Categories
Industry Insights IT Solutions Managed IT Services

Cisco small-business routers firewalls are open to hacking

Three models of Cisco small-business routers firewalls are open to hacking. There is critical unpatched vulnerability that allows hackers to remotely exploit your device.

The affected Cisco gear includes Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router and Cisco RV215W Wireless-N VPN Router.

Cisco warned about the vulnerability this week in a security advisory however there are no patches at the moment. Cisco plans to release the updated firmware sometime in the third quarter of 2016.

Cisco small-business routers firewalls are open to hacking easily as the exploit allows access via remote management and hackers have to only send an unauthenticated HTTP request. This request will result in remote code execution as root and lead to your device being compromised.

In order to protect your business, Cisco has asked to disable remote management. Follow these instructions to disable:

  1. Open the web-based management interface for the device
  2. Select Basic Settings > Remote Management.
  3. If the Enable check box is checked, remote management is enabled for the device. Unchecked it.

Cisco has stated that there has been no indication that any of these security flaws have been exploited however time will tell.

365 iT SOLUTIONS is delivers industry leading IT consulting in Toronto via Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Categories
Industry Insights IT Solutions Managed IT Services

“FLocker” Ransomware is now targeting smart TVs

Yes, you are reading the title right. Not only have servers, workstations and laptops been under attack, “FLocker” Ransomware is now targeting smart TVs and mobile devices.

Sharp and Philips smart TVs that are running Android TV OS can be hit by “FLocker”. It is a new device-locking ransomware that targets both Android-powered mobile devices and smart TVs.

FLocker (a.k.a “Frantic Locker”) has been around for approximately 12 months and its is very active as the threat keeps being delivered via spam SMS or malicious links.

According to Trend Micro, FLocker will first check to see whether the device is located in the following Eastern European counties: Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia and Belarus. If the device detects that it is located in any of these locations, it deactivates itself.

If FLocker detects you are outside of it, it runs its routine 30 minutes after infecting the unit. It will then run a background service which requests device admin privileges. If the user denies it, it will freeze the screen faking system updating. The FLocker ransom is to be paid by iTunes Gift Card. and typing in the card code might return users to their senses – who ever saw any “cyber police” requiring iTunes gift cards in lieu of a cash fine?

“FLocker” Ransomware is now targeting smart TVs. How do you protect yourself?

If you have an Android TV and it gets infected, you should contact Sharp or Philips for solution at first or you can remove the malware if you enable ADB debugging. Users need to connect the device with a PC and launch the ADB shell. Once connected, execute the command “PM clear %pkg%”. This will kill the ransomware process and unlock the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app. If your mobile Android device gets hit by “FLocker”, you should be running security software to protect it from malicious apps and threats.

It is important to understand that Android OS versions running on mobile devices and smart TVs maybe different. Not all Android malware will run on both however cyber criminals are quick to adapt and attack.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. We deliver Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services. Our Complimentary Network Assessment will put your company to the test.

Categories
Industry Insights IT Solutions Managed IT Services

How does IT outsourcing work with your IT department?

Many companies and employees worry about IT outsourcing and managed IT services providers but the truth is IT outsourcing work with your IT department, not against it.

In today’s economy and business landscape, IT outsourcing and managed IT services is starting to complement existing departments and not replace the current IT department or IT staff. This gives companies access to services and experience that would cost a fraction of the cost it would take to employ them full-time.

How does IT outsourcing work with your IT department? Here is a list of misconceptions.

IT Outsourcing augments – The majority of small and midsize business (SMB) have a few core expertise such as finance, law, real estate, mining, manufacturing, and health care. This means that the business will have certain areas that they are experts at, but this also means that they will have areas where they lack the expertise and experience to excel at in their business.

This is why IT outsourcing and managed IT services allows businesses to excel in their business. This gives businesses core expertise for the fraction of the cost. This allows existing internal staff to focus on more important matters and leave the day to day operations to managed IT services providers.

Do you need IT Generalists vs. IT Specialists? – Technology is constantly evolving and changing overnight. This can cause problems for every small and midsize business (SMB) who is dependent on technology. As with change and new innovations, it changes the landscape and internal IT workers cannot be specialists in everything.  By stretching employees past their limits, it can reduce their productivity and cost your business money.

This is why companies take advantage of IT outsourcing, IT consultants and managed IT services providers. They give companies the time and resources needed to train staff on new technology. With access to IT specialists, they bring knowledge and expertise for a fraction of the price it would take to employ them in-house.

Choose based on the lowest priced IT outsourcing firm or managed IT services provider – You know the old saying, “you get what you paid for”. By choosing the cheapest IT outsourcing firm or managed IT services provider does not mean you are getting the value for your money as it can lead to subpar quality, improper business operations, and overall IT support services for your company. Take advantage of a free IT consultation or Network Assessment including an interview. This will ensure you find the right fit and this should be seen as long term, not short term relationship.

