What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Chicago Ridge, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
What is the Dark Web and why it matters for your business Mar 29, 2019
Ransomware, cybercrime, hackers . . .
It’s safe to say that you’ve at least heard of these terms in the news and if you are like most people, you’ve heard them over and over on the news, in the office and just in everyday conversation for the past few years.
This progression in the cybersecurity world may come with unique phrases and buzzwords but the trend itself is nothing new. Since the internet’s beginning, there have been people working to cause chaos.
Think computer viruses, Trojan horses, scams, spam, malware etc.
Like most technology, the internet is used predominantly for good. But, there are always a few bad apples who take good technology and choose to use it with less than the best intentions. And while there have always been “bad guys” out there trying to disrupt good works from being done, over the last decade and specifically in the last few years we’ve seen an incredible increase in spending, vulnerability and rates of incident for large scale cyber-attacks.
To put this in perspective, spending on cybersecurity is projected to exceed 1 trillion dollars by 2021. In 2017, information security (a subset of the cybersecurity industry) spending hit over 86 billion dollars.
On top of this, there has been a dramatic increase of incidents in the small to medium sized business arena. When a local business gets hit, it may not make the 5 o’clock news like Home Depot or Target, but it hurts just the same – and maybe even more.
The crazy thing when it comes to cybercrime, ransomware and other infections is that you can be doing regular updates, implement antivirus etc. and you still can fall victim to identity theft, breaches and other cyber incidents.
All of this cyber-security and cyber-crime discussion lays the groundwork for this Dark Web discussion.
What is the Dark Web?
First, what is the Dark Web? In a simple and brief explanation, the Dark Web is a mostly anonymous space online that you need special software to access. The experience is much like a normal internet browser but the sites and activities available are very different.
Many times the Dark Web is described using an iceberg illustration.
- The internet as we know it is what you can see above sea level.
- There is a larger space just below the surface of the iceberg where the ‘darknet’ lives, this is dominantly used for large data stores. Financial records, academic databases, government records etc. live here.
- Then there is the bottommost layer of the iceberg, this is the Dark Web – here you’ll find illegal activity like drug trafficking, illegal gun sales, and even personal data for sale.
Now, you may be thinking,
“This is interesting information but what in the heck does the Dark Web have to do with me? Why do I care about it? I don’t use it. I don’t know anyone who does. . .” And we get that, but even if you don’t use the Dark Web you may be on it.
The Dark Web is one of the largest sources of stolen data available to criminals. While some may use it to buy goods, other criminals purchase pieces of your information like credit card information, passwords, social security information and more to use for their own purposes.
When cybercriminals go to places like your local grocery store, Experian and other sites to wreak havoc, the information they steal ends up for sale on the Dark Web.
All of this taken into consideration, the everyday consumer and business professional shouldn’t be scanning these areas of the web to try and protect their data.
Instead, a business professional like yourself should make sure that you are following proper security protocols:
- Anti-Virus Software Regularly Updated and on every device
- Proper Firewalls and regular updates
- Employee training
- Regular Professional Backups (also regularly tested and verified)
- Disaster Recovery Plan
- Spam filtering
- Encourage employees to speak up if they see a weird email or link
- Bring in professional cyber security consulting
With all of these items and a few more in place, you make it much more difficult for a cyber-criminal to get into your network and steal your data. This in turn will help keep your data and that of your employees off of the Dark Web. Of course, nothing is foolproof and that is why an exceptional cyber-security partner should offer Dark Web monitoring.
Dark Web monitoring is a program some IT professionals offer businesses where scans are going on constantly in the background and are looking for a specific domain. When the scan recognizes your domain in a database, it flags the software and you are alerted to change passwords or address the breach.
This way, you are always a step ahead of the criminals without lowering yourself to the “Dark Web” itself.
We hope you found this first installment in our Dark Web series helpful. Look out for our next article in February focused on 5 ways you can keep your information off of the Dark Web entirely.
The post What is the Dark Web and why it matters for your business appeared first on Andromeda Technology Solutions.4 Cybersecurity Tips For Business Owners & Managers Jul 08, 2019
New cybersecurity stories hit the news every day. You’ve surely heard about large companies getting hacked or ‘breached’, passwords stolen, identities compromised and more.
The topic of cybersecurity gets brought up so much, it’s no surprise that it has become a kind of background noise in the business world. Warnings about security protocols, new viruses and ransomware scams are just the tip of the iceberg when you look into what is happening in the IT security world.
While the news stories keep coming and businesses continue falling victim, there is at least one thing that remains the same . . . the need for cybersecurity training and awareness is here to stay. If you are in business, you have data that cybercriminals want to steal. Simple as that.
Cybersecurity conversations and solutions don’t have to be daunting though. In fact, there are some quick, common-sense tips you can put into place that will make you and your business a harder target for those looking to do you harm.
Top 4 Cybersecurity Tips For Professionals
1. Use Unique and Strong Passwords For All Online Accounts
This tip is one you’ve surely heard many times before but over 85% of all adults reuse their passwords online. On top of that, most people don’t know how to create a truly strong password. Some characteristics of a strong password are:
- Minimum of 8 characters
- A mixture of uppercase and lowercase letters
- At least one number
- At least one special character (!@#$%^&)
- No personal details (pet names, family member names, birth dates, address info etc.)
