Category Archives: RiteTech
How would your organization handle a “Data-for-Ransom”, or other serious IT Security breach?
2013 has certainly seen a significant rise in the number of Internet and network security threats, and has included the unwelcome introduction of a particularly fearful type of hacker attack – that’s the one now known as “Ransom-ware”, and more specifically, “CryptoLocker”.
Simply stated, “CryptoLocker” is essentially the IT equivalent of a hostile, external force taking over your computer (or server), and holding its most critical data “hostage for ransom”. Whereas other types of viruses and other “malware” tends to steal passwords, invade privacy, damage, degrade, or otherwise compromise systems, etc. – as if all of those perils weren’t disruptive enough – this particular form of “malware” goes the additional mile, and actually forcefully “locks up” the computer’s various data files, and holds them “for ransom”, unless the attacker is paid off. This type of attack probably ranks up near the top of some of the most disruptive and malicious perils that a computer user could potentially encounter, simply by performing as innocent a mistake as opening (or running) an infected or malicious attachment.
Although none of RiteTech’s clients has been infected by CryptoLocker to date, we have heard of a greatly increased incidence rate of its infections encountered being reported by other IT providers, which suggests that the overall level of infection is increasing, and accelerating. While there is never a 100% guarantee or prevention from IT security breaches (just as there is never a 100% guarantee from physical security breaches, or other perils – like fire, floods, etc.) – there are several “best practices” that can help organizations maintain a reasonable level of security and data protection.
RiteTech can help provide guidance to ensure that your organization’s IT infrastructure and policies are “all that they could be”. We provide “lunch n’ learns” about IT Security, Cloud Computing, and other informative seminars to qualifying organizations. Contact us for further details.
1. Having an appropriate and adequate data protection strategy is essential. This includes ensuring that all critical data is properly backed up (ideally, off-site for the most critical data), and that restoring from backups are regularly tested. Incidentally, when the restoration is tested, part of what also needs to be tested is the length of time for a restoration to occur. Many firms, including IT firms, vastly underestimate the amount of time, or level of effort, to recover data from a catastrophic loss.
2. Ensure that staff is storing critical data in the appropriate locations (which are in turn, backed up) is also essential. This is largely a policy and a training issue, rather than a technical one.
3. Ensuring that staff has basic awareness of IT security policies – as well as their own employer’s policies – is also extremely important. For instance, does staff know how to handle (or report) a suspicious incoming e-mail or phone call? A malfunctioning computer? A telephone, LAN room, or other sensitive “IT closet” that is discovered with its door opened and no explanation, etc.? All of these are examples of scenarios that staff should have some basic awareness on what to look out for, and how to handle.
4. What is the organization’s “Bring Your Own Device” [B.Y.O.D.] policy? (e.g. for syncing personal devices with e-mail, etc.?). How will the organization handle scenarios if an employee’s personal device is lost, stolen, or hacked – and the company’s data on the device is somehow compromised or placed at risk? (Hint: Mobile Device Management [MDM] software and related policies can help reduce and control these risks).
5. Does the organization’s network have an appropriate, and properly managed and monitored firewall(s), that can adequately protect against all modern threats, while also not drastically slowing down the organization’s Internet speeds? Hint: If the firewall(s) cost the organization less than $1000 and/or if the firewall was purchased from a Best Buy or other retail source, then the answer is almost assuredly NO. (Contact us for explanations about why that is). An unmonitored firewall – especially one without someone who regularly views or analyzes its activities or reports – is about as helpful as having a security camera system where nobody ever watches the monitors, or ever plays back its security recordings.
6. And of course, it goes without saying – however, having effective, well-updated, and centrally managed/monitored antivirus or appropriate security software on ALL connected devices – as well as some sort of uniform method of ensuring that various critical software patches or updates are consistently deployed on all of these devices – is essential.
Want More Info?
The following articles provide more information about the threats:
Happy New Year!
What are your resolutions for the year? I’m guessing almost everyone wants to be more organized, correct?
I am no exception. My desk is never as neat as I want it to be and I always seem to have tons of receipts and pieces of paper in my purse and computer back. I’m a tech geek, I am proud to say, so all my contacts, emails and calendar items live happily on my laptop, iPhone and iPad.
But…I like lists. To Do Lists. Grocery Lists. Lists of things to pack on vacation, lists of development ideas – well, you get the idea.
As a provider to cloud-based services, we always talk to our clients and prospects about understanding ownership of their data hosted in the cloud and to understand what happens if the hosting company or provider goes out of business or is sold.
The Washington Post has a great article about this very topic today: view the article at www.washingtonpost.com.
This article focuses mainly on personal data, such as sites that host your photos and such, but it is something that anyone – individual or business – thinks about when they copy their data elsewhere.
Happy New Year!
Keep your Budget and your piggy bank happy with Phone & Internet Solutions that always have “5 Bars” to your business location!
Interested in Discounts for Internet, Phone, VPN, and Cellular Service? Save up to 10-25% or more – including further discounts for multiple locations!
RiteTech provides free phone/Internet usage analysis to qualified organizations! And, we partner with Cellular companies who will Guarantee Cellular reception to your primary location!
Office 365 revolutionizes Small to Medium-sized Businesses (SMB’s) by now offering productivity and reliability options that have been either cost- or equipment- intensive up until now. With Office 365, SMB’s can now choose to host their business-critical data and applications such as Microsoft Exchange E-Mail, Microsoft SharePoint, etc. fully in the “Cloud”, helping to reduce the expense, maintenance needs, and reliability challenges of “hosting” such a complicated and critical system in a traditional SMB office setting. The familiar Microsoft Office software is also now available with a Cloud option, as well. For more information, contact RiteTech sales at (703) 561-0607, or firstname.lastname@example.org
Microsoft Volume Licensing helps save money!
Rite Tech can help protect your organization’s data!
RiteTech offers a number of traditional (on-site) and off-site (Internet-based and site-to-site) data backup solutions that are affordable, proven, field-tested, and are also the same ones that we use internally to protect our own critical servers, accounting systems, web sites, and databases. Don’t let an unexpected PC failure or virus attack ruin months or years’ worth of work!
SMB Nation has gotten off to a great start at 7:00 local time here in Las Vegas. It is early, but there is a lot of excitement.
I’m currently watching the main keynote with Cisco, which is making a big push into the small and medium business space. Since SMB’s drive the economy, this is great news.
Some of the points being made are that they need technology to stay competitive, are shifting to the cloud for efficiency and reliability and are shifting away from a full time IT staff.
At RiteTech, we’ve been working with Cisco for over a year by testing some of their new devices and services.
We also urge our clients migrate to the cloud and consider ourselves your “outsourced” IT department, so we are right on track.
I look forward to the rest of the conference!
Back in July the RiteTech office was busy preparing for our big screen debut. We cleaned the office, painted the walls and wrapped the vehicles! All our efforts paid off, for the video is great! Check it out: http://www.cisco.com/web/partners/sell/smb/onplus/grow_my_business.html.
For over a year, RiteTech has been working with Cisco to perfect their OnPlus network device and service. This device allows us to better monitor our client’s locations and network. We know within minutes if a network goes down – invaluable information in our line of work.