What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Service Coordinator(SC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Rosemont, IL Businesses:
What A Few Of Our Clients Have To Say
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
5 Critical Components Any Professional Disaster Recovery Plan Must Have Jul 03, 2017
We hear a whole lot about ransomware and cyber criminals these days. Andromeda helps our clients combat most data breaches with multi-tiered security solutions and employee training. But, every business is still vulnerable to incident. That is why a full proof and dependable Disaster Recovery & Business Continuity plan is an essential. Before you hit the world wide web searching for DR solutions and backup plans, take a look at these 5 critical components any professional disaster recovery plan must have.
Your disaster recovery plan should consider appropriate business continuity variables.
Disasters happen; they come in many shapes and sizes. Server crashes, accidental file deletion, physical disasters such as fire or flood and the increasingly common ransomware or malware infection are all scenarios.
You must ask two important questions yourself in regards to business continuity:
- How much time can pass between recovery points, ie: how much data can you afford to lose; this is commonly known in Business Continuity as RPO – Recovery Point Objective
- How much time can pass between the disaster and recovery, ie: how much time can you afford to lose; this is commonly known in Business Continuity as RTO – Recovery Time Objective
Ideally, your RPO and RTO are as low as possible.
A good Disaster Recovery Plan will consider these factors and have various options for restoring files, folders or even whole servers. On top of that, it is important that these options take into account minimalizing data loss and interruption.
Data should be stored both locally and offsite.
Many people have an easy time seeing the value in the offsite backup. Whether that’s tape drives taken offsite daily, external USB drives treated the same, or data sent to the cloud for storage, it carries with it a feeling of great comfort knowing that “if the building burns down” the data is still safe.
What few realize is what we mean when we speak about downtime, for incidents that are not quite as catastrophic as a burning building. In those cases, it can take an unacceptable amount of time to get your hands on that offsite backup or to download an entire server from the cloud.
With a Disaster Recovery Plan option that offers backups both locally and offsite (cloud based), you are able to restore large quantities of files and entire server images quickly. Your onsite device should also have the capability to virtualize as a temporary server in the event your main server crashes.
Find a disaster recovery plan option that provides multiple restore options
When you think about restoring from a disaster, you may believe that so long as you have a version of your data somewhere, you are secure. In reality though, your recovery time objective can be greatly impacted by the different options available to you after a disaster. A disaster recovery plan with multiple options for virtualization, restoration and data access is an absolute must.
You may have heard the term “virtualization” before. Being able to virtualize your server either on a physical device at your location or in the cloud simply means that you have a temporary solution that will keep your business up and running while you resolve whatever issue corrupted your data, server or situation in the first place.
A catastrophic hardware failure can put your business down for hours, sometimes days. Rushing that process up can incur huge costs as well: rush delivery, emergency dispatch etc. In the event of a hardware failure, a virtual copy of your last backup can be spun up. Once completed, you can resume working swiftly. This quick recovery allows you to deal with hardware replacements, scheduling and budgets in an organized fashion.
A top tier solution will provide you with onsite virtualization and an option to virtualize in the cloud. Cloud virtualization is not as quick and can produce some lag time. Nonetheless, in the event your backups are stolen or disaster strikes your building (fire, flood etc.) – the ability to spin up and virtualize data from the cloud means that your business is not at a standstill.
Find out what type of support a vendor provides for disaster recovery plans.
Your company does not want to struggle to get their files restored. You can’t wait hours and hours to restore a file you accidentally deleted. Don’t wait for hours to hear back on the status of a data restore. Your IT partner should understand the solution they are providing and be able to work with you directly. Cut out the intermediary. Ensure your vendor monitors all the warranties, all the software support calls, and all monitoring; ensuring your backups are humming all day every day – as they should be.
Don’t trust just any business continuity or disaster recovery plan solution.
There are literally hundreds of options out there for Disaster Recovery. A quick Google search will give you pages of results. Comparing them is mind numbing, and if we are being honest . . . who takes the time to do all that? Your first step is to find an IT partner that you trust. Check their references. See if they have case studies to show how a disaster recovery functions with the product. Ask for a demonstration of the product. This is serious stuff and you need to trust the hands maintaining and protecting your data.
The post 5 Critical Components Any Professional Disaster Recovery Plan Must Have appeared first on Andromeda Technology Solutions.Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have Jul 06, 2018
Securing your data and your network is a bigger job in 2018 than it has been in years past – and if you’re looking at trends or the news, you can probably guess that network security is only going to get more important and cumbersome in the future.
Cybersecurity is now a common household term and that’s a good thing. The page has been turned on data security and people regularly recognize that we need to protect ourselves both personally and professionally from cyber crime and related threats.
To illustrate where the cybersecurity and cyber crime industries are moving here are a few stats (full article here):
- Cyber crime damage costs are predicted to hit $6 trillion annually by 2021
- Cybersecurity spending to exceed $1 trillion by 2021
- Global ransomware incidents are predicted to hit a rate of one attack every 14 seconds by 2019
The threats to data and networks are clearly going nowhere so it is important that you have a plan in place to protect your business (and yourself).
Different software applications and hardware solutions are designed to address specific security concerns. This means that while one solution may give you complete protection from one threat, it may not be suited to protect you from another.
The solution for these weak points is to ‘layer’ your security and design a solution that covers and protects your network to the best of its abilities.
