Home » Blog » Networks

Tag: Networks

New ‘KRACK’ Wi-Fi Security Issue: This Affects All of Us

The invention of Wi-Fi has been a science fiction dream come true. We can use our laptops anywhere in the house, our phones are using home internet instead of sucking down our cellular data, and our gadgets are all communicating. It’s essentially the backbone of the smart tech boom for home and business alike. Most networks are password-protected with an encryption called “WPA2” and this has been safe and secure, until now.

Recently, a security flaw called KRACK was discovered that allows hackers to break into Wi-Fi networks – even the secured ones. Your laptop, mobile phone, gaming console and even your smart fridge are possibly vulnerable as a result.

How KRACK works: The Key Reinstallation AttaCK isn’t a problem with your device or how it was set up. It’s a problem with the Wi-Fi technology itself. The attack gets between your device and the access point (eg router) to reset the encryption key so hackers can view all network traffic in plain text. Since we rely on Wi-Fi so much, this might mean hackers have a front row seat to your credit card numbers, passwords, chat messages, emails, photos and more.

NOTE: The hacker must be in physical range of your Wi-fi to exploit this flaw, it doesn’t work remotely like other attacks we’ve seen recently. Given most Wi-Fi ranges extend well past your own home/business, this is small comfort, but important to know.

How to protect yourself

Run your updates: Software updates are being released which fix the flaw. Microsoft has already released one for Windows, Apple has one coming in a few weeks. Take a few minutes to make sure you’re up to date with all your patches on any device that uses Wi-Fi (your smartphones, laptops, tablets, PCs, game consoles, etc). Unfortunately, some devices may be slow to get an update, or if they’re older, may not get an update to fix this issue at all. If possible, consider using a cabled connection on those older devices or upgrade to one with support.

Be very careful with public Wi-Fi: While your local business center, library or school campus has expert IT professionals keeping guard over your security, it’s a very different matter at your local coffee shop. It’s unlikely small locations such as this will be on top of security patches. Remember, a hacker exploiting this flaw only needs to be in the same Wi-Fi area as you, so be careful you don’t give them a dollop of private information with their coffee.

Check your browser security: Before sending anything secure over the internet, check you’re using a HTTPS site. You’ll know these by the little padlock you see next to the URL, and the address specifically begins with HTTPS. Major sites like Facebook, Gmail and financial institutions already use HTTPS.

If you need help updating your devices, or want us to check if you’re safe, give us a call at 570-779-4018.

WannaCry Ransomware Explained: Is Your Business At Risk?

You’d be hard-pressed to miss last week’s biggest headline, the WannaCry cyber-attack sent shockwaves around the globe. Businesses of all sizes and even police departments found themselves crippled without warning.

Among the most prominent victims were many NHS hospitals in the UK, affecting up to 70,000 individual devices such as essential MRI scanners and blood-storage refrigerators. But by the time it hit the news, it was too late – either your system was protected, or it was infected. Here’s how it all went so wrong.

What is WannaCry?

The WannaCry cyber-attack was a type of malware (the collective name for computer viruses & bad juju) called ‘ransomware’. Just like the name suggests, it’s actually a demand for money. Like all ransomware attacks, WannaCry encrypts your files and holds them hostage until you pay. In this case, the price was set at $300, payable with internet currency Bitcoin, and you had 3 days to pay before it doubled. If you didn’t pay, the ransomware threatened to delete your files permanently. It’s yet unknown how much money the WannaCry hackers have earned with their latest attack, but you can be sure plenty of people have paid the ransom. Even the FBI recommends paying the ransom, especially if the ransomed files are of a sensitive nature or weren’t backed up.

How It Spread So Fast

It seems WannaCry may be a ‘computer worm’ that self-replicates and spreads, rather than a phishing attack that needs to be activated with a click. So far, no common trigger has been identified, as is normally the case with phishing links. WannaCry moved rapidly from system to system, spreading out through the entire network, including all connected backups and storage devices. At the same time, it spread out to infect other networks, who then spread it further, and so on. Given the nature of the internet, it was everywhere within hours.

