What Applications Are Running In Your Network?

Do you know the answer?  While perhaps your company is well equipped and can answer the question, many small to mid-sized companies cannot. If you find that you are among the firms that cannot answer the question you should take an interest in knowing.

Why you ask?  Here are five important reasons:

  1. Financial – Computing and network resources are costly. Resources that are utilized for non-business purposes consume precious resources and cost the company money. Some personal communications may be acceptable but there are limits that certain individuals might take advantage of.
  2. Security – Unauthorized or rouge applications may impact information security. When properly utilized as part of an overall strategy, applications such as Dropbox or Google Drive may be great for your business. However they may also provide a platform for lost data, data leakage, or theft if being utilized without company knowledge or appropriate safeguards. The problem may be further compounded when an employee has resigned and maintains the information stored on Internet devices.
  3. Productivity – It may be within the boundaries of your business policies to allow employees to use Facebook, Twitter, personal email, and surf the web within certain timeframes. Without being able to measure usage you may have undesired activity that negatively impacts productivity, is detrimental to the business culture, and or potentially creates a hostile work environment
  4. Piracy – Software piracy not only affects the developer but also the company that installs the software. An IDC study found that 37 percent of midsized companies that participated in software audits had pirated software within their environment. While there are obvious impacts to the developer with lost revenue and potential dissatisfaction of those using pirated software, many times pirated software contains vulnerabilities including viruses, worms and Trojans. Employee devices containing pirated software that are used within the business environment can contribute to compromise of  the company network.
  5. Reputation – With all of the online media your business reputation can suffer serious harm. Social media can help spread news around the globe in a matter of moments. With companies searching online for the products or services your company offers having bad things show up in search engines can directly impact your bottom line. News of a breach, low employee morale, or piracy can seriously damage the business reputation.

Engaging a consulting company that can perform regular audits of your business infrastructure or managed service providers that can monitor activity in real-time can be a cost effective solution to the problem.

Network Management Solutions has been providing pragmatic solutions for business since 1996. For more information please contact us.

Social Engineering An Ongoing Security Threat

There have been numerous high profile data breaches including companies such as Home Depot, Dairy Queen, Lowes, Goodwill Industries and Jimmy Johns.  The commonality between these organizations is that they were all Point of Sale (PoS) breaches.  Malware was planted within the PoS syststem that enabled credit card data to be stolen from unknowing customers at checkout.

While state laws mandate disclosure of certain breaches, the manner in which a breach occurs is generally not part of the disclosure. The most recent round of PoS breaches have been blamed on 3rd party vendors that supply the PoS hardware and software with speculation that all began due to a compromise of login credentials.

Unfortunately most breaches go on for months with the compromised organization being notified by law enforcement and not their internal security or IT staff. In the case of the Backoff malware used to compromise PoS systems the virus was detected in October 2013 however antivirus products did not identify it until August 2014. The United States Secret Service currently estimates that over 1,000 US businesses are affected.

One frequent way in which these types of compromises commence and login credentials are compromised is through social engineering.  While there are ways to reduce the impact of lost or compromised credentials we want to focus on the threat imposed by social engineering.

Social engineering is the art of manipulating individuals to divulge confidential information such as passwords, account information, or to allow the attacker to gain control over their computer. The goal of the fraudster is to secure a foothold into the target organization before the target has had an opportunity to think. An adept social engineer relies on an individual’s innate trust in order to garner the information they are after.  Depending on the organization, it is generally easier to socially engineer a foothold then to exploit technical vulnerabilities.

Social exploits can come in the form of an email, text message, phone call or otherwise. Messages may have malicious content sent as attachments that contain malware.  In other cases the target might click on a embedded link in a message that downloads malware or requests confidential information such as network login credentials, banking information or personal and private information such as DOB, SSN, etc.  Common scenarios often used to bait targets includes being told they have won something, their computer needs repair, a friend is in need, or a charity is looking for support.