What You Should Expect From A Layered Network Security Solution
A good layered security solution for your network is going to include the following components:
1. Professional Firewall Solution –
Your firewall is designed to help protect your network from external threats. It does this by blocking access to your network while allowing your users to communicate outside of the network. While a firewall is a great way to protect your network from intrusions, it can only protect your system from outside activity. A firewall cannot prevent one of your users from giving unauthorized permissions or access to programs or other users.
2. Professional Antivirus Software –
Antivirus software is a standard security solution designed to detect and block malware, viruses and other bugs from taking action against your network. An antivirus solution typically depends on a predefined catalog of known issues. The software uses this catalog to block those known issues from impacting you. The issue with this is that new viruses, malware, spyware and bugs are produced daily. If your solution is not actively updating and monitoring the internet for new incidents, it won’t be able to protect you from new threats in real time. Antivirus solutions also cannot always block a user from disregarding a warning and downloading a bad file/clicking on a bad link.
3. Email Spam Prevention/Filters –
Spam is more than just an annoying thing filling up your inbox. A majority of viruses and bugs that get through your firewall/antivirus do so by hiding in email messages. Cyber criminals know that if they send enough emails, somebody is going to click a bad link or download a compromised attachment. By filtering out spam, you dramatically decrease the opportunity for someone to accidentally introduce a virus to the network. Again though, spam filters don’t catch everything so they cannot prevent a user from making a mistake.
4. DNS Filtering/Protection –
DNS stands for Domain Name System. This piece of your network controls email delivery and is the component that allows you to browse websites. When configured, a DNS filter can prevent your employees from accessing specific types of sites. For example, a DNS filter can be set up to prevent employees from accessing social media or other blacklisted sites. This security also helps keep malware or other viruses from spreading throughout your network by masking your devices and server. This is one element of your network security that isn’t heavily impacted by regular users but if it is not set up properly and managed properly it can’t protect you from much.
5. Employee Training & Education –
You may have noticed that almost any of the security layers mentioned above have specific strengths and weaknesses. Additionally, each component had a weakness related to human or user error. The fact is that users and honest mistakes are the root cause of the majority of data breaches, viruses, downtime and incidents on your network. That doesn’t mean your employees and coworkers are intentionally breaking protocol or doing things wrong. Most of the time these are honest mistakes like clicking a link in an email, downloading a file with a hidden virus or visiting an infected/malicious site and unknowingly giving cyber criminals usernames & password information.
And That’s Just The Beginning…
These are just five common pieces of a layered network security setup. They all work together to help cover different vulnerabilities and behaviors. There are many other software and hardware solutions that can increase your layered network security and reduce vulnerability. Some of those include:
- Dark Web Monitoring Services
- Dual Authentication
- Password Management
- Data Backups
- Disaster Recovery Planning
- Scheduled & Regular Patches/Updates
- Security Protocols for Remote Devices
- Network Security Assessments (at least once a year)
The most important part to a successful layered network security setup is to take your individual needs and environment into account. There is no ‘One Size Fits All’ solution and there is no one solution that is going to guarantee 360 protection for your network. Be wary of any vendor who tries to sell you something like that.
The goal should be to protect your environment to the best of anyone’s ability and to educate/train your staff adequately to mitigate risk.
You will also want to make sure and take any specific compliance requirements or regulations for your industry into account. Most any business that has data needs to maintain certain standards for data protection.
To discuss any of the layers for a layered network security solution listed above or your environment please reach out to our team.
For more information on employee data security training go here.
The post Layered Network Security: 5 Components Every Layered Security Solution Should Have & Why Employee Training Is A Must Have appeared first on Andromeda Technology Solutions.Malware Stealing Usernames And Passwords At Alarming Rates Mar 18, 2019
Much discussion has been had about the fact that hackers are becoming increasingly sophisticated, and their methods ever-increasing in their complexity.� While that's certainly true, more complex isn't always better.
Take, for example, the malware called Separ, which is a credential-siphoning bit of code, first detected in late 2017.
Separ has benefitted from ongoing development by the hackers controlling it, but what sets it apart from other malware strains is that it's almost deceptively simple, and that simplicity is a big part of its success.
The program is surprisingly good at evading detection, thanks to clever use of a combination of short scripts and legitimate executable files that are commonly used for completely benign purposes. This allows them to blend in and be utterly overlooked by most detection routines.
The most recent iteration of the software is embedded in a PDF.� When an unsuspecting user clicks to open the file, Separ runs a chain of other apps and file types commonly used by System Admins.� The initial double click runs a simple Visual Basic Script (VBS), which in turn, executes a batch script.
The batch script sets up several directories and copies files to them. Then it launches a second batch script, which opens a decoy image to high command windows, lowers firewall protections, and saves the changes to an 'ipconfig' file.
Then, it gets down to its real work, again, relying on completely legitimate executables to collect passwords and move them to the hackers' command and control server.
According to Guy Propper, (the team lead of Deep Instinct's Threat Intelligence group):
"Although the attack mechanism used by this malware is very simple, and no attempt has been made by the attacker to evade analysis, the growth in the number of victims claimed by this malware shows that simple attacks can be very effective. The use of scripts and legitimate binaries, in a 'living off the land' scenario, means the attacker successfully evades detection, despite the simplicity of the attack."
Be sure your IT staff aware.� It's not always the most complex forms of malware that can get you.