6 Reasons to Use Remote Monitoring to Keep an Eye on Your Systems

/in /by

Many IT service providers use remote monitoring tools to gather information and send reports about their clients’ computer systems. Almost anything can be monitored, from routers and firewalls to virus detection and email services.

Here are five benefits of using remote monitoring to keep an eye on your systems:

1. Reduce the Chances of Downtime

In order to operate smoothly, your company needs its computers up and running. If they stop working, you could end up losing a lot of money.

Remote monitoring can reduce the chances of such an event. Your service provider can set alerts that trigger when a problem starts to develop but before it impacts system performance. This early notification means the issue can be resolved before it develops into a crisis.

2. Respond to Problems Instantly

An IT service provider’s remote monitoring team can protect your computers around-the-clock. This 24/7 service means that providing a solution to your tech troubles doesn’t have to wait until the morning.

3. Handle Problems Anywhere

Because of remote monitoring, it doesn’t matter where you are, where your systems are, or where your people are. A remote monitoring team can contact you, find out how you want a situation handled, and then take care of it for you.

This means that you don’t even need to leave the comfort of your own home in order to take care of a problem. This aspect of remote monitoring is especially appealing to companies with facilities in distant or rural locations.

4. Track System Health

Remote monitoring collects system statistics over time. When viewing this data in monthly or quarterly reports, long-term trends can be identified, even before they reach levels that would trigger an alert.

Using these reports, you can address potential problems as they develop and prevent them from ever impacting your computer system. Trend analysis can also identify needs for system expansion and help with technology budgeting.

5. Monitor and Support Every Device You Use

Remote monitoring is comprehensive. Every device can be monitored and supported remotely, whether it’s a server, a desktop, or a mobile device.

Additionally, a remote monitoring service can provide for automatic updates. Configuration files and other changes can automatically be deployed without users needing to take any action.

6. Have Support Staff That Show Rather than Tell

If one of your employees ever has a computer problem, an IT expert can use remote control tools to take control of the employee’s desktop while they are watching. Remote control is different from remote monitoring, although the two are closely related. When it comes to IT support, remote control tools let technicians teach your employees about the issue at hand and explain to them how to address it in the future.

The Bottom Line

Businesses today rely on their computers. They need their IT infrastructure up and running at all times. They need to know about problems before they happen, and they need support regardless of their locations. Remote monitoring provides a cost-effective way for companies to fulfill these needs.

How to Create a More Effective Data Center

/in , , /by

IT managers are constantly on the lookout for more efficient — and effective — ways to run their data centers. You can try different tools and setups to help things run more smoothly, but at the end of the day, sometimes you just need to let go and automate.

System administrators who do everything manually are wasting their time — and yours. Tasks that are performed repeatedly can, and should be, automated. Doing so can save you money and prevent mistakes due to human error.

To create a better data center, consider automating the following system administrator tasks:

Security Sweeps

You probably know that you should be performing regular, automated security sweeps on your network. These sweeps will expose and fix any wire-borne vulnerabilities in your system; their frequency and intensity will depend on the complexity of your network. Automated security sweeps enable you to set up scheduled scans, send the output to a database, extract a post-scan report from the database, and create an HTML version of the report for online viewing. Nmap is a free network security scanner designed to scan large networks and report vulnerabilities.

Disk Usage Scans

System admins must always watch out for disk space gluttons — users who go beyond their allotted disk space. You can conduct scans, or regular audits of disk space usage by user. Offenders will receive a warning before personal contact from a system admin is necessary. Remedies include temporary account suspension, removal of files, or an extension of the user’s space quota. Perform these automated scans about once per week to keep users apprised of their disk use.

Performance Monitoring

Monitor performance by taking an occasional “snapshot” for a single point-in-time glance at your system’s performance. However, this peek is only a glimpse into the entire performance picture. For something with more depth and breadth that will show trends and predictive peaks and valleys, set up a monitoring system with Orca. This tool compiles performance data from disparate sources and creates performance graphs that are easy to read. Its automated system gathers data, performs calculations, and generates and displays graphs.