During this year’s Social Engineering Capture the Flag (SECTF) competition at DEF CON 22, nine teams placed cold calls into a variety of large retailers including Home Depot, CVS, Costco, Lowe’s, Macy’s, RiteAid, Staples, Walgreens, and Walmart to glean confidential information.  According to an article covering the event none of the retailers did well enough to pass.

Prior to the competition each team scoured public records from open source information databases to assist each team to understand the target company better and devise its approach. One team discovered that a retailer’s public website contained a portal to its corporate intranet. This portal connection provided access to the internal network without employee credentials. In addition the website itself contained an online instructional document on how to access the intranet with a sample login username and password that was functional. Once the team discovered this information they went no further. Unknowing the company had created a major vulnerability that left the door open for hackers to further exploit their internal systems.

Does your IT department have the ability to recognize serious architectural flaws which could lead to hacking? Are third party resources engaged to review your security posture on an ongoing basis? How well does your company prepare its employees to recognize potential social engineering attacks? Are employees prepared to resist the temptation to click on links when a prize has been offered or a fraudulent email advises that their login credentials need to be updated, or question a caller posing as an IT worker, BEFORE acting? It only takes one employee to slip for the organization to fall prey to a social engineering attack that could result in a serious breach. Training must be provided on an ongoing basis if the organization is to withstand a targeted attack.

Network Management Solutions has been assisting organizations to build, monitor and protect their information assets since 1996. Please contact us for further information and assistance.

Security Risks Imposed By The Use Of USB Drives

Portable flash drives also called thumb drives, USB drives or memory sticks have become commonplace.  They offer high capacity data storage and portability of information between computers easily plugging into USB or FireWire ports.   Flash drives have become novelty giveaways at trade shows containing marketing material or other information the presenter wishes to convey.  USB drives offer convenience but they don’t come without some potential security risks to your business .

So you now can carry around terabytes of data in your pocket, that’s great but it also means you can easily misplace the data stored on the device.  Considering your line of business and what you or your or your employees might store on the drive you may have regulatory issues to address.

While covered entities (organizations that maintain regulated information) need to report lost or stolen computers containing personal and private information such as social security numbers or healthcare information, or other sources of data leakage, the same holds true for portable data storage devices.  Not only do these requirements apply to your business they also apply to any business partner you might engage to work with protected information on your behalf.

Earlier this year a small Massachusetts physician practice was fined $150,000 after the theft of an unencrypted USB flash drive containing the medical records of 2200 patients from an employee vehicle.  The fine was levied principally due to the failure of the organization to have conducted a risk assessment in using flash drives and putting in place proper data handling and notification procedures.

Hackers write custom viruses that target USB drives as the threat is easily ported between computers by simply plugging the device into its USB port.  Making certain that anti-virus software is up to date and that flash drives are scanned when plugged into a computer is essential to blocking such threats.  Some organizations go so far as to turn off the USB ports on their computers to stop viruses from being imported via employee USB memory sticks.

So what should an organization do to protect itself?  Here are some recommendations:

  • Consider if USB or other portable drives should be utilized within the business.
  • If so, is this a necessity or more of a convenience and are there other ways to produce the same outcome?
  • Consider what data is permissible to be stored on flash drives and who within the organization may do so.
  • Develop policies and procedures that cover acceptable use, storage, handling and notification procedures should a drive come up missing.  Share these documents within the organization and hold your employees responsible for following them.
  • Encrypt sensitive data stored to memory sticks.  The best encryption is hardware based and not all memory sticks are the same.  You can get more information here on the best devices.
  • Password protect thumb drives and consider using tamper proof devices that can overwrite the contents if a maximum number of password attempts is reached or the device case is tampered with.
  • Maintain all computer based antivirus software and scan all thumb drives as they are inserted into computers.
  • If you must use USB drives store them in a safe place where they will not be lost or stolen.
  • Do not allow personal USB drives, or company data to be stored or accessed on personal use machines.  If your employees work from home provide a business computer that is secured and maintained by the business.

Network Management Solutions has been providing pragmatic solutions for business since 1996.  For more information please contact us.