Why Some Businesses Were Safe

WannaCry could ONLY infect systems that have fallen 2 months behind in their Windows updates. This is because it was created to take advantage of a specific vulnerability in Windows, one which Microsoft patched months ago. Without that patch, the ransomware could waltz right past the firewall, past the anti-virus and directly into the system (the NHS were reportedly running Windows XP – no longer supported). Those running Windows 10 or a fully patched, recent version of Windows were completely unaffected – the virus literally had no way in

It just goes to show the importance of staying up to date. We haven’t seen a second spike in WannaCry attacks yet, but that doesn’t mean there won’t be one. A quick update could protect your business from weeks of downtime and lost revenue, making attacks like this a non-issue.

With our managed services, we can make sure you stay up to date – and protected. Give us a call today at 570-779-4018.

Mobile Cyber Security

Cyber Security: 4 Ways to Travel Safe For Business

Working from anywhere is now as simple as accessing the internet on your device. Managers, owners, and employees are all embracing the flexibility of working while traveling, making it the new global norm. But while you were in the office, you were protected by professionally designed firewalls, security infrastructure, and robust software. As soon as you step away from the building, those protections disappear, leaving your device and the data inside at great risk.

Cyber attackers love to collect any data they can obtain, often preferring to hack first, assess value later. It doesn’t help that almost all data can be sold, including your personal details, those of your clients and suppliers, as well as your proprietary business data. These days, the information stored on your device is usually worth much more than the device itself.

Here are 3 ways a hacker will attack:

Flaunting Opportunity: Whether your employee left their laptop at a café or a thief stole the phone from their pocket, the outcome is the same – that device is gone. Hackers will take advantage of any opportunity to gain access to a device, including taking them from hotel rooms and even asking to ‘borrow’ them for a few minutes to install spyware, before handing it back.

Spoofing a Wi-Fi Hotspot: We’ve all come to expect free Wi-Fi networks wherever we go. Hackers will take advantage of this trust to create their own free, unsecure network, just waiting for a traveler to check a quick email.

Intercepting an Unsecure Network: Hackers don’t need to own the Wi-Fi network to steal content from it. Data traveling across an unsecure network is visible and available to anyone with the right software.

It’s okay, you don’t need to lock all employees inside the building or cancel all travel plans. Taking these four precautions will increase cyber safety and help protect your business data while on the go.

  1. Make a backup before you travel: In the event your device is lost or damaged, you’ll be able to replace the device with a new one and quickly restore all the data from a backup, all with minimal downtime.
  2. Don’t use public Wi-Fi: Wait until you have access to a secure network before going online – even just to check email.
  3. Use passwords and encryption: At a minimum, make sure you have a password on your device, or even better, have full drive encryption. That way, even if your data storage is removed from the device, the contents are inaccessible.
  4. Act fast after loss: If your device is lost or stolen, immediately notify the appropriate people. This might include your IT provider so they can change passwords, your bank so they can lock down accounts, and any staff who need to be aware of the breach so they aren’t tricked into allowing further breaches.

Need help with mobile cyber security? Call us at 570-779-4018

5 Undeniable Reasons Your Business Is Ready for Professional Network

Way to go! Your business has grown at lightning speeds and you’ve been adding new workers and computers along the way. Now that you’re sure everything is on track to succeed, it’s time to level up your network to a robust, scalable setup.

Why? Here are the top 5 reasons to call in the networking professionals today:

Speed: They say time is money, but time spent waiting for a large file to transfer person-to-person or across a bottle-necked system is torture. As a small business this lost time was negligible, but as your business has grown, so has transfer time. While it may only be 5 minutes a day to start, with roughly 260 work days in a year, that 5 minutes a day turns into 21 hours. It all adds up. Unfortunately, the impact of this lost time reaches well beyond the time taken to pass a flash drive around the office or queue up downloads from the internet – it’s a break in workflow and concentration that can almost double the time off-task.

Efficiency: Almost every business requires employees to share digital files. Until now, you may have gotten by with a simple setup and minimal security, but as your workforce has grown, so has your network load. Each computer, storage drive and device adds further burdens onto your network, resulting in a slower transfer, errors, time off task, and even faster hardware failure. A professional network design will give your employees a central file storage location, with the added benefit of auto-saving and backups. No more losing hours of valuable effort or surprise file corruptions, just a scalable, secure server with smooth and efficient transfers.

