Tag Archives: cybersecurity

The Secret Capabilities of Managed Network Monitoring – Pt 2

Manage Service, , , , ,
Speedcurve Performance Analytics Network Monitoring

Monitoring provides so much detail that it truly is the first step in network security

Welcome back to the second half of our two-part article on managed network monitoring. Last time, we talked about how network monitoring is one of the best-kept secrets in the cybersecurity along with how it can detect unauthorized access to your network and authorized connection with stolen login credentials. Join us again today as we pick up where we left off.

Signs of Employee Misconduct or Insider Espionage

Interestingly, network monitoring can use the same methods to catch the rare instance of an insider hacking job. This happens more frequently than you might think, but is more often disgruntled data vandalism or simple misconduct than organized movie-worthy corporate espionage. The trouble is that when the job is done from the inside, there is an authorized login with all the protections of a normal employee as the cause of a potential security breach.

However, to do anything shady, most disloyal employees will have to use their accounts to do their dirty work. The thing is, the normal behaviors for a job can also be recorded like a pattern. You don’t have to tightly watch an employee’s account (something that might run afoul of regulations) in order to flag when an account might be up to something.

Simply flag when an employee account accesses a file it has never or rarely accessed before. Or initiates a download in a restricted folder. You can even watch for the use of Print Screen when sensitive data is open on a computer. All without actually directly tracking a single account’s activity. Just the network itself.

Flagging Compromised Business Software

Recently, hackers have been getting better at finding and exploiting loopholes inside the software businesses are already using. This is done sometimes to slip through firewalls and anti-virus software. But it can also be used to turn your data-accessing programs against you. Your CRM program, for example, has firewall permission to access your database of sensitive client information.

It is then possible that a hacker could build a very sneaky piece of malware that was specially designed to slip onto your server and write a new routine that uses the CRM’s permissions to access and steal client information. You may, by now, see where we’re going here.

Network monitoring can be designed to recognize the exact way that your business software usually accesses protected data. With all the right authorization handshakes and keys swapped back and forth for security. So if a new routine in the same software initiates that skips the authorization handshakes but would have slipped past your CRM’s defenses, Network monitoring will raise the alarm.

In fact, that’s also why it’s great for patching detected vulnerabilities if a source patch is not available.

Detecting Hidden Malware

Finally, network monitoring does something that can save you from the fear of malware and ransomware lurking in your network. It can detect the illicit use of computer resources. You see, when a malware program slips onto your network through, say, a phishing email, it has to use a few computer resources. Even a very sneaky piece of malware needs little scraps of RAM and CPU to get anything done.

To watch your files, to wait for a network signal from its hacker, or to spread through your network in stealth-mode, it will need to use resources. And network monitoring can see that. Network monitoring can look at exactly what your computer is doing, behind the OS and all the things malware can use to hide itself from humans. And if there is a program running that wasn’t there before, if resources are being used in a pattern-defying way, or if one endpoint in a dozen supposedly-identical computers is using more resources, this is a sign of a hidden and lurking malware program.

Network monitoring is also effective at catching malware when it tries to engage in any network activity at all. If it tries to send collected data back to its hacker or to get a signal from the hacker, then network monitoring may spot activity leading to an unknown and unidentified program.

And if it tries to spread itself out onto your other devices throughout the business network, then network monitoring can notice an unusual and suspicious pattern of downloads and installations and trigger an alert state.

These are still only a few of the practical applications for network monitoring, and focuses only on cybersecurity. As you may be starting to see, network monitoring is one of the best-kept secrets in all of IT. It slices, it dices, and it can show you patterns — and breaks in patterns — for almost every detail of your business’s technical existence. And it the ideal way to catch a hacker at every single point of their attack. For more managed network insights or to set up managed network monitoring for your business, contact us today!

Backup Disaster Recovery and Proactive Workplace Strategies

Data Backup, , , , ,
20170504

Is your business as secure as it could be?

Nowadays, are enough businesses as secure as they could be? After all, even though many businesses do invest in protection and cybersecurity, they might not update it as regularly as they could. On the other hand, you also have companies who are too laid back and assume their business isn’t susceptible to threats. This is especially true when it comes to small businesses, who are often a much easier target for cybercriminals.

With that said, this is why you need to keep your business secure, and use risk management in the process as well. By definition, risk management is defined as the process of identifying, assessing and controlling threats to an organization’s capital and earnings. With that said, one of the biggest reasons that you need to remain secure in the workplace, is because threats can be very unpredictable. Even more so, it’s time to start taking a proactive approach in dealing with threats, as opposed to a reactive approach. If you’re not familiar with these terms, it’s time to look a little more into what they mean. On top of that, we’ll also look at one of the best proactive workplace strategies out there.