Small Business A Prime Data Breach Candidate

Has the news reached your computer?  Small business is a prime candidate for hackers looking to capitalize on an unprepared target.  What do I have to loose you might think, but think again.  You may have financial assets, bank accounts, intellectual property, credit cards, protected personal information, or even your business reputation at risk.

While you may believe that none of this matters, the turmoil created by a breach is a nightmare to remediate taking months or longer to recover from.  Some incidents carry on undetected for years and end in court cases with the compromised business as a defendant fighting lawsuits and regulatory fines. Not withstanding the legal challenges you may find your business suffering from reputational harm or an inability to recover funds from a financial hack.

When business magazines such as Forbes and Inc. are writing about small business being targets you know things have reached a tipping point.  For further information check out the list of identified firms compromised so far this year at the Identify Theft Resource Center.

So why is small business a prime candidate for data breaches, the answer is simple.  Small businesses typically have weak information security programs.  The technology deployments are limited and improperly configured; management and employees are not security aware; the ability to detect most compromises early on is non-existent; and the business is information and asset rich to a would be attacker.  Business owners compound the problems being technology averse, believing that it’s all too complex and all too costly to manage.  So the task gets delegated, underfunded, or left to chance, none of which are viable in the long term.

Pragmatic solutions are available that won’t disrupt business operations or strain company budgets.  Employees and management can become better stewards and learn simple security best practices and the reasoning behind them.  A robust program integrates technology, business practices, operational procedures and point insurance products.  A well-crafted security program protects the business from financial, reputational, legal and regulatory issues.  Integrated within the business operation the security program is generally simple to maintain and effective in its objectives.

Ensuring that you engage the appropriate resources, as part of your security strategy is key.  Most small companies don’t have the internal resources to commit to develop and maintain the security program and hiring such resources can be costly.  Utilizing a managed service provider is an excellent cost affective approach to identify business requirements, develop solutions and maintain the program ongoing.

About Network Management Solutions

Network Management Solutions (NMS) has been helping companies address their business and technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

Please contact NMS to schedule a no obligation, consultation to discuss your concerns.  We will provide expert advice in simple business terms on how to best meet your business needs.  NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com.  More information on Network Management Solutions can be found at www.nmscorp.com.

A Critical Need for Strong Information Security Practices

Who is responsible for your information security practices and why?  If you are the business owner, CEO, or other key executive have you discussed with the individual or organization what your information security goals are?  I am not talking about a technical discussion but rather a discussion in business terms.  Are there defined security standards to which the organization adheres?  Is information security become part of the business culture?

Too many business leaders don’t find a discussion necessary and assume that their input is not necessary or the conversation too painful to manage.  Having spent a career dealing with information technology and security personnel I can relate.  However when your input is not part of the conversation don’t assume that anything is secure.  Don’t believe what your “expert” tells you unless its been verified.

Now perhaps you are a large organization and as the CEO you are too busy to deal with the techies.  Your CIO or CISO are boring and you believe you’d be more productive painting your dog’s nails.  Well there is a long list of CEO’s and board members that might wish they were more involved.  The Target Corp and Neiman Marcus are more of the same.

Hackers are sophisticated and operate in ways most organizations don’t understand.  Their probing, testing and theft happens over long periods of time.  It’s not like a theft at a storefront or bank.  Hackers rely on being stealth and their activities can last months or even years.  They are operating within your company walls from far off places on the other side of the world and your security operations staff has no idea this is occurring.

Most organizations find out about their compromise from law enforcement as they investigate criminal activity on a global scale.  However it’s still your problem. Unless your hack is a matter of national security the amount of cooperation you receive from the FBI or USSS will be negligible and may be non-existent.  Its not that they don’t want to help but these agencies are focused on national security and money supply and their resources are stretched.

So you’re a small business and you believe that you are off the grid, out of the loop.  Well that is not the case.  Depending on how events are tracked and who is reporting statics show that about one-third of all attacks involve small business

and sometimes these “attacks” come from inside the organization.  That may be shocking to a small business owner but small business is easy prey.  As a small business owner you should be asking all the right questions since your banking accounts, operation, customer information and reputation are at risk.

