What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Cook County, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Start 2019 Out Right – Have a Network Security Assessment Completed Jan 04, 2019
Why have a Network Security Assessment at least once per year:
Our digital world is being attacked constantly and your corporate network is one of the biggest targets on the market. Why? Because it also tends to be an easy mark. Year after year we see large scale attacks against corporations, but did you know that the majority of cyber incidents occur against small to mid-size businesses? Ask yourself: When was the last time I had a professional network security assessment? We’ve listed out some of the top reasons why Network Security Assessments are a vital piece of a multi-layered approach to cyber security for your business.
Let’s start by stating something that you might not expect a tech company to express. Being a victim of a cyber attack is inevitable. No amount of effort or software can protect you 100% of the time. The solution is to implement as many precautionary steps as you can to lessen the likelihood of becoming a victim. No approach on the market can guarantee you will never be breached. If you ever run into an IT firm or product that tries to make this a “guarantee” . . . run and don’t look back because this is 100% false.
Now, there are the obvious steps that you can take to protect yourself and make it harder on the criminals:
- Proactive Email habits
- Anti-malware software
- Proper Employee training
- Professional Disaster Recover (DR) plan/device
However, there is another tool in the arsenal that you should use regularly and that is an annual (at minimum) Network Security Assessment.
What Does A Network Security Assessment Involve?
Your IT support company should perform an initial assessment; after, they should give you a detailed risk report displaying areas that need to be optimized or adjusted. If your IT company does not perform these, it may be time to start looking somewhere new. Cyber threats are more prevalent every day and it is important to partner with an IT company that recognizes this and protects your business accordingly.
We find that our assessment usually uncovers security threats and holes; even when a business has the right practices and has done their research. Cyber security is a daily battle for businesses of every type. When we run our assessment we use the results to constantly improve the defenses of our clients. And that is why, like most things in tech, an assessment should be a regular event.
The Network Security Assessment Is Done. What’s the Next Step?
The network security assessment itself is not the only thing to request though. It is equally important to make sure that your firm supplies you with a report of their findings. This report should be simple to understand, contain an overall score and give you a breakdown of each issue found, along with how serious those specific issues are. Ask for an action plan that goes over any adjustments in detail for any issues that are found. Why go through the assessment process if you aren’t going to apply any changes with the data?
How important and helpful are these reports? We are an IT company with a background protecting our partners from risk. We also put protections in place for our partners and still find ways to improve our customer cyber safety every time we run an assessment.
Why? Because cyber security is a dynamic, ever changing landscape and you need to proactively search for issues. Don’t let yourself learn the hard way. You never want to discover there is a hole in your cyber security when it’s too late from an attack or breach.
Interested in a Network Security Assessment?
If this article has you questioning your current setup, or peaked your interest in starting a conversation regarding the cyber security protections necessary for your business, a network security assessment with Andromeda is a great place to start. With this in mind, we will be discounting our network security assessment thru 1/31/19. Fill out the form below for access to our promotional rate and begin a discussion with one of our security experts.
Fill out the form below to receive a $500 discount on a Network Security Assessment valid for the month of January:
The post Start 2019 Out Right – Have a Network Security Assessment Completed appeared first on Andromeda Technology Solutions.How A Third-Party Data Breach Impacts Cybersecurity At Your Business Aug 05, 2019
With the average American adult maintaining over 130 different accounts online, the risk of a data breach or data being stolen continues to grow. Between social media, financials, productivity applications, email, business applications, online shopping and countless other accounts online, your “online life” becomes more and more a part of your day to day physical life as time passes.
As more of our lives and data are shared online, criminals are focused on breaking into these databases to steal the valuable info they hold:
- Personal Info such as name, address, dates of birth, social security numbers etc.
- Financial information such as bank info, credit cards etc.
- Social Information on social media accounts
This is a real problem facing consumers globally but the impacts span beyond individual damages and stolen identities (though, those damages are bad enough).
When a criminal steals your password, or the password of a coworker, chances are – they’ve gained access to many pieces of your “online life”.
