Home » Blog » Security

Category: Security

Netgate pfSense Router

Netgame pfSense® Security Appliances

Netgate’s pfSense security appliance solutions provide reliable, scalable systems that are unmatched in value and performance.

Because there are no required on-going maintenance or license fees, we provide the lowest total cost of ownership with the most security and connection features in the market today!

Affordable. pfSense firewall appliances come with the industry’s lowest total cost of ownership. Up-front cost is a fraction of traditional pricing, and there are no software maintenance or license fees.

Efficiently powerful. pfSense appliances combine efficient use of power with 1Gb upstream performance. From day one, you’re prepared for growing bandwidth needs.

Open source. pfSense is both affordable and flexible, with all the features expected of far more expensive enterprise-class firewalls. Our rich, versatile feature set is fully customizable with any combination of options you prefer.

pfSense Software Features

pfSense can be configured as a stateful packet filtering firewall, LAN or WAN
router, VPN appliance, DHCP server, DNS server, or for other applications and
special purposes. Next-generation pfSense security features available:

  • Stateful packet filtering or pure router
  • Routing policy per gateway and per rule for multiple WAN, failover, load balancing
  • Transparent Layer 2 firewall
  • Support for IPv6, NAT, BGP
  • Captive portal with MAC filtering, RADIUS support, etc.
  • VPN: IPSEC, OpenVPN, site-to-site, site-to-client, site-to-cloud and cloud-to-cloud, with support for Amazon AWS
  • Dynamic DNS Client
  • DHCP server and relay functions
  • PPPoE server
  • Reporting and monitoring features with real time information
  • Add-on optional packages such as Snort or Suricata for IDS/IPS and network security monitoring, Squid for optimized content delivery, and SquidGaurd for anti-spam/anti-phishing and URL filtering.
Unified Threat managment

Why Your Business Needs Unified Threat Management

Sounds scary doesn’t it? Almost like a swat team dressed in black is going to swing in and start yelling orders. While just as effective at disabling the bad guys, Unified Threat Management (UTM) is a special kind of IT solution focused on proactive protection. Consider it more like a team of virtual bodyguards that stand at the door between your business and the internet, keeping trouble out while your legitimate traffic can come and go normally.

With the increasing number of connected devices in your business network and the different ways your employees now connect, it’s more important than ever to set up dedicated security systems that give integrated protection. UTM is a series of solutions that work together, simultaneously layering your protection across the board. We’ll cover the four main inclusions here, and exactly what they can do for your business.

Robust Firewall

Put simply, a firewall keeps an eye on all the data coming in and out, looking for anything abnormal. While every home PC comes with a software firewall built in, those ones pale in comparison to what a UTM firewall can do. Remember the team of virtual bodyguards? Imagine the home firewall asking nicely if the data should be doing that, while the UTM slams the data to the ground and demands credentials. It exists to make sure the data entering your network is safe, that it’s not part of a cyber-attack, and that in the rare event your network becomes infected, your servers aren’t being used to attack another business.

Anti-virus Where it Matters

With so much new malware being released daily, it’s easy to fall behind in updates and discover you’ve been infected. Your employees are likely doing their best, but manually scanning each file can be exhausting and time-consuming. Your UTM anti-virus is built into the firewall, ensuring known or suspicious malware is stopped at the door. It doesn’t even make it through to your employees, so the risk is removed. Clearly that’s the best outcome possible and will allow your employees to work at maximum efficiency, while you can run your business with confidence.

Spam Blocking

Most cyber-attacks come via email these days, with either an attachment or a link. Once clicked, the malware is released into the network to wreak havoc. Obviously, your employees are smart enough not to open random attachments/links, so hackers use phishing emails. These are emails that look legitimate and may refer to vendors you use, financial services you have accounts with, or even seem to be from other employees. Your UTM isn’t falling for any of those disguises, it strips down each email and checks it against high-tech legitimacy markers. If it sees anything suspicious, the email is marked as spam and either held for review or bounced away.