What is outsource and what is in-house? – You should have a clear idea of what is to be outsourced and what is to be kept in-house before you take advantage of IT outsourcing or managed IT services. Outsourcing can be a huge financial and productivity benefit to your business but IT outsourcing firms and managed IT services providers have different expertise and experiences that differ from their core expertise and can supplement and in most case make their business run better, more efficient and effectively.

This will help lower costs of hard-to-find IT skills and take advantage of globally competitive rates as well as give you access to IT skills when and where needed. No more investment into training and it will help drive quality, productivity, speed and profitability within your organization.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services. Put your network to the test with our Complimentary Network Assessment.

Categories
Industry Insights IT Solutions Managed IT Services

Is Cloud Services Right for your Business?

Cloud services is becoming increasingly popular for businesses with a jump of 70% according to IDC in the next 12 months. Is cloud services right for your business? Here are some important factors to consider.

  1. Internet Connection – before your commit to cloud services, you need to evaluate your Internet connection including reliability, any monthly data caps, upload and download speeds. Remember, not all internet providers are the same and your area plays a part also. These are important factors to consider before making the switch to cloud services.
  2. Regulatory Requirements – Does your company work in an industry with regulations and compliance when it comes to IT technology? It is important to understand that some types of data must be stored in a specific manner in order to comply with industry standards. You need to ensure you can meet these regulations prior to committing to cloud services.
  3. Type of Data – There are many types of data when considering cloud services and they should all be considered separately. Operational data is stored on servers and accessible daily with little to no delay. Emails maybe be hosted on a server or already in the cloud with Microsoft 365. Backup data should be stored on premises and in the cloud. You need to evaluate the amount of data, accessibility and security prior to moving to cloud services.
  4. Monthly Costs – Cloud service provider continue to fight for new users. Prices continue to drop as the cloud services becomes more relevant and cost effective. Despite the low cost and potential savings, you need to consider your monthly budget as well as long term management. There are many different cost structures and features to consider when using cloud services so you need to ensure you are evaluating all options in order to maximize your ROI.
  5. Disaster Recovery – No matter where you store your data, you need a disaster recovery plan. If your building caught on fire or there was a natural disaster, would your data be safe and how long would it take to get you back up and running? Cloud services will fit into any disaster recovery plan but it is important to conduct a full review of your disaster recovery plan and adapt it to your most current needs. By doing this, you will identify potential threats and avoid crippling events that could affect your organization.

Not all clouds services are created equal and not all of them will suite your business needs. When considering possible cloud service providers, be sure to factor in all criteria like performance levels, cost and reliability as this will be a long-term business partnership in order to maximize your investment.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto that delivers Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services. Put your network to the test with our Complimentary Network Assessment.

 

Article SourcesIDC FutureScape: Worldwide Chief Marketing Officer Advisory 2016 Predictions, World Data Protection Report and Office of the Information and Privacy Commissioner for British Columbia.
Categories
Industry Insights IT Solutions Managed IT Services

Why your endpoint security is your weakest link

You have endpoint security on your computer systems but is it putting your company at risk? Find out why your endpoint security is your weakest link in protecting your business.

As hackers continue to improve their processes to gain access to your network, most companies are using a very basic approach or misconfigured endpoint security software. Unfortunately, endpoint security solutions continue to fall short when it comes to providing protection against today’s security threats including malware, viruses and other cyber threats as there has been an increase in security gaps and vulnerabilities.

Why your endpoint security is your weakest link? Well endpoint security in a business environment is a method of protecting a central corporate network when it is being accessed through remote devices, or endpoints, such as PCs, laptops and other wireless mobile devices. Basically, your business class Antivirus that is centrally controlled and proactively management by your IT department or partner managed IT services provider. But this is only one step to protecting your systems.

Here is the issue as to why your endpoint security is your weakest link. Endpoint security is not new but it is becoming more complex due to the broadening of many company BYOD policies and the increasing number of employees and authorized users being allowed to log in remotely to corporate networks.

Here are 6 steps to increase your endpoint security

  1. Keep your Windows operating system up to date using proactive network management.
  2. Keep all software up to date installed on your workstations.
  3. Install a business class antivirus that is centrally management and controlled.
  4. Install a security solution against spyware, malware and other cyber threats.
  5. Ensure your company is using a proactive security solution with multiple defense layers of security.
  6. Back up your system and your data if you are not storing it on the server.

The steps above are meant to keep your workstation, data and users safe however there are many more layers that can be added within your network management to protect your business.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. They deliver Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

 

Put your network to the test with our Complimentary Network Assessment.

