the most common would be information overload and hardware failure. Information overload is when too much information is attempted to be processed by the program or process and consequently the demand exceeds the capability of the software, causing a crash. Hardware crashes are more diverse, being caused by a variety of physical or mechanical failures that can cause the software logic to conflict with itself or trigger emergency shutdown procedures within the program itself. These can be caused by simple pre-existing conditions within the computer such as trying to run a program that has higher demands than your network can meet. However not all process and program failures stem from crashes; the recent “WannaCry” malware if present, can lock your files away, threatening their deletion for ransom, leading to a similar situation as a crash.

Why does network stability/continuity matter?

What truly makes a crash dangerous is its’ potential to “go down with the ship”. It is possible that on a computer network, if a key component or program fails and crashes, it could take the network with it; one server crashing has the capability to make a network unusable from a business perspective, costing time, and a large sum of money. As previously mentioned, in September, 2016, Delta Airlines had a physical hardware failure that caused a power outage at their Atlanta facility. Not all the servers within had backup which led to a massive data loss.  This caused flights to be delayed, which meant that flight crews went overtime and had to clock out as per federal limitations, meaning flights were delayed even longer to replace flight crews, which meant passengers were in some case waiting days for their flights. Vouchers were offered to appease many of these passengers, but by time all had been said and done, Delta reported they lost over $100,000,000 in revenue all within a few days.

How can I protect my data?

The act of protecting your sensitive data from these situations is often referred to as “data continuity” or “business continuity”. The idea is that if the worst should come and your data is the victim of a crash or attack, it can be recovered quickly and effectively. There are a few ways to go about this, from keeping up-to-date backups, to having copies of your data present at off-site or off-network locations that wouldn’t be affected. However, as usual, we at Micro Systems have a few ideas to get you started, so give your friendly wizards a call.

 

 

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , ,

Thursday, May 18th, 2017 Back to basics, Cybersecurity, Internet No Comments

Stop the Inavsion of the Data Snatchers!

Introduction

Have you ever seen an action movie involving “hacking”? The one where the hero must figure out some sort of visual graphic interface puzzle to break into the plot device to save the day? Obviously this is more than a little misrepresentative of how such things work. I personally liken it to a sort of crossword puzzle. You have many points you can start at, and as you go and find information, the more information is revealed through what you already know. In this way, when someone attempts to break into networks that are not theirs, they have what are referred to as points of ingress. These are the “entrances” people can use to enter your network and start doing the things bad people do in others’ networks.

So logic dictates the best way to stop this from happening is to block these points of ingress; if there is no entrance, they cannot enter. This is the objective of many anti-malware programs and firewalls, but no network is ironclad. There are many “entrances” you might not have heard of. These can include:

 

  • Telnet
  • SSH (SecureShell)
  • Internet Port 80
  • Internet Port 443 (Https webpages you see commonly)
  • E-mail SMTP Port 25
  • E-mail alternate SMTP Port 587
  • E-mail POP Port 110
  • Remote Desktop port 3389
  • PPTP Tunneling Protocol port 1723
  • SQL port 1433 and 1434

 

These may seem complex and numerous, but most of these are simple things one might expect. Things such as internet webpages, E-mail, and remote desktop services, are points of ingress many people are familiar with. However, most people don’t think of telephone networks when they think of “hacking” and data theft, yet it is just as much a weak point in network security as an online webpage.

As always, Micro Systems Management is committed to providing the best data security services we can offer to our clients. If you have any questions regarding this topic, ask about our upcoming event on the 30th where our own Randy Zinn talks more in depth on the subject. And as always if you have questions about your network and what Micro Systems Management can do to make it safe – give your friendly IT wizards a call!

MSMC logo

 

 

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , ,

Monday, March 27th, 2017 Cybersecurity, General, Internet No Comments

Security Serenity

Introduction

            Information Technology companies and departments alike have always been plagued by a stigma; that if you need to call them, there is something seriously wrong with your network. It’s a bit like getting called to the principal’s office, and this feeling of trepidation is largely caused by a fear most technology companies experience, one I must unfortunately validate.

No. Network. Is. Safe.

In the field of technology, it is an unpleasant and an inescapable fact. Security is of the utmost importance in modern technology and it is something often ignored because nobody wants to deal with it. But it is imperative that anyone working in this field not only understand how to safeguard their own network, but to understand the function and goals of malicious programs (also called “malware”) that are designed to do harm to your network.

