What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Lemont, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Start 2019 Out Right – Have a Network Security Assessment Completed Jan 04, 2019
Why have a Network Security Assessment at least once per year:
Our digital world is being attacked constantly and your corporate network is one of the biggest targets on the market. Why? Because it also tends to be an easy mark. Year after year we see large scale attacks against corporations, but did you know that the majority of cyber incidents occur against small to mid-size businesses? Ask yourself: When was the last time I had a professional network security assessment? We’ve listed out some of the top reasons why Network Security Assessments are a vital piece of a multi-layered approach to cyber security for your business.
Let’s start by stating something that you might not expect a tech company to express. Being a victim of a cyber attack is inevitable. No amount of effort or software can protect you 100% of the time. The solution is to implement as many precautionary steps as you can to lessen the likelihood of becoming a victim. No approach on the market can guarantee you will never be breached. If you ever run into an IT firm or product that tries to make this a “guarantee” . . . run and don’t look back because this is 100% false.
Now, there are the obvious steps that you can take to protect yourself and make it harder on the criminals:
- Proactive Email habits
- Anti-malware software
- Proper Employee training
- Professional Disaster Recover (DR) plan/device
However, there is another tool in the arsenal that you should use regularly and that is an annual (at minimum) Network Security Assessment.
What Does A Network Security Assessment Involve?
Your IT support company should perform an initial assessment; after, they should give you a detailed risk report displaying areas that need to be optimized or adjusted. If your IT company does not perform these, it may be time to start looking somewhere new. Cyber threats are more prevalent every day and it is important to partner with an IT company that recognizes this and protects your business accordingly.
We find that our assessment usually uncovers security threats and holes; even when a business has the right practices and has done their research. Cyber security is a daily battle for businesses of every type. When we run our assessment we use the results to constantly improve the defenses of our clients. And that is why, like most things in tech, an assessment should be a regular event.
The Network Security Assessment Is Done. What’s the Next Step?
The network security assessment itself is not the only thing to request though. It is equally important to make sure that your firm supplies you with a report of their findings. This report should be simple to understand, contain an overall score and give you a breakdown of each issue found, along with how serious those specific issues are. Ask for an action plan that goes over any adjustments in detail for any issues that are found. Why go through the assessment process if you aren’t going to apply any changes with the data?
How important and helpful are these reports? We are an IT company with a background protecting our partners from risk. We also put protections in place for our partners and still find ways to improve our customer cyber safety every time we run an assessment.
Why? Because cyber security is a dynamic, ever changing landscape and you need to proactively search for issues. Don’t let yourself learn the hard way. You never want to discover there is a hole in your cyber security when it’s too late from an attack or breach.
Interested in a Network Security Assessment?
If this article has you questioning your current setup, or peaked your interest in starting a conversation regarding the cyber security protections necessary for your business, a network security assessment with Andromeda is a great place to start. With this in mind, we will be discounting our network security assessment thru 1/31/19. Fill out the form below for access to our promotional rate and begin a discussion with one of our security experts.
Fill out the form below to receive a $500 discount on a Network Security Assessment valid for the month of January:
The post Start 2019 Out Right – Have a Network Security Assessment Completed appeared first on Andromeda Technology Solutions.How A Third-Party Data Breach Impacts Cybersecurity At Your Business Aug 05, 2019
With the average American adult maintaining over 130 different accounts online, the risk of a data breach or data being stolen continues to grow. Between social media, financials, productivity applications, email, business applications, online shopping and countless other accounts online, your “online life” becomes more and more a part of your day to day physical life as time passes.
As more of our lives and data are shared online, criminals are focused on breaking into these databases to steal the valuable info they hold:
- Personal Info such as name, address, dates of birth, social security numbers etc.
- Financial information such as bank info, credit cards etc.
- Social Information on social media accounts
This is a real problem facing consumers globally but the impacts span beyond individual damages and stolen identities (though, those damages are bad enough).