Your employees never see the attack, so they can’t accidentally fall for it. While the UTM is monitoring for phishing/fake emails, it’s also culling out the general spam that clogs up inboxes. Employees will no longer have to spend precious minutes each day wading through the junk, and the likelihood of missing an important customer email has greatly dropped.

Content Filtering

In a perfect world, your employees would only access work-related sites and do work-related things online. Content filtering can help you limit the risk they’re bringing into your business via these websites. Your UTM can be set to restrict sites that infect computers, such as adult content, gambling or illegal downloads. It can also be used to restrict access to productivity vampires like Facebook or Pinterest, either during work hours or completely. It’s up to your policies how much you’d like to filter and whether to add any flexibility. Some businesses allow social media during lunch breaks or have special reward hours each week. Simple tweaks like this can increase productivity overnight and give you the security you’re looking for.

You can see how a layered security solution like UTM provides a space for your business to thrive, where systems are secure, employees are able to maintain efficiency, and cyber problems stay outside the doors. The way the layers work together is more effective than a patchwork of separate systems, and a UTM is much easier to configure and maintain.

We can find the right UTM solution for your business. Call us today at 570-779-4018!

Why Periodic Security Assessments Should Be Your New Normal

By now you know that building up your cyber security is just as important as building up your cash flow. Both are essential to your success, but while most businesses keep an eye on the financials, they tend to think cybersecurity is something they can set and forget. Unfortunately, cybercriminals are constantly coming up with new methods of attack and the security you had in place yesterday may not be sufficient today.

Instead of reacting to breaches and taking on the costs of downtime, lost files and destroyed trust, a periodic security assessment can identify blind spots that place you at risk. Once you know about these problems, you’re able to proactively setup adequate protection before cybercriminals strike. It’s best to use independent IT experts who can audit your security from an outside perspective, often seeing risks that would otherwise be missed.

Regulations change – Are you affected?

Many businesses are kept to strict government regulations around the way they store, process and protect data. Their operating license depends on staying as secure as possible. All regulations require regular security assessments but they vary in scope and timeframe. As regulations change, so do the security assessment requirements. You can imagine how much stricter they are now compared to just 5 years ago. Our team can ensure your business is meeting the relevant regulations, diving deep to be certain you’re safe.

Security patches and updates are vital

It’s so easy to fall behind on your security patches, after all, it seems like there’s a new update every week and each one takes precious time to apply. What we’re seeing though, is that cybercriminals are targeting any business running late, and it’s basically easy pickings for them. If you’re unpatched where it counts, it’s like inviting them in. When we conduct your security assessment, we take a look at your history and see if your business has a robust patch plan in place and make sure you’re up to date. If there’s an issue that’s placing you at risk now, impacted you in the past, or will in the future, we’ll find it.

Viruses are always evolving

Just like the human variety, computer viruses are nothing to welcome into your workplace. They’re constantly evolving to skip past anti-virus scans and do damage in new and interesting ways. Cybercriminals know people are more aware of the traditional infection methods like downloading an attachment or inserting an infected USB, so they’re getting more and more creative. Your security assessment doesn’t just include ticking that you have the latest anti-virus, it includes identifying where you’ve had the most breach attempts and where your biggest vulnerabilities are. This type of precise awareness has a lasting impact on reducing your risks.

Your business may have changed

As your business has grown over the years (or shorter if you’ve experienced a recent surge), your entire setup has changed. More employees, expanded remote access, additional vendors, supplementary locations…the list really is endless. With each change has come a new risk, particularly if your security has been growing around you. It might be that your password policies haven’t been updated since you began, or that you still have the old voicemail system even though phones are within easy reach of customers. This is perhaps one of the most useful areas a security assessment can help with, as you and your employees are accustomed to the business working in a certain way, whether that way leads to risk or not. Our experts will be able to see things from a different perspective, particularly as we make sure to think the same way a cybercriminal would.

