Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

 
Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe
Not too long ago, the New York Time’s website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New york time’s attack, the attackers changed the newspaper’s Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Time’s attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Time’s site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now…

There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.

Here are a few ways to stay safe

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Time’s, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

 
Contact us at Empower Information Systems

Stay Secure My Friend More Hackers Targeting SMBs

 
 
Stay Secure My Friend… More Hackers Targeting SMBs
 
Many SMBs don’t realize it, but the path to some grand cybercrime score of a lifetime may go right through their backdoor.  SMBs are commonly vendors, suppliers, or service providers who work with much larger enterprises. Unfortunately, they may be unaware that this makes them a prime target for hackers. Worse yet, this may be costing them new business.
 
Larger companies likely have their security game in check, making it difficult for hackers to crack their data. They have both the financial resources and staffing power to stay on top of security practices. But smaller firms continue to lag when it comes to security. In many cases, the gateway to accessing a large company’s info and data is through the smaller company working with them. Exposed vulnerabilities in security can lead cybercriminals right to the larger corporation they’ve been after.
 
Cybercriminals Target Companies with 250 or Fewer Employees
 
Research is continuing to show that cybercriminals are increasingly targeting smaller businesses with 250 or fewer employees. Attacks aimed at this demographic practically doubled from the previous year. This news has made larger enterprises particularly careful about whom they do business with. This means that any SMB targeting high-end B2B clientele, or those seeking partnerships with large public or government entities, must be prepared to accurately answer questions pertaining to security. This requires an honest assessment of the processes taken to limit security risks.
 
View Security Measures as Investments
 
CEOs must start viewing any extra investment to enhance security as a competitive differentiator in attracting new business. Adopting the kind of security measures that large enterprises seek from third-party partners they agree to work with will inevitably pay off. The payoff will come by way of new revenue-generating business contracts that will likely surpass whatever was spent to improve security.
 
Would-be business partners have likely already asked for specifics about protecting the integrity of their data.  Some larger entities require that SMBs complete a questionnaire addressing their security concerns. This kind of documentation can be legally binding so it’s important that answers aren’t fudged just to land new business. If you can’t answer “yes” to any question about security, find out what it takes to address that particular security concern.
 
Where a Managed Service Provider Comes In
 
Anyone who isn’t yet working with a Managed Service Provider (MSP) should consider it. First, a manual network and security assessment offers a third-party perspective that will uncover any potential business-killing security risks. A good MSP will produce a branded risk report to help you gain the confidence of prospects to win new business.
 
A MSP can properly manage key elements of a small company’s security plan. This includes administrative controls like documentation, security awareness training, and audits as well as technical controls like antivirus software, firewalls, patches, and intrusion prevention. Good management alone can eliminate most security vulnerabilities and improve security.
 
Contact us at Empower Information Systems

Cloud Monitoring Can Be the Difference Maker for SMBs

 
 
Cloud Monitoring Can Be the Difference Maker for SMBs
 
It’s a fast-paced world. Not only do people want things, they want things right now. This sometimes-unnerving need for instant satisfaction has only intensified now that we have Wi-Fi and mobile devices that keep us connected regardless of where we are, what we’re doing, or the time of day. There is no longer any tolerance whatsoever for waiting. A business with a website that fails to load, or loads too slowly, will lose customers and leads to competitors.
 
So what has your business done to address this need for constant accessibility and optimal uptime? Do you feel you’re doing enough to meet the demands and expectations of your customers, new business prospects and those who have just now found you on Google?
 
If you’re a small-to-medium sized business owner, do you have confidence in your technology infrastructure? Can you say with certainty that your website, internal server, and mobile applications function smoothly, efficiently, and correctly?
 
When your IT team leaves work to go live their lives, are you confident that things won’t go bump in the night? That you won’t be ringing their cell phone while they’re out having dinner with their family, or worse yet, sleeping?
 
If you answer no to these questions, you may be one of the many small business owners who could benefit from cloud monitoring. And you’ll be pleased to learn that cloud monitoring can significantly improve all facets of your business – especially your service, productivity, reputation, and profitability.
 
What is the Cloud?
 
According to a study conducted by Wakefield Research, 54% of those questioned responded that they’ve never used cloud technology. However, the truth is that they’re in the cloud everyday when they bank or shop online and send or receive email.
 
Business owners, specifically non tech savvy small business decision makers, are still apprehensive when it comes to moving their server and web monitoring services to the cloud.  But FDR’s famous quote, “The only thing we have to fear is fear itself,” definitely applies here.  The cloud is nothing more than moving the storage and access of your data programs from a computer’s physical hard drive to the web. There is nothing to fear.
 
Benefits of Cloud Monitoring
 
Obviously, these physical and virtual servers, their shared resources, and the applications they run on, must be monitored. This can be done from multiple remote locations and it’s called cloud monitoring.
 
Cloud monitoring makes it easier to identify previously unseen patterns and potential problems within your infrastructure–issues that may be too difficult for any in-house support staff to detect. For instance, monitoring ensures that your site is delivering accurate page content and is meeting anticipated download speeds. It can detect unapproved changes, website tampering, and compromised data.
 
The continuous analyzing and testing of your network, website, and mobile applications can reduce downtime by as much as 80%. The speed and functionality of e-commerce transactions are also optimized. Additionally, cloud monitoring tests your email server at regular intervals, which minimizes failure deliveries and other issues pertaining to sending and receiving emails.
 
Clearly, all of the above, along with the alerts that help identify and fix issues before they become catastrophes, make cloud monitoring an attractive way to gain insight into how end-users experience your site, while also enhancing their overall experience.
 
