Author: Casserly Consulting

Categories
Casserly Consulting Blog

Four Questions to Have About Cloud Services

cloud_computing_security_400.jpg

Can you think of a more revolutionary technology in today’s modern age than cloud computing? Companies are now able to implement solutions that are both flexible and scalable enough to suit the needs of both small and large organizations. To this end, the same cloud won’t work for every type of organization. Here are four questions that you’ll need to ask in order to get the best service from your specific cloud provider.

What Are Your Business’ Responsibilities?
You will have to work with your cloud provider to determine who is responsible for what functions and tasks. For example, your cloud provider might be responsible for security, but other types of responsibilities might fall under the umbrella of your organization. Knowing what specific details your company is responsible for is the first step toward achieving success with your cloud solution. Whenever you implement a new cloud service, the best way to start off on the right foot is by clearly outlining any and all responsibilities between the two of you.

What Kind of Cloud Security Do You Need?
There are several different kinds of cloud-based services that your organization can leverage. Cloud services range from intensive and sprawling solutions such as Infrastructure as a Service, all the way to simple productivity suites through Software as a Service. Depending on the extent to which you use the cloud, your security will need to adapt and change.

Does the Cloud Provider Offer Training?
While it’s beneficial that your managers and supervisors know how to use your business’ cloud solution, you’ll need all employees to be on board with your efforts to get the most out of it. Of course, training all of your employees is costly and time-consuming, so if you can avoid doing it yourself, all the better. Cloud providers will often provide their own specialized training procedures both during and after the implementation process, so try to take advantage of it if you can.

How Much Visibility Do You Get?
Visibility is important for a business. In this case, it’s defined as insight into how your organization’s data is being stored, managed, and secured within your cloud environment. Cloud visibility varies between providers and services, though. A small business using the public cloud may have limited cloud visibility, but a large organization with a dedicated private cloud service may have much greater visibility as a whole.

Do you know what you need in a cloud solution? COMPANYNAME can help. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Your Office Deserves a Good Cleaning

how_to_clean_desktop_400.jpg

In keeping with the freshly rejuvenated feel that springtime brings, many people take advantage of this energy by doing some much-needed spring cleaning after the long winter months. Why shouldn’t the workplace join in the fun? In this blog, we’ll explain how a fresh and clean office can benefit your employees and your business as a whole – and just as importantly, how to go about tidying up properly.

Why Your Office Needs to Be Kept Clean
Regardless of the industry you operate in, chances are that your business relies on technology solutions in order to function properly. From this conclusion, it can be inferred that if your solutions were to go on the fritz or even break down entirely, you would find yourself experiencing downtime and the associated lack of productivity.

Keeping your solutions and the environment they are stored in clean and organized is key to maintaining their functionality. Without the proper care and maintenance, your technology doesn’t stand a chance for very long, which can (and will) cause no small harm to your business.

To combat these effects, there are plenty of solutions you can deploy to assist you, along with some traditional cleaning methods and basic organizational strategies.

Digital Methods
There are plenty of ways to improve your organizational functionality, starting with your document organization solution. What is the current state of your retained files? Are they well-organized into a hierarchy, such that everyone in the business who needs access can gain it by following the system? Are they fully digitized and backed up, or are they squirreled away in metal boxes that take up valuable real estate? Going paperless is an environmentally conscious and admirable strategy, not to mention a good way to save some capital.

Organizing and Optimizing Your Computer
While you’re occupied with dealing with your file storage and organization, it also doesn’t hurt to take a look at some of your other technology solutions to ensure that everything is as it should be where they are involved. Take, for example, your email solution and its inbox.

It’s no secret that email messages have a tendency to pile up and become unmanageable if left unorganized for too long. By auditing the messages you receive and setting up filters to automate their organization, you can make your inbox largely independent.

As for your desktop and the files found on it, treat the files there as you would the files in your document organization system. Are there any being stored on your individual device that should actually be stored in the company’s shared files? A hierarchy of folders can help you organize any files that are left after those that can be moved to shared resources have been migrated.

