What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Lockport, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
To SSL or Not to SSL: What is HTTPs and Why it Matters to You Jan 12, 2018
2017 was a pretty eventful year for tech. Between the WannaCry ransomware virus, the data breach at Equifax and many other less famous incidents – one thing is for certain. 2017 was the year of cybersecurity and 2018 is expected to follow suit.
With cyber attacks on everyone’s mind and radar, businesses are starting to notice a shift in public perception when it comes to the companies they work with when it comes to data security. People want to feel safe – and they want to make sure that their information is safe, even on the web.
So while this has been a growing trend for a few years now, it is safe to say that moving forward, the trend has transformed into an expectation of security and protecting consumer data.
2018 is definitely the year of HTTPs.
What is HTTPs?
To understand what HTTPS means and how it works, you need to know a few definitions.
First – HTTP, HTTP stands for HyperText Transfer Protocol. Without diving too deep into the technical lingo, this is an application layer protocol. Basically, HTTP is the protocol that involves information sent between a browser (like google chrome) and a website itself. So if you were to interrupt that connection and intercept it, you’d see in plain text what was being communicated between the website and the browser.
This can be very dangerous in certain situations. For example, if you are purchasing goods on a website with a basic HTTP (basic meaning unsecured), your personal information like your address, credit card info and whatever else you submit can be intercepted and stolen.
Nobody wants this to occur – except the thieves – so HTTPs was introduced as a secure option.
Like HTTP, HTTPs stands for HyperText Transfer Protocol but it has an additional Security component; hence the “S”.
By adding additional security components, the language being transmitted between website and browser is encrypted and kept from being read by evil doers and criminals.
Another term you might hear thrown around regarding this security protocol is an SSL or Secure Socket Layer Certificate. Again, this is just another way of saying that your site has the technology in place to securely encrypt transactions between the website and browsers etc.
The types of SSL Certificates may vary, but their basic coding provides security and encryption.
You can always tell if a website is secure in a few different ways.
- https:// precedes the URL destination i.e. https://www.google.com
- A lock shows up in the leftmost corner of your navigation bar
- A green lock shows up in the leftmost corner of your navigation bar
Sounds pretty good, right?
There was a time when this added security feature was mainly used on websites that transfer personal information such as ecommerce, financial, medical, legal etc. but these days the added security of an SSL or HTTPs on your site is more of a standard.
It is something that savvy consumers look for to avoid vulnerability.
Now that we’ve gone through what this feature is and how it operates in respect to your website you might have some additional questions about whether this feature would benefit you. We’ve touched on a few of the most common topics below.
I’m Just A Small Business Website,
Why Should HTTPs Matter to Me?
An SSL Shows Your Customer Base You Care About Their Security
By adding an SSL certificate to your website, and turning it from HTTP to HTTPs, you are providing an extra level of security for your users. They know right away that your website is secure- that nothing they are viewing or how they are interacting on your website is being monitored or watched by a malicious entity. It shows that you care about your customer’s user experience – and that reflects highly upon your company brand.
It Actually Provides Additional Security Against Hackers
Having an SSL certificate installed on your website also helps protect your website from a possible breach or hacking attempt. The extra level of encryption provides an external wall that is harder for hackers to break and infect. So while you might not necessarily need one for the type of website your business uses – it does help you protect yourself against would-be attackers and saves you money on potential cleanup and patches once a website does get infected or breached.
HTTPs Help Improve Website Search Engine Rankings and Traffic
Having this added security installed on your website shows popular search engines like Google, Yahoo and Bing! that you take your user’s experience and security seriously. So seriously that they award your website with increased rankings.
And we all know higher rankings lead to more traffic which you hope leads to more clients/customers.
Google has been favoring websites with HTTPs for a few years now; however, after recent technology-related world events, they have doubled-down.
Starting this past October, websites that use a form or search tool on their website will not have a Not Secure warning when viewed on Google Chrome browser. The last thing you want your prospective clients to see when visiting your site is a message about poor security.
Google also has been blatantly favoring websites with HTTPs over HTTP. About have of all 1st page results on Google are websites with HTTPs, up over 30% since the end of 2016.
Failure to increase security on your site risks lower search rankings and even increases bounce rates. It is also proven that HTTP sites load slower, causing Google to penalize them for site speed as well. Overall, the industry is punishing sites that do not value security.
So, what should you take away from all of this?
An SSL does incur extra costs (but they are minimal) but failure to secure your website can cost you potential new customers, reduce website traffic and impact overall user experience.
Your IT partner or web hosting provider should have the necessary tools to help you with your website security. It should be fairly simple and won’t break your budget either.
Want to take the next step and convert to HTTPs but not sure how?
Andromeda has trained technicians and developers that are more than happy to help you with the conversion. Just give us a call to get started today!
The post To SSL or Not to SSL: What is HTTPs and Why it Matters to You appeared first on Andromeda Technology Solutions.Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You Dec 29, 2017
Ransomware, cybercrime, hackers . . .
It’s safe to say that you’ve at least heard of these terms in the news and if you are like most people, you’ve heard them over and over on the news, in the office and just in everyday conversation for the past few years.
