Security

Four ways to Enhance your Endpoint Security

Endpoint Security.png

It's quite likely you use several devices, such as a smartphone, tablet, and a laptop or desktop PC, to run your business. Each device, however, represents an access point for threats like viruses and malware. Endpoint security aims to secure these network 'endpoints' so that suspicious online activities are blocked at the point of entry.

The need for endpoint security has risen sharply, particularly in response to the rise in mobile threats and the growing internet of things (IoT). Most vulnerable are small-medium businesses (SMBs) with offsite employees who need to access the company's network. But the reality is that all businesses are at risk, given today’s ever-shifting and undefinable security perimeter.

So, what are today’s SMB leaders doing when it comes to endpoint security? How can you ensure every tech outpost in your business is secure? Here are four key strategies.

1. Remove or limit administrative access

Most employees don't need administrative rights to perform their day-to-day jobs. If an endpoint app does require administrative access to your network, it can be added to a database of approved programs by an access control tool. Limiting administrative access in this manner can greatly limit damage within your core network caused by an attacker who is targeting the endpoint device.

2. Use advanced authentication

Many successful endpoint breaches are the result of employees using the same password across multiple sites. If just one site is compromised, it's only a matter of time before your business network is broken into. Two-factor authentication fixes this problem by requiring extra credentials to access the system, such as a fingerprint scanner, token code, smart card or additional questions. This blocks attackers even if the password has been stolen.

3. Keep your systems up to date

New security vulnerabilities are being discovered all the time. Hackers are constantly keeping watch – and using them against SMBs to find out which ones neglected to patch their systems. If you use various endpoint devices in your business, it's important to ensure your business apps, anti-malware programs and other security tools are kept up to date with the latest security patches and virus definitions.

4. Conduct security training and awareness sessions

A recent IBM study found that 60 percent of business data breaches originate from employees, with about a quarter of these being accidental. Ongoing awareness and training on security best practices, in areas such as data encryption, password security and BYOD (bring your own device), can help keep your network safe.

As your data network gains more endpoints, the number and variety of cyber risks will only increase. These steps will help to ensure that your SMB is better protected and more resilient against online attacks.

We can help you prepare for the worst

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

3 Ways Spending Less on Hardware will cost you

Desktop Computer 3.0.jpeg

How “Cheap” Machines Become Expensive


Everyone in business IT knows that budgets are shrinking. In an environment with fewer dollars, it's tempting to look at low price tags as the most important specification any hardware can carry. The problem, as we are reminded frequently, is that total cost of ownership (TCO) cannot be ignored. More importantly, the total benefit of ownership is a metric that IT managers must take into consideration seriously when specifying the details of servers or workstations. 

There are multiple aspects to TCO for hardware, and most of them have nothing to do with whether the hardware is likely to break and need service. For our purposes, let’s assume that any workstation you buy is going to be an absolute rock of reliability and quality. That still doesn't take away three ongoing costs of owning your workstations. 

1. Lost Productivity

You've heard that time is money, well one of the primary ways in which the cheapest priced machine can become expensive over time is through the lost productivity that accompanies the minimal performance.

Managers focused on nothing but purchase price might criticize the organizational cost of a few seconds per operation or the inconvenience caused to an employee by a desktop workstation compared to a laptop, but over the course of a workstation's lifetime, those seconds and minutes add up.

2. Reduced Effectiveness

Workers who have to deal with daily frustrations from underperforming or poorly configured workstations are less effective.

Human memory is poor, especially after the fifth meeting of the morning. Handwritten notes are better than nothing, but notes typed into a laptop are surely best. That isn’t possible for workers away from their desks if their computers can’t follow them.

There are still organizations with managers who consider laptop and other mobile computers as luxury items. IT managers might want to point out that mobile computers can increase information accuracy, improve productivity, lower network infrastructure costs, and enhance security in return for their perceived luxury.

3. Security and Network Infrastructure

Considerations such as network infrastructure cost should be considered in TCO calculations, especially when WiFi has become nearly ubiquitous, and the costs of running cable continue to rise.

