Huawei has found itself in an... interesting spot lately. Despite being the top telecom supplier in the world and second in phone manufacturing, many countries have banned the use of the Chinese company’s networking equipment. This is primarily due to the close ties Huawei has with China’s government, and the potential spying Huawei could do.
Capital One is one of the largest credit card issuers in the world. On July 29th 2019, Capital One made an announcement, confirming it is the victim of one of the largest data breaches in financial sector history, as a former software engineer for Amazon has been indicted on charges related to the hacking.
Habits are hard to break - but there are some habits that simply have to be broken if your business is going to be secure. Many of these habits may have been developed by your employees, which means that it is important that you recognize them.
When was the last time you thought seriously about upgrading your business’s technology solutions--particularly its software? We know that administering patches and updates can be challenging for some businesses to maintain, but with the right support, it’s more manageable and certainly more secure. Unfortunately, after a certain period of time passes, Microsoft stops supporting certain outdated solutions, rendering them dangerous and obsolete.
If you have access to a phone, chances are you’ve received a spammy robocall. In fact, you’ve probably received a bunch… but why? And how are these robocalls able to hide behind what looks to be a local number? Unfortunately, it’s because the scammers behind these robocalls are using a helpful business tool… Voice-over-Internet-Protocol telephony, also known as VoIP.
Take a moment and consider the data that you have collected during your business’ operations. How valuable is it to you? What would it mean if it were to leak out of your business’ control?
In the dog days of summer, the news media started running a story about how Google’s location tracking services continue to track people even after they order their mobile device’s OS to quit it. A researcher from Princeton proved these claims by traveling through New York and into New Jersey after turning location services off on for hi Android smartphones, only to be tracked through all the Interstate travel. We’ll take an in-depth look at why Google seemingly knows exactly where you are if you want them to or not.
Studies have shown that email still has a safe place in the business world, with an estimated 124.5 billion business emails sent and received each day. However, are the emails that your business is actually receiving safe? If you aren’t adopting the following practices in your daily business operations, they probably aren’t.
People use all types of payment options. With more people moving away from cash as a payment option, businesses have to accept and process more payment card transactions. Depending on your business, it could put you in a very precarious position. Today, we will look at payment card statistics, and how the increase in payment card usage could end up be a devastating problem for the modern business.
Passwords have always been important to businesses, but they are priorities for organizations in certain industries. Government-based organizations in particular need to be concerned about using secure passwords. Of course, not all businesses are government-based, but there’s a thing or two your own can learn about some of their password practices.
Data security isn’t the easiest thing in the world to plan for, especially if your organization doesn’t have any dedicated security professionals on-hand. While protecting your data with traditional methods, like passwords, firewalls, and antivirus, is important, what measures are you taking to make sure a thief or hacker isn’t just walking into your office and making off with your technology?
Mobile devices are great tools that allow for enhanced mobility and convenience, but this increased accessibility is also a major detriment in terms of data security. Mobile devices are notorious for being considerable security threats to businesses that utilize them. Therefore, businesses that use mobile devices on a regular basis should absolutely be aware of how they can influence security policies.
Ready or not, the season of giving is here, and that means it’s gift card season. These can seem to be the perfect gift for coworkers and employees… which is why everyone will need to be wary of a particular business email compromise scam that has seen an uptick this year.
An IT provider can do a lot for your business, but it can exceed your organization’s expectations in more ways than one. A growing business, however, often runs into issues that need to be addressed regarding its technology. We’ll outline some of the major benefits that technology management from an IT provider can offer for a growing business.
Microsoft’s Windows 10 is a great operating system that many users are finding to be extremely helpful for their everyday needs, but even the most rabid Windows fan will tell you that the constant updates are irritating and disruptive at best. While they do bring with them new features and updates--particularly the large updates that happen twice a year--they do take some time to install. The upcoming update they are releasing in October, however, poses a problem for businesses and users alike.
With so many breaches showing up in the headlines and their impact being felt across the world, one would think that businesses of all sizes would do more to protect their data against cybersecurity threats. A recent study has shown that this is unfortunately not the case.
If you think about it, password security is an interesting phenomenon. The odds are that a user knows the importance of using a strong password, as well as the potential consequences of using weak ones. Yet, time after time, people would rather go with passwords that are easy to type and remember, as opposed to adding a few simple security measures.
Intel has had publicity problems in the past, but now things are getting critical. An issue was reported that could potentially cause the processing power of their chips to diminish. What are being known as the Meltdown or Spectre vulnerabilities, have businesses scrambling around looking for ways to protect their data and infrastructure from what is seemingly an oversight that affects most of today’s CPU architectures; namely those that rely on virtual memory.
This means that a bug has been discovered that alters the way that different programs communicate with the CPU. Typically, a CPU has two modes: kernel and user. “Kernel” provides users access to the computer and “user” which is typically thought of as the safe mode. The vulnerability that the user who goes by the moniker Python Sweetness discovered was one that allowed users working in user mode, to access kernel mode. This presents a number of potential problems, including creating a gateway for malicious action to be taken against your network.