The average adult has over 100 different accounts online (bank accounts, credit cards, social media, email, apps etc.). It’s understandably difficult to create and remember a different password for everything you do though.
What to do about it? Look into a password manager tool for yourself and your staff. A password manager will store and organize all of your unique passwords securely. Here at Andromeda, we recommend LastPass. It has some great features and is a trustworthy password management tool. If you have questions about that, feel free to reach our team.
2. Run A Network Security Audit At Least Once A Year
You can’t address things if you don’t know they are broken. An annual network security audit done by a third party IT support partner will give you visibility into the small cracks hiding in your network security.
This type of audit should check things like open ports on your firewall, password protocols, your backups, your disaster recovery plan, the status of your warranties, your antivirus and spam protocols and more.
You can engage your current IT services provider for this audit or look for a third party vendor to come in and take a fresh look at your setup.
It never hurts to get a new set of eyes on your setup. Andromeda provides these types of assessments to our clients with our professional 35 point network security assessment. If you’d like to speak with our team about this service, give us a call at (815) 836-0030 or send an email to Contact@WeNetwork.com
3. Regularly Test Your Backups and Disaster Recovery Plan
One of the top methods a cybercriminal uses to make money is ransomware. Ransomware is classified as a cyberattack where a criminal gains access to your network (through brute force or stolen employee email/passwords). After accessing the network, the criminal then encrypts all or a portion of your business data and locks you out of it. The only way to recover the data is to pay a ransom (often in the form of bitcoin or other cryptocurrency). If you don’t pay up – they destroy your data.
These types of attacks cause serious damage. Businesses lose big money due to down time, reputational damage and in some cases, even government fines (in worst cases where evidence that a business intentionally ignored or neglected their data security, victims of ransomware/cybercrime can even face jail time).
Imagine that, you’re the victim of a cyberattack and you have to pay the government fines on top of it all?!
Ransomware and cyberattacks happen, there is almost no way to avoid them 100% of the time. But, with a proper disaster recovery plan including regular data backups (on site, in the cloud and off site) you can quickly and calmly restore your business data and win against cybercrime.
Don’t just accept anyone’s word when it comes to verifying your backups though. You should be sure that whoever is maintaining your backups and disaster recovery is running regular tests and providing you proof of valid backups. You should also run a demo scenario at least twice a year to test how long it would take you to be back up and running in the event of a breach or equipment failure.
4. Employee Cybersecurity Training Is Key To Your Defense
Cyber security is constantly changing and new attack strategies show up regularly. The one thing that shouldn’t change for you though, is your commitment to ongoing employee training.
After all, the #1 threat to your office network security is actually your employees! The staff are the people who will accidentally visit an infected site, click a bad link, download a file with a virus etc. and the only way to help stop those behaviors/accidents is through education and proper training.
A good employee training program will offer ongoing training and support. It may also score and rank your employees/office based on performance etc.
At Andromeda, we offer our clients an employee cyber security training in an online program. This allows employees to go at their own pace and complete training in the office or on the go. This solution provides weekly tech tips, training videos, micro quizzes, individual employee risk scores and more.
Make sure to look into training if your organization isn’t already offering this to employees. This really is a must have solution to protect your office.
These are only 4 tips you can use to improve security at the office. There are many more but if you cover these bases you have a great start.
If you have any questions related to cybersecurity or IT at the office, give our team a call at (815) 836-0030 or send a message to Contact@WeNetwork.com. We are always here to help you!
The post 4 Cybersecurity Tips For Business Owners & Managers appeared first on Andromeda Technology Solutions.Security Flaw Found In Open Source Office Program LibreOffice Aug 10, 2019
Do you use LibreOffice? It's an open source clone that's functionally similar to Microsoft Office that has grown quite popular over the years. It is available for Windows, macOS and Linux systems.
While open-source software solutions generally have the reputation of being safer and more secure, they're not immune to vulnerabilities.
Recently, a pair of serious un-patched code execution vulnerability has been discovered that could result in malware being installed on your system if you're not careful. In order to take advantage of the flaw, a hacker would need to create a special "poisoned" LibreOffice document and use social engineering tricks to convince you to open it.
While the company behind LibreOffice moved quickly to patch their software, independent security researcher Alex Infuhr has reported that the patch only corrected one of the two issues. �In addition, he was able to find a way around the company's fix for the second.
The first vulnerability resides in LibreLogo, which is a programmable vector graphics script that ships by default with LibreOffice.� It allows users to specify pre-installed scripts in a document that can be executed on various events, such as a click or even a mouse hover.
The second issue could allow the inclusion of remote, arbitrary content within a document, even when "Stealth Mode" is enabled.� Note, however, that stealth mode is not enabled by default, but users can activate it to instruct documents to retrieve remote resources only from trusted locations. This is the issue that LibreOffice tried to fix but Infuhr found a way around.
If you want to protect your system from this issue, the best thing you can do would be to manually disable the LibreLogo component by opening the setup to begin the installation, then:
- Select "Custom" installation
- Expand "Optional Components"
- Click on "LibreLogo" and select "This Feature Will Not Be Available."
- Then click "Next" and install the software.
That should take care of it!