What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Lansing, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Ways Your Information Gets On The Dark Web Jan 26, 2018
In our last IT article we discussed the Dark Web. Specifically what the Dark Web is and why it is something that matters to just about everyone. If you missed the article make sure to give it a read here.
There are many ways your information can be compromised and inevitably end up in the hands of wrong doers on the dark web. On top of that, there are numerous ways that hackers and criminals can steal your data that are completely out of your control.
It is important that you put defense in place where you can but it is also important that you manage your risk by educating yourself on some of the top vulnerabilities out there.
With that in mind we’ve gathered 5 of the top ways hackers and criminals get around you to steal your data for the Dark Web.
5 Ways Your Information Gets On The Dark Web
1. Visiting & Using Unsecure Websites
If a website isn’t secure, information passed between you and the site can easily be compromised. In a nutshell, websites pass information to your browser (google chrome, firefox etc.) and your browser displays that information for you to look at/use. Without proper security protocols like an SSL or HTTPs, sites don’t secure that information transfer. So, if you enter personal data into a form, make a purchase or put any data on the site that isn’t secured, it is easy enough for a hacker or cyber-criminal to intercept that data and sell it on the Dark Web.
If you are interested in how to secure your website or tell if the sites you visit are secure, we have an easy to understand article here.
2. Consumer Database Breach
While hackers and criminals will go after your personal data on a small scale, a larger customer breach is what their dreams are made of. Just think back to the Target, Home Depot and Experian breaches of recent years. Even social media databases are full of rich information that hackers can make use of. If a hacker gets ahold of your Facebook password they might have also gotten ahold of your date of birth, where you live and other personal information that they can use to access financial accounts or other personal accounts.
While you can’t keep hackers out of Target’s database, you can practice your own security protocols to decrease the likelihood of criminals using compromised data to ruin you financially:
- Use different passwords for different sites
- Change passwords often (every 90 days is recommended at minimum)
- Use strong passwords
- Look into a monitoring service that alerts you of suspicious activity on financial accounts
3. Firewall Issues
You don’t necessarily have control over whether someone else secures their website and you definitely don’t have control of the security procedures at your local grocery store, but you do have control over the firewalls you use at your business.
First . . . make sure you are using a professional or business grade solution for your firewall. Consumer grade solutions are meant for home use and will not have adequate protections in place to keep your company’s private data secure.
Additionally, make sure that you have regular updates and software patches scheduled. These devices are only as good as the software they utilize. If your firewall is out of date or your software is out of date, chances are they cannot defend against the latest hacker strategies and viruses.
You will also benefit from a regular system audit to ensure all ports are secure and no user changes are impacting your network security. It is pretty common for businesses to forget these updates and checks and this is an incredibly vulnerable access point into your network if not properly configured.
4. Outdated Systems/Devices On Your Network
While your firewall controls much of the inbound and outbound traffic on your network, there are countless other devices that can create vulnerabilities. For instance, if you consider the Target breach of 2013, it is rumored that the criminals gained access to Target’s network via an HVAC company that monitored temperatures in stores. This brings up the fact that it is not just your own network but anything connected to it and the security of those ancillary devices/networks that you must be aware of.
If you have smart devices in the office, if you subscribe to any type of service that needs access to your network, all of these items and programs open you up to vulnerabilities. Even the smart devices you use at home can cause you trouble on a personal level. Imagine if a smart device on your home network was compromised and used by hackers to get into your work files on your home computer. This stuff happens and your information ends up on the dark web because of it.
5. Downloading untrusted applications/Opening Malicious Email
Email is essential to running your business but it is one of the best ways for hackers and criminals to gain access to your network. All they have to get you to do is click a link or download a file and BAM! your data might be compromised.
Email isn’t the only culprit though. Downloading files off the web can also give hackers access to your network and in turn your data. There are tools that can help you avoid this as well as training that helps you spot malicious links/sites.
How Can I Prevent My Info From Getting Onto Dark Web
With proper firewall configuration, professional anti-virus software that is updated regularly and employee training, you will dramatically decrease your vulnerability and incident rate.
There are so many ways hackers access your data. They can get to you through stores, websites, your email, the smart devices at your office/home and those are just a few examples. The scary part is that no matter how secure you make things, they will come up with a new approach that no one expects.
All hope isn’t lost though, with certain protections like professional cyber security consulting, monitoring software (both professional and personal), and specific security devices, you can protect yourself from cybercriminals.
If you’d like to discuss your options and make sure you are truly covered, reach out to our team and schedule a network security assessment.
Interested in reading more? Check out:
Part 1 Part 3
The post 5 Ways Your Information Gets On The Dark Web appeared first on Andromeda Technology Solutions.5 Critical Components Any Professional Disaster Recovery Plan Must Have Jul 03, 2017
We hear a whole lot about ransomware and cyber criminals these days. Andromeda helps our clients combat most data breaches with multi-tiered security solutions and employee training. But, every business is still vulnerable to incident. That is why a full proof and dependable Disaster Recovery & Business Continuity plan is an essential. Before you hit the world wide web searching for DR solutions and backup plans, take a look at these 5 critical components any professional disaster recovery plan must have.