Fortunately for users a patch has been developed that won’t seriously hinder system performance, a fear shared by some security professionals. In fact, the fix will only cause a minimal dip of around 2 percent. Initially, there were concerns that systems would come out of this much slower as entire processes would effectively be altered between user mode and kernel mode.
For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.
Two days later, an update for Android devices was pushed out to users. Most mobile platforms running Android, should now be protected. To be sure, check regularly. Google Chrome is scheduled to be updated on January 23. In the meantime, consider asking your IT administrator to help you achieve Site Isolation to assist in keeping your network secure.
Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.
If you don’t have a comprehensive IT administrator, chances are you are on your own. By having a company like BEI looking out for you, you will be able to benefit from having conscientious IT professionals helping you keep your computing infrastructure, network, and data secure, no matter what is thrown at it.
To find out how BEI can help your organization with network security, call us at (844) BIZ-EDGE.
A report by Gartner has provided evidence that security considerations are anticipated to see investments in 2018. So, if you were planning on focusing on your business’ information security this year, you certainly aren’t the only one.
An analysis of businesses around the world shows that increasing attention has been devoted to security essentials that have always been given a relatively smaller chunk of the budget to work with. Furthermore, security spending has been going up across the board.
This means that, while identity access management receives the smallest investment, there is still an anticipated 9.7 percent rise in spending on it when comparing 2017 to 2018. There is also a 6.7 percent anticipated rise in spending on network security, an 11 percent rise in investment into security services, and a growth of 7.7 percent where infrastructure protection is concerned.
For an explanation as to why this increase in security investments is taking place, one only has to consider what 2017 offered cybersecurity.
To be frank, it wasn’t pretty.
There were security events with global impact, including NotPetya and WannaCry, as well as the news of the Equifax security breach. With these events and more only providing more evidence of the value that proactive and comprehensive network security preparations can provide, businesses are learning that it is better to be forearmed, than it is to just be forewarned.
Yet many projections suggest that even the overall spending increase we have seen of 8.8 percent may not be enough to keep up with the trajectory that is anticipated for cybersecurity. There are countless examples of how the increased reliance we have on technology in everyday life can lead to increased risk as well. Consider what today’s botnets use for ammunition. Instead of attacking PCs and workstations, phones and IoT devices are being targeted--and that’s just one way that the way we consider cybersecurity will have to change.
On a more positive note, businesses are seeing the value in outsourcing their growing security needs to professionals with the necessary experience to implement them. Spending of this kind is projected to see an increase of 11 percent. Will any of that come from your investment?
If so, make sure you reach out to BEI. Our professionals understand how to use IT solutions to improve your business’ security and performance. For more information, call (844) BIZ-EDGE.
When considering your business’ security, it is only too easy to overlook how information of any kind might be compromised. Take, for example, the case study that is provided by the fitness application Strava, the jogging app that shares more data than many, including the United States military, would prefer.
Utilizing GPS-enabled fitness trackers, Strava creates what they call a Global Heatmap that shows user patterns and routes. Trouble is, this Heatmap shows the activity of all users--including those who probably shouldn’t have their location broadcast, like those who are staying at a military base. As a result, those who use the perimeter of the base as a jogging course have inadvertently provided a publicly-accessible sign of the base’s location. Furthermore, the app has managed to map out patrol and supply routes, and provides a rough time frame of when soldiers are where.
While some may argue that the locations of these military bases could be found using Google Maps, at least Google takes a few measures to protect potentially classified information by blurring out the actual base. Strava, on the other hand, displays a pattern of human activity that has many former military members extremely concerned.
This is also not for a lack of oversight, either. For instance, quite a bit of data has been collected from the United Kingdom’s military base HMNB Clyde, which is used as storage for the UK’s nuclear arsenal. Using the app’s route-sharing feature, someone reminded users of security by naming a route “You shouldn’t be using Strava here.”
Another location that has been visibly frequented by Strava users is, perhaps ironically, the National Security Agency.
In response to the tweets outlining these clear security risks, Strava released a statement reminding its users that they are able to control what data is shared to the Heatmap.
This entire scenario serves as evidence of a few things. First and foremost, a security vulnerability can come from the most seemingly insignificant source. As more devices and assorted gadgets are able to collect and aggregate data, it becomes incredibly important for you to know what these devices are capable of and where you should draw the line for the sake of your business’ security.
Secondly, you need to impress to your employees how important it is that they know what they are sharing by using certain apps with certain settings in place. Encourage your staff to do a deep dive into their mobile apps and the permissions each has, and to lean on IT to answer any questions they may have. While it may be less important to your business that an app like Strava can track the location of an employee, it may be critical to it.
For more information into preserving your business’ security, call BEI at (844) BIZ-EDGE.