This progression in the cybersecurity world may come with unique phrases and buzzwords but the trend itself is nothing new. Since the internet’s beginning, there have been people working to cause chaos.
Think computer viruses, Trojan horses, scams, spam, malware etc.
Like most technology, the internet is used predominantly for good. But, there are always a few bad apples who take good technology and choose to use it with less than the best intentions. And while there have always been “bad guys” out there trying to disrupt good works from being done, over the last decade and specifically in the last few years we’ve seen an incredible increase in spending, vulnerability and rates of incident for large scale cyber-attacks.
To put this in perspective, spending on cybersecurity is projected to exceed 1 trillion dollars by 2021. In 2017, information security (a subset of the cybersecurity industry) spending hit over 86 billion dollars.
On top of this, there has been a dramatic increase of incidents in the small to medium sized business arena. When a local business gets hit, it may not make the 5 o’clock news like Home Depot or Target, but it hurts just the same – and maybe even more.
The crazy thing when it comes to cybercrime, ransomware and other infections is that you can be doing regular updates, implement antivirus etc. and you still can fall victim to identity theft, breaches and other cyber incidents.
All of this cyber-security and cyber-crime discussion lays the groundwork for this Dark Web discussion.
What is the Dark Web?
First, what is the Dark Web? In a simple and brief explanation, the Dark Web is a mostly anonymous space online that you need special software to access. The experience is much like a normal internet browser but the sites and activities available are very different.
Many times the Dark Web is described using an iceberg illustration.
- The internet as we know it is what you can see above sea level.
- There is a larger space just below the surface of the iceberg where the ‘darknet’ lives, this is dominantly used for large data stores. Financial records, academic databases, government records etc. live here.
- Then there is the bottommost layer of the iceberg, this is the Dark Web – here you’ll find illegal activity like drug trafficking, illegal gun sales, and even personal data for sale.
Now, you may be thinking,
“This is interesting information but what in the heck does the Dark Web have to do with me? Why do I care about it? I don’t use it. I don’t know anyone who does. . .” And we get that, but even if you don’t use the Dark Web you may be on it.
The Dark Web is one of the largest sources of stolen data available to criminals. While some may use it to buy goods, other criminals purchase pieces of your information like credit card information, passwords, social security information and more to use for their own purposes.
When cybercriminals go to places like your local grocery store, Experian and other sites to wreak havoc, the information they steal ends up for sale on the Dark Web.
All of this taken into consideration, the everyday consumer and business professional shouldn’t be scanning these areas of the web to try and protect their data.
Instead, a business professional like yourself should make sure that you are following proper security protocols:
- Anti-Virus Software Regularly Updated and on every device
- Proper Firewalls and regular updates
- Employee training
- Regular Professional Backups (also regularly tested and verified)
- Disaster Recovery Plan
- Spam filtering
- Encourage employees to speak up if they see a weird email or link
- Bring in professional cyber security consulting
With all of these items and a few more in place, you make it much more difficult for a cyber-criminal to get into your network and steal your data. This in turn will help keep your data and that of your employees off of the Dark Web. Of course, nothing is foolproof and that is why an exceptional cyber-security partner should offer Dark Web monitoring.
Dark Web monitoring is a program some IT professionals offer businesses where scans are going on constantly in the background and are looking for a specific domain. When the scan recognizes your domain in a database, it flags the software and you are alerted to change passwords or address the breach.
This way, you are always a step ahead of the criminals without lowering yourself to the “Dark Web” itself.
We hope you found this first installment in our Dark Web series helpful. Look out for our next article in February focused on 5 ways you can keep your information off of the Dark Web entirely.
The post Dark Web Series Part 1 – What Is the Dark Web & Why It Matters To You appeared first on Andromeda Technology Solutions.Are Some SSD Drives Susceptible To Hacking? Nov 14, 2018
A research team has found an exploit that allows hackers to decrypt and view encrypted files on a number of well-known SSD drives.
- Samsung T5 Portable
- Samsung T3 Portable
- Samsung 850 EVO
- Samsung 840 EVO
- Crucial MX 300
- Crucial MX 200
- Crucial MX 100
According to the research team:
"We have analyzed the hardware full-disk encryption of several SSDs by reverse engineering their firmware.� In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations.� In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret."
The team disclosed their findings to both Crucial and Samsung to give both of the companies an opportunity to prepare firmware updates and get them out to their clients.
Crucial has responded swiftly, offering firmware updates to all three of the impacted drives.� Samsung's response has been a bit more sluggish.� To date, they've released firmware updates for the T3 and T5 models. Apparently though, the company has no plans to update their EVO drives, having issued a statement encouraging EVO users to opt for software encryption instead.
Unfortunately, there's another fly in the ointment.� Windows' BitLocker software encryption will default to hard drive encryption if it finds it supported on a given drive. This means that BitLocker cannot be counted on as a viable software encryption solution.� The same flaws that allow hackers access to the drives mentioned above will also allow them to circumvent BitLocker.
The bottom line is simply this:� If you're relying on your SSD drive to secure your data, it may not be offering you as much protection as you had hoped, especially if you're currently using a Samsung EVO drive.