What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Dupage County, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You Dec 29, 2017
Ransomware, cybercrime, hackers . . .
It’s safe to say that you’ve at least heard of these terms in the news and if you are like most people, you’ve heard them over and over on the news, in the office and just in everyday conversation for the past few years.
This progression in the cybersecurity world may come with unique phrases and buzzwords but the trend itself is nothing new. Since the internet’s beginning, there have been people working to cause chaos.
Think computer viruses, Trojan horses, scams, spam, malware etc.
Like most technology, the internet is used predominantly for good. But, there are always a few bad apples who take good technology and choose to use it with less than the best intentions. And while there have always been “bad guys” out there trying to disrupt good works from being done, over the last decade and specifically in the last few years we’ve seen an incredible increase in spending, vulnerability and rates of incident for large scale cyber-attacks.
To put this in perspective, spending on cybersecurity is projected to exceed 1 trillion dollars by 2021. In 2017, information security (a subset of the cybersecurity industry) spending hit over 86 billion dollars.
On top of this, there has been a dramatic increase of incidents in the small to medium sized business arena. When a local business gets hit, it may not make the 5 o’clock news like Home Depot or Target, but it hurts just the same – and maybe even more.
The crazy thing when it comes to cybercrime, ransomware and other infections is that you can be doing regular updates, implement antivirus etc. and you still can fall victim to identity theft, breaches and other cyber incidents.
All of this cyber-security and cyber-crime discussion lays the groundwork for this Dark Web discussion.
What is the Dark Web?
First, what is the Dark Web? In a simple and brief explanation, the Dark Web is a mostly anonymous space online that you need special software to access. The experience is much like a normal internet browser but the sites and activities available are very different.
Many times the Dark Web is described using an iceberg illustration.
- The internet as we know it is what you can see above sea level.
- There is a larger space just below the surface of the iceberg where the ‘darknet’ lives, this is dominantly used for large data stores. Financial records, academic databases, government records etc. live here.
- Then there is the bottommost layer of the iceberg, this is the Dark Web – here you’ll find illegal activity like drug trafficking, illegal gun sales, and even personal data for sale.
Now, you may be thinking,
“This is interesting information but what in the heck does the Dark Web have to do with me? Why do I care about it? I don’t use it. I don’t know anyone who does. . .” And we get that, but even if you don’t use the Dark Web you may be on it.
The Dark Web is one of the largest sources of stolen data available to criminals. While some may use it to buy goods, other criminals purchase pieces of your information like credit card information, passwords, social security information and more to use for their own purposes.
When cybercriminals go to places like your local grocery store, Experian and other sites to wreak havoc, the information they steal ends up for sale on the Dark Web.
All of this taken into consideration, the everyday consumer and business professional shouldn’t be scanning these areas of the web to try and protect their data.
Instead, a business professional like yourself should make sure that you are following proper security protocols:
- Anti-Virus Software Regularly Updated and on every device
- Proper Firewalls and regular updates
- Employee training
- Regular Professional Backups (also regularly tested and verified)
- Disaster Recovery Plan
- Spam filtering
- Encourage employees to speak up if they see a weird email or link
- Bring in professional cyber security consulting
With all of these items and a few more in place, you make it much more difficult for a cyber-criminal to get into your network and steal your data. This in turn will help keep your data and that of your employees off of the Dark Web. Of course, nothing is foolproof and that is why an exceptional cyber-security partner should offer Dark Web monitoring.
Dark Web monitoring is a program some IT professionals offer businesses where scans are going on constantly in the background and are looking for a specific domain. When the scan recognizes your domain in a database, it flags the software and you are alerted to change passwords or address the breach.
This way, you are always a step ahead of the criminals without lowering yourself to the “Dark Web” itself.
We hope you found this first installment in our Dark Web series helpful. Look out for our next article in February focused on 5 ways you can keep your information off of the Dark Web entirely.
The post Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You appeared first on Andromeda Technology Solutions.Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have Jul 06, 2018
Securing your data and your network is a bigger job in 2018 than it has been in years past – and if you’re looking at trends or the news, you can probably guess that network security is only going to get more important and cumbersome in the future.
Cybersecurity is now a common household term and that’s a good thing. The page has been turned on data security and people regularly recognize that we need to protect ourselves both personally and professionally from cyber crime and related threats.
To illustrate where the cybersecurity and cyber crime industries are moving here are a few stats (full article here):
- Cyber crime damage costs are predicted to hit $6 trillion annually by 2021
- Cybersecurity spending to exceed $1 trillion by 2021
- Global ransomware incidents are predicted to hit a rate of one attack every 14 seconds by 2019
The threats to data and networks are clearly going nowhere so it is important that you have a plan in place to protect your business (and yourself).
Different software applications and hardware solutions are designed to address specific security concerns. This means that while one solution may give you complete protection from one threat, it may not be suited to protect you from another.
The solution for these weak points is to ‘layer’ your security and design a solution that covers and protects your network to the best of its abilities.