Collaboration: Employees often need to work together on the same documents. Previously, this required them to take turns, waiting until someone else was finished before the file was available. With a modern network setup, collaboration becomes an organic, profitable way to work. Employees don’t even need to be in the same physical location, opening up opportunities for remote collaboration.

Confidentiality: Every business needs to keep a few secrets. Whether they’re trade secrets or accounting data, you have complete control over who sees what. Your network professional will be able to establish a setup that meets your business’ unique confidentiality needs. Perhaps you’ll have the CEO able to see everything, sales staff can only see sales data, and accounting can only see accounts. Set your access controls based on name, department, role or go further and require passwords for certain folders.

Flexibility: Expand your connection flexibility with wireless networking for employees who are required to roam within the building, Virtual Private Networks (VPNs) for those working at home, or even docking ports for those who switch between locations. A professional network setup will always support the way your business works, both now and as you continue to grow.

Your business’ ability to securely share, store and transfer files will be one of the key contributors to continued growth. The speed, efficiency and flexibility you build into your processes now will save you time, money, and a whole lot of frustration. It’s time to celebrate how far your business has come by looking to the future, with a robust, scalable network that supports your vision.

Give us a call at 570-779-4018 to discuss your new network.

Small Business Cyber Security

Small Business Security on your mind?

It is always a good time for a security review. Particularly if you deal with sensitive client data.  Did you know that you could be liable for a data breach? Taking reasonable steps to secure you and your customers data is the right thing to do!

Let us help you make sure all your Tablets, PCs, Servers, and Networks are secure and up to date. Is your network and wireless equipment old? Are you using consumer class equipment? Are you using free anti-malware software? We can help you make an affordable upgrade plan. 

Need next gen security to protect your business?

We are authorized Sophos partners. We can help you move to the next generation of malware and virus protection. Sophos is perfect for small to medium businesses, schools and nonprofit organizations. Don't try to use the consumer level router to protect your vital system. Get secure today!

Need security but can't afford Sophos?

Our alternative solutions offer good security at great prices. Everyone needs to stay secure. Even if you are small business, you can afford to be secure. Ask us about our PFSense solution!

5 Tips for DIY Small Business Tech

First, the disclaimer: I do not advocate DIY small business tech. I highly recommend having a computer consulting company help you design and support your IT system. Of course, I would say that because that is how I make my living. However, I am a business owner too and if there is one thing I have learned, it is that you can’t (or shouldn’t) do everything yourself. An IT firm will save you time and money and can work with your budget. Since some of you are going to try to be a DIY small business tech anyway, here are some tips to help out.

Tip # 1 – Backup!

It is very important to make sure you have multiple backup systems in place. Beyond the obvious chance of data loss due to a system crash or hardware failure, there is the constant threat of malware and ransomware.

If you are mostly cloud based, make sure to export or download your data to somewhere local and then backup that data to a secondary system or device. If you are mostly internal, you should have an online backup and a local backup. If you do not want an online backup for security or cost reasons, you should have an offsite backup. This means you should have at least one backup device that you take away from your primary place of business at least once per week.

It doesn’t hurt to have all three (offline, online and local) backup. Some of the new malware and ransomware is extremely sophisticated. The more backups, the better.

Tip #2 – Security!

Some small business owners think “it will never happen to me” or “how can I afford to protect myself if these big companies can’t” or “Who would want our data?” It is your responsibility to protect you, your employees and your customers. In some cases, you can be held accountable if you have not taken reasonable precautions to protect your system. Criminals are targeting small business just because they are generally easier to break into.

This doesn’t means that you have to spend large amounts of money. A reasonably safe system can be built on a limited budget without any real monthly costs. If you want to build your own security system, look into pfSense, and Ubiquiti Networks. I strongly recommend purchasing antivirus and not using a free version. Kaspersky, Symantec, Sophos or any of the more popular security companies are better than the free versions.

Do not forget to use strong passwords and if possible multi-factor authentication.

Keep your devices, systems and software up to date.

