What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Itasca, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
4 Cybersecurity Tips For Business Owners & Managers Jul 08, 2019
New cybersecurity stories hit the news every day. You’ve surely heard about large companies getting hacked or ‘breached’, passwords stolen, identities compromised and more.
The topic of cybersecurity gets brought up so much, it’s no surprise that it has become a kind of background noise in the business world. Warnings about security protocols, new viruses and ransomware scams are just the tip of the iceberg when you look into what is happening in the IT security world.
While the news stories keep coming and businesses continue falling victim, there is at least one thing that remains the same . . . the need for cybersecurity training and awareness is here to stay. If you are in business, you have data that cybercriminals want to steal. Simple as that.
Cybersecurity conversations and solutions don’t have to be daunting though. In fact, there are some quick, common-sense tips you can put into place that will make you and your business a harder target for those looking to do you harm.
Top 4 Cybersecurity Tips For Professionals
1. Use Unique and Strong Passwords For All Online Accounts
This tip is one you’ve surely heard many times before but over 85% of all adults reuse their passwords online. On top of that, most people don’t know how to create a truly strong password. Some characteristics of a strong password are:
- Minimum of 8 characters
- A mixture of uppercase and lowercase letters
- At least one number
- At least one special character (!@#$%^&)
- No personal details (pet names, family member names, birth dates, address info etc.)
The average adult has over 100 different accounts online (bank accounts, credit cards, social media, email, apps etc.). It’s understandably difficult to create and remember a different password for everything you do though.
What to do about it? Look into a password manager tool for yourself and your staff. A password manager will store and organize all of your unique passwords securely. Here at Andromeda, we recommend LastPass. It has some great features and is a trustworthy password management tool. If you have questions about that, feel free to reach our team.
2. Run A Network Security Audit At Least Once A Year
You can’t address things if you don’t know they are broken. An annual network security audit done by a third party IT support partner will give you visibility into the small cracks hiding in your network security.
This type of audit should check things like open ports on your firewall, password protocols, your backups, your disaster recovery plan, the status of your warranties, your antivirus and spam protocols and more.
You can engage your current IT services provider for this audit or look for a third party vendor to come in and take a fresh look at your setup.
It never hurts to get a new set of eyes on your setup. Andromeda provides these types of assessments to our clients with our professional 35 point network security assessment. If you’d like to speak with our team about this service, give us a call at (815) 836-0030 or send an email to Contact@WeNetwork.com
3. Regularly Test Your Backups and Disaster Recovery Plan
One of the top methods a cybercriminal uses to make money is ransomware. Ransomware is classified as a cyberattack where a criminal gains access to your network (through brute force or stolen employee email/passwords). After accessing the network, the criminal then encrypts all or a portion of your business data and locks you out of it. The only way to recover the data is to pay a ransom (often in the form of bitcoin or other cryptocurrency). If you don’t pay up – they destroy your data.
These types of attacks cause serious damage. Businesses lose big money due to down time, reputational damage and in some cases, even government fines (in worst cases where evidence that a business intentionally ignored or neglected their data security, victims of ransomware/cybercrime can even face jail time).
Imagine that, you’re the victim of a cyberattack and you have to pay the government fines on top of it all?!
Ransomware and cyberattacks happen, there is almost no way to avoid them 100% of the time. But, with a proper disaster recovery plan including regular data backups (on site, in the cloud and off site) you can quickly and calmly restore your business data and win against cybercrime.
Don’t just accept anyone’s word when it comes to verifying your backups though. You should be sure that whoever is maintaining your backups and disaster recovery is running regular tests and providing you proof of valid backups. You should also run a demo scenario at least twice a year to test how long it would take you to be back up and running in the event of a breach or equipment failure.
4. Employee Cybersecurity Training Is Key To Your Defense
Cyber security is constantly changing and new attack strategies show up regularly. The one thing that shouldn’t change for you though, is your commitment to ongoing employee training.
After all, the #1 threat to your office network security is actually your employees! The staff are the people who will accidentally visit an infected site, click a bad link, download a file with a virus etc. and the only way to help stop those behaviors/accidents is through education and proper training.
A good employee training program will offer ongoing training and support. It may also score and rank your employees/office based on performance etc.
At Andromeda, we offer our clients an employee cyber security training in an online program. This allows employees to go at their own pace and complete training in the office or on the go. This solution provides weekly tech tips, training videos, micro quizzes, individual employee risk scores and more.
Make sure to look into training if your organization isn’t already offering this to employees. This really is a must have solution to protect your office.
These are only 4 tips you can use to improve security at the office. There are many more but if you cover these bases you have a great start.
If you have any questions related to cybersecurity or IT at the office, give our team a call at (815) 836-0030 or send a message to Contact@WeNetwork.com. We are always here to help you!
