What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Joliet, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Guidelines & Tips for Employees Working Remotely Mar 30, 2020
Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. For example, if an employee-owned device (laptop, PC, etc.) is infected, that could compromise your business network as well.
We’ve developed a list of guidelines and tips to assist you as you prepare to work from home in a safe, functional work environment. Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information.
Guidelines & Tips
- Ensure that you have the ability to lock your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when necessary. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a VPN to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone but yourself use company-owned devices or personal devices used for business purposes
- Use strong unique passwords on all your devices and accounts to prevent unauthorized access
- Change default Wi-Fi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your local router firmware is up to date
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public Wi-Fi. Never use public Wi-Fi to send sensitive information without a VPN
- Ensure all personal devices are secure with company-provided or personally owned antivirus and anti-malware software company
- Updated IoT device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
- Ensure the software on all devices within your home network are kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
- Review and follow corporate Bring Your Own Device (BYOD) and other relevant policies and procedures
- Remote Work Employee Awareness
- Be extremely cautious of email phishing scams
- Limit social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
We provide this list of guidelines to assist you as you work from home. These tips are meant to facilitate a safe, functional work environment.
Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information. We are always here to assist in your transition in any way possible. Give us a call to pick up this conversation today (815) 836-0030 or email us.
The post Guidelines & Tips for Employees Working Remotely appeared first on Andromeda Technology Solutions.How A Third-Party Data Breach Impacts Cybersecurity At Your Business Aug 05, 2019
With the average American adult maintaining over 130 different accounts online, the risk of a data breach or data being stolen continues to grow. Between social media, financials, productivity applications, email, business applications, online shopping and countless other accounts online, your “online life” becomes more and more a part of your day to day physical life as time passes.
As more of our lives and data are shared online, criminals are focused on breaking into these databases to steal the valuable info they hold:
- Personal Info such as name, address, dates of birth, social security numbers etc.
- Financial information such as bank info, credit cards etc.
- Social Information on social media accounts
This is a real problem facing consumers globally but the impacts span beyond individual damages and stolen identities (though, those damages are bad enough).
When a criminal steals your password, or the password of a coworker, chances are – they’ve gained access to many pieces of your “online life”.
Here’s an example to illustrate how a third party data breach can lead a criminal back to your business.
Your HR manager helps book travel for employees at the business. He set up a business account at a national hotel chain to book rooms for whatever the business travel needs are. The hotel chain’s database suffers a breach and cybercriminals steal thousands of email/password combos including your HR manager’s credentials.
Your HR manager used the same password he uses for all kinds of sites online when he created the login at the hotel company site. This means that the criminals who have this breached data, now have access to your payroll software, servers and all the other things your HR manager interacts with.
The criminals either use this data themselves or take it to the Dark Web to sell for a few dollars (password/email combinations go for $3-$5 on average on the Dark Web).
Breaches like these happen daily and criminals use the information they steal to do as much damage as they can.
This creates a unique problem for business owners and managers because what can you possibly do to protect yourself from a data breach happening at a hotel chain or some other account online?
Things get even trickier when the average span of time between a data breach and disclosure to the public reaches 15 months. Meaning, criminals have a 15-month head start to get to your business and do damage before your are notified on the 5 o’clock news or your social media feed.
So, how can you defend against this kind of thing?
First, implement a password policy at your business:
- Strong Passwords Required
- Change Passwords Regularly (90 days minimum)
- Dual Authentication
- Lockout Procedures
Second, roll out a password management tool across your organization.
As mentioned earlier, the average adult in America manages over 130 accounts online. It is no wonder that we have a hard time creating strong and unique passwords for each of those accounts. It would be nearly impossible to remember all of that without writing things down – which isn’t secure.
To bridge the gap between security and memory, implement a password management tool. Look for something that is encrypted, secure and be sure to consider mobile capabilities. We recommend LastPass as a great option to start.
Third, invest in Dark Web Monitoring
Dark Web Monitoring is still a newer service offered to businesses and professionals. This is a monitoring solution designed to scrub different areas of the Dark Web (chatrooms, discussion boards etc.) for data connected to your domain.
If we apply Dark Web Monitoring to the example above with the HR Manager for instance – when the criminals stole data from the hotel chain and went to sell/share it on the Dark Web, the monitoring tool would identify your IT company to have the HR manager change passwords. That way, the criminals have useless data and you are protected well before you learn about the breach 15 months later.
The post How A Third-Party Data Breach Impacts Cybersecurity At Your Business appeared first on Andromeda Technology Solutions.Intel Steps Up Game With CPU-Level Malware Protection Jun 26, 2020
Tech companies both big and small are always looking for new ways to protect their customers from the threat of malware.While that's not something that hardware vendors are known for, Intel has leapt into the fray with a recent announcement.
Their planned "Tiger Lake" mobile processers will offer CPU-level malware protection features.
Tom Garrison is Intel's VP & General Manager of Client Security Strategy and Initiatives.
Tom had this to say about the planned features:
"Intel CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks--widely used techniques in large classes of Malware...Intel has been actively collaborating with Microsoft and other industry partners to address control-flow hijacking by using Intel's CET technology to augment previous software-only control-flow integrity solutions."
Specifically, Intel's CET provides two new capabilities to help guard against control-flow hijacking malware: Indirect Branch Tracking (IBT) and Shadow Stack (SS). Collectively, these two new tools work by defeating malware designed to use ROP (Return Oriented Programming), JOP (Jump Oriented Programming) and COP (Call Oriented Programming).
"The significance of Intel CET is that it is built into the microarchitecture and available across the family of products with that core...While Intel vPro platforms with Intel Hardware Shield already meet and exceed the security requirements for Secure-core PCs, Intel CET further extends advanced threat protection capabilities....when used properly by software, [it] is a bit step in helping prevent exploits from hijacking the control-flow transfer instructions."
As mentioned, the new capabilities will initially roll out for mobile processors, but the company has plans in the work to expand the microarchitecture into desktop and server platforms as well.
This is good news and we're excited to see the hardware's capabilities in action. Of course, it remains to be seen how effective the new protections will be, but industry experts are cautiously optimistic.