What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Schaumburg, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
3 Critical Steps You MUST Take To Avoid Ransomware Feb 28, 2020
Ransomware usually takes advantage of outdated patches and software licenses. Infected computers and business owners risked losing critical data if they didn’t pay the ransom.
While the specifics of future cyber security attacks are uncertain, we know some things for sure. Proper protocol is CRITICAL for data security and the safety of your business.
Ransomware: The Numbers **
- Almost 50% of Small Businesses have experienced some form of cyber attack
- MORE than 70% of attacks target Small Business
- As many as 60% of small businesses that experience a data breach go out of business within 6 months.
These numbers are scary. Cyber security demands the attention of business owners globally and the efforts of hackers/cyber criminals are only increasing. These criminals want your money and they don’t care about the damage left behind.
That being said, there is hope and there are measures you can take to prevent your business from becoming a victim of ransomware.
3 Security Protocols You MUST Implement Immediately For The Safety Of Your Data, Your Business AND Your Wallet . . .
- Update ALL Microsoft Licenses & Maintain Up To Date Security Patching –Cyber criminals are no dummies. WannaCry and other viruses like it take advantage of out of date licenses. Too often, business owners sacrifice the security of their network because they don’t want to go through the grief of updating to the latest Microsoft License. Andromeda recommends updating ALL PC’s to Windows 10 and, more importantly, make sure you perform regular patch and security updates.
- Test & Verify ALL Data Backups – When is the last time you tested and verified your backups? Are you backing up your data at all? How long would it take your current IT provider to get you back up in running in the event of a disaster (virtualization time)? It is a FACT . . . you will be hit by some form of ransomware, malware or virus. The real question becomes, do you have the protocols in place to defend and beat the attack? One of the most important things you can do to safeguard yourself is perform regular backups. (We recommend daily at a minimum). A cybercriminal can’t hold your data hostage if you follow this simple practice. AND – don’t accept a verbal confirmation your data continuously remains backed up as proof. Your IT partner should provide you regular, real time, proof that your data is backed up securely and that it can be visualized in an agreed upon length of time. If your IT provider can’t give these stats and proofs to you, time to find a new partner.
- Educate Your Team On How These Attacks Work And Where They Come From – Every office has that one employee that will click on ANYTHING (hopefully it isn’t you). Continued education is one of the first lines of defense against these attacks. Employees should know:
- What to look out for
- What phishing scams look like
- What to do when they suspect an email or link is suspect
- NEVER to check personal email at work
Proper spam filters set by your IT group should prevent the majority of these emails from getting to your inbox. However, it only takes ONE CLICK and an entire network is infected before you know what happened.
Ransomware Prevention constantly changing, be sure to stay on top of newest trends
When all is said and done, cyber security is an everyday battle. Hackers and criminals will keep attacking until you don’t have something they want. These 3 Security protocols are only the tip of the iceberg and should be part of a multiphase approach implemented by your internal staff and your IT partner. If you have any questions, please reach out to a representative at Andromeda today.
**Statistics sourced from the National Cyber Security Alliance
The post 3 Critical Steps You MUST Take To Avoid Ransomware appeared first on Andromeda Technology Solutions.5 Critical Components Any Professional Disaster Recovery Plan Must Have May 29, 2020
We hear a whole lot about ransomware and cyber criminals these days. Andromeda helps our clients combat most data breaches with multi-tiered security solutions and employee training. But, every business is still vulnerable to incident. That is why a full proof and dependable Disaster Recovery & Business Continuity plan is an essential. Before you hit the world wide web searching for DR solutions and backup plans, take a look at these 5 critical components any professional disaster recovery plan must have.
Your disaster recovery plan should consider appropriate business continuity variables.
Disasters happen; they come in many shapes and sizes. Server crashes, accidental file deletion, physical disasters such as fire or flood and the increasingly common ransomware or malware infection are all scenarios.
You must ask two important questions yourself in regards to business continuity:
- How much time can pass between recovery points, ie: how much data can you afford to lose; this is commonly known in Business Continuity as RPO – Recovery Point Objective
- How much time can pass between the disaster and recovery, ie: how much time can you afford to lose; this is commonly known in Business Continuity as RTO – Recovery Time Objective
Ideally, your RPO and RTO are as low as possible.
A good Disaster Recovery Plan will consider these factors and have various options for restoring files, folders or even whole servers. On top of that, it is important that these options take into account minimalizing data loss and interruption.
Data should be stored both locally and offsite.
Many people have an easy time seeing the value in the offsite backup. Whether that’s tape drives taken offsite daily, external USB drives treated the same, or data sent to the cloud for storage, it carries with it a feeling of great comfort knowing that “if the building burns down” the data is still safe.