High-Level Administration

Save time and effort by performing housekeeping duties, service restarts, and maintenance notices through automation. You can set up scripts to fire during low-use hours to clear temporary file dumps, restart your favorite services, and send out any maintenance or downtime notices through email. Automating these duties will take some of the pressure off of you to remember which day certain tasks need to be done — no need to keep a calendar; just let the system handle it for you.

Do Not Assume Your Business is Too Small to Attract Cybercriminals

/in , /by

Many small businesses have a false sense of security when it comes to cybercrime. More than 75% of U.S. small businesses believe they are safe from it, even though 83% of them do not have formal cyber security plans, according to a study conducted by the National Cyber Security Alliance and Symantec.

Why Is There a False Sense of Security?

Many small businesses assume their size will keep them safe from cybercrime. They often believe that cybercriminals will only go after large companies because those companies have more money, email addresses, credit card numbers, and trade secrets to steal.

However, large companies also have more security experts and IT administrators to guard their assets. Many small businesses do not even have an IT administrator. A third of all small businesses rely on a nontechnical employee to manage their IT systems, according to an AMI-Partners study commissioned by Microsoft.

In reality, cybercriminals often target small businesses because they usually do not have the expertise or resources to fend them off. In 2014, more than a third of all reported targeted attacks were against small businesses, according to Symantec’s 2015 Internet Security Threat Report.

How to Protect Your Small Business from Cybercriminals

There are many measures you can take to help protect your business from cyberattacks. Some of them are fairly easy to put in place, even without the help of an IT administrator. Others measures are more involved. For these measures, you might want to get help from an outside security expert if your business does not have the necessary expertise.

Use security software and a firewall: In 2014, cybercriminals created 317 million pieces of new malware, almost 1 million per day, according to the 2015 Internet Security Threat Report. So, one of the first measures to take is to make sure you have software that detects malware, viruses, and spyware. This security software needs to be updated often. You will also want to make sure you have an operational firewall.

Create and enforce a password policy: A simple measure that can help keep cybercriminals at bay is to create a password policy. You can use this policy to make sure that employees use strong passwords and change them regularly. You can also use it to make sure that different system accounts have different passwords. To make the password policy effective, you need to enforce it.

Provide security training: Employees will not be able to use strong passwords if they do not know how to create them. This is where security training comes in handy. Besides teaching employees how to create a strong password, you can educate them about security threats, such as how attackers use phishing emails that contain malware to infiltrate companies. You can then tell employees about the best ways to thwart attacks. In the case of phishing, you can tell them to verify links in emails before clicking them and not open email attachments that look suspicious.

Dedicate a computer for online banking: If you conduct financial transactions over the Internet, the FBI, American Bankers Association, and Federal Reserve all recommend that you dedicate a computer for this purpose. You should not use this computer for any other online activities that might expose it to vulnerabilities. For example, you should not use it for emailing and surfing the web.

Use two-factor authentication: Using two-factor authentication during logins adds an additional layer of security. With two-factor authentication, employees need to verify their identity with something they have and with something they know. For instance, you might have them swipe a card through a reader and enter a security code. If you have remote employees, you might have them enter a randomly generated number from an electronic token card and enter a password.

Encrypt and back up your data: You can use encryption to protect your data when it is being transmitted over the Internet and when it is sitting in a database or file server. Encryption protocols such as Secure Sockets Layer, or SSL, enable you to protect your data as it is being transmitted over the Internet. Disk drives and databases usually include encryption technology that lets you encrypt data while it is at rest.

Encryption helps stop hackers from stealing sensitive data. It can also help prevent a ransomware attack. Ransomware is a type of malware that cybercriminals use to extort money from victims. They often use it to encrypt data and then demand a ransom to get the password needed for decryption.

There are other types of ransomware attacks. Cybercriminals sometimes use ransomware to lock a computer system and then demand a ransom to unlock it. The best way to defend against all types of ransomware is to regularly back up your data. That way, you can refuse to give in to the cybercriminals’ demands, knowing that you will be able to restore your systems and data if they cause harm.

