What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Evanston, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Ransomware, Disaster Recovery and Business Continuity: What Every Small Business Should Know Aug 30, 2019
The last few years have seen a large increase in ransomware incidents and 2019 has surely followed suit with many industries impacted. In the last few months manufacturing, municipalities, school districts and other small business sectors have all dealt with their share of attacks. Tens of townships in Texas were attacked in August 2019 with a total ransom of over 2.5 million dollars. School districts across the US were targeted for student and faculty data.
It’s been a rough one to say the least.
The best defense against ransomware for yourself and your business is still education and Andromeda can help with that. Read on to learn more about the threat of ransomware to your business and what you can do to prepare yourself.
Ransomware is a type of malicious program that encrypts a segment or all of your data. At that point, the data can only be decrypted with a key. The criminal ransoms your data until you pay them to decrypt it.
This means that whatever they get their hands on, is no longer of use to you until you pay up. Things like accounting information, client information, HR information – anything data related at the business.
With more and more incidents on the rise, it is important that you proactively defend yourself against this threat and have a plan in place to respond in case your business faces a ransomware incident of its own.
Employee Cyber Security Training
Over 90% of cyber security incidents facing businesses today originate with some kind of human error. Your staff and teammates don’t mean to make these mistakes and an honest error can happen to anyone. Clicking on a bad link, falling for a scam online, downloading an infected file – these things happen to the best of us.
Tricking you into downloading malicious files to your PC is still a method criminals use to try and get into your computer but the primary two methods to gain access and do damage to your systems in 2019 are via third party data breaches (learn more about third party breaches here and phishing email attacks (learn more about phishing scams here .
To help your employees stay ahead of criminals and defend your business, you want to invest in regular training for the team. Professional cyber security training programs include simulated phishing email tests, individual scores, weekly quizzes, newsletters and more.
Data Backups & Disaster Recovery Planning
Employee training will do a good job at helping your staff defend the business but there is still always a chance that ransomware can happen.
When it comes to ransomware, there is little you can do to remove the damages. There is no ‘debug’ or troubleshooting technique that will make it go away. To get the encrypted data, you have to have the decryption code.
The only alternate solution available to you would be to restore from a backup. That way, you don’t need to decrypt anything. Of course, this is dependent on the quality and safety of your existing backups.
We recommend looking for a backup solution with an on premises copy as well as a secure cloud copy of your data backups.
The best data backup and recovery solutions take regular snapshots of your environment. Even better solutions can spin up a virtual ‘copy’ of your environment so you can keep working while your IT team works in the background to get systems back up and running like normal.
Make sure to ask the team or individual who handles your backups how often they test them. It’s also good to have a clear understanding of what it takes to get you back up and running in the event of an incident (what does it look like if we have an equipment failure? How do you respond if we are hit with ransomware?).
Training staff on how to avoid scams and criminal tactics online is a great way to defend against Ransomware and other incidents.
Having a good data backup and disaster recovery plan is what you want to do to make sure your business can handle this type of attack.
The final piece of the Ransomware puzzle for now is going to be your business continuity plan.
When it’s said and done, you are most likely going to experience some amount of downtime in the event of a Ransomware attack. It’ll take time to recognize what is happening, to contact the proper parties (IT staff or your outsourced team and decision makers), respond to the incident etc.
All of this time costs your business money, productivity and opportunities. This is why many vendors suggest coming up with Business Continuity plans for different types of incidents at the office.
Have a plan for equipment failure (like a server crash), a plan for a major cybersecurity incident (ransomware across the network), have a plan for minor cybersecurity incidents (single user hit with malware or a virus). You get the idea.
Some great questions for Business Continuity plans:
- How does my business or staff respond to this incident?
- Do you unplug workstations?
- Does the employee call you first or IT?
- Is there anything you should do on site while your IT team gets to work?
- How long will it take to get us back up and running? (this will differ depending on what you face)
- How do we keep the business running while designated teams respond?
- Can we make use of the cloud?
- Do we need to work from pen and paper while things resolve?
A professional team will help you work through these questions and come up with the solutions your specific business and business model needs to keep things running in the event of a disaster, accident or incident.
The key is really in the preparation.
If you have any questions about any of the topics above or want to discuss your own disaster recover, data backups or business continuity plans, please give us a call at (815) 836-0030 or contact our team via email at Contact@wenetwork.com.
The post Ransomware, Disaster Recovery and Business Continuity: What Every Small Business Should Know appeared first on Andromeda Technology Solutions.HTTPs Encryption: Why You Should Use SSL Certificates Jan 20, 2019
2018 was an eventful year for technology and it’s only going to increase in 2019. Between the Facebook security breach, the Google+ API vulnerability, and many other less famous incidents – one thing is for certain. Cybersecurity dominated 2018 and 2019 is expected to be no different.
With cyber attacks being so prevalent, businesses are starting to notice a shift in public perception when it comes to the companies they work with when it comes to data security. Feeling safe is priority: people don’t want to have to worry about their information being breached on or off the web.
While this has been a growing trend for a several years now, it has also transitioned cyber security from being a feature, to a necessity.
2019 is the year of HTTPs.
What Exactly is HTTPs?
To understand what HTTPs means and how it works, you need to know a few definitions.