Here’s an example to illustrate how a third party data breach can lead a criminal back to your business.
Your HR manager helps book travel for employees at the business. He set up a business account at a national hotel chain to book rooms for whatever the business travel needs are. The hotel chain’s database suffers a breach and cybercriminals steal thousands of email/password combos including your HR manager’s credentials.
Your HR manager used the same password he uses for all kinds of sites online when he created the login at the hotel company site. This means that the criminals who have this breached data, now have access to your payroll software, servers and all the other things your HR manager interacts with.
The criminals either use this data themselves or take it to the Dark Web to sell for a few dollars (password/email combinations go for $3-$5 on average on the Dark Web).
Breaches like these happen daily and criminals use the information they steal to do as much damage as they can.
This creates a unique problem for business owners and managers because what can you possibly do to protect yourself from a data breach happening at a hotel chain or some other account online?
Things get even trickier when the average span of time between a data breach and disclosure to the public reaches 15 months. Meaning, criminals have a 15-month head start to get to your business and do damage before your are notified on the 5 o’clock news or your social media feed.
So, how can you defend against this kind of thing?
First, implement a password policy at your business:
- Strong Passwords Required
- Change Passwords Regularly (90 days minimum)
- Dual Authentication
- Lockout Procedures
Second, roll out a password management tool across your organization.
As mentioned earlier, the average adult in America manages over 130 accounts online. It is no wonder that we have a hard time creating strong and unique passwords for each of those accounts. It would be nearly impossible to remember all of that without writing things down – which isn’t secure.
To bridge the gap between security and memory, implement a password management tool. Look for something that is encrypted, secure and be sure to consider mobile capabilities. We recommend LastPass as a great option to start.
Third, invest in Dark Web Monitoring
Dark Web Monitoring is still a newer service offered to businesses and professionals. This is a monitoring solution designed to scrub different areas of the Dark Web (chatrooms, discussion boards etc.) for data connected to your domain.
If we apply Dark Web Monitoring to the example above with the HR Manager for instance – when the criminals stole data from the hotel chain and went to sell/share it on the Dark Web, the monitoring tool would identify your IT company to have the HR manager change passwords. That way, the criminals have useless data and you are protected well before you learn about the breach 15 months later.
The post How A Third-Party Data Breach Impacts Cybersecurity At Your Business appeared first on Andromeda Technology Solutions.Security Issues Found In Several VNC Applications Dec 07, 2019
Microsoft RDP has its share of problems.
That simple truth has sparked the rise of a number of open-source VNC (Virtual Network Computing) applications, which allow a user to remotely control another computer.
Regardless of which VNC solution you use, they all work pretty much the same way.
There's a "server component" which runs on the computer that shares its desktop. There is also a "client component" which runs on the computer that will access the share from a remote location.
There are a few VNC applications on the market compatible with every OS in use today. In the VNC ecosystem, the "Big Four" are LibVNC, UltraVNC, Tight VNC, and TurboVNC.� Recently, researchers at Kaspersky Lab audited these four on a quest to discover how secure they were.� Their findings were disappointing to say the least.
Overall, the researchers found a total of 37 serious flaws in the client and server portions of these four programs. 22 of them were found in UltraVNC, with another ten found in LibVNC, 4 in TightVNC, and one in TurboVNC, which looks to be the best of the bunch in terms of security.
The research team had this to say about their findings:
"All of the bugs are linked to incorrect memory usage.� Exploiting them leads only to malfunctions and denial of service - a relatively favorable outcome.� In more serious cases, attackers can gain unauthorized access to information on the device or release malware into the victim's system."
Although only one flaw was found in TurboVNC, it's a serious one that would allow a determined attacker to remotely execute code on the server side.
If there's a silver lining to the recent research it is the fact that Kaspersky notified the development teams of all four of the programs they audited. Also, all four have been patched and updated. If you use any of those, just make sure you're using the latest version and you can use them with confidence.� Kudos to Kaspersky for their efforts, and to the developers to responding swiftly to the company's findings.