Often the hacker can penetrate a small organization because the architecture is flawed, devices are not properly maintained, patches are not applied, and no one is being held accountable.  As a small business owner you must be involved and must be asking the right questions.

Network Management Solutions has been helping companies address business driven technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

Please contact NMS to schedule a free one-hour no obligation consultation to discuss your concerns.  We will provide expert advice in simple business terms on how to best address your issues through NMS or another provider.  NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com.  More information on Network Management Solutions can be found at www.nmscorp.com.

Remote Access Risks – Protecting your data outside of the office

Internet cafes, hotel rooms and airports can all be convenient places to catch up with work tasks. But how safe is your data when you access your office systems, email or financial accounts from a public place?  Well, in the age of tablets, laptops, and smart phones, the answer is complex—however, knowing these few facts can help keep your data safe.

Just like home burglary, Internet theft is most often conducted by opportunists. Online thieves are on the prowl for passwords and other information that can give them direct access to your confidential information, as well as your money!

Be your own security guard by following these three steps when you connect publicly with your laptop, tablet or phone:

1.) Check that the network requires a password and shows a lock icon next to its name, indicating it utilizes encryption. Without this, others can easily steal what you send and receive.  Alternately, if you do connect to an unencrypted network, make sure the accounts you access have encrypted login (authentication), and encrypt any sensitive data that you might exchange (the web address will start with https).

2.) Confirm that you have the latest security updates installed for your computer’s operating system, as well as for any applications. Cyber-criminals are clever, and OS and app updates help counter their latest tricks.

3.) Always utilize a system firewall or similar application, PLUS a full-featured Internet security software suite that includes traffic filtering, intrusion prevention, and anti-virus capabilities.  This will not only protect you in public places, but at home or in the office as well.

Besides policing your own devices, it’s also wise to be very wary of computers that are offered as a customer service in hotels, lounges, libraries and Internet cafes.  You put yourself at risk whenever you use these machines to access sensitive accounts or information, including email, because the browser cache could be configured to store your login credentials. You can’t know that an open-access machine doesn’t have malicious software installed to burgle passwords and information, so sit down at any public computer with extreme caution!

Finally, a special word of advice to business owners since employees now commonly work out of the office on a variety of personal use devices … Take the time to get assurance that remote access to your systems and data is properly configured to provide optimal security. Workplace servers that are left open to the Internet are easily compromised, with potentially disastrous results. Consult with professionals to minimize your system vulnerabilities and invest in mounting your best defense to protect your valuable information and financial assets.

Network Management Solutions is a proven service provider that enhances the security, manageability of IT systems for small businesses, while reducing costs.

For more information about our range of services, and helpful tools for evaluating your IT security, visit us at www.nmscorp.com

Preparing for Rouge Employees

Just as it is important to prepare for hackers, it is critical to prepare for internal theft or inappropriate use of resources stemming from employees and contractors. We routinely hear from our clients that there is suspicion surrounding an ongoing or recently departed employee or contractor. Without proper planning the ability to confirm or deny suspicions can be full of navigational landmines, both legal and technical that carry a stinging price tag.

Having the appropriate protocols and tools in place can help avoid panic and enable the organization to quickly obtain the facts. A clearly communicated plan will also reduce employee and contactor sensitivity surrounding monitoring that might otherwise kill a company’s culture.

So what should be done and what are some of the pitfalls to prepare for this unfortunate yet inevitable situation?

You need to be certain of both company and employee legal rights. Assuming that the monitoring of company equipment without notifying those who use it can be a mistake. Depending on the state your business operates in, your approach will vary. Many states require the employer to notify employees of its monitoring practices. This might include email activity, websites accessed, calls made, internal and external sites visited, files accessed, text messages and other communications. The best approach is to make certain that employee handbooks and policies reflect your right as an employer to monitor and that your employees acknowledge this.  For specific information pertinent to your business we suggest that your in-house or other legal council assist in developing your approach.