Keeping Things Tidy
Of course, what’s a good office cleaning without taking a few workstations and getting rid of any accumulated dust and grime? Have a trusted IT resource open up the devices and give them a thorough cleaning with some canned air, and clean out some of the exterior in the same way. You should also give your network infrastructure the same treatment with duster. Once your computers and servers are cleaned out, it never hurts to rethink your cable management to minimize dust collection and reduce the very real tripping hazard these cables can create.

Finally, you should also participate in some more traditional spring cleaning. Clean your floors and bathrooms, and get rid of any “science experiments” left in the break room refrigerator. This will all make your office environment more comfortable, healthier, and thereby more productive.

What are some of your best cleaning tips? Share them with us in the comments!

Categories
Casserly Consulting Blog

Tech Term: Cookies Defined

tech_term_cookies_defined_400.jpg

Chances are, if you’ve spent any amount of time around a computer, you’ve heard of browser cookies. What you may not have heard, is what these cookies do. For today’s Tech Term, we’ll explore what cookies are, and what they do.

What are Cookies?
A cookie is a sample of information that a website stores on a user’s computer in text format that only that particular website can access. This information, made up of name-value pairs, informs the website if you have ever visited before and allows it to personalize your experience as a user. These cookies are often removed once the browser window is closed down, but they can be designed to last longer.

Cookies are what enable a website to “remember” that you are logged in and allow you to change particular settings without them reverting back the next time you navigate to a new page. Furthermore, cookies can allow websites to remember your browsing tendencies and suggest things that might interest you, even if you haven’t logged in. This is especially apparent on ecommerce sites that offer you products that might interest you based on the products that you’ve viewed in the past.

Are Cookies Dangerous?
In a word, no. All these pieces of data are viewable only by the website that delivered them. This means that Website A can only see cookies that it has delivered, and its cookies are likewise hidden from Website B. As a result, if Website B was attempting some malicious activities, the information that Website A has stored is safe.

However, some cookies are used for purposes that may be unwelcome to some users. Have you ever been browsing for a particular item on Amazon, and then notice that the other websites you visit are displaying advertisements for related items? This is the result of an advertising cookie taking note of what you have demonstrated interest in, thereby allowing it to customize the advertisement to best fit your interests.

Clearing Cookies
Of course, you can remove the cookies that your browser has accumulated by using the Clear Private Data tool. However, this will also erase any saved login credentials that you do want websites to have saved. The majority of browsers have ways to workaround this by whitelisting some websites as trusted to save cookies.

Are there any other Tech Terms you’d like defined, or do you have more questions about cookies? Reach out to us at PHONENUMBER and let us know!

Categories
Casserly Consulting Blog

Cybersecurity Requires Flexibility to Changes

security_needed_even_more_400.jpg

Security is always changing due to the volatility of online threats and vulnerabilities. Things have changed so much over the past decade that solutions that worked back then are so outdated that they put your business at risk today. This brings into question what you should expect in the years to come. What are some of the threats that your business can expect to face in the future?

For reference, this information is from a study performed by Cisco. The study references the findings of 3,600 data security professionals from organizations such as Talos and others from all over the world.

Malware Has Grown More Autonomous
Early types of malware relied heavily on the user actually clicking on a link or downloading an attachment to install itself on their computer. Nowadays, malware doesn’t take the risk that the victim will know better than to click on a link or download something bad. Instead, a ransomware might be more network-based, meaning that all it takes is a simple mistake to spread to your entire infrastructure. Cisco suspects that this type of threat could potentially grow so widespread that it could take over the Internet.

Ransomware Is About More Than Just Money
Ransomware used to be all about making money and disrupting operations. It was a way to make money to fund further hacking attacks against even more victims. People would pay up because they were too scared to imagine losing their data. Trends are showing that hackers are increasingly more interested not in the financial side of ransomware, but with the destruction of businesses. Ransomware is being actively used by criminals to put an end to any business unfortunate enough to be hit by it.

Threats Are Avoiding Detection More Effectively
Ultimately, any online threat’s level of danger is equivalent to how easy it is to hide. The easier it hides, the more dangerous it can be. Ransomware can now hide in encrypted traffic to make itself much harder to detect. It can even use cloud-based applications and services to implement a command and control attack, all hidden within normal traffic.