When a criminal steals your password, or the password of a coworker, chances are – they’ve gained access to many pieces of your “online life”.
Here’s an example to illustrate how a third party data breach can lead a criminal back to your business.
Your HR manager helps book travel for employees at the business. He set up a business account at a national hotel chain to book rooms for whatever the business travel needs are. The hotel chain’s database suffers a breach and cybercriminals steal thousands of email/password combos including your HR manager’s credentials.
Your HR manager used the same password he uses for all kinds of sites online when he created the login at the hotel company site. This means that the criminals who have this breached data, now have access to your payroll software, servers and all the other things your HR manager interacts with.
The criminals either use this data themselves or take it to the Dark Web to sell for a few dollars (password/email combinations go for $3-$5 on average on the Dark Web).
Breaches like these happen daily and criminals use the information they steal to do as much damage as they can.
This creates a unique problem for business owners and managers because what can you possibly do to protect yourself from a data breach happening at a hotel chain or some other account online?
Things get even trickier when the average span of time between a data breach and disclosure to the public reaches 15 months. Meaning, criminals have a 15-month head start to get to your business and do damage before your are notified on the 5 o’clock news or your social media feed.
So, how can you defend against this kind of thing?
First, implement a password policy at your business:
- Strong Passwords Required
- Change Passwords Regularly (90 days minimum)
- Dual Authentication
- Lockout Procedures
Second, roll out a password management tool across your organization.
As mentioned earlier, the average adult in America manages over 130 accounts online. It is no wonder that we have a hard time creating strong and unique passwords for each of those accounts. It would be nearly impossible to remember all of that without writing things down – which isn’t secure.
To bridge the gap between security and memory, implement a password management tool. Look for something that is encrypted, secure and be sure to consider mobile capabilities. We recommend LastPass as a great option to start.
Third, invest in Dark Web Monitoring
Dark Web Monitoring is still a newer service offered to businesses and professionals. This is a monitoring solution designed to scrub different areas of the Dark Web (chatrooms, discussion boards etc.) for data connected to your domain.
If we apply Dark Web Monitoring to the example above with the HR Manager for instance – when the criminals stole data from the hotel chain and went to sell/share it on the Dark Web, the monitoring tool would identify your IT company to have the HR manager change passwords. That way, the criminals have useless data and you are protected well before you learn about the breach 15 months later.
The post How A Third-Party Data Breach Impacts Cybersecurity At Your Business appeared first on Andromeda Technology Solutions.Browser Update Warnings May Actually Be Malicious Hackers Oct 10, 2019
Researchers at FireEye have recently unearthed a particularly nasty new campaign that is both multi-faceted and dangerous.�At the heart of the attack are hacked websites which display seemingly innocuous popup message informing the site visitor that their browser is out of date. It will helpfully provide a one-touch solution to the non-existen21t problem via a button that promises to download the latest version of the browser in question.
The server then responds to the findings reported by the initial script by uploading the initial payload.� This varies based on the details gleaned, but generally includes some type of banking trojan malware and a backdoor such as Dridex, NetSupport Manager RAT, or similar.� If the initial scan reveals that the target computer is part of a corporate network, then an additional payload is also injected onto the target machine, but we'll get to that in a moment.
The first part of the payload will busily ferret out login credentials and other sensitive information, exfiltrating any files of value back to the command and control server.
Only when this operation has been completed and if the computer is part of a corporate network will the second stage we referenced earlier trigger, which is a strain of ransomware, normally BitPaymer or DoppelPaymer. The ransomware spreads through the network as far as it is able, encrypting files network wide.
These two ransomware strains are known for their hefty ransom demands, which often run into the hundreds of thousands, or even millions of dollars.
This multi-stage approach is dreadfully effective.� It not only allows the hackers to squeeze a wide range of sensitive data from infected systems, but then, locks them down hard and demands a hefty payment.� Be sure your staff is aware.� This one's about as dangerous as they come.