Contact us at Empower Information Systems

Why Hybrid Clouds are More Than Just Another Trend

 
 
Why Hybrid Clouds are More Than Just Another Trend
 
It should come as no surprise that many small to midsize business owners take pride in overseeing every aspect of their startup business. Naturally, many are apprehensive when it comes to surrendering control of their servers, their data, and their applications.
 
The downside of this need for control is that operating and maintaining everything onsite can be time consuming, super expensive, and it can make your business more vulnerable to failure related downtime and cyber threats.
 
Although everything can be stored in the cloud at a fraction of the cost, many aren’t responsive to the idea of sharing the infrastructure their technology runs on.
 
The great thing about the cloud is it’s not an all or nothing thing. This is exactly why so many small to midsize businesses have turned to hybrid cloud solutions. Just as they name implies, hybrid cloud solutions are both on and off premises. It’s the best of both worlds. An entrepreneur can still control certain aspects of the business on-site, but simultaneously exploit the cloud’s cost effectiveness and overall scalability.
 
For example, a local server can be housed and managed on-site but that server, or just specific files, can still be backed up in the cloud and stored far away off-site. This provides a partial disaster recovery solution in the event of a hurricane, flood, fire, or just a basic server crash.
 
Here are some tips for developing your hybrid cloud strategy
  • Honestly assess the current IT strategy – Over time, as your business grows and technology advances, your well-planned and neatly arranged IT infrastructure transforms into a disorganized mishmash of different servers and disconnected software and tools. View this almost as the spring-cleaning of a cluttered garage. What systems or applications are critical to your business right now and which ones no longer support your current or future business initiatives?
  • Know what you want to keep close – Every business will be different in this regard. Certain companies will prefer keeping large files in-house, in a more controlled private cloud for easy access, but may be okay with having their emails out there in the cloud.
  • See how others are leveraging a hybrid cloud environment – Services once only available to large enterprises are now available to SMBs. This presents an extraordinary opportunity to be more agile, flexible, and better suited for new business opportunities and growth. Remote monitoring, 24/7 support, and disaster recovery solutions can be easily integrated within a hybrid-computing environment – regardless of operating systems, server types, or mobile devices used.
  • Staged implementation – Be sure to plan your hybrid cloud strategy as a multi-year plan that is deployed in phases. For example, in the beginning, private controlled access to a public cloud service can be granted to internal application developers experimenting with a new business initiative. Or a new customer relations management SaaS (Software as a Service) application can be implemented.
This is the year that even small or midsize enterprises are getting serious about cloud operations and a strategic mix of public cloud services and private cloud may make the transition easier.
 
Contact us at Empower Information Systems

Why More SMBs are Turning to the Cloud to Reduce TCO

 
 
Why More SMBs are Turning to the Cloud to Reduce TCO
 
More small and mid-size businesses (SMBs) seem to be taking the initiative to learn more about the benefits of the cloud.   Determining why SMBs have this sudden keen interest in the cloud isn’t all that tricky.
 
If you shouted, “Cost Savings!” in a room full of SMBs, you’d undoubtedly be the center of attention. And it seems as if this is also the motivating factor as to why more SMBs are looking into cloud-based solutions to reduce expenditures.
 
Although it seems like an oxymoron to recommend investing in new technology to control costs, cloud-based solutions can be leveraged for a greater return on already inevitable operational expenses. By enhancing productivity and overall efficiency, the cloud could help spur business growth and profitability.
 
Here are few of the reasons more SMBs are opening up to cloud-based solutions…
  • Containing Costs – This is the big one. Every SMB wants their business to grow but that growth is accompanied by rising costs to maintain safe, reliable, and sustainable business technology.
On-premise solutions are expensive.  If you’re paying someone $60K a year to manage and monitor your technology, and most of their day is spent performing routine maintenance tasks or running to the aid of the intern who complains that something is running slow, are you really getting a return on that investment? You can do better and your on-site IT support can do more for you.

The cost for cloud-based solutions have been found to be anywhere from 35% to 50% lower than with on-premise solutions. This is because the cloud can completely eliminate most infrastructure costs such as servers, databases, backup, operating systems, upgrades, migration, physical space, power and cooling, and associated in-house or third party staffing costs.
 
  • Greater Flexibility – No doubt you’ve been privy to an office Happy Hour conversation or two about Infrastructure-as-a-Service (Iaas) and Platform-as-a-Service (PaaS). Is that crickets we hear? Okay, well since you’re in the dark, the flexibility of the cloud makes it really attractive to SMBs. IaaS and PaaS are two increasingly popular cloud technologies because of their flexibility when it comes to big data analysis.
IaaS technology is flexible as it allows an as needed rapid deployment of resources. Basically, fast expansion to accommodate growth. SMBs can pay accordingly for this on-demand usage, giving them the ability to access and analyze the kind of big data seen at larger enterprises without having to pay for necessary hardware capacity.

PaaS technology gives SMBs the ability to affordably increase or decrease data storage capacity as needed.

Of course, there must be a need for big data analysis that justifies the use of these technologies. Many SMBs may be just fine using Microsoft Excel for data analysis.


  • Greater Mobility – Many SMBs are turning to the cloud to provide remote employees with access to communications solutions. Through the cloud, remote workers can use smartphones, laptops, and notebooks to access documents and files for internal and external collaboration.
As you can see, it’s understandable why the cloud is being seen by SMBs as the “great equalizer” to take their business to the next level and stay competitive with even the big dogs despite budget and staffing limitations. It also helps that cloud-monitoring services have simplified the monitoring and management of SMB cloud deployments, alleviating a lot of the fear about migrating to the cloud.
 
Contact us at Empower Information Systems