What You Should Expect From A Layered Network Security Solution
A good layered security solution for your network is going to include the following components:
1. Professional Firewall Solution –
Your firewall is designed to help protect your network from external threats. It does this by blocking access to your network while allowing your users to communicate outside of the network. While a firewall is a great way to protect your network from intrusions, it can only protect your system from outside activity. A firewall cannot prevent one of your users from giving unauthorized permissions or access to programs or other users.
2. Professional Antivirus Software –
Antivirus software is a standard security solution designed to detect and block malware, viruses and other bugs from taking action against your network. An antivirus solution typically depends on a predefined catalog of known issues. The software uses this catalog to block those known issues from impacting you. The issue with this is that new viruses, malware, spyware and bugs are produced daily. If your solution is not actively updating and monitoring the internet for new incidents, it won’t be able to protect you from new threats in real time. Antivirus solutions also cannot always block a user from disregarding a warning and downloading a bad file/clicking on a bad link.
3. Email Spam Prevention/Filters –
Spam is more than just an annoying thing filling up your inbox. A majority of viruses and bugs that get through your firewall/antivirus do so by hiding in email messages. Cyber criminals know that if they send enough emails, somebody is going to click a bad link or download a compromised attachment. By filtering out spam, you dramatically decrease the opportunity for someone to accidentally introduce a virus to the network. Again though, spam filters don’t catch everything so they cannot prevent a user from making a mistake.
4. DNS Filtering/Protection –
DNS stands for Domain Name System. This piece of your network controls email delivery and is the component that allows you to browse websites. When configured, a DNS filter can prevent your employees from accessing specific types of sites. For example, a DNS filter can be set up to prevent employees from accessing social media or other blacklisted sites. This security also helps keep malware or other viruses from spreading throughout your network by masking your devices and server. This is one element of your network security that isn’t heavily impacted by regular users but if it is not set up properly and managed properly it can’t protect you from much.
5. Employee Training & Education –
You may have noticed that almost any of the security layers mentioned above have specific strengths and weaknesses. Additionally, each component had a weakness related to human or user error. The fact is that users and honest mistakes are the root cause of the majority of data breaches, viruses, downtime and incidents on your network. That doesn’t mean your employees and coworkers are intentionally breaking protocol or doing things wrong. Most of the time these are honest mistakes like clicking a link in an email, downloading a file with a hidden virus or visiting an infected/malicious site and unknowingly giving cyber criminals usernames & password information.
And That’s Just The Beginning…
These are just five common pieces of a layered network security setup. They all work together to help cover different vulnerabilities and behaviors. There are many other software and hardware solutions that can increase your layered network security and reduce vulnerability. Some of those include:
- Dark Web Monitoring Services
- Dual Authentication
- Password Management
- Data Backups
- Disaster Recovery Planning
- Scheduled & Regular Patches/Updates
- Security Protocols for Remote Devices
- Network Security Assessments (at least once a year)
The most important part to a successful layered network security setup is to take your individual needs and environment into account. There is no ‘One Size Fits All’ solution and there is no one solution that is going to guarantee 360 protection for your network. Be wary of any vendor who tries to sell you something like that.
The goal should be to protect your environment to the best of anyone’s ability and to educate/train your staff adequately to mitigate risk.
You will also want to make sure and take any specific compliance requirements or regulations for your industry into account. Most any business that has data needs to maintain certain standards for data protection.
To discuss any of the layers for a layered network security solution listed above or your environment please reach out to our team.
For more information on employee data security training go here.
The post Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have appeared first on Andromeda Technology Solutions.Most Small Businesses Can’t Recover From Cyber Breaches Sep 08, 2018
A new study recently published by Sitchfast Technologies paints a grim picture of the threat landscape for small and medium-sized business. Their key finding? A staggering 60 percent of small businesses that suffer a data breach of any magnitude go out of business within six months. Worse, one business owner in three does not have a plan or safeguards in place to prevent a breach.
The single biggest weak link in the small business landscape is the fact that most employees who work for smaller companies are woefully uneducated about the dangers, how to identify them and how to avoid them. The study noted that among small business employees, more than a third (35 percent) haven't changed their passwords in over a year. In addition, 19 percent of small business employees share their passwords with colleagues, with a similar percentage using weak passwords based on personally identifiable information. Put those elements together, and it's a recipe for disaster.
The authors of the report had this to say on the matter:
"Today's cyber criminals employ a variety of complex attack methods to exploit business weaknesses and target employees with bad cyber hygiene, whether it's the CEO or an intern, bypassing the basic security measures most companies have in place.
Until they recognize they are prime targets for hackers and adjust their security strategies, small businesses will continue to fall victim to rampant cyber attacks."
Unfortunately, there are no easy solutions, but the report clearly points to two areas where you can make immediate improvements:
- Currently, 65 percent of small to medium sized businesses have never run a phishing email test.
- Only 21 percent of small to medium sized businesses provide cybersecurity training to their employees.
Both of these are incredibly easy to remedy, and if you perform these two simple steps, you'll be miles ahead of your peers.