Top Security Mistakes And How To Avoid Them
From HP’s September 2014 Technology at Work Newsletter In the movies, hackers are easy to identify. The screen’s green glow reflects on their grizzled faces as they type furiously at their keyboards in the murky shadows. Of course, real-life hackers aren’t nearly so easy to spot. And they’re also likely not the biggest source of risk for your business. The truth is that most security breaches—over 80 percent—are crimes of opportunity [1]. The largest security threat many businesses face comes not from criminal masterminds, but their own employees. To help you keep your data and networks safe, we’ve compiled five common IT security mistakes, and what you can do to avoid them. Mistake 1: Not performing updatesSolution: Installing regular upgrades and software patches is one of the most important things you can do to keep your network and data secure, but 40 percent of users don’t always upgrade software when prompted to. In fact, about a quarter admit they need to be prompted at least twice before upgrading [2]. Don’t wait to make your network secure. Upgrade as soon as patches are available and conduct audits regularly. Mistake 2: Not disposing of data correctlySolution: Donating old equipment can be a great idea, as long as you’re making sure you’re not donating your company’s sensitive data as well. Merely deleting files doesn’t necessarily get rid of the information. To be sure it’s permanently deleted, the data needs to be actively overwritten with programs like Eraser. And HP Disk Sanitizer and File Sanitizer, available on select business PCs and notebooks, can help you erase hard drives and securely remove files, history, and data from a computer, and bleach the blank file space [3, 4]. Mistake 3: Not using encryptionSolution: Encryption isn’t just for databases stored securely in your network. Over half of all data harvesting by hackers was done not on stored data, but on data in transit [5] between systems, through a network, or to employees working remotely. Consistently employing secure, encrypted connections for employees accessing information outside the office is a key step in keeping your data protected. Mistake 4: Not using secure servicesSolution: When employees need to work late on a big project or access a file on the road, all too often what they end up doing is emailing the file to themselves, or putting it on an unsecured public website or notebook. If your employees are circumventing your security because they need more flexibility, one great alternative can be a service like HP Helion public cloud that can provide remote access while maintaining leading security practices. Mistake 5: Not educating employeesSolution: Having secure systems does little good if your employees give up sensitive information and credentials voluntarily. Cybercriminals are increasingly targeting employees in phishing attacks to get past firewalls and other security measures. These attacks use emails, fake websites, Trojan downloads, and social media to solicit the information they need to infiltrate your network. To avoid becoming victims, employees need to be educated on how to recognize—and avoid—suspicious websites, friend requests, and other risky clicks. The average cyber-attack can cost a business nearly $9,000—not including the impact of lost sales due to a damaged reputation [6]. And if you think your business data isn’t a target, you should think again. In 2013, more than half of all of the small businesses surveyed had experienced a security breach at some point [7]. But by taking a few simple steps, you can go a long way towards minimizing your risk. [1] Verizon, Data Breach Investigation Report, 2011[2] Skype, International Technology Upgrade Week, 2012[3] HP Disk Sanitizer is for the use cases outlined in the DOD 5220.22-M Supplement. Does not support Solid State Drives (SSDs). Requires Disk Sanitizer, External Edition for Business Desktops from hp.com. Requires Windows on business desktops and notebooks.[4] HP File Sanitizer is for the use cases outlined in the DOD 5220.22-M Supplement. Does not support Solid State Drives (SSDs). Initial setup required. Web history deleted only in Internet Explorer and Firefox browsers and must be user enabled. With Windows 8.1, user must turn off Enhanced Protection Mode in IE11 for shred on browser close feature.[5] Trustwave, Global Security Report, 2013[6] NSBA, Small Business Technology Survey, 2013[7] Ponemon Institute, Poll for HSB, 2013 Source: http://h30458.www3.hp.com/us/us/smb/Top-security-mistakes-and-how-to-avoid-them_1421521.html?jumpid=em_taw_US_aug14_pps-bps_2256652_hpgl_us_1421521_9701&DIMID=EMID_1005225296&DICID=taw_Sep14&OID=11097710&mrm=1-4BVUP
Break-Fix vs. Managed Services IT Support
