Blog

August 26th, 2014

Security_Aug18_CSince the advent of the Internet, hackers have been actively trying to exploit it. Over the past few years, many have targeted different websites to obtain user account details like usernames and passwords. There seems to be a trend where the number of accounts compromised with each new security announcement is rising. In early August, news broke that possibly the largest breach to date has been uncovered.

The latest big-scale breach

In early August, it emerged that a Russian hacker ring had amassed what is believed to be the biggest known collection of stolen account credentials. The numbers include around 1.2 billion username and password combinations, and over 500 million email addresses.
Read more.
Topic Security
August 8th, 2014

Security_Aug05_CSecurity of your systems and technology is always an on-going battle and one you will likely never completely win. There are definitive steps you can take to ensure that your systems are secure, but we find that one of the most effective tools is knowledge. If you know a bit about how your systems can be breached, you can ensure a higher level of caution and security. To help, here are five common ways businesses see their systems breached.

1. You are tricked into installing malicious software

One of the most common ways a system's security is breached is through malware being downloaded by the user. In almost every case where malware is installed the reason is because the user was tricked into downloading it.
Read more.
Topic Security
July 11th, 2014

Security_July07_CA common issue many businesses face, regardless of their size, is that their computer systems and devices get progressively older and slower, unless they are constantly updated. This can frustrate some employees who may have up-to-date personal devices, so much so that they simply start to bring these devices into the office. The idea of BYOD, or Bring Your Own Device, is not all that new, but it is a growing concern and if it's not handled properly it can pose a security risk.

What should I do about BYOD?

The first reaction of many office managers and business owners, worried about security threats that could stem from BYOD, is to impose an outright ban of devices. While telling your staff they are not to use their devices for work may seem like a quick and easy solution, you can be 100% sure that there will be employees who ignore this policy and use their personal devices for work regardless.
Read more.
Topic Security
June 27th, 2014

Security_June23_CThe increasing number of businesses turning to a virtual environment is parallel with cyber criminals looking to breach that security. While many businesses think their virtual servers are safe and secure, some are unaware of major security myths that can leave your business vulnerable to attack. With that in mind, isn’t it time you familiarized yourself with five common virtualization security misconceptions to keep your virtual environment secure?

Myth No.1: Existing endpoint security will protect our virtual environment

Most traditional endpoint security solutions are virtual-aware and provide low levels of protection. This simply isn’t enough. Depending on the virtualization platform used (VMware, Microsoft, etc.), your traditional endpoint security suite can probably recognize virtual endpoints. However, this physical software often can’t bring its full tool set of anti-malware to the virtual world, meaning it can only perform basic tasks such as on-access scanning.
Read more.
Topic Security
June 14th, 2014

security_June13_CThe parallel rise of technological advancement and malicious Internet activity is evident. With advances in technology comes an increase in security threats which, if not taken care of right away, can severely affect your business’ efficiency and overall success. With that in mind, it’s time you familiarized yourself with the top security best practice guidelines which will go a long way to ensuring your business is safe and secure.

