What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Alsip, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
HTTPs Encryption: Why You Should Use SSL Certificates Jan 20, 2019
2018 was an eventful year for technology and it’s only going to increase in 2019. Between the Facebook security breach, the Google+ API vulnerability, and many other less famous incidents – one thing is for certain. Cybersecurity dominated 2018 and 2019 is expected to be no different.
With cyber attacks being so prevalent, businesses are starting to notice a shift in public perception when it comes to the companies they work with when it comes to data security. Feeling safe is priority: people don’t want to have to worry about their information being breached on or off the web.
While this has been a growing trend for a several years now, it has also transitioned cyber security from being a feature, to a necessity.
2019 is the year of HTTPs.
What Exactly is HTTPs?
To understand what HTTPs means and how it works, you need to know a few definitions.
HTTP (HyperText Transfer Protocol): In simple terms, this is an application layer protocol. Essentially, HTTP is the protocol that involves information sent between a browser (ex: Google Chrome or Firefox) and a website itself. If you were to interrupt that connection and intercept it, you’d see in plain text what was being communicated between the website and the browser.
This can create extremely vulnerable conditions in certain situations. For example, if you are purchasing products on a website with a basic HTTP, your personal information like your address, credit card info and whatever else you submit can be intercepted and stolen.
The thieves are the only ones who want this to happen – so HTTPs encryption was introduced as a secure option.
HTTPs (HyperText Transfer Protocol Security): Adding additional security components, the language being transmitted between website and browser is encrypted and kept from being read cyber criminals.
SSL (Secure Socket Layer): This is a certificate that enhances your security protocol. This is just another way of saying that your site has the technology in place to securely encrypt transactions between the website and browsers etc.
The types of SSL Certificates may vary, but their basic coding provides security and encryption.
You can always tell if a website is secure by looking for certain factors:
- https:// shows before the URL destination (ex: https://www.google.com)
- A lock (sometimes green) icon may appear in the left corner of your navigation bar
Today, many users look for these key signals to see if they are using a secured website.
When this was first being used, its primary purpose was a security feature for websites that utilized ecommerce and to transfer personal information (ex: financial, medical, legal). However, it has transitioned into having an HTTPs encryption as a standard.
After going through the basics of this HTTPs encryption, you may still have some additional questions about which feature would best suit your business. Here are a few of the most common topics and questions below:
I Don’t Have A Large Business – Do I Still Need HTTPs?
Providing An SSL Tells Your Customers That You Care About Their Security
By utilizing an SSL certificate and transforming it from HTTP to HTTPs, you are providing an extra layer of security for your consumers. They know right away that your website is secure. Nothing they are viewing or how they are interacting on your website is being monitored or watched by a malicious user. It shows that you care about your customer’s user experience – and that reflects highly for company brand.
It Provides Additional Security Against Hackers
Having an SSL certificate installed on your website also helps protect your website from potential breaches or hacking attempts. The extra layer of HTTPs encryption provides an external wall that is difficult for hackers to break and infect. While you might not exactly need one for the style of your business’ website, it still helps protect against possible attacks and saves you capital on potential cleanup and patches once a website does get infected or breached.
HTTPs Improves SEO (Search Engine Optimization)
Having this HTTPs encryption applied on your website shows popular search engines like Google, Yahoo and Bing! that you take your user’s experience and security seriously. They are able to recognize this and return with increased rankings on their engines.
We all know that higher rankings lead to more traffic – this leads to more clients and customers.
Google has been favoring websites with HTTPs for awhile now. However, after recent technology-related world events, they have doubled-down.
Starting July 2018, websites that do not use HTTPs will be labeled “Not Secure”. The last thing you want your prospective clients to see when visiting your site is a message about poor security.
More than 70% of websites are utilizing HTTPs and Google is really trying to make it the norm across the board.
Failure to increase security on your site risks lower search rankings and even increases bounce rates. It is also proven that HTTP sites load slower, causing Google to penalize them for site speed. Overall, the industry is punishing sites that do not value security because they are striving to give the best user experience possible.
So, what should you take away from all of this?
An SSL does incur minimal extra costs, but failure to secure your website can cost you a lot more: potential customers, reduced website traffic and impact overall user experience.
Your IT partner or web hosting provider should have the necessary tools to help you with your website security. It should be simple and affordable enough to keep from breaking your budget.
Want to take the next step and convert to HTTPs, but not sure how?
Andromeda has trained technicians and developers that are more than happy to help you with the conversion. Just give us a call to get started today!
The post HTTPs Encryption: Why You Should Use SSL Certificates appeared first on Andromeda Technology Solutions.Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have Jul 06, 2018
Securing your data and your network is a bigger job in 2018 than it has been in years past – and if you’re looking at trends or the news, you can probably guess that network security is only going to get more important and cumbersome in the future.
Cybersecurity is now a common household term and that’s a good thing. The page has been turned on data security and people regularly recognize that we need to protect ourselves both personally and professionally from cyber crime and related threats.
To illustrate where the cybersecurity and cyber crime industries are moving here are a few stats (full article here):
- Cyber crime damage costs are predicted to hit $6 trillion annually by 2021
- Cybersecurity spending to exceed $1 trillion by 2021
- Global ransomware incidents are predicted to hit a rate of one attack every 14 seconds by 2019
The threats to data and networks are clearly going nowhere so it is important that you have a plan in place to protect your business (and yourself).
