AndroPedia Tech Library

As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPedia^SM library archive:

2017 was a pretty eventful year for tech. Between the WannaCry ransomware virus, the data breach at Equifax and many other less famous incidents – one thing is for certain. 2017 was the year of cybersecurity and 2018 is expected to follow suit.

With cyber attacks on everyone’s mind and radar, businesses are starting to notice a shift in public perception when it comes to the companies they work with when it comes to data security. People want to feel safe – and they want to make sure that their information is safe, even on the web.

So while this has been a growing trend for a few years now, it is safe to say that moving forward, the trend has transformed into an expectation of security and protecting consumer data.

2018 is definitely the year of HTTPs.

What is HTTPs?

To understand what HTTPS means and how it works, you need to know a few definitions.

First – HTTP, HTTP stands for HyperText Transfer Protocol. Without diving too deep into the technical lingo, this is an application layer protocol. Basically, HTTP is the protocol that involves information sent between a browser (like google chrome) and a website itself. So if you were to interrupt that connection and intercept it, you’d see in plain text what was being communicated between the website and the browser.

This can be very dangerous in certain situations. For example, if you are purchasing goods on a website with a basic HTTP (basic meaning unsecured), your personal information like your address, credit card info and whatever else you submit can be intercepted and stolen.

Nobody wants this to occur – except the thieves – so HTTPs was introduced as a secure option.

Like HTTP, HTTPs stands for HyperText Transfer Protocol but it has an additional Security component; hence the “S”.

By adding additional security components, the language being transmitted between website and browser is encrypted and kept from being read by evil doers and criminals.

Another term you might hear thrown around regarding this security protocol is an SSL or Secure Socket Layer Certificate. Again, this is just another way of saying that your site has the technology in place to securely encrypt transactions between the website and browsers etc.

The types of SSL Certificates may vary, but their basic coding provides security and encryption.

You can always tell if a website is secure in a few different ways.

• https:// precedes the URL destination i.e. https://www.google.com
• A lock shows up in the leftmost corner of your navigation bar
• A green lock shows up in the leftmost corner of your navigation bar

Sounds pretty good, right?

There was a time when this added security feature was mainly used on websites that transfer personal information such as ecommerce, financial, medical, legal etc. but these days the added security of an SSL or HTTPs on your site is more of a standard.

It is something that savvy consumers look for to avoid vulnerability.

Now that we’ve gone through what this feature is and how it operates in respect to your website you might have some additional questions about whether this feature would benefit you. We’ve touched on a few of the most common topics below.

I’m Just A Small Business Website,
Why Should HTTPs Matter to Me?

An SSL Shows Your Customer Base You Care About Their Security

By adding an SSL certificate to your website, and turning it from HTTP to HTTPs, you are providing an extra level of security for your users. They know right away that your website is secure- that nothing they are viewing or how they are interacting on your website is being monitored or watched by a malicious entity. It shows that you care about your customer’s user experience – and that reflects highly upon your company brand.

It Actually Provides Additional Security Against Hackers

Having an SSL certificate installed on your website also helps protect your website from a possible breach or hacking attempt. The extra level of encryption provides an external wall that is harder for hackers to break and infect. So while you might not necessarily need one for the type of website your business uses – it does help you protect yourself against would-be attackers and saves you money on potential cleanup and patches once a website does get infected or breached.

HTTPs Help Improve Website Search Engine Rankings and Traffic

Having this added security installed on your website shows popular search engines like Google, Yahoo and Bing! that you take your user’s experience and security seriously. So seriously that they award your website with increased rankings.

And we all know higher rankings lead to more traffic which you hope leads to more clients/customers.

Google has been favoring websites with HTTPs for a few years now; however, after recent technology-related world events, they have doubled-down.

Starting this past October, websites that use a form or search tool on their website will not have a Not Secure warning when viewed on Google Chrome browser. The last thing you want your prospective clients to see when visiting your site is a message about poor security.

