What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Homer Glen, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Stop These 3 Hazardous File Sharing Habits Yesterday! Jan 03, 2020
File sharing is an essential portion of any business. It is the way we get information from one person to another. BUT, it can also be the way hackers gain access to your sensitive information – files or, worst of all, confidential data.
If you’re using Dropbox, OneDrive, Google Drive, or other consumer-grade file sharing and cloud sync applications – or if you depend on file sharing of any kind to run your business (hint . . . you do)- listen up!
Here are 3 habits you should break yourself and your staff of immediately.
Top 3 File Sharing Habits to Break
1) Using Consumer Grade Solutions . . .
Consumer grade solutions are just that . . . consumer grade. You aren’t a ‘consumer’, you’re a business owner with sensitive data to protect. With more and more employees/businesses depending on BYOD (Bring Your Own Device) as well as the ability to access files any time & any place, it is important that your file sharing system is professional grade. Look for enterprise grade security options like SSL Encrypted Transfer, Firewall Protection, Password Protection and Virus Scanning.
2) Emailing Files Without Proper Encryption . . .
You may not care if a hacker gets a hold of your grocery list or photos of the family dog, but when it comes to confidential data such as financial statements, medical records or other sensitive materials, it is safe to say you cannot afford criminals sniffing through your files. For this reason, NEVER send files via email without proper encryption. Business grade email and proper practices can nip this in the butt. You’d be amazed how many files fall into the laps of cyber criminals this way though.
3) Using Flash Drives…
You spend time and hard earned resources to protect your network from outside threats . . . only to destroy everything when you innocently plug in an infected flash drive you picked up innocuously enough at a trade show. Flash drives bypass security systems you have in place and may run automatically without being checked for infection by your antivirus solution. If you must continue using flash drives . . . at a minimum update your antivirus to prohibit autorun and mandate scans to all USB-attached devices when plugged into your PCs.
The post Stop These 3 Hazardous File Sharing Habits Yesterday! appeared first on Andromeda Technology Solutions.Guidelines & Tips for Employees Working Remotely Mar 30, 2020
Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. For example, if an employee-owned device (laptop, PC, etc.) is infected, that could compromise your business network as well.
We’ve developed a list of guidelines and tips to assist you as you prepare to work from home in a safe, functional work environment. Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information.
Guidelines & Tips
- Ensure that you have the ability to lock your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when necessary. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a VPN to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone but yourself use company-owned devices or personal devices used for business purposes
- Use strong unique passwords on all your devices and accounts to prevent unauthorized access
- Change default Wi-Fi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your local router firmware is up to date
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public Wi-Fi. Never use public Wi-Fi to send sensitive information without a VPN
- Ensure all personal devices are secure with company-provided or personally owned antivirus and anti-malware software company
- Updated IoT device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
- Ensure the software on all devices within your home network are kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
- Review and follow corporate Bring Your Own Device (BYOD) and other relevant policies and procedures
- Remote Work Employee Awareness
- Be extremely cautious of email phishing scams
- Limit social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
We provide this list of guidelines to assist you as you work from home. These tips are meant to facilitate a safe, functional work environment.
Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information. We are always here to assist in your transition in any way possible. Give us a call to pick up this conversation today (815) 836-0030 or email us.
The post Guidelines & Tips for Employees Working Remotely appeared first on Andromeda Technology Solutions.Some NAS Devices Are Being Exploited By Remote Hackers Sep 12, 2020
Do you have any network-attached storage (NAS) devices attached to your home or corporate network? If so, be advised that they've become the new favorite inroad for hackers around the world. According to a report recently published by researchers at 360 Netlab, hacking groups are increasingly exploiting weaknesses in some NAS devices running a variety of QNAP firmware versions that suffer from command injection vulnerabilities.
The good news is that this vulnerability has already been addressed by QNAP with their release of firmware version 4.3.3. The better news is that the company addressed this back in July of 2017.
Unfortunately, not many people are good about keeping their firmware up to date, so you may have one or more vulnerable devices and not even realize it. Both QNAP and the researchers at 360 Netlab recommend checking the version number of the firmware you're using, and upgrading immediately if you are at risk.
If you're looking for additional technical details about what caused the problem and how it was addressed, see below.
QNAP had this to say about version 4.3.3 of their firmware:
"This release replaced the system function with qnap_exec, and the qnap_exec function is defined in the /usr/lib/libuLinux_Util.so.0," 360 Netlab said. By using the execv to execute custom command, command injection has been avoided."
Sadly, this isn't the first time QNAP has been the target of hackers. In fact, there's an ongoing ransomware campaign that utilizes eChoraix ransomware to encrypt NAS devices. Just last month, the US's CISA and the UK's NCSC issued a joint malware alert about a malware strain called QSnatch that also targets QNAP NAS devices.
In any event, although this issue has long been resolved, it's clear that there are a great number of vulnerable devices out there, both on home and office networks. Kudos to 360 Netlab for shining a light on them, and to QNAP for moving swiftly to correct the issue.