Different software applications and hardware solutions are designed to address specific security concerns. This means that while one solution may give you complete protection from one threat, it may not be suited to protect you from another.
The solution for these weak points is to ‘layer’ your security and design a solution that covers and protects your network to the best of its abilities.
What You Should Expect From A Layered Network Security Solution
A good layered security solution for your network is going to include the following components:
1. Professional Firewall Solution –
Your firewall is designed to help protect your network from external threats. It does this by blocking access to your network while allowing your users to communicate outside of the network. While a firewall is a great way to protect your network from intrusions, it can only protect your system from outside activity. A firewall cannot prevent one of your users from giving unauthorized permissions or access to programs or other users.
2. Professional Antivirus Software –
Antivirus software is a standard security solution designed to detect and block malware, viruses and other bugs from taking action against your network. An antivirus solution typically depends on a predefined catalog of known issues. The software uses this catalog to block those known issues from impacting you. The issue with this is that new viruses, malware, spyware and bugs are produced daily. If your solution is not actively updating and monitoring the internet for new incidents, it won’t be able to protect you from new threats in real time. Antivirus solutions also cannot always block a user from disregarding a warning and downloading a bad file/clicking on a bad link.
3. Email Spam Prevention/Filters –
Spam is more than just an annoying thing filling up your inbox. A majority of viruses and bugs that get through your firewall/antivirus do so by hiding in email messages. Cyber criminals know that if they send enough emails, somebody is going to click a bad link or download a compromised attachment. By filtering out spam, you dramatically decrease the opportunity for someone to accidentally introduce a virus to the network. Again though, spam filters don’t catch everything so they cannot prevent a user from making a mistake.
4. DNS Filtering/Protection –
DNS stands for Domain Name System. This piece of your network controls email delivery and is the component that allows you to browse websites. When configured, a DNS filter can prevent your employees from accessing specific types of sites. For example, a DNS filter can be set up to prevent employees from accessing social media or other blacklisted sites. This security also helps keep malware or other viruses from spreading throughout your network by masking your devices and server. This is one element of your network security that isn’t heavily impacted by regular users but if it is not set up properly and managed properly it can’t protect you from much.
5. Employee Training & Education –
You may have noticed that almost any of the security layers mentioned above have specific strengths and weaknesses. Additionally, each component had a weakness related to human or user error. The fact is that users and honest mistakes are the root cause of the majority of data breaches, viruses, downtime and incidents on your network. That doesn’t mean your employees and coworkers are intentionally breaking protocol or doing things wrong. Most of the time these are honest mistakes like clicking a link in an email, downloading a file with a hidden virus or visiting an infected/malicious site and unknowingly giving cyber criminals usernames & password information.
And That’s Just The Beginning…
These are just five common pieces of a layered network security setup. They all work together to help cover different vulnerabilities and behaviors. There are many other software and hardware solutions that can increase your layered network security and reduce vulnerability. Some of those include:
- Dark Web Monitoring Services
- Dual Authentication
- Password Management
- Data Backups
- Disaster Recovery Planning
- Scheduled & Regular Patches/Updates
- Security Protocols for Remote Devices
- Network Security Assessments (at least once a year)
The most important part to a successful layered network security setup is to take your individual needs and environment into account. There is no ‘One Size Fits All’ solution and there is no one solution that is going to guarantee 360 protection for your network. Be wary of any vendor who tries to sell you something like that.
The goal should be to protect your environment to the best of anyone’s ability and to educate/train your staff adequately to mitigate risk.
You will also want to make sure and take any specific compliance requirements or regulations for your industry into account. Most any business that has data needs to maintain certain standards for data protection.
To discuss any of the layers for a layered network security solution listed above or your environment please reach out to our team.
For more information on employee data security training go here.
The post Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have appeared first on Andromeda Technology Solutions.Security Flaw Found In Open Source Office Program LibreOffice Aug 10, 2019
Do you use LibreOffice? It's an open source clone that's functionally similar to Microsoft Office that has grown quite popular over the years. It is available for Windows, macOS and Linux systems.
While open-source software solutions generally have the reputation of being safer and more secure, they're not immune to vulnerabilities.
Recently, a pair of serious un-patched code execution vulnerability has been discovered that could result in malware being installed on your system if you're not careful. In order to take advantage of the flaw, a hacker would need to create a special "poisoned" LibreOffice document and use social engineering tricks to convince you to open it.
While the company behind LibreOffice moved quickly to patch their software, independent security researcher Alex Infuhr has reported that the patch only corrected one of the two issues. �In addition, he was able to find a way around the company's fix for the second.
The first vulnerability resides in LibreLogo, which is a programmable vector graphics script that ships by default with LibreOffice.� It allows users to specify pre-installed scripts in a document that can be executed on various events, such as a click or even a mouse hover.
The second issue could allow the inclusion of remote, arbitrary content within a document, even when "Stealth Mode" is enabled.� Note, however, that stealth mode is not enabled by default, but users can activate it to instruct documents to retrieve remote resources only from trusted locations. This is the issue that LibreOffice tried to fix but Infuhr found a way around.
If you want to protect your system from this issue, the best thing you can do would be to manually disable the LibreLogo component by opening the setup to begin the installation, then:
- Select "Custom" installation
- Expand "Optional Components"
- Click on "LibreLogo" and select "This Feature Will Not Be Available."
- Then click "Next" and install the software.
That should take care of it!