In recent years, managed services has become the go-to model of IT management, offering a number of key advantages over the older break-fix model. For companies looking for a more effective and affordable approach to IT management, managed services certainly has a lot to offer. Below, we’ll take a look at the key differences between these two models of IT management in order to help you determine which one is right for your company. The Benefits of Managed Services over Break-Fix IT Management For many years, break-fix was really the only model of IT support that companies were able to purchase. Under this model, the company would have to wait until a piece of hardware or software malfunctioned before they were able to call in an IT service to fix it, hence the name “break-fix”. With managed services, though, companies are able to take a much more proactive approach to IT management. Rather than paying for costly repairs every time something breaks down, managed services enables companies to pay a monthly fee for ongoing IT management and support. The benefits of this new model are numerous. First and most important, the managed services model allows companies to actively prevent IT issues rather than just responding to them as they happen. This helps companies avoid the costly downtime that IT issues can cause as well as often times avoid the cost of repairs. The managed services model is also a much more comprehensive approach to IT management. Under the break-fix model, IT service providers have no real incentive to invest in network management tools, no real incentive to make your network as stable as possible, and even no real incentive to protect your network against future issues. After all, every time there’s a problem, they make money. With managed services, though, this is not the case, as managed services providers are paid a monthly fee to offer comprehensive IT support that remains the same regardless of how many issues they must repair. Taking Advantage of Managed Services The proactive approach of managed services, the fact that managed services providers are incentivized to keep your network operating as best as possible, and several other key benefits make managed services the go-to model of IT management for most companies. If you would like to learn more about how we are able to help you and your company take advantage of all the benefits that managed services has to offer, we invite you to contact us today. Boring Business Systems is a managed service provider in Tampa, Lakeland, and surrounding areas.
Should Your Business Utilize Managed Network Services?
Every day businesses are turning to Managed Network Services to free up their own staff and gain insight from IT experts. The purpose of Managed Network Services is to proactively monitor a company’s network (Internet connections, security, etc.) and repair any network issues that may arise. Outsourcing Managed Network Services saves you valuable IT time, as network engineers rapidly assess the situation before the company may know that there is a problem. Here are five reasons why many companies choose to outsource their IT monitoring: 1. Merge information from multiple locations If you have multiple locations for your business, then you know the challenge of keeping everyone connected, your systems up and running, and information flowing smoothly. Network engineers will monitor your systems and handle the needs of your remote locations. 2. Allow your staff to focus on more important matters You may not have the time, tools, or manpower in place to effectively monitor your company’s IT network. When it’s time to focus all of your energy on growing your business and effectively serving your own customers, the last thing you want is to waste valuable IT time troubleshooting and monitoring company networks between remote locations. 3. Have access to the performance of your critical network components Utilizing Managed Network Services doesn’t mean that you lose control of or access to your performance reports and tracking. On the contrary, it allows you to be fully updated and alerted at all times without having to identify and troubleshoot issues yourself. 4. Keep your network monitored and managed at all hours Oftentimes abuse happens in the middle of the night, so having 24-hour monitoring in place is critical for your business’ security and success. On top of simply monitoring your systems, it is important that the engineers be trained in responding to alerts and knowing how to fix the issues. 5. Minimize operating costs by outsourcing You’ll notice the financial burden of staffing and overseeing your own IT Department taken off your shoulders when you trust a specialized Managed Network Services provider. Put your time, energy, and financial resources into nurturing your business, and let the tech experts handle your growing network and infrastructure.
