What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Kenilworth, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
4 Cybersecurity Tips For Business Owners & Managers Jul 08, 2019
New cybersecurity stories hit the news every day. You’ve surely heard about large companies getting hacked or ‘breached’, passwords stolen, identities compromised and more.
The topic of cybersecurity gets brought up so much, it’s no surprise that it has become a kind of background noise in the business world. Warnings about security protocols, new viruses and ransomware scams are just the tip of the iceberg when you look into what is happening in the IT security world.
While the news stories keep coming and businesses continue falling victim, there is at least one thing that remains the same . . . the need for cybersecurity training and awareness is here to stay. If you are in business, you have data that cybercriminals want to steal. Simple as that.
Cybersecurity conversations and solutions don’t have to be daunting though. In fact, there are some quick, common-sense tips you can put into place that will make you and your business a harder target for those looking to do you harm.
Top 4 Cybersecurity Tips For Professionals
1. Use Unique and Strong Passwords For All Online Accounts
This tip is one you’ve surely heard many times before but over 85% of all adults reuse their passwords online. On top of that, most people don’t know how to create a truly strong password. Some characteristics of a strong password are:
- Minimum of 8 characters
- A mixture of uppercase and lowercase letters
- At least one number
- At least one special character (!@#$%^&)
- No personal details (pet names, family member names, birth dates, address info etc.)
The average adult has over 100 different accounts online (bank accounts, credit cards, social media, email, apps etc.). It’s understandably difficult to create and remember a different password for everything you do though.
What to do about it? Look into a password manager tool for yourself and your staff. A password manager will store and organize all of your unique passwords securely. Here at Andromeda, we recommend LastPass. It has some great features and is a trustworthy password management tool. If you have questions about that, feel free to reach our team.
2. Run A Network Security Audit At Least Once A Year
You can’t address things if you don’t know they are broken. An annual network security audit done by a third party IT support partner will give you visibility into the small cracks hiding in your network security.
This type of audit should check things like open ports on your firewall, password protocols, your backups, your disaster recovery plan, the status of your warranties, your antivirus and spam protocols and more.
You can engage your current IT services provider for this audit or look for a third party vendor to come in and take a fresh look at your setup.
It never hurts to get a new set of eyes on your setup. Andromeda provides these types of assessments to our clients with our professional 35 point network security assessment. If you’d like to speak with our team about this service, give us a call at (815) 836-0030 or send an email to Contact@WeNetwork.com
3. Regularly Test Your Backups and Disaster Recovery Plan
One of the top methods a cybercriminal uses to make money is ransomware. Ransomware is classified as a cyberattack where a criminal gains access to your network (through brute force or stolen employee email/passwords). After accessing the network, the criminal then encrypts all or a portion of your business data and locks you out of it. The only way to recover the data is to pay a ransom (often in the form of bitcoin or other cryptocurrency). If you don’t pay up – they destroy your data.
These types of attacks cause serious damage. Businesses lose big money due to down time, reputational damage and in some cases, even government fines (in worst cases where evidence that a business intentionally ignored or neglected their data security, victims of ransomware/cybercrime can even face jail time).
Imagine that, you’re the victim of a cyberattack and you have to pay the government fines on top of it all?!
Ransomware and cyberattacks happen, there is almost no way to avoid them 100% of the time. But, with a proper disaster recovery plan including regular data backups (on site, in the cloud and off site) you can quickly and calmly restore your business data and win against cybercrime.
Don’t just accept anyone’s word when it comes to verifying your backups though. You should be sure that whoever is maintaining your backups and disaster recovery is running regular tests and providing you proof of valid backups. You should also run a demo scenario at least twice a year to test how long it would take you to be back up and running in the event of a breach or equipment failure.
4. Employee Cybersecurity Training Is Key To Your Defense
Cyber security is constantly changing and new attack strategies show up regularly. The one thing that shouldn’t change for you though, is your commitment to ongoing employee training.
After all, the #1 threat to your office network security is actually your employees! The staff are the people who will accidentally visit an infected site, click a bad link, download a file with a virus etc. and the only way to help stop those behaviors/accidents is through education and proper training.
A good employee training program will offer ongoing training and support. It may also score and rank your employees/office based on performance etc.
At Andromeda, we offer our clients an employee cyber security training in an online program. This allows employees to go at their own pace and complete training in the office or on the go. This solution provides weekly tech tips, training videos, micro quizzes, individual employee risk scores and more.
Make sure to look into training if your organization isn’t already offering this to employees. This really is a must have solution to protect your office.
These are only 4 tips you can use to improve security at the office. There are many more but if you cover these bases you have a great start.
If you have any questions related to cybersecurity or IT at the office, give our team a call at (815) 836-0030 or send a message to Contact@WeNetwork.com. We are always here to help you!
The post 4 Cybersecurity Tips For Business Owners & Managers appeared first on Andromeda Technology Solutions.4 Key Questions Any Business Owner Should Ask Before Performing A Cloud Migration Sep 28, 2018
The solutions, procedures and technologies business owners and staff depend on are continuing their move to the cloud at a steady pace.
Predictions and trends point to over 80% of all enterprise workflow to be managed by the cloud by 2020.
While total adoption of cloud in the workplace is still believed to be 10 or more years away, the benefits to business are clearly driving the adoption of cloud technologies and solutions.
This does not mean that you should perform a cloud migration just because everyone else is doing it. You want to make sure that when you migrate different elements of your business to the cloud, you are doing so in the most secure, compliant and pain-free ways.
That being said, there are some questions you should really ask yourself when planning for or considering your migration.
