What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Carol Stream, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Ways Your Information Gets On The Dark Web May 03, 2019
In our last IT article we discussed the Dark Web. Specifically what the Dark Web is and why it is something that matters to just about everyone. If you missed the article make sure to give it a read here.
There are many ways your information can be compromised and inevitably end up in the hands of wrong doers on the dark web. On top of that, there are numerous ways that hackers and criminals can steal your data that are completely out of your control.
It is important that you put defense in place where you can but it is also important that you manage your risk by educating yourself on some of the top vulnerabilities out there.
With that in mind we’ve gathered 5 of the top ways hackers and criminals get around you to steal your data for the Dark Web.
5 Ways Your Information Gets On The Dark Web
1. Visiting & Using Unsecure Websites
If a website isn’t secure, information passed between you and the site can easily be compromised. In a nutshell, websites pass information to your browser (google chrome, firefox etc.) and your browser displays that information for you to look at/use. Without proper security protocols like an SSL or HTTPs, sites don’t secure that information transfer. So, if you enter personal data into a form, make a purchase or put any data on the site that isn’t secured, it is easy enough for a hacker or cyber-criminal to intercept that data and sell it on the Dark Web.
If you are interested in how to secure your website or tell if the sites you visit are secure, we have an easy to understand article here.
2. Consumer Database Breach
While hackers and criminals will go after your personal data on a small scale, a larger customer breach is what their dreams are made of. Just think back to the Target, Home Depot and Experian breaches of recent years. Even social media databases are full of rich information that hackers can make use of. If a hacker gets ahold of your Facebook password they might have also gotten ahold of your date of birth, where you live and other personal information that they can use to access financial accounts or other personal accounts.
While you can’t keep hackers out of Target’s database, you can practice your own security protocols to decrease the likelihood of criminals using compromised data to ruin you financially:
- Use different passwords for different sites
- Change passwords often (every 90 days is recommended at minimum)
- Use strong passwords
- Look into a monitoring service that alerts you of suspicious activity on financial accounts
3. Firewall Issues
You don’t necessarily have control over whether someone else secures their website and you definitely don’t have control of the security procedures at your local grocery store, but you do have control over the firewalls you use at your business.
First . . . make sure you are using a professional or business grade solution for your firewall. Consumer grade solutions are meant for home use and will not have adequate protections in place to keep your company’s private data secure.
Additionally, make sure that you have regular updates and software patches scheduled. These devices are only as good as the software they utilize. If your firewall is out of date or your software is out of date, chances are they cannot defend against the latest hacker strategies and viruses.
You will also benefit from a regular system audit to ensure all ports are secure and no user changes are impacting your network security. It is pretty common for businesses to forget these updates and checks and this is an incredibly vulnerable access point into your network if not properly configured.
4. Outdated Systems/Devices On Your Network
While your firewall controls much of the inbound and outbound traffic on your network, there are countless other devices that can create vulnerabilities. For instance, if you consider the Target breach of 2013, it is rumored that the criminals gained access to Target’s network via an HVAC company that monitored temperatures in stores. This brings up the fact that it is not just your own network but anything connected to it and the security of those ancillary devices/networks that you must be aware of.
If you have smart devices in the office, if you subscribe to any type of service that needs access to your network, all of these items and programs open you up to vulnerabilities. Even the smart devices you use at home can cause you trouble on a personal level. Imagine if a smart device on your home network was compromised and used by hackers to get into your work files on your home computer. This stuff happens and your information ends up on the dark web because of it.
5. Downloading untrusted applications/Opening Malicious Email
Email is essential to running your business but it is one of the best ways for hackers and criminals to gain access to your network. All they have to get you to do is click a link or download a file and BAM! your data might be compromised.
Email isn’t the only culprit though. Downloading files off the web can also give hackers access to your network and in turn your data. There are tools that can help you avoid this as well as training that helps you spot malicious links/sites.
How Can I Prevent My Info From Getting Onto Dark Web
With proper firewall configuration, professional anti-virus software that is updated regularly and employee training, you will dramatically decrease your vulnerability and incident rate.
There are so many ways hackers access your data. They can get to you through stores, websites, your email, the smart devices at your office/home and those are just a few examples. The scary part is that no matter how secure you make things, they will come up with a new approach that no one expects.
All hope isn’t lost though, with certain protections like professional cyber security consulting, monitoring software (both professional and personal), and specific security devices, you can protect yourself from cybercriminals.
If you’d like to discuss your options and make sure you are truly covered, reach out to our team and schedule a network security assessment.
The post 5 Ways Your Information Gets On The Dark Web appeared first on Andromeda Technology Solutions.4 Cybersecurity Tips For Business Owners & Managers Jul 08, 2019
New cybersecurity stories hit the news every day. You’ve surely heard about large companies getting hacked or ‘breached’, passwords stolen, identities compromised and more.
The topic of cybersecurity gets brought up so much, it’s no surprise that it has become a kind of background noise in the business world. Warnings about security protocols, new viruses and ransomware scams are just the tip of the iceberg when you look into what is happening in the IT security world.
While the news stories keep coming and businesses continue falling victim, there is at least one thing that remains the same . . . the need for cybersecurity training and awareness is here to stay. If you are in business, you have data that cybercriminals want to steal. Simple as that.
Cybersecurity conversations and solutions don’t have to be daunting though. In fact, there are some quick, common-sense tips you can put into place that will make you and your business a harder target for those looking to do you harm.
Top 4 Cybersecurity Tips For Professionals
1. Use Unique and Strong Passwords For All Online Accounts
This tip is one you’ve surely heard many times before but over 85% of all adults reuse their passwords online. On top of that, most people don’t know how to create a truly strong password. Some characteristics of a strong password are:
- Minimum of 8 characters
- A mixture of uppercase and lowercase letters
- At least one number
- At least one special character (!@#$%^&)
- No personal details (pet names, family member names, birth dates, address info etc.)