HTTP (HyperText Transfer Protocol): In simple terms, this is an application layer protocol. Essentially, HTTP is the protocol that involves information sent between a browser (ex: Google Chrome or Firefox) and a website itself. If you were to interrupt that connection and intercept it, you’d see in plain text what was being communicated between the website and the browser.
This can create extremely vulnerable conditions in certain situations. For example, if you are purchasing products on a website with a basic HTTP, your personal information like your address, credit card info and whatever else you submit can be intercepted and stolen.
The thieves are the only ones who want this to happen – so HTTPs encryption was introduced as a secure option.
HTTPs (HyperText Transfer Protocol Security): Adding additional security components, the language being transmitted between website and browser is encrypted and kept from being read cyber criminals.
SSL (Secure Socket Layer): This is a certificate that enhances your security protocol. This is just another way of saying that your site has the technology in place to securely encrypt transactions between the website and browsers etc.
The types of SSL Certificates may vary, but their basic coding provides security and encryption.
You can always tell if a website is secure by looking for certain factors:
- https:// shows before the URL destination (ex: https://www.google.com)
- A lock (sometimes green) icon may appear in the left corner of your navigation bar
Today, many users look for these key signals to see if they are using a secured website.
When this was first being used, its primary purpose was a security feature for websites that utilized ecommerce and to transfer personal information (ex: financial, medical, legal). However, it has transitioned into having an HTTPs encryption as a standard.
After going through the basics of this HTTPs encryption, you may still have some additional questions about which feature would best suit your business. Here are a few of the most common topics and questions below:
I Don’t Have A Large Business – Do I Still Need HTTPs?
Providing An SSL Tells Your Customers That You Care About Their Security
By utilizing an SSL certificate and transforming it from HTTP to HTTPs, you are providing an extra layer of security for your consumers. They know right away that your website is secure. Nothing they are viewing or how they are interacting on your website is being monitored or watched by a malicious user. It shows that you care about your customer’s user experience – and that reflects highly for company brand.
It Provides Additional Security Against Hackers
Having an SSL certificate installed on your website also helps protect your website from potential breaches or hacking attempts. The extra layer of HTTPs encryption provides an external wall that is difficult for hackers to break and infect. While you might not exactly need one for the style of your business’ website, it still helps protect against possible attacks and saves you capital on potential cleanup and patches once a website does get infected or breached.
HTTPs Improves SEO (Search Engine Optimization)
Having this HTTPs encryption applied on your website shows popular search engines like Google, Yahoo and Bing! that you take your user’s experience and security seriously. They are able to recognize this and return with increased rankings on their engines.
We all know that higher rankings lead to more traffic – this leads to more clients and customers.
Google has been favoring websites with HTTPs for awhile now. However, after recent technology-related world events, they have doubled-down.
Starting July 2018, websites that do not use HTTPs will be labeled “Not Secure”. The last thing you want your prospective clients to see when visiting your site is a message about poor security.
More than 70% of websites are utilizing HTTPs and Google is really trying to make it the norm across the board.
Failure to increase security on your site risks lower search rankings and even increases bounce rates. It is also proven that HTTP sites load slower, causing Google to penalize them for site speed. Overall, the industry is punishing sites that do not value security because they are striving to give the best user experience possible.
So, what should you take away from all of this?
An SSL does incur minimal extra costs, but failure to secure your website can cost you a lot more: potential customers, reduced website traffic and impact overall user experience.
Your IT partner or web hosting provider should have the necessary tools to help you with your website security. It should be simple and affordable enough to keep from breaking your budget.
Want to take the next step and convert to HTTPs, but not sure how?
Andromeda has trained technicians and developers that are more than happy to help you with the conversion. Just give us a call to get started today!
The post HTTPs Encryption: Why You Should Use SSL Certificates appeared first on Andromeda Technology Solutions.New Malware Uses This Year’s Top Movies To Get Clicks Feb 12, 2020
It's easy to get caught up in the hype of popular movies. Hackers know this and are beginning to incorporate Oscar Nominated movies into their strategies. They're using enticing images to bait unsuspecting users to install malware and lure them to phishing sites designed to steal credit card and other sensitive information. After all, wouldn't you be willing to pay a small sum to get a sneak preview at the next blockbuster hit? There are a lot of people who would.
Researchers at Kaspersky Lab have tracked the rise of this trend over the last several months. They have discovered more than twenty different phishing sites and nearly a thousand malicious files presented as free 'sneak peek' versions of popular movies. These fake movies are actually malware in disguise.
The Kaspersky researchers said:
"The uncovered phishing websites and Twitter accounts gather users' data and prompt them to carry out a variety of tasks in order to gain access to the desired film.
These can vary from taking a survey and sharing personal details, to installing adware or even giving up credit card details. Needless to say, at the end of the process, the user does not get the content."
If you're a movie buff and relatively more likely to be taken in by such scams, there are a few basic things you can do to minimize your risk. First, if it sounds too good to be true, then it probably is. Don't get sucked in based on hype alone.
Second, pay attention to the release dates of the film in question. Hackers often don't pay much attention to that and they're hoping you won't either. It may be the case that you're being offered an 'exclusive sneak peek' at a movie that's already out.
Pay attention to the URL and the extension of the file you're downloading if you get that far. Both of those are often giveaways if something is amiss. Be careful and be safe!