netCare Technology Blog

Welcome to our Blog. Frequent here for tips, tricks, and information.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Recent blog posts

b2ap3_thumbnail_wordcloudDRAAS.jpg

Downtime is costly, and the process of getting up and running again can significantly strain IT resources. Moving to a disaster recovery-as-a-service (DRaaS) approach can take a lot of the pressure off, but only if you first have an understanding of your vulnerabilities and the threats that can bring your systems to a halt. Getting a handle on disaster recovery is essential, especially as outages become costlier and more businesses become data-center-dependent.

Cyber Crime Is Fastest Growing Cause Of Data Center Outage

A single data center outage today costs U.S. businesses more than $740,000 on average, up 38% since the Ponemon Institute first started tracking the metric back in 2010. And while issues such as UPS failures continue to be the number one cause of unplanned data center outages (accounting for 25% of all events), cybercrime is actually the fastest growing, rising from just 2% in 2016 to 22% today.

A single cyber attack, such as ransomware or distributed denial of service (DDoS), crystallizes the financial importance not only of protecting your organization from such attacks, but also recovering from them as quickly and seamlessly as possible. Before putting a disaster recovery plan in place; however, enterprises must first determine two key metrics:

  • Recovery time objective (RTO): A function of the extent to which downtime disrupts normal operations and resulting revenue lost per unit of time measured in seconds, minutes, hours or days. For example, if the RTO for an application is an hour, it is fairly critical and requires a fast – and likely expensive – recovery approach (e.g., redundant data backup on external hard drives). An RTO of five days; however, is less critical, making a slower, less expensive recovery option (tape, offsite storage, etc.)the more cost-effective choice.

  • Recovery point objective (RPO): The RPO is the age of the files that must be recovered from backups for normal operations to resume. Expressed in time (going back into the past) from the point of failure, RPO is specified in seconds, minutes, hours or days. Once calculated, it is used to determine the optimal frequency for backups. For example, an RPO of an hour means the application is critical and backups must be made at least once an hour. An RPO of five days; on the other hand, requires backups be performed every 120 hours, which is a far less taxing regimen.

DRaaS Is Achievable and Affordable In Face of Downtime

Calculating the RTO and RPO upfront brings certainty to the entire disaster recovery planning process. Unfortunately, this certainty can also quickly highlight the cost of meeting all those RTOs and RPOs when a disaster strikes. This is where a comprehensive DRaaS option can come into play.

Armed with accurate, realistic RTO and RPO data, enterprises can more confidently determine the type and breadth of backup and restore capabilities they require. They can then more accurately vet their disaster recovery options, including DRaaS. And since DRaaS is billed on a subscription basis, it also brings certainty to the budgeting process, ensuring the DR plan is both achievable and affordable.

The cost of downtime is just too high to address disasters as they come. To business that depend on data to perform (what business doesn't?), neteffect offers a range of DRaaS programs to give you peace of mind. Learn more.

Hits: 56

b2ap3_thumbnail_mobile-workforce_20170321-194900_1.jpgIt used to be the idea of a busy office was where operators were standing by to connect telephone calls. Those days and those phones are history.

If you’re building a team in today’s workforce, today’s talent expects to be working with tomorrow’s communications tools. Workforces are flexible and mobile. This generation expects to be empowered to make decisions to move your company forward.

More Than Just a Call

Phones are out. In is Unified Communication & Collaboration. Called UC&C, it’s what connects your workforce to customers, partners, functional teams and ideas — essentially, all the resources and information they need to perform their jobs.

With UC&C, employees are given one number that travels from desk to home, from landline to mobile; so company calls can be taken in headquarters or on the road. This is critical for smaller businesses needing to save office space and keep employees on the go. UC&C can seamlessly redirect calls from the desk to a mobile device, or have mobile calls appear from the office number.

UC&C also connects customers and employees in the ways they want to be reached. If your employee is on another call, you can see that status and direct the call elsewhere. If your customer needs a quick instant message, UC&C initiates it painlessly. And conference calls no longer need to be the whole team huddled around one speakerphone: UC&C enables you to conference everyone in, from whatever location, on laptops, tablets and mobile phones.

Security with Mobility

When approaching UC&C, you need to keep security in mind. Here are some factors to consider:

  • Empower employees with sensible policies that work for a mobile workforce. Encourage strong passwords and authentication by building that into the system.

  • Use the wisdom of your workforce to classify the data they store. Have a policy in place so informed decisions are made as to what data must be copied to mobile devices and what can never leave those systems.

