Lax Network Security is a BIG Problem in Business Today

I recently had a conversation about security with the head of an organization we were presenting a support proposal to and he said "Oh, we're not worried about our security, our employees wouldn't do anything and besides we have a firewall to keep the bad guys out."  Sadly, we hear that refrain much too often.  It's kind of frightening really.

A recent survey of almost 250 IT security pros found that 73.3 percent  would NOT be willing to bet $100 of their own money that their own companies won't suffer a data breach within the next six months. 

It also found that 81.4 percent of IT security staff think employees tend to ignore the rules that IT departments put in place.

Also, 38.3 percent of IT security personnel have actually witnessed an employee accessing company information that he or she should not have access to.

Add to that the results of another study of data breachs that reported that over 60% of all documented data thefts or tampering in the U.S. were "inside jobs" perpetrated by either employees or sub-contractors that had access to the company network.

Is it any wonder that news of major data breaches is an almost daily event in the industry news?

Businesses should be in the practice of conducting annual security reviews and those reviews shouldn't be conducted by in-house staff. They're too close to the situation because they usually are the ones that built the system in the first place. An outside vendor that has experience in performing network security audits and conducting "White Hat" network penetration testing is your best bet for making sure your network is secure.

Read More

Ransomeware Now #1 MalwareThreat - Learn More Here

I just read an outstanding white paper from a couple of researchers at Sophos Security outlining how Ransomware is passing up FakeAlert malware as the biggest and most serious threat to users of the Internet.  This reinforces our experience in the field.

Ransomware differs from other malware in that it attempts to extort a payment from the infected user by either doing or threatening to do something malicious to their computer (or network) like encrypting all of their files or locking it up.  Most times, even when the ransom is paid, the files never get un-encrypted leaving a disaster behind.  The encryption levels can be sophisticated enough that even advance decryption software can't unscramble the mess. 

Ramsonware can be delivered either by an infected web site or via e-mail.  At last count the number of infected legitimate web sites sat at over 28 million according to some experts. 

There are several ways to reduce your risk of infection: 

• First and foremost, computer users have to do a better job of keeping all their programs, their browsers, their operating systems (whether it be Windows, MAC OS, Linux or Android) and their support apps like Java, Acrobat, FlashPlayer etc up to date. 
• Second, keep your A/V programs updating in real-time and set to do Heuristic scanning if it has that capability.  Throw away those "free" A/V programs if your using one of them and buy a real A/V program from one of the top 5 A/V companies.  (Trend Micro, McAfee, Symantec, Kaspersky or Sophos) We also like Viper.
• Add, off-site e-mail spam scrubbing to your e-mail domain.  It's better to screen your incoming e-mail for problems before it arrives on your computer or network to reduce exposure. 
• Finally, you should consider adding a perimeter anti-malware component to your network protection strategy.  This reduces the risk of malware from ever getting into your network in the first place and greatly reduces your risk of infection.

No single solution wil be 100% effective.  The malware writers will always find a vulnerability to exploit in time but if you're to stay ahead of them enough to greatly reduce your exposure you need to create a blended approach to security. 

There are also additional steps that can be taken to mitigate the problems caused by all kinds of malware including having a real-time backup solution that improves your ability to recover from an infection. 

Don't forget to secure your portable devices, too! Experts agree that there are vastly more security holes on portables that PCs because so many apps are so poorly written and are full of holes. Lock down your smartphones, tablets and other portables too.

If you're not treating malware as an ever-present real threat to your network, it's inevitable that you're going to get hit.  The only real questions then are "How hard?" and "Will you be able to recover?"

For additional help, you can contact us anytime at ACT Network Solutions at (847) 639-7000.

Read More

How Fast Can You Get Your Data Back From The Cloud?

When considering a server backup solution in the cloud, one of the most overlooked issues that can impact your business recovery time is "How Fast Can You Get Your Data Back?" in the event of a Data Disaster.  In our on-going seminar series called "Protecting Your Business From A Data Disaster, we demonstrate to attendees that their ability to recover quickly may hinge on how long it will take to get their  data back from a cloud backup provider.  It's one of the most overlooked issues in Disaster Recovery.

If you're relying on a data download from the Internet to recover your server, consider these download estimates based upon available broadband alternatives:

Download Size            Medium             Download Duration *

1 MB File                     T-1 Line              < 1 Minute

100 MB File                 T-1 Line              +/- 12 Minutes
1 GB of data                T-1 Line              2.1 Hours
100 GB of data            T-1 Line              206.8 hours

50 GB                          T-3 Line              34.5 hours

100 GB                        T-3 Line              68.9 hours

50 GB                          20 mbps line         6.3 hours

100 GB                        20 mbps line       12.6 hours
300 GB                        20 mbps line       37.9 hours
500 GB                        20 mbps line       63.2 hours

* CAUTION!   Some broadband providers throttle back your download speed it you maintain a heavy traffic volume for too long.  This can extend your download times dramatically!

Remember, a reasonably mature file server usually contains between 50 GB and 500 GB of data, programs, O/S and associated files. It's not a small amount of data!

Will your off-site back-up vendor express ship your data?  How fast will they react?  Same day?  Next Business Day?   2 - 5 days?  Whenever they get around to it?  The answers may surprise you.

You need to factor these times into your recovery time calculation to know when you can reasonably expect to get your business back up and running in the event of a server failure or other Data Disaster.

At ACT, if you're using our DataVault Server Mirroring service or Server Fail-over service, we promise to deliver your backed up data images via one of our service trucks in a secure
storage device within 2 business hours if your business is within 50 miles of our data center.  If not, we'll have it delivered via next business day express delivery.

Read More