Limit employee access to data and information and limit authority to install software

Tip #3 – Spend time researching your software

I have a client that was very disappointed after they moved to a cloud version of their favorite accounting package. They had decided to do this without consulting us. Don’t get me wrong; there are some great SaaS (software as a service) cloud systems out there, but there are differences from your favorite desktop version. In this particular case, the online version only allowed one company per account, and they wanted control of your data. One client wanted to switch back to the desktop version, and they had to re-enter one month worth of data because the online version would not give them their data back even though it was the same brand.

The point is, take your time and research thoroughly before committing to a new product. If possible, take advantage of the trial software and setup a test system. Read the fine print. There also may be free open source software they could just be what you are looking to help run your company.

Tip #4 – Do not neglect your network

Please do not tell me you are running your high-speed cable system and brand new desktop PC through a circa 1999 Linksys firewall/router and eight port hub. Network equipment must be kept up to date. That Linksys router and hub are making your internet system very slow and unsafe. If your equipment is really that old, you may need new wiring as well. This may sound expensive, but you are losing productivity due to your slow network. Even if you equipment is only five years old, there can still be speed and safety concerns.

Also, wireless technology is becoming more and more crucial to small business, and if your wireless system is more than a few years old, you should consider upgrading that as well. There are faster and more reliable systems at affordable prices. You need solid wireless coverage and should offer a guest version to your employees and possibly your clients unless you want to take on the security risk and burden of monitoring their devices in your network as well.

You should avoid consumer class networking equipment. The price is right, but they lack the security features and performance you need.

Tip #5 – Don’t buy cheap computers

I know you want to save money, but cheap computers or devices from your favorite big box store will cost you more in the long run. They usually do not last as long. They are slower and less productive from the start. They generally come loaded with software you do not need. They also usually do not come with the pro version of windows. The Pro version has extra security features the other versions do not. For example, Window 10 Pro has encryption options built in. Business class PCs have longer warranties and better parts so they will last a long time.

5 Tips for DIY Small Business Tech - NEPA

Enterprise Quality Wireless at Small Business Prices

Does your small business need enterprise quality wireless at an affordable price? Why would you even want enterprise quality wireless? WLAN or wireless local area network is becoming more and more important to all businesses with the increased use of tablets, phones, and other network-enabled devices. You need to provide secure internet access for your employees and your customers and you need to keep that internet access separate from your business network. We offer some specialized configurations that can restrict usage level and website access as well.

Some of the features that may convince you to switch from that department store router:

  • Better Coverage — easy to add access points, band steering, airtime fairness
  • Higher Speed — Up to 1300 Mbps with AC pro access points
  • Increased Security — guest network, download speed control, multiple SSIDs, VLAN support
  • Reduced Interference — embedded technology rejects interference using specialized circuitry
  • Reporting and Monitoring — analyzing trouble devices, usage and coverage problems

Contact us and we will analyze your current wireless setup and recommend a solution.

enterprise quality wireless
UniFi® Wireless Access Point
BYOD, "Apple, the Apple logo and iPhone are trademarks of Apple Inc., registered in the U.S. and other countries."

Do you allow BYOD at your workplace?

Do your SMB employees connect their personal devices to your wireless? Do you have policies implemented for bring-your-own-device (BYOD)? Do you let them browse whatever websites they want? Do they have full access to your business wireless?

If you gave out your wireless password to one of your employees, more than likely all of them have it. That most likely means a large number of devices have uncontrolled access to your network. Do you know what apps are installed? Do they have passwords? Are they rooted or jailbroken? Do they have antivirus and malware protection installed?

BYOD Security Risks

BYOD or “bring your own device” can mean a few different things. Sometimes it simply means allowing your employees access to your wireless with their personal devices (phone, tablet, laptop, etc). Sometimes it involves allowing the users direct access to your mail server or file sharing services. In any case, it presents a number of potential security threats that you may not even be aware of.

  • The devices may not be locked down with password protection. Anyone can pick up the device and gain access to your network or worse, your sensitive business email or data.
  • The devices may be “rooted” or “jailbroken” which could allow malicious software onto the devices and your network. This means a device with software looking to steal your data can be already lurking in your network and it could be on someones phone, not just their laptop.
  • The devices may not have up to date virus and malware protection. This can also provide a path for malicious software to be inside your network.
  • The devices may not be encrypted. If a device is stolen, data can be retrieved from a unencrypted device. This data could include passwords and access to VPNs.