  • Track the mobile assets that have access to your system. Know who has a device and where it is likely to be used. You don’t want your hardware falling into the wrong hands – or worse, devices go missing and later reappear on your network, long after they’ve been written off as lost by the company.

  • Encrypt your files. Encryption helps your employees be safe — no one can use their devices without their logon. If the device goes missing and someone unauthorized tries to get into the system, you can remotely wipe out the data on that phone or laptop once it connects again to the internet. You can use the device again if it is returned — but your data will not be in the wrong hands.  

  • On the road or just working from home, your UC&C-empowered workforce will need to backup data. If your policies dictate everything being backed up once a day, you’ll save hours replacing what was lost should a breach occur.

By setting parameters for your new system, you can safely start building your network for the future. A partner of Fortinet, neteffect can help you take full advantage of the digital transformation with the secure, telecom solution that’s right for you.

Hits: 99

No company, no matter the size or industry, is immune to cyber attacks. But for small- and medium-sized businesses, the risk is compounded.

These smaller companies typically have fewer resources and in-house cybersecurity expertise than large enterprises — and consequently, become easy targets for attackers.

A recent report indicates that 65 percent of all cyber attacks worldwide last year were against companies with fewer than 2,500 employees. And the number of attacks on businesses with fewer than 250 workers has been on the rise every year.

The cybersecurity environment has become too sophisticated to manage by small IT departments that have to handle every aspect of a company’s information technology. The need for specialized knowledge will only continue to grow as mobile devices, the Internet of Things and cloud computing add new layers to the security infrastructure.

Even companies that have resources for dedicated cybersecurity staff are struggling with the shortage of skilled security professionals.  This talent gap is projected to grow — with Frost & Sullivan predicting it will reach 1.5 million workers by 2020.

Why Outsourcing Security Is a Smart Decision

A new trend that continues to emerge is the outsourcing of information security. The market for managed security services is expected to more than triple between 2015 and 2020, growing to a $30 billion industry worldwide.

By outsourcing your security needs to a managed security services provider (MSSP), you meet a number of  IT challenges, such as:

  • Knowledge gap: Whether it’s ransomware or denial-of-service attacks, malicious actors are constantly adding to their arsenal. By outsourcing security, you leverage the expertise of a company whose sole focus is on protecting organizations from even the most advanced cyber threats.

  • Talent shortage: Focus on hiring talent for core areas of your company instead of struggling to compete with many other companies for the same limited security workforce pool.

  • Technology upgrades: The technology that helps protect your data is constantly improving and evolving. Keeping up with state-of-the-art technology is expensive, especially if you’re still using some legacy systems.

  • Budget limitations: Although companies are spending more money on information security, the budget still remains a top barrier. By outsourcing, you save the costs of maintaining and upgrading expensive security infrastructure on premises.

  • Incident response: Do you have an effective plan for mitigating a cybersecurity incident when it happens? An incident response plan is critical to the continuity of your business, and an MSSP has the verifiable experience to help you develop a plan.

Avoid Outsourcing Pitfalls

If you’re considering outsourcing security, avoid hiring a provider who:

  • Is based outside the country

  • Only offers remote solutions instead of a hybrid approach that combines on- and off-premises

  • Focuses strictly on point solutions instead of using a comprehensive approach

A Fortinet partner, neteffect technologies offers best-in-class outsourced security. By delegating your cybersecurity needs to neteffect, you can focus on what your business does best while trusting security to expert hands.

Hits: 15

The Internet of Things (IoT) is full of promise. It's also full of danger. Small, network-capable devices, individually harmless-looking, have grown into a huge security threat. They were a large part of the reason the Internet went bad on October 21.

They've escalated a familiar type of attack into one of the biggest dangers on today's Internet: The distributed denial-of-service (DDoS) attack. It doesn't aim at stealing or damaging data, but at preventing access for hours.

Traditional forms of security, such as anti-malware software and firewalls, aren't enough to stop DDoS attacks. They're still valuable, but they can't help against incoming data that wreaks havoc through sheer volume. Nor can they stop threats that sneak their way in using an employee’s credentials.

You need to take additional measures to keep DDoS attacks and other stealth threats from succeeding, and you need new contingency measures when they do succeed.

October 21 DDoS Attack

Twitter, Spotify, the New York Times and other major sites became unreachable for hours on October 21. One of the biggest DDoS attacks in history was to blame. The target was Dyn, the sites' domain name services provider.

Dyn translates domain names into IP addresses so that browsers and applications can reach the right servers. Overwhelmed by spurious translation requests, Dyn couldn't keep up with legitimate ones.