The Difference Between the Two

First of all, what is the major difference between proactive and reactive? For the former, you’re preparing for threats and taking action before anything even happens. With a reactive approach, on the other hand, you don’t take action until after a threat occurs. The latter is why so many businesses have their data compromised regularly. As a common business practice, you need to actively work toward taking action even before something occurs. With that said, here are some of the best proactive workplace strategies.

#1. Backup Disaster Recovery

One of the best proactive approaches to securing your business, is through backing up your data on a regular basis. Aside from using a USB flash drive, always make sure to invest in cloud computing as well. A storing method that backs up all data over the Internet, you don’t have to worry about the data on your hard drive. Besides, all your data is stored virtually. Not to mention you can access this virtual data via any device with an Internet connection.

By storing your data on a regular basis, you’re actively preparing for any incidents that could occur. Speaking of which, cloud computing is also important, because it’s a great backup disaster recovery method. As an example, let’s say that your computer became infected with ransomware or any virus which threatens your sensitive info. Despite the threat of losing all files on your hard drive, recovering all your data would still be a cinch. Just access a non-infected device, and open your virtual files from there. Having all files erased on your hard drive, means nothing if there are copies stored elsewhere. This is why a proactive approach is important, if a business owner was reactive in these situations, they would wait until they were infected before taking any action.

#2. Anti-Virus Software

Anti-virus software is also a proactive approach to dealing with threats and incidents in the workplace. Though complex in nature, how the software operates is as basic as it comes, easily neutralizing any threat that infects your computer. On top of that, anti-virus programs are also actively involved while you’re surfing the web, even giving you warnings about which websites are dangerous. McAfee has a feature that tells you turn back if you visit an unsuspecting website, and Kaspersky monitors the search results of each web browser. The safe websites are marked in green, and the dangerous sites have a red notification.

#3. Educating Your Employees

Considering that being proactive means that you’re actively involved in making sure threats are neutralized, it would also make sense that you educate your employees. That way, you’re keeping the business even more secure. It’s one thing if a business owner is preventing threats before they happen, which is definitely important. However, imagine the possibilities of every employee working from different angles to ensure the business is completely secure. It’s not just enough that you educate them, either, but make sure they are actively taking action.

Between backing up your data, the use of anti-virus software, and educating your employees, these are some useful tips that will lead to your business being more proactive. Don’t wait for the threats to come to come, but be prepared at all times.

For more information about backup disaster recovery, as well as other useful proactive workplace strategies in the workplace, feel free to contact us today at SystemsNet. We look forward to hearing from you, and assisting you in the best way possible.

3 Tips to Keep Viruses Away from Your Small Business Network

Anti-virus, Malware, Security, ,
Following a few basic principles and keeping up on the latest scams should generally keep you save from viruses.

Following a few basic principles and keeping up on the latest scams should generally keep you safe from viruses.

The problem with viruses is that the nature of the threat and the tactics of those who employ them change from year-to-year. Small business owners already have more on their plate than they can handle, so keeping up with the latest antivirus trends isn’t easy.

However, even if you’re not combing the Internet three hours a day to stay up-to-date on the latest virus tech news, if you follow a few basic principles, you can avoid many of the worst virus traps.

These three quick tips will help you adopt essential cybersecurity habits for your small business:

Tip #1: You Are Your Own Worst Enemy

Employees are typically the biggest threat to a business network. Most viruses gain entry because of an unwise action among your staff. Macros malware has had a come-back recently (see this Microsoft report, if you don’t believe me) because hackers now try to trick users into enabling macros.

Or employees open email attachments from unknown senders or click on links in emails that seem legitimate.

Most of it is common sense:

  1. Don’t enable macros unless your IT team is instructing you to do so.
  2. Never open attachments from a stranger. If someone you know sends you an attachment, but the email seems a little off — if you have even the slightest suspicion that maybe the person’s email was hacked — communicate with the person first and confirm it before opening the attachment.
  3. Never click on links in an email claiming to be from a company that is asking you to provide account information (log-in info, personal data, etc.) by clicking on that link.

For example, if you get an email claiming to be from Wells Fargo telling you to click on a link to reset your password because of an alleged security breach, don’t click on the link. If you’re truly concerned about it, follow these steps:

  • go to the bank’s website through your browser (not through any link in the email)
  • log into your account through the normal channels
  • check your account messages to see if there really is an issue

Apply this routine to any email telling you to click on a link. If it appears to be with a company you know — even if it looks legitimate — always log into your account the normal way and avoid the email link.