Watch Out for Internet of Things Devices
The Internet of Things–a large collection of connected devices that all perform various functions–has grown at a considerable rate. Since Internet of Things devices are difficult to patch properly, they can provide backdoor access to an infrastructure. Since many IoT endpoints aren’t secured properly, your company network could potentially be opened up to all kinds of threats.

Security changes every day, but the one thing that never changes is that COMPANYNAME can help your business secure its infrastructure. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Three Give-Aways that Your Security Approach Needs a Change

security_three_steps_400.jpg

It only makes sense that you would want only the best security for your organization. It’s natural to want to eliminate risk entirely. However, this simply is not a realistic viewpoint to take where your security is concerned, and it can even contribute to greater security issues as a company holds out for the best solution.

This is no way to do business, but it can be hard to identify if you, yourself, are actually trying to bite off more than you can chew. To help, here are three signs that you are actually hurting your company and its security by trying too much and focusing on the wrong things.

1. Setting Standards Too High
Of course there needs to be organizational standards where security is concerned. However, it is important to recognize that ‘perfection’ simply isn’t going to be attainable. Many companies will be committed to their ideal vision of a solution to the point that, until that golden standard is found in reality, they won’t implement what is seen as an inferior option, leaving themselves completely vulnerable. What’s worse, some of these companies will actively find issues with an entirely workable solution, prolonging the process.

This can have the added ill effect of creating organizational paralysis among the workforce. Operational paralysis is simply the lack of movement toward change, improvement, and advancement in a business, due to an impression among the staff that any action will ultimately fail. This makes it particularly difficult to enact any change, whether it’s to your security or otherwise, as your staff will not be motivated to stick to it.

2. Waiting For The Perfect Storm
Many business owners have the tendency to find any reason to wait before starting a project of any kind, including a security initiative. They might want more data to support their proposed strategy, or want another project to be wrapped and put to bed, or want more money or time to commit to it. Any of these reasons may keep them from acting, or from even entertaining an idea.

The thing is, there will never be the perfect time to start a project, and something or other will always be there to get in the way and create friction. However, when it concerns something as important as security, you need to get something workable in place before the worst happens. After all, you can always continue to improve upon things.

3. Lack of Priorities
Again, it is only natural to want to be prepared for everything, but this too often translates into a company spreading themselves thin and not really being prepared for anything. Furthermore, there may just not be the resources available to reinforce a company against all threats at once. In cases like these, it is only too easy to overestimate the risk of some events. To counter this, there needs to be a frank and pragmatic look at your particular situation.

For example, a business located in a dry, arid area is far more likely to experience a fire than they are a flood. Therefore, it statistically makes more sense to prepare for a fire first, and wait until a little later to make the preparations for the flood. Weighing your security risks should follow the same process, which requires a resistance to the knee-jerk reaction to fix everything immediately.

While maintaining your IT security is obviously an important task, it is equally important to strategize your approach to this maintenance. COMPANYNAME can help you handle it. Call PHONENUMBER for more information today.

Categories
Casserly Consulting Blog

Tech Term: Modems and Routers Defined

modem_router_wifi_400.jpg

The Internet is an amazing tool, only bolstered by our ability to access it wirelessly – but what do you know about the devices that allow us to access it, namely, modems and routers? Do you know what each does? For today’s tech term, we’ll dive into exactly that.

First, it is important to understand that these devices serve two different purposes, each critical to the end goal. By working together, the modem and the router create a usable network for you to leverage.

What Does a Modem Do?
A modem is what actually connects your local network to your Internet service provider, and therefore, the Internet. It allows information to pass over without any kind of filtering.

What Does a Router Do?
Your router is what bridges the gaps between the devices on your network and the Internet through either a wired or wireless connection. It also features protections like firewalls to thwart potential threats coming in from the Internet.

Despite this, it may not be entirely necessary for you to include a router, especially if you only want a particular device to have Internet access.

Combination Options
There is also the option to consolidate these two devices into a single one, although this doesn’t fit everyone’s needs. Using a modem/router combination limits what you can do with your network, and if your 2-in-1 device dies or is damaged, you lose all of your networking capability. Alternatively, a malfunctioning modem or router can be swapped out and replaced relatively easily, with less of a capital investment.

COMPANYNAME can assist you in setting up a network that meets your business’ needs optimally. Call us at PHONENUMBER for more information.