What to do with your assessment results

While many experts might present you with a long list of problems and leave you feeling overwhelmed, our team ensures you have a benchmark for progress. You’ll know exactly what you need to do, how we can help, and perhaps most importantly, which actions take priority. Moving ahead, future security investments will be smarter as you focus on the high-payoff areas. You’ll also know exactly what you’ve done well and where your security strengths lie. Employees will see how much you value security, which helps to create a stable culture, and you’ll be able to report your commitment to customers, confirming they’re making the right choice by staying with you.

Book your security assessment today. Call us at 570-779-4018

The True and Unexpected Costs of Being Hacked

There are the normal costs everyone associates with a breach, like getting your own server and computers fixed up, with maybe a little downtime. But really, most businesses view the possibility of getting hacked as more of an inconvenience than a bottom-line cost. For those who’ve come out the other side though, it’s a very different story. They know the hidden and ongoing costs of a data breach can be crippling, and that IT security exists to protect your business on multiple levels. All those surprise costs that spiral out of control are why most businesses close after a cyber-attack. Here are a few of the hard, but common realities of life after a hack.

Raiding the budget to reduce downtime

From the moment a cyber-attack gets into your system, things get expensive, and the longer the attack goes, the more it costs. Latest stats reveal most breaches aren’t identified for around 191 days, then it can take on average another 66 days to contain the damage. During this time you’re cleaning PCs, mobile devices, laptops, servers and even entire networks. Add to this the fee for experts to fix everything up, all the new tools and software they insist you have, and all the hours/days/weeks when your business is struggling with downtime, you’ll exhaust your emergency funds very quickly.

The long arm of the law

Depending on what data was stolen and how you handled the situation, you could be liable for fines into the millions. Having any medical data or legal files leak is a particularly messy scenario with fines coming from multiple sources. In any case, new privacy laws mean businesses are liable for massive fines if they don’t disclose a data breach, even if only email addresses were stolen. Where this gets even trickier is that the burden is on your business to know exactly what data has been stolen/illegally accessed, so you can report it before the fines stack up. This means that even if you were able to fix up the systems yourself, you still need to hire an expert who can identify exactly what the hackers took, from where and when.

Customer retention measures

In a double-down crush to your bottom line, not only does your business have to bear the cost of the hack, your future income takes a hit as customers lose trust and leave. To offset this, many businesses need to engage PR experts, spend more on advertising, and go all out to ensure they survive to fight another day. Even so, your breach disclosure will still come up in search results for many years. The more negative publicity your breach attracts, the more you’ll need to spend on customer retention.

All your secrets exposed

While you may not have Pentagon level secrets to protect, your business does have information that you’d like to keep to yourself. Hackers love going after those juicy tidbits, and the more closely you guard them, the more attractive they are. Think Coca Cola recipe, Big Mac Secret Sauce or 11 Herbs & Spices…While those corporations would be big enough to keep their competitive edge after the breach, your business success relies on at least some information staying secret. It may not be a secret recipe, but your proprietary methods and databases have a black-market value all of their own.

But simply avoiding a breach doesn’t cost much at all…

The thing is, it’s not expensive to stay on top of it all and keep your business protected. For a low monthly fee, we can reverse the entire scenario and secure your systems against the unknown. That means no need to raid other department budgets in a panic, pay crippling fines, make embarrassing public announcements, or fight to retain your competitive edge.

We can help with making sure your systems have the latest security patches and your anti-virus knows the latest tricks to watch for. Our technicians can build a virtual fortress around your business that keeps the bad guys out while letting you thrive, and even monitor security with early warning systems. Whatever your needs are, both now and moving ahead, we’re here to help keep you safe while keeping your IT costs low.

Ready to secure your business against breaches? Give us a call today on 570-779-4018.

Fire Employee

3 Essential Steps Before You Fire an Employee

Your employees need access to your various business accounts so they can do their job, but what happens to those passwords when you fire them? Nobody likes to think of firing their employees, or why you’d need to, but nonetheless, it’s a responsibility every business owner must face at some point. While your accounts team will no doubt be on top of stopping their paychecks, it’s important to take the same proactive stance to strip their system access.

