What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Bensenville, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Cyber Security Features/Protocols Your Business Needs To Protect Against Scammers, Hackers & Cyber Criminals Oct 30, 2017
Sometimes it sounds like the news and cyber experts are on loop or a broken record. Every day there is a new report about cyber security, threats and the like. But while these stories and warnings may start to seem like white noise in the background, the threats are still here and they are very real.
The upside of all of this coverage and conversation is that business owners are wising up and with the topic of cyber security taking center stage, users and business owners alike are being more proactive when it comes to protecting and educating themselves.
In the spirit of education we’d like to dive a little deeper into 5 features/protocols you can set up at your office to beef up your IT Security.
Top 5 Cyber Security Features/Protocols
Multi Factor Authentication
This feature is nothing new but it is becoming more and more common across all kinds of accounts. Financial services, email, social media and other applications/accounts are making use of multi or dual factor authentication. Essentially you have a password and second form of identification to prove your identity. Sometimes this is a randomly generated code – think Facebook’s code generator.
Another type of multi or dual factor authentication uses biometric data for identity verification. Things like a fingerprint or a retina scan are examples of this type of security measure. In fact, last month we took a look at biometrics, integrated security and banking applications – read more about that here.
An Employee Training Program
Statistically over 80% of all breaches and intrusions occur after an employee error. Clicking a link in an email, downloading a malicious file, visiting an infected website . . . there are so many ways this can happen and most of the time it isn’t intentional either. The best way to prevent this from happening is an ongoing security program for yourself and employees. A good program will have a varied focus: compliance standards for personal and customer info (commonly known as pii or personally identifiable information), strategies for recognizing and avoiding email scams, proper security protocols for best practices at the office and more. In 2017 Andromeda recognized this need and released our PII Protection/Cyber Security Training Program. See full details here.
Business Grade Firewall
A good firewall is your first defense against intrusion. With proper intrusion detection and intrusion prevention settings you arm yourself against cyber criminals and hackers. On top of that, a business grade firewall solution is an important piece of hardware when you want to set up public and private networks. You definitely don’t want guests at your building or passersby accessing company documents or networks because of low cyber security protocols.
Regularly Scheduled Updates/Patching
New viruses and threats hit the market every day. On top of that, hackers and criminals discover new vulnerabilities almost as fast as developers can protect against them. This is why keeping up to date and on top of patching and updates is so important. For instance, the WannaCry virus everyone heard so much about this year took advantage of a vulnerability that had already been addressed by a Windows patch. If companies had proactively updated and maintained their updates/patches, they wouldn’t have been as vulnerable to an attack.
This ties into both firewall protocols and employee training but of course, the fewer random emails that make it into your employee inboxes, the fewer links and files you need to worry about employee’s (or even yourself) clicking on. A professional spam tool can be configured to your liking and can do a whole lot to prevent content from making it to those that might accidentally infect your network. See the photos below for a few examples of emails we protect customers from on a daily basis.
As always, Andromeda is here to help you protect yourself and your business from these ongoing threats. Take the first step today and sign up for a cyber security audit with our team of experts.
The post 5 Cyber Security Features/Protocols Your Business Needs To Protect Against Scammers, Hackers & Cyber Criminals appeared first on Andromeda Technology Solutions.4 Key Questions Any Business Owner Should Ask Before Performing A Cloud Migration Sep 28, 2018
The solutions, procedures and technologies business owners and staff depend on are continuing their move to the cloud at a steady pace.
Predictions and trends point to over 80% of all enterprise workflow to be managed by the cloud by 2020.
While total adoption of cloud in the workplace is still believed to be 10 or more years away, the benefits to business are clearly driving the adoption of cloud technologies and solutions.
This does not mean that you should perform a cloud migration just because everyone else is doing it. You want to make sure that when you migrate different elements of your business to the cloud, you are doing so in the most secure, compliant and pain-free ways.
That being said, there are some questions you should really ask yourself when planning for or considering your migration.
4 Key Questions About Cloud Migration
1. What are the long term costs for my IT when I migrate to the cloud?
There are quite a few different aspects of your budget that a cloud migration can impact. The first thing you will want to consider is the overall cost of the project. For example, if you have a server and you are considering the costs of a cloud migration vs. buying new hardware, there are a few things you want to look into.
- What is the physical cost of the hardware including labor for install and setup?
- What is the initial setup and migration cost if you move to the cloud?
- What are your anticipated maintenance costs for a physical server over the next 3-5 years?
- What are the maintenance costs and recurring costs for your cloud environment for the next 3-5 years?
- If you stick with an on-prem solution, how long until you have to replace your new hardware on average?
All of these questions you should ask yourself and your IT vendor/department when considering the cloud. Often, when you take long term maintenance and hardware replacement into consideration, you will end up being more cost effective with a cloud solution. But, this is not always the case.