Categories
Casserly Consulting Blog

Using a QR Code to Log In

qr_code_log_in_scan_400.jpg

Passwords are still an incredibly valuable part of security, but it’s becoming quite difficult to maximize network security through passwords alone. Even if you somehow manage to sell the idea of network security to your staff, whether or not they follow through is another thing entirely. It’s critical that you make it as easy as possible for your employees to stay secure, and that’s where scannable QR codes come in.

Why QR Codes?
By using a QR code to connect to your business’ wireless network, you can improve security. There are several benefits to this approach compared to the traditional alphanumeric password. An alphanumeric password can’t be shared as easily as a QR code, and the last thing you want to do is share your specific Internet access credentials. The real kicker is that a QR code makes things much easier on the side of the end-user. Instead of using a touchscreen to plug in a PIN or password, you can simply use the right app on your mobile device to take a picture of a QR code. It’s a great way for businesses to allow guests access to a wireless network without carelessly handing out credentials.

How to Use a QR Code
If you want to use a QR code to access the Internet, you will need to have a system in place that generates a code. You can use any of various websites or applications that create QR codes for whatever network that you want to connect to, as well as its password. You’ll also want to review any terms of service or other policies before making sure that you want to share this information for any reason.

Once you’ve done this, you’ll be able to download the end result. You now have an easy way to access your Internet without creating a security risk for yourself. Do you have any other security concerns that need addressing? COMPANYNAME wants to help. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Encryption Helps Keep your Smartphone Secure

mobile_safe_encrypt_smart_phone_400.jpg

These days everyone has a smartphone; and, they can do some pretty incredible things. One place that the average smartphone may seem to be a little loose is in the arena of data security. Today’s smartphones do, in fact, come with encryption by default, so there is some semblance of device security on every device. What does this mean? We’ll break it down.

“Smartphone encryption” describes the state in which the data on the device is scrambled so that people that don’t have the proper security clearance, won’t be able to see the device’s contents. While this is extraordinarily helpful for device security and personal privacy, it has nothing to do with protecting actual data transmission.

Without entering the credentials or biometric data that allows for a device to open, many of the features a device has are not able to be accessed. In fact, most modern smartphones won’t actually connect to a Wi-Fi network without the proper credentials. This is handled differently on the different mobile platforms.

Apple
The iPhone ships with 256 AES encryption. It is not stored on the phone (which could result in more successful hacks), a correct passcode combines with data stored on the Secure Enclave chip to generate a key that unlocks the device. This chip also holds biometric data (fingerprint and facial recognition) that can be used to open the device or use Apple Pay. Any Apple product that is repeatedly unsuccessfully opened will lock, stopping unwanted parties from getting into your iPhone.

Android
Since so many more people use the Android mobile OS, Google did not make device encryption standard until devices that run their Android 6.0 Marshmallow mobile OS. If your new Android device runs 6.0 Marshmallow or better, it now ships with encryption enabled. Since Google’s implementation of encryption depends on the manufacturer, some phones will use a key generation system similar to the iPhone’s, while others will use a more complex system called file-based encryption. File-based encryption allows for varying levels of decryption and provides unauthorized users access to a limited number of the features on the device.

In the News
Over time, there has been a push for mobile OS developers to build in “backdoors” to ensure that law enforcement can get into a device if/when they need to. Companies like Apple, Microsoft, and Google have had to field their fare share of criticism, but strongly defend their position. Apple CEO Tim Cook states the following, “In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks – from restaurants and banks to store and homes. No reasonable person would find that acceptable.”

Encryption is for your benefit. If you would like more information about modern digital cryptography or any other mobile security, visit our blog.

Categories
Casserly Consulting Blog

Tech Term: Defining Motherboard

tech_term_motherboard_400.jpg

Inside its casing, your computer contains many parts. While these parts may not be moving, they are hard at work, enabling you to use your computer to accomplish your goals. For today’s Tech Term, we’ll take a closer look at just one, the motherboard, and examine what it contributes to your device’s operation.

What the Motherboard Does
Your computer’s motherboard is its internal control center, the communications hub for the rest of the device. It is through this circuit board that all of the computer’s components and peripherals connect and share data. In this way, the motherboard is what makes a computer a computer, and not just a box filled with disparate components.