IT managers who want to seriously tilt the table in the direction of mobile endpoints can discuss the cost of potential data breaches through physical intrusions. The average desktop-based client infrastructure is far less secure than an infrastructure and policy framework that has:

  • Most laptop and mobile devices locked in drawers or cabinets at the end of the day

  • The rest in the possession of employees trained in security

Moreover, connecting to central assets through a VPN can be far more secure than the average desktop-based client infrastructure.

Decisions based solely on minimum purchase price can come back to haunt an organization for years. Current Technologies specializes in consulting with your business, finding out your needs, analyzing all options and bringing you the solution best fit for your business.

Get Your Solution Today

Name *
Name

We Value Your Feedback!

Name *
Name
CurrentTech_Horizontal.jpg

9 Network Vulnerabilities You Should Address Now

start_the_year_on_a_secure_note795x313.png

Finish the year on a secure note

Research from Spiceworks, a network of IT professionals, highlighted more than 70% of respondents rated security as their top concern for 2018. With the hacking epidemic on the rise, here are nine things involving hardware and software that can be done to help stop you from worrying about your business' security.

Hardware

Sure, software is the greater hacking risk, but many hardware vulnerabilities are software-based. Older equipment is often missing new built-in security features like:

  • Unified Extensible Firmware Interface (UEFI) with Secure Boot

  • Self-healing basic input/output system (BIOS)

  • Pre-boot authentication (PBA)

  • Self-encrypting drives

That’s why you should be auditing and planning to remove:

  1. Computers with conventional BIOS- They can’t run Secure Boot, which helps to prevent malware loading during the boot process.

  2. Computers lacking pre-boot authentication or a trusted platform module (TPM), which stop the operating system from loading until the user enters authentication information, such as a password.

  3. Old routers, which can have easily hacked vulnerabilities.

  4. Drives that don't self-encrypt- Self-encrypting drives (SEDs) need a password (in addition to the OS login password), and the technology automatically encrypts and decrypts data on the drive.

On a side note, old drives leave you vulnerable in another way: you could lose data when they fail, which they will.

Software

Getting your hardware straight will almost always involve spending money, but fixing up software could be as simple as running those free updates you never got around to. Here’s what to look at:

  1. Unpatched or out-of-date operating systems- Windows XP has been beyond its support period for nearly three years but is still running all over the world despite there being no updates, no technical assistance, and limited efficacy with anti-virus. And old operating systems always have fewer security features than new ones.

  2. Unpatched or out-of-date productivity software- It’s highly risky to run unpatched versions of Microsoft Office, especially older versions like Office 2002, Office 2003, and Office 2007. They can give a hacker access to the rest of a system, with particularly catastrophic consequences if the user has administrative privileges.

  3. Legacy custom applications- If running an old version of Office is a risk, imagine the danger of running legacy custom software, particularly if you’re no longer doing business with the vendor (or the vendor is no longer in business). When your legacy software was being coded, the vendor probably wasn’t thinking of the sort of security attacks that are common today.

  4. Unpatched web browsers- No browser is entirely free of security vulnerabilities. Common vulnerabilities include URL spoofing, cross-site scripting, injection attacks, exploitable viruses, buffer overflow, ActiveX exploits, and many more. Always, always run the most recent version.

  5. Out-of-date plug-ins- Everybody loves a plug-in, but they have a high potential for disaster, especially if you’re not running the latest versions.

Outdated Hardware or Software Shouldn't Stop You

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Helpful Hackers- They Do Exist

Hacker.png

Business IT systems are complicated, you know that. You've invested in security for your systems, but you're worried that there are still holes in your defense, weak spots between all the bits and pieces that make up your total networking and computing infrastructure. How can you feel confident in your security? You have to welcome a hacker into your midst.

It sounds counter-intuitive, welcoming a hacker (or team of hackers) to come and break into your network and your most sensitive data stores. But that's exactly what pen-testers (short for penetration testers) do—launch non-harmful, sophisticated attacks and probe to see if your network can handle the worst the world has to throw against it. Pen tests are almost always valuable, but to get the most from the exercise there are several things you can do.

1. Turn Them Loose

Too many pen tests are hampered because the client places significant limits on what the pen testers can do. One frequent example involves spear-phishing and social engineering. Will you let the pen testers send email messages to employees trying to tempt them into giving up network credentials or privileged information?