Your disaster recovery plan should consider appropriate business continuity variables.
Disasters happen; they come in many shapes and sizes. Server crashes, accidental file deletion, physical disasters such as fire or flood and the increasingly common ransomware or malware infection are all scenarios.
You must ask two important questions yourself in regards to business continuity:
- How much time can pass between recovery points, ie: how much data can you afford to lose; this is commonly known in Business Continuity as RPO – Recovery Point Objective
- How much time can pass between the disaster and recovery, ie: how much time can you afford to lose; this is commonly known in Business Continuity as RTO – Recovery Time Objective
Ideally, your RPO and RTO are as low as possible.
A good Disaster Recovery Plan will consider these factors and have various options for restoring files, folders or even whole servers. On top of that, it is important that these options take into account minimalizing data loss and interruption.
Data should be stored both locally and offsite.
Many people have an easy time seeing the value in the offsite backup. Whether that’s tape drives taken offsite daily, external USB drives treated the same, or data sent to the cloud for storage, it carries with it a feeling of great comfort knowing that “if the building burns down” the data is still safe.
What few realize is what we mean when we speak about downtime, for incidents that are not quite as catastrophic as a burning building. In those cases, it can take an unacceptable amount of time to get your hands on that offsite backup or to download an entire server from the cloud.
With a Disaster Recovery Plan option that offers backups both locally and offsite (cloud based), you are able to restore large quantities of files and entire server images quickly. Your onsite device should also have the capability to virtualize as a temporary server in the event your main server crashes.
Find a disaster recovery plan option that provides multiple restore options
When you think about restoring from a disaster, you may believe that so long as you have a version of your data somewhere, you are secure. In reality though, your recovery time objective can be greatly impacted by the different options available to you after a disaster. A disaster recovery plan with multiple options for virtualization, restoration and data access is an absolute must.
You may have heard the term “virtualization” before. Being able to virtualize your server either on a physical device at your location or in the cloud simply means that you have a temporary solution that will keep your business up and running while you resolve whatever issue corrupted your data, server or situation in the first place.
A catastrophic hardware failure can put your business down for hours, sometimes days. Rushing that process up can incur huge costs as well: rush delivery, emergency dispatch etc. In the event of a hardware failure, a virtual copy of your last backup can be spun up. Once completed, you can resume working swiftly. This quick recovery allows you to deal with hardware replacements, scheduling and budgets in an organized fashion.
A top tier solution will provide you with onsite virtualization and an option to virtualize in the cloud. Cloud virtualization is not as quick and can produce some lag time. Nonetheless, in the event your backups are stolen or disaster strikes your building (fire, flood etc.) – the ability to spin up and virtualize data from the cloud means that your business is not at a standstill.
Find out what type of support a vendor provides for disaster recovery plans.
Your company does not want to struggle to get their files restored. You can’t wait hours and hours to restore a file you accidentally deleted. Don’t wait for hours to hear back on the status of a data restore. Your IT partner should understand the solution they are providing and be able to work with you directly. Cut out the intermediary. Ensure your vendor monitors all the warranties, all the software support calls, and all monitoring; ensuring your backups are humming all day every day – as they should be.
Don’t trust just any business continuity or disaster recovery plan solution.
There are literally hundreds of options out there for Disaster Recovery. A quick Google search will give you pages of results. Comparing them is mind numbing, and if we are being honest . . . who takes the time to do all that? Your first step is to find an IT partner that you trust. Check their references. See if they have case studies to show how a disaster recovery functions with the product. Ask for a demonstration of the product. This is serious stuff and you need to trust the hands maintaining and protecting your data.
The post 5 Critical Components Any Professional Disaster Recovery Plan Must Have appeared first on Andromeda Technology Solutions.Photo Site 500PX Hit With Data Breach Recently Mar 11, 2019
Do you use the photography network 500PX?� If so, be advised that it has been breached by hackers.� If you were a 500PX user on or before July 5, 2018, you are among the impacted users.
The company discovered evidence of the breach on February 8th, and overall, to this point, their handling of the issue has been admirable.
They promptly contacted and are presently working with both law enforcement and a third-party security firm. They have alerted all impacted users of the incident. By this point, you should have already received some type of communication from the company.
According to the official statement put out by 500PX, when the hackers gained access, they were able to glean at least some, (and possibly all) information contained in the user's profile. This information includes user name, password, location, any biographical information you may have entered, your education, and your photo (if you've included one in your profile).
The company took the step of force-resetting all user passwords, including those they do not believe to have been impacted by the breach. So the next time you log in, don't let that take you by surprise.
It should go without saying, but if you're still using the same password across multiple web properties, it's a practice you need to stop immediately. �If you've used the same password you use on 500PX on some other site, be sure to change it as well. Don't give the hackers an easy way to cause you further harm.
Unfortunately, those are all the details we have about the breach currently. Although the company has promised to keep everyone updated as their investigation into the matter continues and as further details come to light.� In the immediacy, the most important next step is to log in and reset your password.