Most of the time, the former employee leaves under good terms and you’ll wish them well. If you’re lucky, they’ll even manage hand-over to their replacement so your productivity losses are minimal. Other employees may leave your business reluctantly or in a storm of anger and suspicion. While you’ll have very different feelings about the two scenarios, the risk to your business remains high until action is taken. Here are 3 steps you can take to protect your business from retaliation and other password-related disasters.

Limit access to a need-to-know basis

You might be surprised how often a new employee is presented the entire business on a platter when their actual job requires little more than a computer login. Accounts, strategy, customer details, industry secrets…all those sensitive aspects of your business that have made it a success – exposed. A better policy is to limit access to only what the employee needs to do their job. Rather than view it as a lack of trust, your employees will appreciate the care you’ve taken to protect your business (and their job). It also helps keeps them from being overwhelmed, confused or tempted if the situation ever turns sour. Likewise, take a few moments to delete old or temporary accounts that are no longer required, as you never know when a hacker or disgruntled employee will squeeze through the gaps.

Change passwords fast

On average, it takes at least a week before passwords are changed after an employee is fired, if at all. Unfortunately, this is the one type of delay your business can’t afford. In 2017, an ex-employee from the American College of Education held their entire email system to ransom for $200,000 after an unhappy exit. Stories of others stealing client databases are also common, especially as they leave to start their own business or work for a competitor. It’s not just full-time employees either, contract and part-time employees such as social media managers and customer support email specialists often have access to more of your business than you might imagine. Recent rulings make it easier for business owners to prosecute former employees who access their systems, however as we know, it only takes seconds to login and wreak absolute havoc. Knowing you can force those bad eggs into a lengthy court case is poor comfort considering the extent of damage you’ll likely endure. The best option is to change passwords fast – even before your employee knows they’re fired. This lessens the chance of revenge attacks and opportunistic access.

Use a password manager

If you have good password manager like LastPass, reducing your risk becomes mostly automated. You’ll be able to keep your logins in a central vault that only you can see, and share based on business roles/need. There’s even an option to share passwords without letting employees see them in plain-text. Instead of writing passwords down somewhere and manually entering them each time, they’ll be able to connect securely with a click. Plus, you can revoke the share at any time. If their role changes or they’re fired, you can use the dashboard to see who is having access to what and add/revoke at will. If you’re not sure what that employee has been up to, you can also generate reports of their history.

We can help you set up password management and lock down your network. Call us at 570-779-4018!

New ‘KRACK’ Wi-Fi Security Issue: This Affects All of Us

The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.

Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result.

How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more.

NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support.

Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee.

Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call at 570-779-4018.

business disaster

Most Businesses Won’t Survive a Disaster. Could Yours?

With the crazy weather we’re seeing, natural disasters and cyber terrorism echoing for years, it’s not a case of ‘if’ a disaster will strike your business, but ‘when’. Surprisingly, it’s not the scope and scale of the event that influences how deeply your business is impacted, it’s your business continuity plan.

Put simply, this is the all-important set of precautions and pre-planned responses to an event, laid out in bullet-proof detail and implemented with one driving focus: keeping your business running with little or no downtime. Think about what would happen if your business was hit by a natural disaster tomorrow. Would it survive? How much downtime would it take to push you into dangerous territory?

According to an IBM study of all the companies that had a major loss of data, 43% never reopen, 51% close within two years and just 6% will survive long-term. For a fraction of those survivors, business even continued as usual thanks to their ‘failsafe’ business continuity plan. It’s more than disaster recovery, it’s full preparedness that bypasses the need for 2+ weeks of downtime, financial ruin, wasted salaries and reputation loss – but it does require a higher level of planning…in advance.

Recommendations to Put You in the Surviving 6%

Prioritize: You’ll need to plan exactly what you’ll recover first and know who’s in charge of making it happen. It goes beyond jotting down a checklist of things to do, it’s taking an analytical, process-based approach to recovery for each unique business perspective. But it’s also realistic: there’s no point dedicating precious time to reviving the email system if your customer data is leaking onto the internet, even if email did rank as your top communication priority!