Categories
Industry Insights IT Solutions Managed IT Services

Hackers Are Using New Tricks to Deliver Ransomware

Ransomware scams are all about profits and when profits are involved, it creates innovation. Hacker are using new tricks to deliver Ransomware and it is costing businesses tons of money.

Over the last several months, the IT industry has been exploding with the constant attack of new Ransomware hitting networks using new tricks, tools, and techniques to snag victims. IT departments, managed IT services providers and IT consultants have been in a constant battle to protect their networks from this cyber risk but they are getting very creative. According to the news and reports, there is no sign of the trend slowing down any time soon.

What are some of the new tricks to deliver Ransomware?

Locky Ransomware

Locky first appeared on Tuesday February 16th, 2016 and it allows the hackers to push the malware aggressively, using massive spam campaigns and compromised websites. Locky encrypts files and adds a “.locky” file extension to them. The cyber criminals then demand a ransom between 0.5 to 1 bitcoin (approximately US$210 to $420).

Bucbi Ransomware

Not new but the two year old Bucbi ransomware is making a very strong comeback. It now has new targeted attacks and as well as a new brute force technique. According to Palo Alto Networks, they have seen reports of the ransomware infecting Windows Servers and demanding 5 bitcoins (approximately $2,320 US) ransom. Bucbi is no longer randomly seeking victims, it is now targeting attacks.

There are no easy shortcuts to get your data back if you don’t have a recent data backup. Locky for example doesn’t just scramble your C: drive, it also scrambles any files in any directory on any mounted drive that it can access, including removable drives, network shares, servers and other user’s computers. If you are logged in as a domain administrator and you get hit by ransomware, you could see widespread damage.

What are some protection measures from these new tricks to deliver Ransomware?

  1. Backup regularly and keep a data backup copy off-site.
  2. Encrypt your data backup.
  3. Do not enable macros in document attachments received via email. (Microsoft default is off)
  4. Be cautious about unsolicited attachments.
  5. Do not give yourself more login and credentials more than needed.
  6. Do not stay logged in as an administrator and avoid browsing, opening documents or other “regular work” activities while you have administrator rights.
  7. Proactively manage your IT network. Patch early, patch often and stay ahead of malware.

Hackers are using new tricks to deliver Ransomware but it does not mean your business needs to fall into the trap. These simple steps will allow you to protect your business from losing money, time and productivity.

365 iT SOLUTIONS is delivers industry leading IT consulting and IT security services including Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Our Complimentary Network Assessment will put your IT infrastructure to the test and test to see if you are using a Layered Security (Layered Defense) approach. We will give you a true picture of your company liabilities from threats such as Ransomware, Malware and other hackers cyber threats.

Categories
Industry Insights Managed IT Services Uncategorized

Malware Protection and Security

malware-the-importance-of-layered-security-managed-services
malware-the-importance-of-layered-security-managed-services
Categories
Industry Insights IT Solutions Managed IT Services

Your Business is Not Protected from Ransomware

Ransomware is the fastest growing cybercrime and your business is not protected from Ransomware. Is your business safe and how will you deal with it when it hits your network?

Ransomware does not care if you are a small, medium or enterprise sized business. It only wants to gain access to your data and demand payment in exchange for a key that decrypts or makes the data visible again. According to Kaspersky Security Bulletin 2015, In 2015, there were 1,966,324 registered notifications about attempted malware infections that aimed to steal money via online access to bank accounts.

Your business is not protected from Ransomware but here are 4 best practices to follow to protect against ransomware.

  1. Have a complete tested data backup plan.

As a leading managed IT services provider in the Toronto area, we offer complimentary network assessments and this is a consistent issue. It does not matter if you backup your data to an external hard drive or use a cloud provider service, you should always have both in play. The reason behind this is if your physical location experiences a natural disaster, fire or theft, you should always have a physical device backup stored at a different location. Your cloud data backup service should be using encryption before uploading for an added layer of protection.

  1. Perform proactive software and security updates

Yup, proactive is the keyword in this one. No matter how much time and money is put into developing software, it all comes with bugs, security flaws and vulnerabilities. Manufacturers issue software and security updates for operating systems, computer programs and apps on a regular basis. Hackers and cyber criminals use browsers, plug-ins, media players, Flash and Adobe Acrobat as common areas to attack potential victims. You need to ensure that your network is proactively managed to minimize a breach or any other security threat.

  1. Don’t click on that email and link while browsing

Use good judgement before you click. It does not matter if you are banking, shopping or browsing online, use judgement before you click on suspicious stuff. You should do shopping or banking only on a computer or device you trust. Never use a public computer or free WIFI for personal website browsing. You need to be careful about clicking on a link or opening an attachment, even if it looks like it came from someone you know. Criminals and hackers use generic names to avoid the time it takes to send customized emails. Simple rule to follow, when in doubt, do not click!

