What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Romeoville, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Critical Components Any Professional Disaster Recovery Plan Must Have May 29, 2020
We hear a whole lot about ransomware and cyber criminals these days. Andromeda helps our clients combat most data breaches with multi-tiered security solutions and employee training. But, every business is still vulnerable to incident. That is why a full proof and dependable Disaster Recovery & Business Continuity plan is an essential. Before you hit the world wide web searching for DR solutions and backup plans, take a look at these 5 critical components any professional disaster recovery plan must have.
Your disaster recovery plan should consider appropriate business continuity variables.
Disasters happen; they come in many shapes and sizes. Server crashes, accidental file deletion, physical disasters such as fire or flood and the increasingly common ransomware or malware infection are all scenarios.
You must ask two important questions yourself in regards to business continuity:
- How much time can pass between recovery points, ie: how much data can you afford to lose; this is commonly known in Business Continuity as RPO – Recovery Point Objective
- How much time can pass between the disaster and recovery, ie: how much time can you afford to lose; this is commonly known in Business Continuity as RTO – Recovery Time Objective
Ideally, your RPO and RTO are as low as possible.
A good Disaster Recovery Plan will consider these factors and have various options for restoring files, folders or even whole servers. On top of that, it is important that these options take into account minimalizing data loss and interruption.
Data should be stored both locally and offsite.
Many people have an easy time seeing the value in the offsite backup. Whether that’s tape drives taken offsite daily, external USB drives treated the same, or data sent to the cloud for storage, it carries with it a feeling of great comfort knowing that “if the building burns down” the data is still safe.
What few realize is what we mean when we speak about downtime, for incidents that are not quite as catastrophic as a burning building. In those cases, it can take an unacceptable amount of time to get your hands on that offsite backup or to download an entire server from the cloud.
With a Disaster Recovery Plan option that offers backups both locally and offsite (cloud based), you are able to restore large quantities of files and entire server images quickly. Your onsite device should also have the capability to virtualize as a temporary server in the event your main server crashes.
Find a disaster recovery plan option that provides multiple restore options
When you think about restoring from a disaster, you may believe that so long as you have a version of your data somewhere, you are secure. In reality though, your recovery time objective can be greatly impacted by the different options available to you after a disaster. A disaster recovery plan with multiple options for virtualization, restoration and data access is an absolute must.
You may have heard the term “virtualization” before. Being able to virtualize your server either on a physical device at your location or in the cloud simply means that you have a temporary solution that will keep your business up and running while you resolve whatever issue corrupted your data, server or situation in the first place.
A catastrophic hardware failure can put your business down for hours, sometimes days. Rushing that process up can incur huge costs as well: rush delivery, emergency dispatch etc. In the event of a hardware failure, a virtual copy of your last backup can be spun up. Once completed, you can resume working swiftly. This quick recovery allows you to deal with hardware replacements, scheduling and budgets in an organized fashion.
A top tier solution will provide you with onsite virtualization and an option to virtualize in the cloud. Cloud virtualization is not as quick and can produce some lag time. Nonetheless, in the event your backups are stolen or disaster strikes your building (fire, flood etc.) – the ability to spin up and virtualize data from the cloud means that your business is not at a standstill.
Find out what type of support a vendor provides for disaster recovery plans.
Your company does not want to struggle to get their files restored. You can’t wait hours and hours to restore a file you accidentally deleted. Don’t wait for hours to hear back on the status of a data restore. Your IT partner should understand the solution they are providing and be able to work with you directly. Cut out the intermediary. Ensure your vendor monitors all the warranties, all the software support calls, and all monitoring; ensuring your backups are humming all day every day – as they should be.
Don’t trust just any business continuity or disaster recovery plan solution.
There are literally hundreds of options out there for Disaster Recovery. A quick Google search will give you pages of results. Comparing them is mind numbing, and if we are being honest . . . who takes the time to do all that? Your first step is to find an IT partner that you trust. Check their references. See if they have case studies to show how a disaster recovery functions with the product. Ask for a demonstration of the product. This is serious stuff and you need to trust the hands maintaining and protecting your data.
The post 5 Critical Components Any Professional Disaster Recovery Plan Must Have appeared first on Andromeda Technology Solutions.5 Cyber Security Features/Protocols Your Business Needs To Protect Against Scammers, Hackers & Cyber Criminals Jul 31, 2020
Sometimes it sounds like the news and cyber experts are on loop or a broken record. Every day there is a new report about cyber security, threats and the like. But while these stories and warnings may start to seem like white noise in the background, the threats are still here and they are very real.