The average adult has over 100 different accounts online (bank accounts, credit cards, social media, email, apps etc.). It’s understandably difficult to create and remember a different password for everything you do though.
What to do about it? Look into a password manager tool for yourself and your staff. A password manager will store and organize all of your unique passwords securely. Here at Andromeda, we recommend LastPass. It has some great features and is a trustworthy password management tool. If you have questions about that, feel free to reach our team.
2. Run A Network Security Audit At Least Once A Year
You can’t address things if you don’t know they are broken. An annual network security audit done by a third party IT support partner will give you visibility into the small cracks hiding in your network security.
This type of audit should check things like open ports on your firewall, password protocols, your backups, your disaster recovery plan, the status of your warranties, your antivirus and spam protocols and more.
You can engage your current IT services provider for this audit or look for a third party vendor to come in and take a fresh look at your setup.
It never hurts to get a new set of eyes on your setup. Andromeda provides these types of assessments to our clients with our professional 35 point network security assessment. If you’d like to speak with our team about this service, give us a call at (815) 836-0030 or send an email to Contact@WeNetwork.com
3. Regularly Test Your Backups and Disaster Recovery Plan
One of the top methods a cybercriminal uses to make money is ransomware. Ransomware is classified as a cyberattack where a criminal gains access to your network (through brute force or stolen employee email/passwords). After accessing the network, the criminal then encrypts all or a portion of your business data and locks you out of it. The only way to recover the data is to pay a ransom (often in the form of bitcoin or other cryptocurrency). If you don’t pay up – they destroy your data.
These types of attacks cause serious damage. Businesses lose big money due to down time, reputational damage and in some cases, even government fines (in worst cases where evidence that a business intentionally ignored or neglected their data security, victims of ransomware/cybercrime can even face jail time).
Imagine that, you’re the victim of a cyberattack and you have to pay the government fines on top of it all?!
Ransomware and cyberattacks happen, there is almost no way to avoid them 100% of the time. But, with a proper disaster recovery plan including regular data backups (on site, in the cloud and off site) you can quickly and calmly restore your business data and win against cybercrime.
Don’t just accept anyone’s word when it comes to verifying your backups though. You should be sure that whoever is maintaining your backups and disaster recovery is running regular tests and providing you proof of valid backups. You should also run a demo scenario at least twice a year to test how long it would take you to be back up and running in the event of a breach or equipment failure.
4. Employee Cybersecurity Training Is Key To Your Defense
Cyber security is constantly changing and new attack strategies show up regularly. The one thing that shouldn’t change for you though, is your commitment to ongoing employee training.
After all, the #1 threat to your office network security is actually your employees! The staff are the people who will accidentally visit an infected site, click a bad link, download a file with a virus etc. and the only way to help stop those behaviors/accidents is through education and proper training.
A good employee training program will offer ongoing training and support. It may also score and rank your employees/office based on performance etc.
At Andromeda, we offer our clients an employee cyber security training in an online program. This allows employees to go at their own pace and complete training in the office or on the go. This solution provides weekly tech tips, training videos, micro quizzes, individual employee risk scores and more.
Make sure to look into training if your organization isn’t already offering this to employees. This really is a must have solution to protect your office.
These are only 4 tips you can use to improve security at the office. There are many more but if you cover these bases you have a great start.
If you have any questions related to cybersecurity or IT at the office, give our team a call at (815) 836-0030 or send a message to Contact@WeNetwork.com. We are always here to help you!
The post 4 Cybersecurity Tips For Business Owners & Managers appeared first on Andromeda Technology Solutions.Intel Graphics Get Update To Address Security Issues Mar 23, 2020
If you have a personal computer that uses Intel technology, you're not going to want to miss the update released in March's Patch Tuesday.
The latest update addresses a total of 27 vulnerabilities. Ten of them rated as high severity flaws that impact Intel's Graphics Drivers for Windows. Also impacted is the Smart Sound Technology integrated into Intel Core and Intel Atom CPUs.
The vulnerabilities recently patched spanned a whole range of threats. Some allowed non-authenticated users to access sensitive information, while others could have been abused to escalate privileges or to trigger denial of service attacks.
Below is a quick list of the big issues addressed by the most recent patch:
- INTEL-SA-00354: Intel Smart Sound Technology Advisory (CVSS 8.6)
- INTEL-SA-00315: Intel Graphics Driver Advisory (CVSS 3.2 - 8.4)
- INTEL-SA-00352 : BlueZ Advisory (CVSS 7.1)
- INTEL-SA-00343: Intel NUC Firmware Advisory (CVSS 7.7 - 7.8)
- INTEL-SA-00349 : Intel MAX 10 FPGA Advisory (CVSS 6.1)
- INTEL-SA-00319: Intel FPGA Programmable Acceleration Card N3000 Advisory (CVSS 4.4 - 6)
- INTEL-SA-00330: Snoop Assisted L1D Sampling Advisory (CVSS 5.6)
- INTEL-SA-00334: Intel Processors Load Value Injection Advisory (CVSS 5.6)
- INTEL-SA-00326: Intel Optane DC Persistent Memory Module Management Software Advisory (CVSS 4.4)
If any of the tech listed above looks or sounds familiar, don't delay. Download and install this patch right away. If you're not particular tech-savvy and you're not sure, but you know you use an Intel-based machine, the smart play is to download and install the patch just to be safe.
This is a big deal, and a number of the flaws addressed by this most recent update could easily be turned against you. Don't let that happen. It's just not worth the risk. There are times when companies release patches we'd consider to be optional or at least lower priority but this isn't one of those times.