What Is An Andromeda C‑CAT?A C‑CAT (Client-Centric Action Team) is a dedicated team that includes one or more two Remote Service Techs, and one or more IT Field Techs whose activities are curated by a Account Coordinator(AC)—each specifically appointed to service your organization. With cat-like reflexes and precision, your Andromeda C-CAT will pounce on any IT issue, upgrade, or project. It's really the cat's meow for your IT needs!)
Professional IT Services that Andromeda Provides for Willowbrook, IL Businesses:
What A Few Of Our Clients Have To Say
Andromeda IT Service Offerings
Here is just a quick list demonstrating the breadth of IT services you can expect from Andromeda:
AndroPedia Tech Library
As part of our service, it is important to keep our client-partners well informed on IT developments, news, and best practices. Here is just a sampling of typical items from our AndroPediaSM library archive:
Stop These 3 Hazardous File Sharing Habits Yesterday! Jan 03, 2020
File sharing is an essential portion of any business. It is the way we get information from one person to another. BUT, it can also be the way hackers gain access to your sensitive information – files or, worst of all, confidential data.
If you’re using Dropbox, OneDrive, Google Drive, or other consumer-grade file sharing and cloud sync applications – or if you depend on file sharing of any kind to run your business (hint . . . you do)- listen up!
Here are 3 habits you should break yourself and your staff of immediately.
Top 3 File Sharing Habits to Break
1) Using Consumer Grade Solutions . . .
Consumer grade solutions are just that . . . consumer grade. You aren’t a ‘consumer’, you’re a business owner with sensitive data to protect. With more and more employees/businesses depending on BYOD (Bring Your Own Device) as well as the ability to access files any time & any place, it is important that your file sharing system is professional grade. Look for enterprise grade security options like SSL Encrypted Transfer, Firewall Protection, Password Protection and Virus Scanning.
2) Emailing Files Without Proper Encryption . . .
You may not care if a hacker gets a hold of your grocery list or photos of the family dog, but when it comes to confidential data such as financial statements, medical records or other sensitive materials, it is safe to say you cannot afford criminals sniffing through your files. For this reason, NEVER send files via email without proper encryption. Business grade email and proper practices can nip this in the butt. You’d be amazed how many files fall into the laps of cyber criminals this way though.
3) Using Flash Drives…
You spend time and hard earned resources to protect your network from outside threats . . . only to destroy everything when you innocently plug in an infected flash drive you picked up innocuously enough at a trade show. Flash drives bypass security systems you have in place and may run automatically without being checked for infection by your antivirus solution. If you must continue using flash drives . . . at a minimum update your antivirus to prohibit autorun and mandate scans to all USB-attached devices when plugged into your PCs.
The post Stop These 3 Hazardous File Sharing Habits Yesterday! appeared first on Andromeda Technology Solutions.Guidelines & Tips for Employees Working Remotely Mar 30, 2020
Working remotely, whether short-term or permanent comes with many perks, but it also poses many new risks for the security of your organization’s data. For example, if an employee-owned device (laptop, PC, etc.) is infected, that could compromise your business network as well.
We’ve developed a list of guidelines and tips to assist you as you prepare to work from home in a safe, functional work environment. Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information.
Guidelines & Tips
- Ensure that you have the ability to lock your devices (laptop, PC, etc.) and any business relevant information when not in use. Cable locks for laptops should be used when necessary. Laptops and devices should be locked out of sight and/or in the trunk if it must be left in a vehicle unattended
- Avoid using your personal devices for work-related business
- Safely perform conversations without visitors eavesdropping or shoulder surfing, especially while working in a mobile setting, such as a coffee shop
- Protect the data you are accessing by using a VPN to log into the company network, and ensure you are protecting data visible on your screen with a screen protector. This is especially critical for employees who are required to be HIPAA compliant, PCI compliant, etc.
- Restrict the use of devices containing business-relevant information. Do not let family members, friends, or anyone but yourself use company-owned devices or personal devices used for business purposes
- Use strong unique passwords on all your devices and accounts to prevent unauthorized access
- Change default Wi-Fi Router passwords
- Enable WPA-2 or higher encryption
- Ensure your local router firmware is up to date
- Limit the use of public Wi-Fi. Always use a VPN when connecting to public Wi-Fi. Never use public Wi-Fi to send sensitive information without a VPN
Ensure all personal devices are secure with company-provided or personally owned antivirus and anti-malware software company
Updated IOT Device firmware (smart thermostats, surveillance cameras, etc.)
- Ensure default passwords are changed
Ensure the software on all devices within your home network is kept up to date (corporate laptop, IOT devices such as cameras and smart thermostats, personal laptops/tablets, etc.)
Review and follow corporate Bring Your Own Device (BYOD) and other relevant policies and procedures
- Remote Work Employee Awareness
- Be extremely cautious of email phishing scams
- Limit social media use
- Don’t reveal business itineraries, corporate info, daily routines, etc.
We provide this list of guidelines to assist you as you work from home. These tips are meant to facilitate a safe, functional work environment.
Note, this list is intended for guidance and information purposes only. If you have any questions regarding these tips, please reach out to your supervisor or IT provider for additional information. We are always here to assist in your transition in any way possible. Give us a call to pick up this conversation today (815) 836-0030 or email us.
The post Guidelines & Tips for Employees Working Remotely appeared first on Andromeda Technology Solutions.Paradise Ransomware Using Internet Query Files To Deliver Payload Mar 25, 2020
The Paradise ransomware is like a bad penny; it just keeps turning up.
The strain first appeared back in 2017, when it was spread far and wide via phishing emails. Then it seemed to fall out of favor for a while, and now, it's back again. Even worse, it's back with a new trick up its virtual sleeves. In its latest incarnation, it's still being spread via phishing emails.
Now, its controllers are leveraging interest in IQY (Query) files, which are text files read by Microsoft Excel to grab data from the internet. Given that fact, IQY is a completely legitimate file extension, so most organizations don't even think to block it.
The researchers at Lastline who discovered the latest campaign had this to say about it:
"We're seeing attacks using IQY files because many commodity security products and automated systems do not, or cannot, parse these file types. Attackers realize they have a very good chance of making it past rudimentary defenses."
The approach seems to be working as Paradise's phishing emails are being opened by unsuspecting users at an alarming rate. Of interest, the researchers found evidence in the code that this strain is still a work in progress. Consider this latest campaign to be a beta test for the redesigned code.
Lastline's researchers had something to say about that as well:
"Malware authors will often deploy malware that isn't quite ready for prime time yet - they want to see how successful early versions of a new campaign are and how detectable their malware is against security products."
As is the case with most ransomware, this one is designed to sniff out high value files, exfiltrate them to a command and control center, then encrypt everything and demand a ransom. As such, it has to be regarded as a genuine threat and is certainly one to keep a watchful eye out for.