From a cultural perspective it makes sense if you choose to adopt tools to monitor employees and contractors, that you spell out what can be monitored along with the internal procedures and approvals necessary to monitor employees.  This will ensure that employee rights are not violated and overzealous management doesn’t create a draconian environment. Clearly defining your policies and why the approach is necessary helps reduce potential negative consequences reflected in employee moral and productivity.  Both human resource experts, legal counsel, management and employee representation should be integral in defining your approach and the spirit in which messaging is provided to employees.

On the technical side here are some tips specific to areas that should warrant your attention.

  1. Define Objectives – including what information and activity should be monitored and why. Do this while paying close attention to the impact on company culture and other potentially negative impacts.
  2. Define Systems – including where is critical information housed and how is it shared within and outside of the organization.
  3. Define Access – including how are systems accessed and who has access to them.  Pay attention to both in house connectivity and remote access.
  4. Define Portability – including what information can be transmitted and through what means.  Consider all media that can be utilized including flash drives, email, print, mobile devices, and other platforms.
  5. Define Methods – including what type of monitoring should be implemented, who will have access, and how will use be audited.  Clearly layout the steps taken when anomalous activity is detected.
  6. Define Tool Set – identify the necessary tools to meet the defined objectives.
  7. Implement Plan – review performance of the tool set in accordance with objectives and adjust as necessary.

Being prepared can save the organization from data loss, lawsuits, organizational and reputational harm among other negative consequences while protecting the rights of employees and contractors.

Network Management Solutions has been assisting organizations since 1996 to build, monitor and manage IT systems with a pragmatic business centric approach.  Please contact us for further information.

Securing Your Desktop Computers

Perhaps you were aware that support for your business computers using the Windows XP operating system was being discontinued as of April 8, 2014, maybe not.   Were you able to compile an inventory of the Windows XP machines in use at your business or in virtual home offices of your employees and upgrade them?  Why as a business owner, office manager, or IT support person should you care and be motivated to come up with a plan if you have yet to?

Your business is vulnerable.  According to global security solutions provider Symantec, over 30% of targeted spear phishing attacks during 2013 were aimed at companies with less than 250 employees.  End of life support by Microsoft for the Windows XP operating system eliminates critical support updates that help ensure the security and reliability of the operating system as well as on-line technical information updates that help techies resolve issues when PCs have problems.  If you think that your virus software will protect your XP computers, you are mistaken.

Cyber criminals target organizations to steal and or store stolen information.  Small businesses are targets since stealth attacks or the storage of stolen information can persist for long periods of time without detection.  Targeted attacks result in malware being planted within an unsuspecting company that then provides hackers access to the target company’s computers.

As a business, you may have both legal and regulatory compliance issues, if you process credit cards and or store personal and private information such as social security numbers, driver’s license numbers, bank and credit/debit card numbers, healthcare records, etc.  Even if you don’t have such information, the loss or compromise of your company intellectual property and bank accounts, client data, and other sensitive information can lead to significant reputational harm, financial losses, and legal problems.

In an article published earlier this year titled “Why Your Small Business Is at Risk of a Hack Attack” Entrepreneur provides an overview of what is happening with the world of cyber crime.  This is a quick worthwhile read if you want to learn more of how and why your business may be a target.

Network Management Solutions has been helping companies address business driven technology issues since 1996.  We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

You may contact NMS to schedule a free one-hour no obligation consultation to discuss your concerns.  We will provide expert advice in simple business terms on how to best address your issues through NMS or another provider.  NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com.  More information on Network Management Solutions can be found at www.nmscorp.com.

 

Why Browser Maintenance Is Important To Your Business

Late last month an Internet browser vulnerability was identified by security firm FireEye.  The flaw affected all versions of Microsoft’s popular browser Internet Explorer (IE). According to FireEye, the vulnerability allowed attackers to install malware on your computer without your knowledge or permission.  Once compromised, the system would be open to a variety of issues including theft of personal data, tracking of online behavior, or control of the computer.