BYOD Advantages

BYOD can provide some benefits to the workplace so sometimes it is worth putting the security and effort in to allow devices in your workplace.

  • Allowing your workers access to free wireless internet can make the workers more happy and thus more productive.
  • Allowing your workers to access company email and information via their personal device can enhance productivity. Not only will they be using a device and software that they are comfortable with, they will also have access to this information from outside the office.
  • Allowing BYOD could also save you money. You may not need to purchase a new laptop, tablet or phone for they new employee if they bring their own.

BYOD Disadvantages

BYOD also has some disadvantages that you must consider before investing the time and money to allow them into your workplace.

  • Your IT resource will have to manage the devices. Beyond the obvious cost, employees may be concerned with their personal privacy.
  • Your IT resource will need to stay up to date with devices, wireless and network security.
  • You may incur more licensing fees for each device that is attached to the system.
  • There is a chance your staff will be using the devices for personal use during work hours.

BYOD Solutions

There are multiple ways that BYOD can be configured in your environment. If you don’t want to bother with the more advanced issues, I strongly recommend implementing security guest/employee wireless that doesn’t have access to you main network. If possible, this guest network should be throttled to make sure they don’t use all of you business internet bandwidth. There are some cost-effective ways that this can be done.

To tackle the more advanced issues, you need to come up with a BYOD policy and enforce it. This will help determine what type of hardware and software you need to control your BYOD environment. This doesn’t always mean you have to spend boatloads of money. There are ways to be secure and productive without breaking the bank.

Cyber Security Review

Do you need a cyber security review? The simple answer is yes.cyber security

 

Bussiness of all sizes need to worry about cyber security. You have a responsibility to your employees and customers to protect their data. Beyond that, your business can be liable if you haven’t taken reasonable steps to secure your employees and customers data. If you haven’t already taken notice, insurance companies are now offering cyber security insurance to protect your company. Even these programs tend to have base security requirements that you need to meet and buying insurance isn’t all you should do.

 

These are some top cyber security points that you should be concerned about:

  • Keep all your software and systems updated
  • Update and monitor malware protection software on PCs, servers, and firewalls
  • Create an Internet access policy for your employees
  • Use strong passwords
  • Limit administrative access
  • Use VPNs for mobile access
  • Data encryption
  • Secure your static and mobile devices
  • Multi-location full system backups
  • Secure mobile connections
  • Network and wireless security
  • Cyber security insurance

 

Cyber security is a multi-tiered complex issue. You don’t have to figure it all out on your own. Contact us for help.

Do you need a network review?

network reviewDo you need a network review?

How is old is your router? You are not still using that old blue and gray Linksys BEFSR11/BEFSR41 with the 10BaseT WAN port to connect to your high-speed internet,  Right? On a good day that router will top out at 8Mbps. Since these days most internet service is above 8Mbps, you are limiting your speed right at the router.  At last check, my home connection was running around 115Mbps. This means that even a more recent 100Mbps router will slow my line down.

How about your primary switch? I hope it is a switch and not an old hub. Is it 100Mbps? Do you have a stack of switches connected by 100BaseTX? Can you benefit from a 1Gbps  upgrade? It may be beneficial to upgrade an older 1Gbps switch for a faster backbone. Moving to a layer 3 switch may allow you manage your network better and offer services like guest wi-fi via VLAN configuration.

How about your wi-fi?  802.11g is just 54Mbps on a good day. 802.11n and now 802.11ac have impressive speed and are much better at streaming content. Another significant reason to upgrade your WAP (Wireless access point) or Wireless router is to provide internet access to your customers or employees without compromising your company network. Even at home it is nice to allow your guests access to high-speed Internet but not worry if they device they are using is secure or not.

How about your network security?  Most older routers have very little to offer in the way of security. A simple firewall is no longer enough. You are not still using the default password, right? There are new forms of malware that hack routers and replace your DNS settings which can cause all types of security issues. Some new malware can hijack your router and use their resources in DDoS (Distributed Denial of Service) attacks.  Not only does this slow down your internet speed it can cause havoc to the target of the attack.

We can help you answer some of the questions.  Contact us and we would be glad to stop and give you a network review/site survey to determine if newer networking technology will help your business.