Another essential habit: keep your software up-to-date. The latest versions of software often have patches that fix holes in security. Neglecting to keep our systems up-to-date is yet another way we become our worst enemies.

Yes, these are basic principles, but sometimes the madness or exhaustion of work short-circuits our common sense. It’s good to be reminded of essential security habits.

Tip #2: Get Some Quick Training Under Your Belt

In a recent news story from May 2015, it was observed that small businesses often bear the brunt of hacker attacks: “According to Symantic’s Internet Threat Report examining trends for 2013, 30 percent of targeted cyber-attacks (called “spear-phishing”) were aimed at businesses with 250 or fewer employees. And one in five small businesses received at least one spear-phishing email during the year.”

If you’d like to get some thorough cybersecurity training tailored for small businesses but you don’t have much time, consider the U.S. Small Business Administration’s free online training course, which only takes 30 minutes to complete.

Tip #3: Be Aware of Unusual Scams

The fake IT phone call is the perfect example of an unusual scam. In a May 12, 2015 report, an ABC News station alerted the public to a scam in which an imposter claiming to be an IT person called individuals and asked for personal log-in information so that he or she could remotely remove a virus on their computer. Of course, the imposter described the alleged virus in apocalyptic terms to stir the person into a state of panic.

In the news report, Kathy Birr, the Director of Dispute Resolution for the Better Business Bureau, said this: “They gain your trust and scare you and convince you that there is a problem and they need to fix it fast.”

At SystemsNet, even our basic service package Vita comes with our top-notch anti-malware assistance and virus monitoring. Contact us for more helpful information about anti-virus practices for small businesses.

Eight truths about IT support that every business owner should know

Manage Service, , ,
IT support can do more for your business than just fix problems as they arise.

IT support can do more for your business than just fix problems as they arise.

For many business owners, IT personnel might as well not exist unless there’s a specific computer problem that needs an immediate solution. Once it’s fixed, the IT support folks can promptly withdraw from the scene, and business can carry on as usual.

However, there’s much more to IT support than just fixing problems as they pop up. The following are eight truths about IT support that every business owner should know:

  1. Your IT support should be proactive and not just reactive. IT support personnel can help you come up with ways to prevent problems from occurring; for example, they can regularly enhance your cyber-security plan and data backup measures.
  2. IT support can further your business goals. Your company’s productivity and the direction you want it to take depends in part on your IT infrastructure. If you discuss your business goals with your IT personnel, they can help ensure that your IT set-up lines up with what you need (and with enough flexibility to accommodate future changes).
  3. IT support personnel are human. Highly skilled and highly trained humans (hopefully), but still, only human and not magic robots. Often, solving a problem will take more than pushing a button or typing a single command. Although proactive measures reduce the risks of problems, there’s no such thing as a 100% problem-free work environment. The best you can hope for is an IT support team that works effectively and as quickly as possible, while prioritizing their work based on your needs.
  4. IT support saves you precious time. Think of all the time you and your employees would waste dealing with the problems that IT support personnel take care of. Beyond handling specific computer difficulties, IT support can help you make your day-to-day business operations flow more efficiently, with your employees relying on the right programs and devices.
  5. IT support personnel can help educate employees. Many cyber security breaches and other computer problems have their source in employee error. And in regards to simpler computer issues, your employees might also be given the means to quickly solve simple problems themselves, leaving IT to deal with the bigger issues. Your IT support is a potential source of employee knowledge and training.
  6. Your customer relations can improve thanks to IT support. From keeping your website up and running to maintaining software that allows you to connect with and keep track of your customers, good IT support enhances customer relations.
  7. IT support personnel know the best, most up-to-date practices. They keep up with tech and software developments, understand safe and effective practices, and are up-to-date on industry standards and guidelines. They can help you benefit from state-of-the-art, cost-effective solutions that also comply with government regulations.
  8. You can outsource IT support to a trusted provider. Hiring an IT staff or expanding on your current staff might not make financial sense. In many cases, it’s more cost-effective to outsource IT support to a provider who will work closely with your company and provide you only with the services you need; the money you save on IT can get redirected to your core business areas, promoting growth. Furthermore, even if you keep in-house IT personnel, it’s useful to have trusted outsiders to consult with; they can bring additional expertise to your company.

Be sure to contact us for more information about our IT support services. Strong IT support is indispensable to your company’s success.