How Do Malicious Programs work?

            An important step in understanding the function of these programs is to know that they are simply that-programs. On a conceptual level, a virus or malware program is not much different from any other program, except that it has outcomes that you do not want. Such software is designed to either damage, control, or influence the hardware or operating system that it targets. This can range from anything to encrypting files while awaiting a ransom to transmitting all the data from the target machine to a third party. These programs have a variety of sources, including but not limited to criminal corporations operating outside the purview of the law, single programmers attempting to make a quick buck, or the always infamous extremist group. When it comes to prevention, the source is not as important; what does matter is that attacks and infections on a network can be the single most costly issue a company will face. If a network suffers, for instance, a ransomware attack, no files, accounts, or data can be accessed on that network until the ransom is payed, and even then the data may still remain encrypted depending on the whim of the attacker.

How Can Malicious Programs affect my network?

            There is an abundance of malicious software variations, due to the fact that these are as previously mentioned, simply programs, and thus can be unique in function and purpose, but for brevity’s sake we will cover some of the most important types of these programs. A relatively simple and common program is a trojan. A trojan’s purpose is reflective of its’ namesake, in that it pretends to be a legitimate or crucial piece of software to trick the user into downloading it, and upon installation hides itself inside the local files of the and then unleashes its’ “troops”. That is to say, it begins to do what it was designed to. This can mean everything from copying data, to deleting it. A new(er) type of malware that’s been making rounds lately is malvertising-(you can read our previous TechBits article on malvertising to get a much more in-depth description). Suffice it to say that malvertising uses internet ads to infect the target machine. Ransomware is software that encrypts all the data on a network and holds the de-encryption key for a ransom, though on occasion even paying the ransom will not coax the attacker into providing the de-encryption key, if the attacker is a person instead of an automated procedure. Though it’s important to know these types of malware, there are countless variants, and the variants are increasing at an alarming rate.

What Can I Do?

            When people think of malware they often feel that they are safe with a single antivirus, firewall, or (and this will make your IT cringe) having a Mac because Apple products “don’t get viruses” (yes, they do). Whereas this can be enough for personal devices on a home network, the modern business cannot afford to use only a single source of malware protection. The most secure networks have layers upon layers of security and are very difficult to break through. On a more practical level, it is typically acceptable to have two layers: one passive one active. An “active” layer of protection would be like the anti-virus you are probably familiar with, something to actively scan files in your network to locate and quarantine dangerous programs until they can be properly disposed of. Passive protection is a little different. An example of passive technology would be a web filter.  The Web Filter doesn’t necessarily actively search and root out malicious programs, but rather acts like a sieve and prevents many malicious programs from coming into contact with your network in the first place. Another source of protection that should be mentioned is Web Application Filters. Web Application Filters, or WAFs, monitor attempts from outside your network to gain access through applications that are Internet Facing (Such as web-based email, or self-hosted websites.  It is not uncommon to see thousands of attempts per day of malicious actors attempting to gain access to a protected system through a web-based application.

            A question anyone with an IT background has been asked at some point (and probably more than once) is this:

“What antivirus should I get?”

It’s an excellent question, there are many, many options for anti-virus/anti-malware software, some are free some are paid. An adage to consider is that “you get what you pay for” – we like to add the codicil, “if you are lucky” at the end. One option that we at Micro Systems currently suggest and offer is Kaspersky, which is a comprehensive anti-virus software combined with the added protection of the commercial version of MalwareBytes.  As for passive protection, we provide multiple solutions from Barracuda-ranging from Spam Gateways, to Content Web Filters to Web Application Firewalls. Micro Systems Management has always been focused on providing the best security options for our clients’ network, and we aren’t stopping now. So give us a call, send us an email, or visit our website if you have any questions regarding your network, and we will do our best to secure the lifeblood of your company – your network.           

           

FacebooktwitterlinkedinmailFacebooktwitterlinkedinmail

Tags: , , , , , , ,

Monday, October 17th, 2016 Back to basics, Cybersecurity, General No Comments
 

Categories of Posts

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Follow Us

FacebooktwitterlinkedinrssFacebooktwitterlinkedinrss