When the computer first boots up, the first thing to get power is the motherboard. Its different components then activate the various other parts of your computer.

Parts of a Motherboard
In order to properly function, the motherboard requires quite a few pieces to be present and correct. While the layout, or form factor, varies based on the specifications needed, all motherboards have these basic components incorporated.

Chipset – the chipset is what enables the transfer and flow of data between the various other components of the motherboard. Divisible into two parts, the Northbridge and Southbridge, the chipset allows the different components to communicate with each other.

CPU – The CPU is the part of the motherboard that relays information from the Northbridge to the different parts that it communicates with. A better CPU will assist you in having a fast and efficient computer.

Slots – A motherboard’s slots are what hold the different pieces that make up a particular motherboard in place. These pieces could include:

  • Random Access Memory, or RAM
  • PCI(e), which connects to expansion cards, like video, network, or sound cards
  • SATA, which connect to storage drives like HDD and SSD

In short, your computer’s motherboard is a small, but absolutely critical component to the function of the device as a whole. Have any more questions about motherboards, or any other aspect of your technology? Reach out to us and let us know!

Categories
Casserly Consulting Blog

Preventing Identity Theft Should be a Priority, But Do You Know How to Handle It?

identity_theft_Security_400.jpg

The more people use technology, the more they have to deal with the negative aspects of doing so. One of the most prevalent problems users experience today is cybercrime that leads to identity theft. What can you do to prevent this from happening to you?

How You Can Work with Identity Thief
There are numerous ways that a potential identity thief can gain access to the information they want. Since businesses often collect a lot of data, would-be identity thieves have both more data to steal, and typically more access points in which to get into the network. Additionally, a lot of companies may say that they have hackers as a top-of-mind threat, but since a comprehensive cybersecurity strategy requires that everyone within an organization buy into it, there are usually some holes left open though a lack of employee diligence; or, worse yet, blatant employee indifference. Since throwing employee regulations out there won’t stop someone who is hell-bent on getting the information, knowing how to protect your business becomes critical.

One-way hackers can get sensitive information is though the trash. You’ve seen it in movies and on television: organizations go through the mail and recreate shredded documents to get sensitive information. That’s why doing what you can to create a paperless office can go a long way toward protecting against the dumpster-diving thieves of the world.

Your Responsibilities if You Allow Your Clients’ Identities to Be Stolen
No matter how diligent you are about your data protection, there can be a time where your network is breached, and your clients’ sensitive information could be stolen. To help your clients out, you’ll want to provide them with the following information:

  • Notified Banks or Creditors – If it was financial information that was stolen it is their responsibility to notify their financial institution and see what services they can offer to help rectify the situation. Most banks have been proactive in the quest to limit identity theft and can walk your clients through what they need to know to ensure that any personal information hackers make off with will be of little consequence. If you do this promptly they can report this breach and ensure that they will be protected. Unauthorized charges within two days of any complaint limits individual liability to a mere $50; a huge savings in some identity theft cases.
  • Credit Reports – Any client that has his/her data potentially stolen has to monitor their credit reports. Setting fraud alerts will help automate this process, although they should still constantly check for warning signs of fraud. If reports come back conclusive for identity theft, considering a credit freeze until everything returns to normal may be a good option.
  • Theft Reports – In the U.S. the Federal Trade Commission (FTC) only has the resources to follow up on larger-scale fraud cases, but they will monitor identity theft cases to identify suspicious patterns that suggest the involvement of organizational wire fraud. The FTC’s website has a form that will file a complaint. Once that is done, it may be best to secure a police report to dot all the i’s and cross all the t’s. This report needs to be sent to all creditors and credit reporting agencies to ensure that you aren’t on the hook for malicious or unauthorized access.
  • Lock It Down – Immediately updating passwords is a great way to lock down your accounts after a potential breach. Furthermore, not only should you report any false use of your Social Security Number, you should also ensure that no additional accounts have been opened in your name.

Identity theft is serious business. COMPANYNAME’s IT experts can do their best to keep unwanted entities out of your network. For more information about cyber security and data theft, call us today at PHONENUMBER.