10 Security practice guidelines for businesses

  1. Encrypt your data: Encryption of stored data, filesystems, and across-the-wire transfers is essential to protect sensitive data as well as to help prevent data loss due to equipment loss or theft.
  2. Use digital certificates to sign all of your sites: You should obtain your certificates from a trusted Certificate Authority, and instead of saving your certificates on the Web server, save them to hardware devices like routers or load balancers.
  3. Implement a removable media policy: Devices like USB drives, external hard disks, external DVD writers or any writeable media facilitate security breaches coming into or leaving your network. Restricting the use of those devices is an effective way to minimize security threats.
  4. Implement DLP and auditing: Be sure to use data loss prevention and file auditing to monitor, alert, identify, and block the flow of data into and out of your network.
  5. Use a spam filter on your email servers: Using a time-tested spam filter such as SpamAssassin will remove unwanted email from entering your inbox and junk folders. It is important that you identify junk mail even if it’s from a trusted source.
  6. Secure websites against MITM and malware infections: Start using Secure Sockets Layer (SSL) which creates a secure connection between a user and server, over which any amount of data can be sent securely. Through SSL, you’ll be able to scan your website daily for malware, set the Secure flag for all session cookies, as well as use SSL certificates with Extended Validation.
  7. Use a comprehensive endpoint security solution: Using an antivirus software alone is not enough to provide defense against today’s security threats. Go for a multi-layered product to prevent malware infections on your devices.
  8. Network-based security hardware and software: Start using firewalls, gateway antivirus, intrusion detection devices, and monitoring to screen for DoS attacks, virus signatures, unauthorized intrusion, and other over-the-network attacks.
  9. Maintain security patches: Make sure that your software and hardware defenses stay up-to-date with new anti-malware signatures and the latest patches. If your antivirus program doesn’t update on a daily basis, be sure to set up a regular scan and a remediation plan for your systems.
  10. Educate your employees: As simple as it sounds, this might be the most important non-hardware, non-software solution available. An informed user will more likely behave more responsibly and take fewer risks with valuable company data resulting in fewer threats to your organization.
Businesses cannot afford to take chances with security. Why? Because doing so can trigger a domino effect, causing a cascade of problems that can lead to operational outages, data loss, security breaches, and the subsequent negative impact to your company's bottom line. Looking to learn more about security for your business? Call us today for a chat.
Published with permission from TechAdvisory.org. Source.

Read more.
Topic Security
May 14th, 2014

Security_May13_CThe tool that allows the vast majority of businesses to utilize the Internet in order to carry out their day-to-day operations is the browser. While there are numerous browsers available, many businesses rely on Internet Explorer (IE). This browser comes pre-installed on all machines using Windows. However, if you use IE, there is a new exploit that you should be aware of.

What exactly is a zero-day flaw?

A zero-day flaw is a security vulnerability that is taken advantage of by hackers on the day it is discovered. In other words, there are zero days between the discovery of the vulnerability and people taking advantage of it.
Read more.
Topic Security
May 2nd, 2014

Security_Apr28_CAs everyone knows, we use passwords to prevent anyone getting access to our personal accounts and gadgets. But, with ever-growing numbers of hackers determined to grab our data, people need to be extra vigilant. These cyber criminals are using sophisticated technology to steal information whenever there is a slight hint of opportunity. So don't give them a chance. Your passwords are your first defence. Use these tips to stay safer online.

Observe proper web security

With the rapid advancements in technology comes sophistication of methodologies used by hackers to steal data and destroy web security. Cyber crime is continuously evolving as new programs are made to unlock accounts and combine numbers, letters and special characters to determine passwords. The big question for internet users is – how to choose a strong password that can drive hackers away?
Read more.
Topic Security
April 12th, 2014

Security_Apr11_CThe security of your systems and communication, especially those that utilize the Internet should be paramount for any business. Over the past few weeks a massive new security flaw has been uncovered. This flaw, codenamed Heartbleed, could potentially expose all your vital data and communications that flows between your computer and websites online. All businesses and Internet users should be aware of this Heartbleed so that they can take steps to stay safe.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.
Read more.
Topic Security
April 5th, 2014

Security_March31_CComputers must have appropriate protection from malware attacks. Aside from creating annoyances, malware infections can also affect the performance of your computer. Furthermore, the data on your system and confidential information that you use online may also be tracked and used without your knowledge. Because of the severity of the problems that it can cause you need to be very cautious about preventing malware infections, and know how to deal with them properly.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.
Read more.
Topic Security
March 21st, 2014

Security_Mar17_CAny business that employs technology in any aspect will eventually begin to worry about how secure their systems are. In order to ensure security, many companies implement a security strategy. While these strategies are a great way to ensure the security of your business systems and data, there is one element that many business owners forget: The audit.

Auditing and the security security strategy

Auditing your company's security is important, the only problem business owners run across is where and what they should be auditing. The easiest way to do this is to first look at the common elements of developing security strategies.
Read more.
Topic Security