The power behind the attack was a piece of malware called Mirai. It linked together millions of common, poorly-secured IoT devices to bombard Dyn with requests to look up fake domains — the majority of which were networked DVRs. Many were operated with easy-to-guess default passwords.

Costs of DDoS

As DDoS attacks grow in power, they impose increasing costs on affected sites. Big sites are preferred targets, but organizations of all sizes get hit. A report by the Ponemon Institute found that the average cost of a data center outage in 2016 was $9,000 a minute, up 38% from 2010. Crime is the fastest growing cause.

Costs can include:

Loss of business during the outage

Loss of customer trust

Malware removal

Data theft

Intellectual property loss

Taking defensive measures

Security threats play on vulnerabilities. Old software has known vulnerabilities, and criminals know that a lot of machines have vulnerabilities. System software, applications and security software all need to stay up to date to provide the best protection.

Zero-day attacks that exploit new weaknesses can beat even the best software protection, so your organization needs an incident response plan as a central part of a security strategy. If something does go wrong, quick mitigation can reduce its cost.

With new and bigger risks constantly appearing on the Internet, your business can't afford to neglect securing servers, including backing them up and making copies of backups.

It takes time, effort and expertise to stay current. Trying to go it alone is difficult. Working with a managed security services frees you to focus on what you do best and can be considerably less costly than a cyber attack. Contact neteffect at 704-688-7170 to learn more.b2ap3_thumbnail_DDoS.jpg

Hits: 65

The urgent email from the company bank asks you to check a statement. Do you click the attachment?

This is what social engineering looks like from the perspective of someone about to give a cyber criminal the keys to the enterprise.

Social engineering is methods used by criminals to get one of your colleagues to hand over company information. It could be an email with malware buried in an attachment. It could be an urgent demand from what looks like a senior staffer seeking banking details or logins. Or it could be blackmail – any way to trick staffers into allowing access.

In the above example, an unknowing employee can look at the sender of the email, not catch that the email is from "banc" and not "bank," and click the attachment containing malware. The malware can then track the actions of the employee, lying quietly for months while infecting other networked computers until, eventually, the entire company network is taken down, millions of dollars missing and business comes to a halt.

b2ap3_thumbnail_socialengineering.png

As security protocols tighten and anti-virus software gets better, criminals are attempting increasingly elaborate ways to fool employees into giving them access to prized data. With each attempt, the ruse becomes more ingenious until finally, someone opens a way into the network.

According to the 2016 Verizon Data Breach Investigations Report, “23% of users open phishing emails, 11% click on attachments, and nearly 50% open emails and click on phishing links within the first hour.”

However, those same employees being targeted by con artists can be your first line of defense.

Protect your enterprise.

  1. Teach your employees what to look for, and that goes beyond just fishy-looking attachments to encompass:
    • Phishing scams have the criminal pretending to be a trusted source seeking credentials.
    • Spear phishing is a very targeted attack on one trusted employee armed with information gleaned from social media and other public sources.
    • Employees must even be careful of physical baiting – where an innocuous memory stick is left near a trusted employee, even on his desk, but the tool contains dangerous malware.
  2. Help your employees by setting policies for security. Require your workforce to create and maintain strong passwords that are not easily guessed (birthdays, names of children). Use multi-factor authentication so more than one password or key is required to gain access.

  3. Patch and update systems and software on schedule. This is a no-brainer when you consider that most attacks exploit never-patched known vulnerabilities for which patches have been available for months.

  4. Reinforce your cyber-hygienic workforce with the protection of a layered security technology infrastructure. Build a platform that integrates sandboxing with next-generation firewalls, internal segmentation firewalls, virus/malware scanners and content filtering so that attacks that get past one defense can be stopped by the next; or at least slowed to a rate where they can be detected and harm mitigated. 

Your layered security approach needs to be tailored to your business needs, assets and biggest vulnerabilities. Perform periodic cyber threat assessments to assess. A partner of Fortinet, neteffect can assess your cybersecurity infrastructure and put our expertise and best-in-class technology to work for you.

Hits: 65

Contact neteffect technologies today to learn how we can help your business leverage technology.

contact-us-today

Do More.
Travel Less.

Millions of successful meetings hosted
every month.

Try GoToMeeting Free

Citrix ® GoToMeeting

 

 gf tech partner digital new

network audit

Get a free network audit. No Charge, No Obligation!

Click here to request your free network audit today.

 

 

 

 

Home     Managed Services     Cloud Services     Business Telephone Systems     Professional Services     Contact Us 


Copyright © 2016 neteffect technologies     8809 Lenox Pointe Dr. Suite D, Charlotte NC 28273      704.504.9040      
Privacy Information  Return Policies