  1. Use complex passwords. “Password” does not qualify.

Make it complicated. “Passwords” or “12345” do not qualify as a complicated password. Passwords should be long and contain a mix of upper case, lower case and symbols as well as a different password for each site. One third of people use the same password for every website with weak passwords like “Password”. You should have a password policy to ensure it changes often and enforce users to make passwords complicated.

Your business is not protected from Ransomware but these 4 simple steps can help you reduce your risk and stay protected from Ransomware.

365 iT SOLUTIONS is Toronto’s best boutique IT consulting and security firm offering industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Our Complimentary Network Assessment will put your IT infrastructure to the test and give you a true picture of your liabilities from threats such as Ransomware, Malware and other hackers cyber threats.

tech support services - managed it services

Categories
Industry Insights IT Solutions Managed IT Services

Looking for Managed IT Services? Here is a Check List of Important Questions

As technology grows and expands, your current IT support services company may not be delivering the service you need.  Now you are in the market and looking to choose a new managed IT services provider. Here we will address important questions to ask.

We have put together some questions to ask to ensure you are getting the best IT support services and IT management services possible. This will save you money, increase the security of your data and protect your business from disaster.

  1. Who will have access to my company data?
  2. How will my data be handled and stored?
  3. Where is your company office(s) located?
  4. Do you outsource or offshore your IT support services?
  5. Where do you host your infrastructure including servers and backup systems?
  6. What services am I paying for and what is included in my monthly support fee?
  7. Can you access our IT infrastructure remotely?
  8. Do you have a central ticketing system?
  9. Do you proactively manage the network and prevent tech support issues from occurring? How?
  10. How often are the security systems updated?
  11. How is my data separated from the information of your other clients?
  12. Is your storage space a private or shared cloud storage?
  13. What security measures are in place, such as firewalls and encryption, to avoid data leaks?
  14. Can my employees be trained to use the system in order to further manage security and prevent inadvertent threats?
  15. Do you have a Disaster Recovery procedure?
  16. Do you test data backups to ensure your procedures are flawless?
  17. Can you accommodate a growing business and what is your capacity?

These are some simple question but it will really give you a clear understanding of what level of managed IT services provider you are working. A simple “yes” response is not good enough, you need real world examples and even client references to ensure you are getting the best long-term IT consulting business partner possible.

Take your time as everyone has worked with companies that promise the world and never deliver. Ask important questions and evaluate.

365 iT SOLUTIONS is Toronto’s best boutique IT consulting firm offering industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Our Complimentary Network Assessment will put your IT infrastructure to the test and give you a true picture of your liabilities.

tech support services - managed it services

Categories
Industry Insights IT Solutions Managed IT Services

Governments are boosting IT security. Are you keeping up with new threats?

As networks are under constant attack, many organizations are boosting IT security spending due to value of data on the black market. How secure is your data?

Hackers continue to increase the number of attacks and more organizations need a proactive advanced security solution to protect their business. This has come down to securing several areas including the following:

BYOD Including Mobile Devices

With BYOD and IoT are becoming more popular and causing companies to boosting IT security spending. IT BYOD policies have to now address personal mobile devices such as smartphones, tablets, and laptops. Employees now need to access and store confidential data on mobile devices, which has put increased stress on IT departments to protect data. Unfortunately, smart devices are not secure and an easy target for hackers to gain unauthorized access to them in corporate networks.

Data breaches

Everyone hears about them in the news and in all industries including healthcare, manufacturing, insurance to mention a few. Hackers have found new ways to access valuable data as well as ways to disrupt businesses. As more businesses rely on the internet and web dependent applications, this has led to unprecedented rise in cyber-attacks and an increase in boosting IT security budgets.

Network security threats

With organizations having an increased dependency on web applications and services, this has led to an increase of cyber-attacks that will affect your IT infrastructure. With so many business relying on hybrid cloud services, your entire network is at risk as they generally tend to target your websites, customer databases, cloud email and web servers. The unfortunate news is that advanced attacks and threats can be detected only after an attack.

Regulatory requirements and compliance

What has been driving IT security? Simple, more industries are starting to be regulated and have to meet compliance and IT security audits. Regulatory compliance enable merchants and financial institutions to protect their payment systems from breaches and theft of cardholder data. A compliance breach may result in financial loss and reputation loss, which may lead to customer attrition. Organizations are proactively securing their network perimeters and applications to prevent any compliance breaches.

365 iT SOLUTIONS is delivers Toronto’s best IT consulting with Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services. Let our Complimentary Network Assessment put your IT infrastructure to the test.