Some companies say they do not want to risk embarrassing employees, so they forego testing the human element of the network. If you do not run these tests, you lose valuable opportunities to see how well corporate training has been put to use by employees. The key is to not single out employees and treat any successful spear-phishing attacks as opportunities for education, not punishment.

2. Define Goals Before You Start

Is the purpose of the test to inform regulatory compliance efforts? Are you trying to see where weaknesses lie before starting a new security purchase cycle? Do you want to give your InfoSec team information before they begin revisions to the corporate security policy? Is this just part of your regular cycle of testing the effectiveness of your security?

Being clear about what you want to achieve from the test, and communicating that information clearly to the pen testing team, will help make sure the pen testers are working with you to be most effective.

3. Do Not Hire Them

Some executives resist pen testing because they worry that the results of the test could become subject to the discovery process in the event of a lawsuit. That is a legitimate concern, but there's a way around it.

Let your law firm hire them. If outside counsel hires them and delivers the report to you, then it is privileged communication and is immune from legal discovery. You get the results, everyone gets protection, and everyone (on your team) is happy.

“Hiring” a team of hackers can be the best thing you do to strengthen your network security. Do your homework on the firm you hire and follow the tips above, and you'll end up with a sound picture of where your security is doing its job—and where you should start immediately patching the holes. Our team at Current Technologies specializes in building state of the art security systems to your specification. If you already know where the holes are from a pen-test, it will be a breeze to have us patch them up for you.

Need Help Passing Your Pen-Test?

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this information helpful?
CurrentTech_Horizontal.jpg

2018-19 School Year Technology Checklist

More School Children Using WiFi.jpg

Making your list for the year ahead


In the ongoing cycle of the educational year, it’s buying season for primary and secondary schools. That means schools and school districts are looking at the technology available for students, faculty, and staff. Then, they’re trying to make decisions that will affect those users for the next three to five years (or more). What are the products that school IT staff should be considering, given the march of technology and the lessons learned in the last few years? Let’s take a look at the issues and technologies for each of the constituents that school IT must consider.

Security

For faculty, the key considerations are security and the ability to work successfully with a wide variety of instructional media. The first of these considerations is obvious because FERPA requires it. Student data must be kept secure. The challenging piece of this is, of course, that the data must also be accessible to faculty and authorized staff at a moments notice.

Look for multi-factor authentication built into hardware and graphics capabilities that make it possible to run virtual desktops. These simply eliminate many of the security issues around sensitive data. When it comes to things like student data, it is wise to talk with professionals. Current Technologies has been working with schools for 20+ years and keeping their data secure.

Wi-Fi

The more technology gets integrated into schools, the more bandwidth schools are going to need. Streaming videos, internet searches and an array of learning applications all require bandwidth. With a slow connection, it could take half of a period just for students to load what they need.

The recently released 802.11ac Wave 2 is providing schools with more than 6Mbps, which is a huge upgrade from 802.11ac. With more students bringing their own devices from home and teachers continually integrating more technology, bandwidth has to grow. 802.11ac Wave 2 has done that and can last long into the future. 

Device mix

Student workstations are changing as school systems revisit desktop and laptop computers.

Tablets will remain relevant, although many schools have found that without comprehensive lesson plans and dedicated support infrastructure, tablets don’t necessarily provide the desired results.

While some schools allow students to bring family-owned tablets, school-provided desktop computers are more rugged, more easily secured, and more capable than tablets.

Mobility

Staff members are among the computer users who are focused on mobility for their systems. Part of this is due to requirements that administrators and specialists take systems home to complete work.

Another consideration is on-campus (or between-campus) mobility to supervise multiple locations or functions within the school. For these employees, convertible systems that combine laptop and tablet functionality are gaining popularity, especially with the addition of FERPA-compliant mobile device management (MDM) software to ensure security.

Networking, device mix, mobility, and security are the primary hardware considerations driving changes in education systems. For educational IT specialists, specifications for these three should be part of any requirements list for this year’s shopping season.

What's On Your Shopping List?

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg