What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Joliet, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
3 Critical Steps You MUST Take To Avoid Ransomware Feb 28, 2020
Ransomware usually takes advantage of outdated patches and software licenses. Infected computers and business owners risked losing critical data if they didn’t pay the ransom.
While the specifics of future cyber security attacks are uncertain, we know some things for sure. Proper protocol is CRITICAL for data security and the safety of your business.
Ransomware: The Numbers **
- Almost 50% of Small Businesses have experienced some form of cyber attack
- MORE than 70% of attacks target Small Business
- As many as 60% of small businesses that experience a data breach go out of business within 6 months.
These numbers are scary. Cyber security demands the attention of business owners globally and the efforts of hackers/cyber criminals are only increasing. These criminals want your money and they don’t care about the damage left behind.
That being said, there is hope and there are measures you can take to prevent your business from becoming a victim of ransomware.
3 Security Protocols You MUST Implement Immediately For The Safety Of Your Data, Your Business AND Your Wallet . . .
- Update ALL Microsoft Licenses & Maintain Up To Date Security Patching –Cyber criminals are no dummies. WannaCry and other viruses like it take advantage of out of date licenses. Too often, business owners sacrifice the security of their network because they don’t want to go through the grief of updating to the latest Microsoft License. Andromeda recommends updating ALL PC’s to Windows 10 and, more importantly, make sure you perform regular patch and security updates.
- Test & Verify ALL Data Backups – When is the last time you tested and verified your backups? Are you backing up your data at all? How long would it take your current IT provider to get you back up in running in the event of a disaster (virtualization time)? It is a FACT . . . you will be hit by some form of ransomware, malware or virus. The real question becomes, do you have the protocols in place to defend and beat the attack? One of the most important things you can do to safeguard yourself is perform regular backups. (We recommend daily at a minimum). A cybercriminal can’t hold your data hostage if you follow this simple practice. AND – don’t accept a verbal confirmation your data continuously remains backed up as proof. Your IT partner should provide you regular, real time, proof that your data is backed up securely and that it can be visualized in an agreed upon length of time. If your IT provider can’t give these stats and proofs to you, time to find a new partner.
- Educate Your Team On How These Attacks Work And Where They Come From – Every office has that one employee that will click on ANYTHING (hopefully it isn’t you). Continued education is one of the first lines of defense against these attacks. Employees should know:
- What to look out for
- What phishing scams look like
- What to do when they suspect an email or link is suspect
- NEVER to check personal email at work
Proper spam filters set by your IT group should prevent the majority of these emails from getting to your inbox. However, it only takes ONE CLICK and an entire network is infected before you know what happened.
Ransomware Prevention constantly changing, be sure to stay on top of newest trends
When all is said and done, cyber security is an everyday battle. Hackers and criminals will keep attacking until you don’t have something they want. These 3 Security protocols are only the tip of the iceberg and should be part of a multiphase approach implemented by your internal staff and your IT partner. If you have any questions, please reach out to a representative at Andromeda today.
**Statistics sourced from the National Cyber Security Alliance
The post 3 Critical Steps You MUST Take To Avoid Ransomware appeared first on Andromeda Technology Solutions.Guidelines & Tips for Employees Working Remotely Mar 30, 2020
Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. For example, if an employee-owned device (laptop, PC, etc.) is infected, that could compromise your business network as well.
We’ve developed a list of guidelines and tips to assist you as you prepare to work from home in a safe, functional work environment. Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information.
Guidelines & Tips
- Ensure that you have the ability to lock your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when necessary. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a VPN to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone but yourself use company-owned devices or personal devices used for business purposes
- Use strong unique passwords on all your devices and accounts to prevent unauthorized access
- Change default Wi-Fi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your local router firmware is up to date
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public Wi-Fi. Never use public Wi-Fi to send sensitive information without a VPN
- Ensure all personal devices are secure with company-provided or personally owned antivirus and anti-malware software company
- Updated IoT device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
- Ensure the software on all devices within your home network are kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
- Review and follow corporate Bring Your Own Device (BYOD) and other relevant policies and procedures
- Remote Work Employee Awareness
- Be extremely cautious of email phishing scams
- Limit social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
We provide this list of guidelines to assist you as you work from home. These tips are meant to facilitate a safe, functional work environment.
Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information. We are always here to assist in your transition in any way possible. Give us a call to pick up this conversation today (815) 836-0030 or email us.
The post Guidelines & Tips for Employees Working Remotely appeared first on Andromeda Technology Solutions.Hackers Used Favicon Website To Steal Credit Card Information Jul 10, 2020
Hackers are constantly on the lookout for new ways of causing mayhem and stealing data.
Recently, researchers have unearthed a new technique to be on guard against. A few hackers have begun embedding credit card stealing scripts inside favicon meta data.
If you're not familiar with the term, you definitely know what a favicon is.
It's a custom icon used by websites for branding, associated with a specific URL. Although not universal, they are ubiquitous on the web and most companies have them.
While the idea of embedding malicious scripts on websites to steal credit card information is not new, the notion of hiding those scripts in the EXIF files of a company's favicon to avoid detection is both new and innovative. The new technique was spotted by researchers at Malwarebytes. They discovered the script embedded as described above, and designed to steal credit card data from sites making use of a popular WordPress ecommerce plugin called WooCommerce.
Of course, the script could be modified to attack any other ecommerce platform, so this isn't a threat that's unique to those making use of WooCommerce. If you do use that plugin, you should have your IT staff perform a careful check of your system to ensure that you haven't been compromised. The value of embedding the script here is that most scans don't include favicon meta data by default. Fortunately, that's easily fixed. So going forward, as long as you be sure to include it, then your risks should be minimal.
This is by no means the first time hackers have found an unusual point of insertion for the scripts they rely on to cause harm, and it certainly won't be the last. Just be sure that your IT staff is aware of the issue and stay vigilant.