Be Prepared for an Attack

The measures discussed here are only some of the ones you can take to fend off cybercriminals. Despite your best efforts, though, your small business might still fall victim to an attack. For this reason, you should create a contingency plan covering how to deal with an attack. You also might consider getting an insurance policy that protects you against any losses that you might incur from a cyberattack.

Mobile devices

5 Steps for Developing a Successful BYOD Environment

/in /by

Employees are using their personal smartphones, tablets, and other mobile devices for work much more often these days. This trend even has a name – “BYOD” (Bring Your Own Device). Gone are the days when employees were willing to carry a personal phone and a work phone, for example. In fact, industry research firm Gartner predicts that there will be twice as many employee-owned devices used for work than organizationally-owned devices by 2018.

But properly managing employee-owned devices in an organizational environment has become a real problem. According to a 2014 security report published by Check Point Software Technologies, 95% of the 700 IT professionals surveyed said they’re facing challenges with BYOD at work.  If your organization is facing similar difficulties, here are five steps to successfully develop your own BYOD environment:

1. Develop a BYOD Framework

A BYOD framework addresses issues such as who is allowed to use their personal devices, what devices may be used, and how support for those devices will be accomplished.Before you develop a BYOD framework, your organization should first perform a cost-benefit analysis to determine the basic requirements.

Once the requirements are determined, a framework should be laid out with the assistance of your IT and HR staff, legal and financial advisors, regulatory teams, and any other group that needs to be involved in the BYOD decision-making process. Certain industries, such as the health care industry and financial industry, have additional regulatory restrictions on mobile devices that also affect employee-owned devices used for work.

2. Establish BYOD Policies

The BYOD framework provides a high-level view of the BYOD environment. The BYOD policies fill in the details.

Within the policies, it’s important that you explicitly define what employees can and can’t do when using their personal devices for work. List any applications required to be on employee-owned devices, as well as any applications prohibited for security reasons. The policies should also document how the IT department will support employee-owned devices and how they will be secured.

3. Use MDM Software

Sometimes employees lose their personal devices or have them stolen. To protect your organization’s data, you can require that employees install Mobile Device Management, or MDM, software on their devices. That way, if an employee-owned device is lost or stolen, the MDM software can destroy the work-related data (leaving the personal data intact) or reset the device to factory settings, thereby wiping out all organizational and personal data. Optionally, you can even have the software wipe out the device’s contents completely, making the device useless.

MDM software typically requires authorization from the device owner. In general, it’s a tough sell, as employee-owned devices are just that: employee-owned. Clearly stating the pros and cons of such software can help alleviate concerns and encourage adoption.

4. Use NAC Tools

With Network Access Control, or NAC, tools, you can enforce arbitrary network access policies. These tools were historically used to guarantee the health of a given device before granting it network access, so enforcing BYOD policies is a natural next step.

Modern NAC tools can detect types of devices, or even identify unique devices. This capability lets NAC act like a gatekeeper, allowing only those employee-owned devices that meet the BYOD policies into your network. For example, you can allow or deny access based on the type of mobile device or the employee’s job function.

5. Educate Employees

A successful BYOD environment depends on the cooperation of employees. You’ll need to inform them about the BYOD framework and policies, as well as the use of MDM and NAC tools.

Employees should also be educated on security risks and basic precautions. Teach employees how to create strong passwords and warn them about security threats such as phishing. In addition, you’ll want to discourage sharing of any policy-covered devices with friends and family.

Conclusion

BYOD is here to stay. With the right steps towards a BYOD environment, you can boost employee productivity while addressing any security concerns. For help in developing your BYOD environment, contact us.

Fingerprint

Is Using Fingerprint Authentication a Good Idea?

/in /by

The U.S. government recently announced that 5.6 million fingerprint records were stolen along with other valuable data from the breach they publicized earlier this year. Since many of your clients have iPhones that use fingerprint scanning for security, they may be wondering what could happen if their fingerprint data was stolen.

With fingerprint authentication, you do not need to remember and enter a password to access a device. You just place your finger on a fingerprint scanner. If your fingerprint matches the scanned image on file, you gain access.