2. What areas of our business will see benefit from a cloud migration?
The cloud has offered many benefits to business. The cloud environment lends itself to collaboration in many ways. Staff will likely enjoy the ability to access data, software and systems remotely. Departments will notice that different integrations are easier when software is in the cloud as well. Companies like Zapier, IFTTT and even Microsoft with Microsoft Flow are in the business of helping you integrate workflows and get a whole lot more done.
This means more productivity, automating repetitive tasks and hopefully better results for both your employees and clients.
3. Do you have specific security/compliance requirements?
Different industries have specific security requirements and compliance standards for data. This means that you will want to consult with experts in your industry to make sure that the solutions you choose are above board.
For instance, if you chose to migrate your email server to a hosted cloud solution, you still need to make sure that the email service is secure. Solutions like G Suite and Office 365 state in their user agreements that they are responsible for the security of the cloud environment but that YOU are responsible for all of your data.
Meaning – Microsoft or Google makes sure the cloud is secure, YOU make sure that you have backups of your emails and all of your data in case of emergency.
Additionally, if your industry has requirements for sending secure/encrypted emails, you’ll want to make sure that the solution you choose meets said requirements.
This was just an example of how security and compliance can impact your choice of cloud email solution. Depending on what you want to move to the cloud (infrastructure, software, OS etc.), you will want to consult with industry experts to ensure success.
4. Public, Private or Hybrid Cloud Solutions?
On the surface, the concept of public or private cloud solution is straight forward.
A public cloud is owned by a company like Microsoft (Azure) or Amazon (AWS). This company owns the physical space where the ‘cloud’ is hosted. In a public cloud, your business essentially leases space to host your environment. This space is technically shared but can be segmented for security purposes.
This decreases your overall time and material cost for maintenance of the environment. You access services and can manage your account by logging in from your internet browser. These public solutions are best for email solutions, office software, applications, testing environments, development environments and more.
A private cloud is owned and managed by one specific entity (either you or your IT service provider). There are no other businesses sharing your space or stored on the equipment. This is definitely a more secure solution for highly regulated industries.
A benefit with privately hosted cloud environments is that they are more customizable for specific business needs. Additionally, a private cloud is easily scaled to grow with your needs – you will just have to account for any additional hardware or bandwidth needs as you grow.
A hybrid cloud solution is a mixture of any or all solutions including: on-premises solutions, public cloud and/or private cloud.
For some industries, there may be specific elements of the business that must remain on site. In other instances, you may have proprietary software that just isn’t cloud compatible or doesn’t make sense to migrate.
You may also have certain needs that make sense to offload into a public environment where you aren’t responsible for maintenance.
The beauty of cloud migration solutions for business is that they are highly customizable. They help you get more done and stay connected in innovative ways. There is a reason that technology is steadily migrating to the cloud across our professional and personal lives.
If you have any questions about the cloud or want to discuss how the cloud can elevate your business, please give us a call at (815) 836 – 0030 or send an email to Contact@WeNetwork.com. Our team is ready and eager to help you.
The post 4 Key Questions Any Business Owner Should Ask Before Performing A Cloud Migration appeared first on Andromeda Technology Solutions.Government Payment Processor Exposes Data On Millions Of Americans Oct 03, 2018
If you use the GovPayNet portal, be advised that your personal information is currently at risk. Although at this point, there's no indication that any hacker has made use of it.� The portal is run by Government Payment Service, and is used by many Americans to pay fines, fees and bills generated by more than two thousand different government agencies operating in 35 states.
Unfortunately, the way the website is configured, when it issues a receipt for a payment, it numbers those receipts sequentially. All a hacker would have to do would be to change the receipt number in the URL to see any previous receipts, and all of the information it contains.
When the flaw was discovered by journalist Brian Krebs, more than fourteen million old records were exposed in this manner.� He contacted Government Payment Service to inform them of the flaw, and the agency moved quickly to address the issue. They said in a formal statement that they "did not adequately restrict access to only authorized recipients."
They went on to assure their users that there's no indication that any data had been improperly accessed. They added that the receipts generated don't include any information that could be used by a hacker to initiate any type of financial transaction.
Unfortunately, the reality was a bit different.� The receipts contain the names, addresses and phone numbers of the person paying the fee in question, along with the last four digits of whatever credit or debit card was used to make payment. That is more than enough information to enable a hacker to initiate a phishing attack to get the rest.
Nick Bilorgoskiy of Juniper Networks had this to say about the matter:
"Online payment providers...should take special care to protect their customers' receipts by using HTTPS and checking that the user is logged in and has permissions to view them.� To avoid information disclosure and directory traversal issues, I also recommend denying anonymous web visitors the ability to read permissions for any unnecessary files from web-accessible directories."
It's good advice, and here's hoping that Government Payment Service will take it.� If you use the service, there's nothing for you to do.� You don't need to change your password, since it was never exposed.� Just be mindful that someone may have seen any data your receipts contain before the site was secured.