4 Key Questions About Cloud Migration
1. What are the long term costs for my IT when I migrate to the cloud?
There are quite a few different aspects of your budget that a cloud migration can impact. The first thing you will want to consider is the overall cost of the project. For example, if you have a server and you are considering the costs of a cloud migration vs. buying new hardware, there are a few things you want to look into.
- What is the physical cost of the hardware including labor for install and setup?
- What is the initial setup and migration cost if you move to the cloud?
- What are your anticipated maintenance costs for a physical server over the next 3-5 years?
- What are the maintenance costs and recurring costs for your cloud environment for the next 3-5 years?
- If you stick with an on-prem solution, how long until you have to replace your new hardware on average?
All of these questions you should ask yourself and your IT vendor/department when considering the cloud. Often, when you take long term maintenance and hardware replacement into consideration, you will end up being more cost effective with a cloud solution. But, this is not always the case.
2. What areas of our business will see benefit from a cloud migration?
The cloud has offered many benefits to business. The cloud environment lends itself to collaboration in many ways. Staff will likely enjoy the ability to access data, software and systems remotely. Departments will notice that different integrations are easier when software is in the cloud as well. Companies like Zapier, IFTTT and even Microsoft with Microsoft Flow are in the business of helping you integrate workflows and get a whole lot more done.
This means more productivity, automating repetitive tasks and hopefully better results for both your employees and clients.
3. Do you have specific security/compliance requirements?
Different industries have specific security requirements and compliance standards for data. This means that you will want to consult with experts in your industry to make sure that the solutions you choose are above board.
For instance, if you chose to migrate your email server to a hosted cloud solution, you still need to make sure that the email service is secure. Solutions like G Suite and Office 365 state in their user agreements that they are responsible for the security of the cloud environment but that YOU are responsible for all of your data.
Meaning – Microsoft or Google makes sure the cloud is secure, YOU make sure that you have backups of your emails and all of your data in case of emergency.
Additionally, if your industry has requirements for sending secure/encrypted emails, you’ll want to make sure that the solution you choose meets said requirements.
This was just an example of how security and compliance can impact your choice of cloud email solution. Depending on what you want to move to the cloud (infrastructure, software, OS etc.), you will want to consult with industry experts to ensure success.
4. Public, Private or Hybrid Cloud Solutions?
On the surface, the concept of public or private cloud solution is straight forward.
A public cloud is owned by a company like Microsoft (Azure) or Amazon (AWS). This company owns the physical space where the ‘cloud’ is hosted. In a public cloud, your business essentially leases space to host your environment. This space is technically shared but can be segmented for security purposes.
This decreases your overall time and material cost for maintenance of the environment. You access services and can manage your account by logging in from your internet browser. These public solutions are best for email solutions, office software, applications, testing environments, development environments and more.
A private cloud is owned and managed by one specific entity (either you or your IT service provider). There are no other businesses sharing your space or stored on the equipment. This is definitely a more secure solution for highly regulated industries.
A benefit with privately hosted cloud environments is that they are more customizable for specific business needs. Additionally, a private cloud is easily scaled to grow with your needs – you will just have to account for any additional hardware or bandwidth needs as you grow.
A hybrid cloud solution is a mixture of any or all solutions including: on-premises solutions, public cloud and/or private cloud.
For some industries, there may be specific elements of the business that must remain on site. In other instances, you may have proprietary software that just isn’t cloud compatible or doesn’t make sense to migrate.
You may also have certain needs that make sense to offload into a public environment where you aren’t responsible for maintenance.
The beauty of cloud migration solutions for business is that they are highly customizable. They help you get more done and stay connected in innovative ways. There is a reason that technology is steadily migrating to the cloud across our professional and personal lives.
If you have any questions about the cloud or want to discuss how the cloud can elevate your business, please give us a call at (815) 836 – 0030 or send an email to Contact@WeNetwork.com. Our team is ready and eager to help you.
The post 4 Key Questions Any Business Owner Should Ask Before Performing A Cloud Migration appeared first on Andromeda Technology Solutions.New Exploit Discovered That Adds Malware To Advertisements Oct 08, 2019
Hackers and scammers have a new tool in their toolbox, and they're making rapid use of it.� Recently, researchers from Confiant have discovered a new campaign involving a Chrome for iOS exploit. They discovered �an unknown group of attackers getting around the browser's built in pop-up blocker to deliver fake ads. This happened to half a billion users from the US and Europe in less than a week.
The group has been named 'eGobbler' and they're not picky.� Since Confiant began tracking their activities, they've targeted iOS devices as well as Windows, Linux and macOS desktops in one of the most far-reaching malvertising attacks we've ever seen.
The researchers had this to say about the matter:
"This time around...we were in fact experiencing redirections on WebKit browsers upon the 'onkeydown' event.� The nature of the bug is that a cross-origin nested iframe is able to 'autofocus' which bypasses the 'allow-top-navigation-=by-user-activation' sandbox directive on the parent frame. Also noteworthy is that the campaign behind this payload had specifically targeted some web applications with text areas and search forms in order to maximize the chances of hijacking these keypresses."
The long and the short of it is that this represent a new attack vector.� Hackers can now inject malware into completely innocuous ads, hijacking them for their purposes.
Both Google and Apple have taken swift, decisive action to address the issue. Google addressed it in a WebKit patch that was released on August 12. Apple addressed the matter in their release of iOS 13 on September 19, and via Safari 13.0.1 on September 24. The bad news is there's no guarantee that the hackers won't find yet another workaround to exploit, so this is probably not the last we've seen of the issue.
In any case, if it's been a while since you updated your browser, given the above, now is a great time to do so.