Backup: Of course, the most critical part of your business continuity is having full backups in three places. Why three? One copy locally which you use each day, a backup on another (disconnected) device in the same location, and one in the cloud. That local backup is your life-saver for system crashes, cyber-attacks and the like; the cloud backup comes into play when your business has taken a major physical hit, perhaps from fire or flood. Some businesses can run entirely location-independent when using cloud systems like Office365, which can be enough to put them in that 6% of disaster survivors.

Test: Make sure all employees know what the plan is if something goes wrong, and their specific roles in these scenarios. You can test, prepare and rehearse your continuity plan under simulated disaster conditions, which will uncover new obstacles, priorities and additional threats.

As your IT environment becomes more complex, carrying more responsibility and risk, so does the importance of a robust business continuity plan. The best BC plans look beyond disaster recovery, taking into account scalability of your system and scope of your individual business, to create strong battle lines that will keep your business operational, both now and for the long term.

Give us a call at 570-779-4018 to create a custom business continuity plan for your business.

mac malware

Apple devices and Macs get malware!!

I don’t like picking on Macs… Oh, wait. That is a lie. I do like picking on Macs because I am tired of hearing “Apple’s don’t get viruses or malware.” This absolutely not true!

There hasn’t been a serious ransomware outbreak on Mac but that doesn’t mean isn’t coming. There are a few ransomware programs in the wild and there has been increased activity in the mac security sector just like there has been in the PC world. Other malware and scam software are out there and on the rise.  “Our tracking of Mac malware has seen a more than 220 percent increase in malware so far in 2017 over 2016,” said Malwarebytes. The main reason that Mac desktops and laptops seem to not be affected is that they only are about 7% of computer users. They are a much small target so there are less malicious programs out there. That doesn’t mean they don’t exist. They will still steal your data if they can. WIth RaaS (Ransomware as a Service) and cross-platform malware, it is becoming easier for the bad guys to target whatever they want. They don’t even have to be proficient at programming anymore. And with an attitude like “we don’t get malware,” you might be easy pickings.

Beyond that, you are also just as likely to lose your online data as a PC user! Just because you are browsing the internet from your Mac doesn’t mean things like the Yahoo and Equifax data breaches will not affect you. You still need to be vigilant in the cloud and protect your personal information.

Protect you and your Mac

  • Backup your data – Onsite, Offsite and Cloud
  • Keep your software and OS up to date
  • Don’t use unapproved software
  • Use an extra anti-malware solution
  • Be wary of unknown websites and unsolicited email
  • Use strong password and 2fa (Two-factor authentication) wherever you can
  • Use a standard account over an admin account for everyday use
  • If you have a laptop, consider full disk encryption

We offer backup, monitoring, and antimalware solutions if you use Apple products in your business. Let us know how we can help!

Public Sector IT Security

NEPA Public Sector IT Security

Are you in a NEPA local or state government entity? Are you worried about audits and compliance? Have you been quoted some solution that you can’t afford?

Ask us about our NG firewall and endpoint solutions!

Our NG (next generation) firewall has an option that was designed specifically for state and local government compliance. There are public sector discounts for all the security packages.

Already have a system in place? We ofter a conversion service as well as system optimization service. The NG firewall device can be installed “inline” which means you may not have to replace all your current network hardware.

We will monitor these solutions for you via our MSP/MSSP packages. Monitoring is part of compliance rules!

Some of the key features of Untangled NG Firewall:

  • Helps meet compliance for FISMA, NERC, NIST, FIPS, and several other state and county rules
  • Unique and granular policies for specific departmental and user access
  • Firewall, Router, IPsec VPN, Advanced Antivirus, Intrusion Prevention and Phish Blocking
  • HTTPS/SSL traffic inspection
  • Active Directory/LDAP Integration
  • Prioritize network traffic for mission-critical applications
  • Layer 7 application awareness to identify all incoming application traffic regardless of port destination
  • Prevents network slowdowns caused by any individual or group of users and applications

Give us a call at 570-779-4018 so we can schedule your free consult!