What few realize is what we mean when we speak about downtime, for incidents that are not quite as catastrophic as a burning building. In those cases, it can take an unacceptable amount of time to get your hands on that offsite backup or to download an entire server from the cloud.
With a Disaster Recovery Plan option that offers backups both locally and offsite (cloud based), you are able to restore large quantities of files and entire server images quickly. Your onsite device should also have the capability to virtualize as a temporary server in the event your main server crashes.
Find a disaster recovery plan option that provides multiple restore options
When you think about restoring from a disaster, you may believe that so long as you have a version of your data somewhere, you are secure. In reality though, your recovery time objective can be greatly impacted by the different options available to you after a disaster. A disaster recovery plan with multiple options for virtualization, restoration and data access is an absolute must.
You may have heard the term “virtualization” before. Being able to virtualize your server either on a physical device at your location or in the cloud simply means that you have a temporary solution that will keep your business up and running while you resolve whatever issue corrupted your data, server or situation in the first place.
A catastrophic hardware failure can put your business down for hours, sometimes days. Rushing that process up can incur huge costs as well: rush delivery, emergency dispatch etc. In the event of a hardware failure, a virtual copy of your last backup can be spun up. Once completed, you can resume working swiftly. This quick recovery allows you to deal with hardware replacements, scheduling and budgets in an organized fashion.
A top tier solution will provide you with onsite virtualization and an option to virtualize in the cloud. Cloud virtualization is not as quick and can produce some lag time. Nonetheless, in the event your backups are stolen or disaster strikes your building (fire, flood etc.) – the ability to spin up and virtualize data from the cloud means that your business is not at a standstill.
Find out what type of support a vendor provides for disaster recovery plans.
Your company does not want to struggle to get their files restored. You can’t wait hours and hours to restore a file you accidentally deleted. Don’t wait for hours to hear back on the status of a data restore. Your IT partner should understand the solution they are providing and be able to work with you directly. Cut out the intermediary. Ensure your vendor monitors all the warranties, all the software support calls, and all monitoring; ensuring your backups are humming all day every day – as they should be.
Don’t trust just any business continuity or disaster recovery plan solution.
There are literally hundreds of options out there for Disaster Recovery. A quick Google search will give you pages of results. Comparing them is mind numbing, and if we are being honest . . . who takes the time to do all that? Your first step is to find an IT partner that you trust. Check their references. See if they have case studies to show how a disaster recovery functions with the product. Ask for a demonstration of the product. This is serious stuff and you need to trust the hands maintaining and protecting your data.
The post 5 Critical Components Any Professional Disaster Recovery Plan Must Have appeared first on Andromeda Technology Solutions.New Malware Maker Got Past Apple Security Sep 09, 2020
Apple has been historically very good at keeping malware out of their app store, and they're constantly improving their security protocols on that front. In fact, since February of this year (2020), all Mac software distributed outside of its Mac App Store must be notarized by Apple. The developers must demonstrate that their products are capable of running on macOS Catalina and above.
Any software developed for macOS goes through a multi-stage approval process, with the first step being automated. It is designed to scan software for code-signing issues and malicious components. Assuming the submitted code passes through this security checkpoint, the apps are put on the macOS Gatekeeper list. The list signifies that they've been scanned and it has been determined that they don't pose a security risk.
While this process was designed to give users greater peace of mind, it's not bullet proof, as Peter Dantini recently discovered. He found notarized Shlayer adware installers that were being distributed through a variety of fake websites. These installers could run on any machine using macOS Catalina without being auto-blocked when they tried to launch.
The worst part about this is the fact that since these installers bear Apple's "seal of approval," users are bound to trust them without question, which means that the malware developers' payloads can spread like wildfire through the Apple ecosystem.
Legendary security researcher Patrick Wardle confirmed all of the above and reported it to Apple direct. Apple tends to take reports from Mr. Wardle seriously, and the company responded immediately by revoking those certificates. That means that any installation attempts will be auto-blocked by Gatekeeper.
Unfortunately, it appears that the Shlayer campaign is still ongoing, the hackers having simply shifted gears and are now serving new payloads, notarized on the same day that Apple revoked the initial sample's certificates.
As Patrick Wardle notes:
"Both the old and 'new' payload(s) appears to be nearly identical, containing 'OSX.Shlayer' packaged with the Bundlore adware. However the attackers' ability to agilely continue their attack (with other notarized payloads) is noteworthy.
Clearly, in the never-ending cat & mouse game between the attackers and Apple, the attackers are currently (still) winning."
Indeed. Best of luck to Apple, and if you're a mac user, stay safe out there.