The upside of all of this coverage and conversation is that business owners are wising up and with the topic of cyber security taking center stage, users and business owners alike are being more proactive when it comes to protecting and educating themselves.
In the spirit of education we’d like to dive a little deeper into 5 features/protocols you can set up at your office to beef up your IT Security.
Top 5 Cyber Security Features/Protocols
Multi Factor Authentication
This feature is nothing new but it is becoming more and more common across all kinds of accounts. Financial services, email, social media and other applications/accounts are making use of multi or dual factor authentication. Essentially you have a password and second form of identification to prove your identity. Sometimes this is a randomly generated code – think Facebook’s code generator.
Another type of multi or dual factor authentication uses biometric data for identity verification. Things like a fingerprint or a retina scan are examples of this type of security measure. In fact, last month we took a look at biometrics, integrated security and banking applications – read more about that.
An Employee Training Program
Statistically over 80% of all breaches and intrusions occur after an employee error. Clicking a link in an email, downloading a malicious file, visiting an infected website . . . there are so many ways this can happen and most of the time it isn’t intentional either. The best way to prevent this from happening is an ongoing security program for yourself and employees. A good program will have a varied focus: compliance standards for personal and customer info (commonly known as pii or personally identifiable information), strategies for recognizing and avoiding email scams, proper security protocols for best practices at the office and more. In 2017 Andromeda recognized this need and released our PII Protection/Cyber Security Training Program. See full details here.
Business Grade Firewall
A good firewall is your first defense against intrusion. With proper intrusion detection and intrusion prevention settings you arm yourself against cyber criminals and hackers. On top of that, a business grade firewall solution is an important piece of hardware when you want to set up public and private networks. You definitely don’t want guests at your building or passersby accessing company documents or networks because of low cyber security protocols.
Regularly Scheduled Updates/Patching
New viruses and threats hit the market every day. On top of that, hackers and criminals discover new vulnerabilities almost as fast as developers can protect against them. This is why keeping up to date and on top of patching and updates is so important. For instance, the WannaCry virus everyone heard so much about this year took advantage of a vulnerability that had already been addressed by a Windows patch. If companies had proactively updated and maintained their updates/patches, they wouldn’t have been as vulnerable to an attack.
This ties into both firewall protocols and employee training but of course, the fewer random emails that make it into your employee inboxes, the fewer links and files you need to worry about employee’s (or even yourself) clicking on. A professional spam tool can be configured to your liking and can do a whole lot to prevent content from making it to those that might accidentally infect your network. See the photos below for a few examples of emails we protect customers from on a daily basis.
As always, Andromeda is here to help you protect yourself and your business from these ongoing threats. Take the first step today and sign up for a cyber security audit with our team of experts.
The post 5 Cyber Security Features/Protocols Your Business Needs To Protect Against Scammers, Hackers & Cyber Criminals appeared first on Andromeda Technology Solutions.Hackers Used Windows Theme Packs To Hack Passwords Sep 16, 2020
Are you a fan of customizing your Windows experience via themes? If so, you're not alone. While it's true that themes aren't used by a majority of Windows users, they're still highly popular.
If you're creating your own themes, you don't have anything to worry about. The danger lies in downloading theme packs from others, especially if you get them from a source you don't know and trust implicitly.
Clever hackers can now create "poisoned" themes that can be used to steal Windows credentials. Security researcher Jimmy Bayne discovered the new flaw when he stumbled across a poisoned theme capable of tricking unsuspecting users into accessing a remote SMB share that requires authentication.
When the user attempts to access the remote resource that requires a login, Windows responds by automatically trying to log in, using your Windows user name and their hashed password. Naturally, the hacker sets up the attack so that they control the remote resource and thus, is able to harvest the credentials and dehash the password at their leisure.
Microsoft has spent the last few years migrating away from local Windows 10 accounts and is leaning more heavily on the Cloud. This makes the theme-based attack much more likely to succeed.
Even worse, Microsoft has expressed no interest in fixing this particular flaw, because according to a spokesman for the company, it's working exactly as it is supposed to. That puts regular theme users in something of a bind.
Your first best defense against this type of attack is to make any themes you want to use yourself, or if you download a theme pack, be sure you're getting it from a trusted source.
Barring that, your only other viable option is to block or re-associate the .theme, .themepack, or .desktopthemepackfile extensions to a different program. This approach, however, will break the theme functionality, so it can only be used by those who don't need to frequently switch from one theme to another.
It's not a common attack, but it's definitely something to be on guard against.