The vulnerability was so severe that it caused both the US and UK Computer Emergency Readiness Teams (CERT) to recommend not using IE until the flaw was corrected. This sort of reaction by CERT is rare. While a patch was made available within a week’s time, your organization still had to apply it to vulnerable machines to remediate the issue. Anyone utilizing IE and other browsers should take note; some exploits are left without remediation for months or longer. Many organizations never patch vulnerabilities leaving them open to exploitation indefinitely.

Browser exploits are commonly utilized to infiltrate computer systems and the networks they are connected to. Exploit code is commonly placed within infected websites and launched against unknowing visitors that browse the site. Once a browser has been compromised through the exploit, software is installed to provide remote access and control of the machine. This is commonly referred to as a RAT or remote administration tool, Trojan, or backdoor.

Many exploits will send out a beacon signaling the remote attacker of the systems compromise. The remote attacker will access the machine installing additional software to exploit the local machine as well as hack deeper into any local network connections that may provide access to other computers, databases and networks.

What makes the compromised organization so vulnerable is that the hacking activities occur without obvious signs of the exploit.  The attacker can operate over long-periods of time ultimately uncovering some information that can be monetized. This may include: theft of banking funds, credit cards, customer information, intellectual property and more.

Compromises affect all organizations large and small. Larger entities may be newsworthy but small enterprises are also affected. eBay is one of the most recent big names to be compromised, however one-third of all attacks involve small business.

Your best line of defense starts with awareness, and the proactive management and response to the latest threats. Most maintenance does not involve the latest gadgets and security tools but more so an organized, pragmatic approach to managing the threats.

Network Management Solutions (NMS) has been helping companies address business driven technology issues since 1996. We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

Please contact NMS to schedule a free one-hour, no obligation, consultation to discuss your concerns. We will provide expert advice in simple business terms on how to best address your issues through NMS or another provider. NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com. More information on Network Management Solutions can be found at www.nmscorp.com.

Office Networking 101

So you are a busy executive or business owner.  You don’t have time to deal with all the Information Technology issues or IT jargon, but are faced with decisions that impact your business.  How do you sift through the techie speak and get to informed decisions that make sense for your bottom line?   This brief overview will present some common technology terms that will help empower your decision making.

The first term is LAN.  This stands for local area network.  Basically a LAN is the connection point for all personal computers, printers, phones and other peripherals that may be used in your business.  Computers connect to the LAN either through a wired connection that plugs directly into a network device or through a wireless connection over the air utilizing radio waves.

Once connected to the LAN the computer or other devices communicate through a networking device called a switch or in older networks a hub.  Both devices essentially perform the same function, however switches segment computer traffic and reduce overhead which provides more efficient and faster throughput.

Connectivity to computing resources outside of the office or between offices is provided through a WAN or Wide Area Network.   WANs are typically comprised of circuits, routers, firewalls, and modems.  Circuits provide connectivity to resources that exist outside of the office such as Internet websites and other office locations.  The typical small to mid-sized business utilizes the Internet for its circuit connectivity.   Internet circuits can utilize cable, DSL, T1 or other methods.  Circuits can be delivered over copper or fiber networks.  Most small business use either DSL or cable, as do small home networks.  FIOS is a fiber service provided by Verizon.

Circuits connect to the customer network through either a modem or router.  Routers are typically employed where there are multiple circuits acting as a device that determines which circuit to utilize to access the requested information.  Modems are typically used to terminate single circuits.  The final component is a firewall.  Firewalls segment traffic that enters and exits the office infrastructure and are a keystone device in protecting your business by blocking unwanted traffic and improving information security.

To find out more please visit Network Management Solutions at www.nmscorp.com

You’ll find:  clear, concise overviews of obvious and unseen IT workplace problems and risks.  Self-assessment quizzes, evaluation checklists, and a wealth of information to help you reduce cost, improve service, and benefit both you and your business.