Remote Access Risks – Protecting your data outside of the office

Internet cafes, hotel rooms and airports can all be convenient places to catch up with work tasks. But how safe is your data when you access your office systems, email or financial accounts from a public place?  Well, in the age of tablets, laptops, and smart phones, the answer is complex—however, knowing these few facts can help keep your data safe.

Just like home burglary, Internet theft is most often conducted by opportunists. Online thieves are on the prowl for passwords and other information that can give them direct access to your confidential information, as well as your money!

Be your own security guard by following these three steps when you connect publicly with your laptop, tablet or phone:

1.) Check that the network requires a password and shows a lock icon next to its name, indicating it utilizes encryption. Without this, others can easily steal what you send and receive.  Alternately, if you do connect to an unencrypted network, make sure the accounts you access have encrypted login (authentication), and encrypt any sensitive data that you might exchange (the web address will start with https).

2.) Confirm that you have the latest security updates installed for your computer’s operating system, as well as for any applications. Cyber-criminals are clever, and OS and app updates help counter their latest tricks.

3.) Always utilize a system firewall or similar application, PLUS a full-featured Internet security software suite that includes traffic filtering, intrusion prevention, and anti-virus capabilities.  This will not only protect you in public places, but at home or in the office as well.

Besides policing your own devices, it’s also wise to be very wary of computers that are offered as a customer service in hotels, lounges, libraries and Internet cafes.  You put yourself at risk whenever you use these machines to access sensitive accounts or information, including email, because the browser cache could be configured to store your login credentials. You can’t know that an open-access machine doesn’t have malicious software installed to burgle passwords and information, so sit down at any public computer with extreme caution!

Finally, a special word of advice to business owners since employees now commonly work out of the office on a variety of personal use devices … Take the time to get assurance that remote access to your systems and data is properly configured to provide optimal security. Workplace servers that are left open to the Internet are easily compromised, with potentially disastrous results. Consult with professionals to minimize your system vulnerabilities and invest in mounting your best defense to protect your valuable information and financial assets.

Network Management Solutions is a proven service provider that enhances the security, manageability of IT systems for small businesses, while reducing costs.

For more information about our range of services, and helpful tools for evaluating your IT security, visit us at www.nmscorp.com

Why Browser Maintenance Is Important To Your Business

Late last month an Internet browser vulnerability was identified by security firm FireEye.  The flaw affected all versions of Microsoft’s popular browser Internet Explorer (IE). According to FireEye, the vulnerability allowed attackers to install malware on your computer without your knowledge or permission.  Once compromised, the system would be open to a variety of issues including theft of personal data, tracking of online behavior, or control of the computer.

The vulnerability was so severe that it caused both the US and UK Computer Emergency Readiness Teams (CERT) to recommend not using IE until the flaw was corrected. This sort of reaction by CERT is rare. While a patch was made available within a week’s time, your organization still had to apply it to vulnerable machines to remediate the issue. Anyone utilizing IE and other browsers should take note; some exploits are left without remediation for months or longer. Many organizations never patch vulnerabilities leaving them open to exploitation indefinitely.

Browser exploits are commonly utilized to infiltrate computer systems and the networks they are connected to. Exploit code is commonly placed within infected websites and launched against unknowing visitors that browse the site. Once a browser has been compromised through the exploit, software is installed to provide remote access and control of the machine. This is commonly referred to as a RAT or remote administration tool, Trojan, or backdoor.

Many exploits will send out a beacon signaling the remote attacker of the systems compromise. The remote attacker will access the machine installing additional software to exploit the local machine as well as hack deeper into any local network connections that may provide access to other computers, databases and networks.

What makes the compromised organization so vulnerable is that the hacking activities occur without obvious signs of the exploit.  The attacker can operate over long-periods of time ultimately uncovering some information that can be monetized. This may include: theft of banking funds, credit cards, customer information, intellectual property and more.

Compromises affect all organizations large and small. Larger entities may be newsworthy but small enterprises are also affected. eBay is one of the most recent big names to be compromised, however one-third of all attacks involve small business.

Your best line of defense starts with awareness, and the proactive management and response to the latest threats. Most maintenance does not involve the latest gadgets and security tools but more so an organized, pragmatic approach to managing the threats.

Network Management Solutions (NMS) has been helping companies address business driven technology issues since 1996. We are currently serving a variety of customers within New Jersey, New York, and the surrounding metro areas of New York and Philadelphia.

Please contact NMS to schedule a free one-hour, no obligation, consultation to discuss your concerns. We will provide expert advice in simple business terms on how to best address your issues through NMS or another provider. NMS can be reached by phone or email at 908-232-0100 or info@nmscorp.com. More information on Network Management Solutions can be found at www.nmscorp.com.

What’s Slowing Your Network Down?

Its a simple question, but do you really know?  Do your IT staff have the time, energy, tools, and expertise to manage response times?  In many small to mid-sized organizations the answer is no and even in many of the the largest of organizations this is true.  Internal staff often have too many high priority demands that get in the way of network monitoring and management functions.  While perhaps in the early stages of a network buildout many small performance dips go unnoticed.  However over time network performance issues unchecked can become show stoppers.

Network slowdowns can originate from a variety of issues and may be indicative of overbooked resources, improper patch management, unwanted user activity, viruses, failing circuits, among many other issues. Without diligent management and monitoring of resources issues that could have been addressed without disruption now manifest themselves as major infrastructure outages. While many organizations may consider outages as part of the day to day, the overall cost to your business and its efficiency may be many times greater then considered and can be avoided.

Managed Service Providers are a great compliment to busy IT staffs providing robust monitoring and management capabilities that help improve service levels, reduce the cost of operations, protect investments the company has made in technology, as well as assist the business in meeting its goals. Network Management Solutions has been helping organization design, implement, monitor and manage their IT assets since 1996.  Please feel free to contact us at http://www.nmscorp.com/contact-nms/ to find out how we can assist your organization in meeting its goals.

 

Proactive Security Management of Information Technology Assets

The management of security updates, critical server patches, anti-virus software and backup management are critical tasks in the proactive security management of information technology assets.

Unless your organization is proactively managing these critical elements the security of your information is at risk. Server and desktop management must be supported by structured operational plans.  Weekly server updates to patch OS deficiencies, security vulnerabilities or otherwise performance or availability related, need to be applied.  Additionally application updates also need to be applied on a regular basis to ensure the best application performance, availability, and security.    These same actions need to also be administered at the desktop as many security exploits are launched against desktops so proper patch management is critical.

While anti-virus and regular updates are a must some custom viruses operate outside of addressable memory and many go undetected.  It is therefore critical that comprehensive security suites be utilized that identify anomalous network or application activity which may have been a result of defeated anti-virus software.

Another critical activity to mange the security of information is a comprehensive backup management program.  This not only includes a  full and incremental backups but ongoing tape rotation to secure facilities and regular testing to restore data from backup media.  Testing restore capabilities to ensure viable backups will pay many dividends when lost data needs to be recovered.

While information security programs go far beyond these simple practices outlined pragmatic management of security updates, patches, data backup and restore capabilities are a critical component to ensure the security of your data.