10 Tips To Secure Your Small Business Network
By David Strom for ComputerWorld.Com Maintaining a secure small business or home network isn’t easy, and even for an old hand in IT, it still takes time and energy to keep things locked down. Here are 10 of the most critical steps you can take to keep your data from ending up elsewhere, and none of them take much time or effort to accomplish.LEARN MORE 1. Use encryption on your wireless access points (AP). Many site surveys have found half or more of all wireless networks are wide open, ripe for anyone to gather all the traffic and perhaps record your sensitive information by sitting in a nearby parked car. Some people mess around with locking down MAC addresses, but that gets unwieldy and a better solution would be to use WPA2 encryption. WPA2 is far better than other encryption methods that are more easily broken into. 2. If you have a wireless network, make sure to hide your SSID (service set identifier), or at least change its name to something common. All wireless routers should have obscure IDs when they announce themselves to the world. Rather than put in any real information that can make it clear who owns the router or that can divulge your location or business name, such as “Acme Systems, here on the 4th floor” or the product name like “Netgear,” use something innocuous like “wireless” or “router1” that doesn’t give away anything really critical. In my last apartment, I had neighbors who used their apartment numbers for their IDs, making it real easy to figure out who’s router was where. 3. If your router (wired or wireless) has a Web management interface, disable access from the outside network. And change the admin default password now. Most routers have the ability to do both quite easily. You don’t want anyone else coming in and changing your settings or reading your log files. 4. Make sure all of your PCs use antivirus software and if you’re using Windows, add antispyware protection. This seems obvious, but it bears restatiing. And while you are at it, check to make sure that all of your antivirus subscriptions are current. Anything out of date isn’t doing you any good. In my support travels, I’ve found that this is a very common lapse among my neighbors. 5. If you are running a Web server on your LAN, put it on a DMZ. If your router doesn’t have a DMZ, get a new router. Better yet, move to a collocation facility where someone who knows what he is doing can manage it. Having your own local Web server sounds like a good idea, but is a real security sinkhole, and many cable networks have made it harder to host your own from your home network anyway. So why worry? 6. Speaking of Web servers on the Internet, if you have them, you should scan regularly for exploits. There are many sites that can do this, two of my favorites are SPIdynamics.com and Qualys.com. Also, make sure to keep track of your domain registry and change all of your access passwords regularly. If you update your Web content, don’t use FTP or Microsoft’s Web page creation tool, FrontPage; instead, find more-secure methods that don’t send your access passwords in the clear. You can learn about other ways to protect your Web site at OWASP.org. 7. If your ISP offers such an option, use a VPN (virtual private network) for access back to your local LAN or your remote Web server. There are many to choose from, ranging from the free OpenVPN.net to inexpensive but capable ones from SonicWall and Fortinet, which are designed for small business owners. 8. Disable file/print sharing on everything other than your file server. You don’t need it on each desktop, and that just causes more vulnerabilities. This is particularly important for laptop users: You don’t want to be broadcasting your entire file system to everyone around you at the airport or hotel, which is something that I often see when I travel and check for open network shares. 9. Use whole disk encryption on all laptops that will ever leave home. You never know when someone will steal your data or break into your car or hotel room and lift the laptop. I like PGP Disk, but there are others that cost next to nothing and provide plenty of protection. If you are in the habit of carrying around USB thumb drives with your data, then use one of the more modern U3 drives that work with Windows and are at least password-protected to keep your data away from others. 10. Start doing regular off-site backups now. At least start with making copies of your key customer and business data, and then make sure you cover your personal files, such as family photos and the like. Now is the time to cook up something simple. Burn DVDs and take them home, or make use of one of the online storage vendors such as eVault and Amazon.com’s S3. They cost less than $100 a year (Amazon’s less than $10 a year) and can save your data in case of fire, theft or just carelessness. If you have two PCs in two different locations, sign up for Microsoft’s Foldershare.com free service to synchronize your data. Now, there are plenty of other security options that will buy you peace of mind and make it harder for hackers, but these 10 items are easy to implement, don’t cost much in terms of your time and money, and will have big security payoffs. Try to attempt one item each week and you’ll sleep better at night. David Strom is a writer, editor, public speaker, blogging coach and consultant. He is a former editor in chief of Network Computing and Tom’s Hardware and has his own blog at http://strominator.com. He can be reached at david@strom.com. Source: http://www.computerworld.com/article/2547589/networking/10-tips-to-secure-your-small-business-network.html