What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Streamwood, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
3 Ways Data Encryption Can Save You From Unnecessary Stress, Spending & Headaches Jul 03, 2020
When you think of data encryption, you might imagine top-secret files and espionage. Historically, militaries and governments protected messages and sensitive information using encryption. These days encryption has many more uses. With hackers and cyber criminals constantly after your data, it is important that you make use of this security measure.
Encryption is defined as scrambling data or text to make it unreadable. This protects stored data and personal information from displaying to those without a proper clearance or key to decode that information. There are all kinds of pieces of information you have on file that a disgruntled employee or criminal could make use of:
- Home addresses
- Email Addresses
- Drivers Licenses
- Credit Card information
- Social Security Numbers
- Date of birth
- Medical history or records
- Financial information – routing numbers, account numbers etc.
Depending on your industry, this information may be subject to state and federal regulation, hefty fines and, in cases of negligence, even jail time (we’re talking hundreds of thousands of dollars). Businesses close their doors over this stuff.
While employee training and proper cyber protocols are great at protecting you and your business from user error and data breach – encryption is an added layer of security every business benefits from.
3 Ways Data Encryption Can Save You From Unnecessary Stress, Spending & Headaches
- Encryption Saves Your Reputation – More and more employees are working on the go. With employees working from home, sales staff in the field and the hustle and bustle of every day, you don’t want to hold your employees back or decrease productivity by preventing devices from leaving the office.But imagine your employee runs into the neighborhood Starbucks and leaves their company laptop in their front seat. While they are ordering their venti latte, a criminal breaks into their car and steals their belongings – your laptop included. Now you’re out the hardware but more importantly, you have a criminal at large with sensitive data. If this data has any sensitive personally identifiable information (PII) on it, you are required to report the incident.Do you want your customers losing valuable trust in your company? In fact, this fear of reputation damage is the reason that three out of every four victims to ransomware, data breach or cyber-attack do not report the incident.Think back to 2013 when 41 million people found out Target compromised their sensitive data. You’d probably think twice about shopping there again if you were one of them. If the stolen laptop had been encrypted, you wouldn’t have to report an incident. The criminal would have no way of deciphering any data on the equipment.
- Encryption Keeps Designated Information Private – Let’s bring this example back into your office for a moment. Even if you don’t keep sensitive customer information on file or process credit cards. You have personal information for employees on file: Performance reviews, social security numbers, salary information and more. You don’t need a hacker or even a disgruntled employee gaining access to these records.With encryption you can ensure that even if an employee accidentally or intentionally stumbles into an area they shouldn’t be, they can’t make sense of any of that information.
- Encryption Can Save You From The Unexpected – Whether a device goes missing from the office, you can’t risk having sensitive information at large. Your reputation aside, as mentioned earlier, these types of breaches can result in very large fines, prosecution and years in prison. Nobody needs that on their mind every night. With encryption, you can rest easy that even in the wrong hands your data can’t be manipulated or exposed.To take this a step further, certain encryption management tools have the ability to remotely disable and even wipe devices. This comes in handy in all of the examples we have described. Then, not only is the information on your device useless, but after your IT company takes necessary steps, the device shows nothing but the “blue screen of death”.
Encryption is a powerful tool. It is an incredibly useful piece of your cyber security and data protection plan. It is important that you protect sensitive information. Even if you don’t want to believe it, there are criminals out there that would wreak havoc with the data if given the chance.
For more information on our encryption software and other cyber security training, protocols and plans, give us a call at (815) 836-0030.
And be sure to explore our Security Training Program. Over 80% of data breaches are a result of human error and the first step to prevention is education.
The post 3 Ways Data Encryption Can Save You From Unnecessary Stress, Spending & Headaches appeared first on Andromeda Technology Solutions.Guidelines & Tips for Employees Working Remotely Mar 30, 2020
Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. For example, if an employee-owned device (laptop, PC, etc.) is infected, that could compromise your business network as well.
We’ve developed a list of guidelines and tips to assist you as you prepare to work from home in a safe, functional work environment. Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information.
Guidelines & Tips
- Ensure that you have the ability to lock your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when necessary. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a VPN to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone but yourself use company-owned devices or personal devices used for business purposes
- Use strong unique passwords on all your devices and accounts to prevent unauthorized access
- Change default Wi-Fi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your local router firmware is up to date
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public Wi-Fi. Never use public Wi-Fi to send sensitive information without a VPN
- Ensure all personal devices are secure with company-provided or personally owned antivirus and anti-malware software company
- Updated IoT device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
- Ensure the software on all devices within your home network are kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
- Review and follow corporate Bring Your Own Device (BYOD) and other relevant policies and procedures
- Remote Work Employee Awareness
- Be extremely cautious of email phishing scams
- Limit social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
We provide this list of guidelines to assist you as you work from home. These tips are meant to facilitate a safe, functional work environment.
Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information. We are always here to assist in your transition in any way possible. Give us a call to pick up this conversation today (815) 836-0030 or email us.
The post Guidelines & Tips for Employees Working Remotely appeared first on Andromeda Technology Solutions.Hackers Attacking Exchange Servers In New Warning From Microsoft Jul 03, 2020
Recently, Microsoft's Defender ATP Research Team issued guidance relating to defending against attacks that target Exchange servers.
They are coming under increasing attack based on the latest Microsoft statistics, which show a marked increase in the use of web shells on on-premises Exchange servers.
The company is currently tracking multiple ongoing attacks, some of which are using fileless techniques. That adds an additional layer of complexity when it comes to detecting and preventing attacks.
According to the advisory issued by Microsoft, the recent campaigns:
"...exploit a remote code execution vulnerability affecting the underlying Internet Information Service (ISS) component of a target Exchange server.
...This is an attacker's dream: directly landing on a server and, if the server has misconfigured access levels, gain system privileges...In many cases, after attackers gain access to an Exchange server, what follows is the deployment of web shell into one of the many web-accessible paths on the server."
Web shells are versatile, highly customizable tools hackers deploy on compromised servers to not only gain, but also to maintain their access. They are used to remotely execute arbitrary commands and code, deliver a wide range of malicious payloads and to move laterally within the network to other devices.
Microsoft said that the most recent spate of attacks are specifically targeting vulnerabilities like CVE-2020-0688. If there's a silver lining to be found, it lies in that there are already security patches available that protect against the most commonly used exploits in the recent string of attacks.
Unfortunately, those patches are unevenly applied across the Enterprise landscape, which leaves a significant percentage of corporate Exchange servers vulnerable to attack. Based on the latest company statistics released at the time this piece was written, although the patch has been available for some weeks, 82.5 percent of all Exchange servers were as yet unprotected. If yours is among that number, the fix is easy.