The post 4 Cybersecurity Tips For Business Owners & Managers appeared first on Andromeda Technology Solutions.Start 2019 Out Right – Have a Network Security Assessment Completed Jan 04, 2019
Why have a Network Security Assessment at least once per year:
Our digital world is being attacked constantly and your corporate network is one of the biggest targets on the market. Why? Because it also tends to be an easy mark. Year after year we see large scale attacks against corporations, but did you know that the majority of cyber incidents occur against small to mid-size businesses? Ask yourself: When was the last time I had a professional network security assessment? We’ve listed out some of the top reasons why Network Security Assessments are a vital piece of a multi-layered approach to cyber security for your business.
Let’s start by stating something that you might not expect a tech company to express. Being a victim of a cyber attack is inevitable. No amount of effort or software can protect you 100% of the time. The solution is to implement as many precautionary steps as you can to lessen the likelihood of becoming a victim. No approach on the market can guarantee you will never be breached. If you ever run into an IT firm or product that tries to make this a “guarantee” . . . run and don’t look back because this is 100% false.
Now, there are the obvious steps that you can take to protect yourself and make it harder on the criminals:
- Proactive Email habits
- Anti-malware software
- Proper Employee training
- Professional Disaster Recover (DR) plan/device
However, there is another tool in the arsenal that you should use regularly and that is an annual (at minimum) Network Security Assessment.
What Does A Network Security Assessment Involve?
Your IT support company should perform an initial assessment; after, they should give you a detailed risk report displaying areas that need to be optimized or adjusted. If your IT company does not perform these, it may be time to start looking somewhere new. Cyber threats are more prevalent every day and it is important to partner with an IT company that recognizes this and protects your business accordingly.
We find that our assessment usually uncovers security threats and holes; even when a business has the right practices and has done their research. Cyber security is a daily battle for businesses of every type. When we run our assessment we use the results to constantly improve the defenses of our clients. And that is why, like most things in tech, an assessment should be a regular event.
The Network Security Assessment Is Done. What’s the Next Step?
The network security assessment itself is not the only thing to request though. It is equally important to make sure that your firm supplies you with a report of their findings. This report should be simple to understand, contain an overall score and give you a breakdown of each issue found, along with how serious those specific issues are. Ask for an action plan that goes over any adjustments in detail for any issues that are found. Why go through the assessment process if you aren’t going to apply any changes with the data?
How important and helpful are these reports? We are an IT company with a background protecting our partners from risk. We also put protections in place for our partners and still find ways to improve our customer cyber safety every time we run an assessment.
Why? Because cyber security is a dynamic, ever changing landscape and you need to proactively search for issues. Don’t let yourself learn the hard way. You never want to discover there is a hole in your cyber security when it’s too late from an attack or breach.
Interested in a Network Security Assessment?
If this article has you questioning your current setup, or peaked your interest in starting a conversation regarding the cyber security protections necessary for your business, a network security assessment with Andromeda is a great place to start. With this in mind, we will be discounting our network security assessment thru 1/31/19. Fill out the form below for access to our promotional rate and begin a discussion with one of our security experts.
Fill out the form below to receive a $500 discount on a Network Security Assessment valid for the month of January:
The post Start 2019 Out Right – Have a Network Security Assessment Completed appeared first on Andromeda Technology Solutions.Devices Attached To Corporate Networks Are Being Targeted Aug 20, 2019
Grim news comes out of Russia, as reported by Microsoft.� The tech giant has been tracking the activities of a Russian hacking group that goes by the name of Strontium. Their other names include APT28 and Fancy Bear.
Microsoft has confirmed that the group was behind a new attack that took place in April of this year (2019).
This is the group that claimed responsibility for both the attack on the Democratic National Committee during the run up to the 2016 election and the NotPeya attacks against the Ukraine in 2017.
In addition to targeting political groups in Europe and North America, Strontium members have been upping the stakes by compromising large numbers of popular IoT devices such as VOIP phones, printers, security cameras and the like. They have been using those devices to breach corporate networks.
The company had this to say about their recent findings:
"The investigation uncovered that an actor had used these devices to gain initial access to corporate networks.� In two of the cases, the passwords for the devices were deployed without changing the default manufacturer's passwords, and in the third instance the latest security update had not been applied to the device.
Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data."
Fortunately, Microsoft was able to stop this attack in its tracks early on, but the motives behind it remain cloudy and uncertain.� Even so, Microsoft has committed itself to closely monitoring the activity of this group in particular. In the past year, they have sent out more than 1,400 notifications to global corporations and nation states about the activities of the group.
It is incredibly likely that this group will be at the forefront of whatever attacks the Russians have planned to influence the outcome of the 2020 US Presidential election.