More and more devices are using fingerprint authentication, including smartphones and notebooks. But is using fingerprint authentication a good idea? To answer this question, you need to know how fingerprint scanners work, along with their advantages and disadvantages.

How Fingerprint Scanners Work

No two people have the same fingerprint. Even identical twins have different fingerprints. Thus, fingerprints can be used for identification purposes.

There are two main types of fingerprint scanners: optical and capacitance. Optical scanners use charge-coupled devices (CCDs) to get a fingerprint image. They work a lot like traditional scanners. Capacitance scanners use electrical current to obtain fingerprint images. Their images have a higher degree of fidelity than the images made with an optical scanner. Plus, capacitance scanners require an actual fingerprint shape to work, making it harder to fake fingerprints.

Most optical and capacitance fingerprint scanning systems do not compare the entire fingerprint when checking a fingerprint against the scanned image on file. They compare specific features of the fingerprint, which are known as minutiae. They use complex algorithms to recognize and analyze minutiae patterns.

All the minutiae patterns in the fingerprint and in the scanned image on file do not have to match for fingerprint scanning systems to allow access to devices. They simply have to find a sufficient number of minutiae patterns in common. The exact number depends on the programming in the fingerprint scanning system.

The Advantages of Fingerprint Authentication

Fingerprint authentication has several advantages over authentication systems that use passwords, personal identification numbers, or access cards. Here are some of the most noteworthy advantages:

  • Users cannot create weak fingerprints or forget them.
  • Users cannot misplace their fingerprints.
  • Criminals cannot guess a fingerprint pattern.
  • If a mobile device using fingerprint authentication is lost or stolen, its contents cannot be easily accessed.

Because fingerprint authentication is convenient for users but not criminals, many device manufacturers are beginning to use this type of authentication. For example, the iPhone 5S and newer models use capacitance scanning to provide fingerprint authentication.

The Disadvantages of Fingerprint Authentication

Fingerprint scanning systems are not infallible. Optical scanners cannot always distinguish between a high-resolution picture of a finger and the finger itself. Even capacitive scanners can sometimes be fooled by an artificial fingerprint. There are documented cases where fingerprint scanners have been duped with fingerprints lifted from glasses, CDs, and other items. The process is time-consuming and requires a lot of expertise. You first need to enhance the fingerprint and get a high-quality digital image of it. You then need to turn the image into a mold in which you can pour gelatin or silicon to make the fake fingerprint.

Already having a digital scan of a fingerprint would make the process easier and less time-consuming, potentially making it more lucrative to criminals. In September 2015, they learned that their fingerprint scans were stolen during the U.S. Office of Personnel Management (OPM) data breach that occurred earlier in the year. The OPM data breach was massive.

Federal experts believe that the ability to misuse fingerprint data is currently limited, but this could change over time as technology evolves, according OPM Press Secretary Sam Schumach. A group with expertise in this area will be reviewing the potential ways adversaries could misuse fingerprint data now and in the future.

This group’s activities will likely give little comfort to the 5.6 million federal employees who had their fingerprint scans stolen. While passwords, personal identification numbers, and access cards can be changed, fingerprints cannot be. As a result, they will likely have to worry about becoming victims the rest of their lives.

“While cybercriminals may not be positioned to leverage stolen biometrics now, that will change as these types of authentication are more widespread,” said Tim Erlin in an eSecurity Planet interview. Erlin is the director of IT security and risk strategy at Tripwire. “Most iPhones can use a fingerprint for authentication these days, and criminals always look for the most profitable targets.”

One way the 5.6 million federal employees can protect themselves at home is to use more than one type of authentication to access their devices. This is referred to as multifactor authentication.

Using Multifactor Authentication Is Best

With multifactor authentication, you use two or more types of credentials to access a device. The main types of credentials are often described as:

  • Something you know. Examples include passwords and personal identification numbers.
  • Something you have. Examples include access cards and fobs.
  • Something you are. Examples include fingerprint and retinal scans.

Using fingerprint authentication with another type of authentication can provide a high degree of security. For more information about using multifactor authentication, talk to your IT service provider.