Google also has been blatantly favoring websites with HTTPs over HTTP. About have of all 1^st page results on Google are websites with HTTPs, up over 30% since the end of 2016.

Failure to increase security on your site risks lower search rankings and even increases bounce rates. It is also proven that HTTP sites load slower, causing Google to penalize them for site speed as well. Overall, the industry is punishing sites that do not value security.

So, what should you take away from all of this?

An SSL does incur extra costs (but they are minimal) but failure to secure your website can cost you potential new customers, reduce website traffic and impact overall user experience.

Your IT partner or web hosting provider should have the necessary tools to help you with your website security. It should be fairly simple and won’t break your budget either.

Want to take the next step and convert to HTTPs but not sure how?

Andromeda has trained technicians and developers that are more than happy to help you with the conversion. Just give us a call to get started today!

The post To SSL or Not to SSL: What is HTTPs and Why it Matters to You appeared first on Andromeda Technology Solutions.

Would you be OK with a criminal or competitor watching you and your office via your own CCTV security cameras . . . ?

Didn’t think so.

Security and camera systems, like many other technologies, are becoming more and more integrated within IT networks and infrastructure. This is great for ease of use, capabilities and increased protections. However, it can also open up additional avenues and risks for your company if managed incorrectly.

Imagine all the information someone could snag with limited access to your CCTV system.

You wouldn’t trust your IT to “some guy” (at least we hope not).  You should give the same respect to your security systems. It may be a good idea to buy a system from Costco or Amazon. But those off brand systems are easily hacked and they may carry pre-installed malware. Just last year a slew of security camera systems purchased on Amazon were found to be infected and could be hijacked by hackers to access data and camera footage illegally.

In almost all cases, some part of your security camera system needs an IT professional involved to finish the job and configured correctly. You can either trust the camera guy as he fumbles his way around your network, potentially leaving easily accessed holes in your protection, or try to get the camera guy and your IT guy to coordinate and work together (what we call a scheduling nightmare). Or, you can hire a professional technology services firm that does both.

Why Chose Andromeda’s Security Cameras?

Andromeda understands the intricate relationships security technologies have with your IT. We have specialized technicians in each area. They work together with a vast understanding of the security that both your CCTV system and your network need.  Also, because we sell only professional grade hardware and software (Honeywell) the chance of a hack on these pieces is much less than the cheaper no-name brands.

Security threats are everywhere these days. You don’t need to make yourself more vulnerable. Do not create a gaping hole in your enterprise via the very thing that is there to help protect you. Reach out to our team today if you are considering any security projects. We ensure that the solution you choose is right for your business needs, but most importantly, we make sure it is installed correctly and you are protected.

The post Why Good Camera Systems Need Great IT Pros appeared first on Andromeda Technology Solutions.

Cisco's Talos Security Team has identified a new threat, and it's a nasty one impacting more than half a million consumer-grade routers in the US.� According to the Talos Team's report, the new malware is impacting a broad cross-section of routers made by TP-Link, QNAP, Netgear, Mikrotik, and Linksys.

Known as "VPNFilter," the malware currently infecting routers appears to be the first stage in a multi-phase attack, with the first segment allowing the hackers to collect a wide range of communications data and slave the device to launch attacks on others.� The code also contains a kill command that allows the hackers to destroy the device at will.

As of now, the FBI has already taken swift action and has seized a domain used by the hackers as a means to deliver the later stages of the attack. They report that the primary and secondary means of further infection have been dismantled.� They also report, however, that the hackers still have a fallback method of infection, which relies on sending "poisoned" data packets to each infected device.

Based on an evaluation of the code and the presence of redundant mechanisms for delivering the later stages of the infection, the code has been traced to a Russian hacking group with deep ties to the Russian government.� The group is known by a variety of names, including Fancy Bear, Sofacy, APT 28, and Pawn Storm.

On the heels of seizing the domain, the FBI released a statement that includes:

"The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices.� Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled.� Network devices should be upgraded to the latest available versions of firmware."

�

Aggregated