Tip of the Week: ‘Secure’ Browsing Doesn’t Mean ‘Private’

Posted March 14, 2018 by

A hand holding a smartphone that says "VPN"Internet browsers, for the most part, provide enough security for the average user to come out unscathed. Nowadays, people deal with many more threats than they once did, but by in large, users stay secure when using today’s most popular browsers. Privacy, however, is a whole different matter.

Nearly every brand of browser offers some form of supposedly covert browsing options. Google Chrome has Incognito mode, Microsoft Edge allows you to access the web using “InPrivate” mode, and Apple’s Safari browser also offers users private browsing. Each of these platforms, however, are a would-be nightmare for privacy advocates. For this week’s tip, we will discuss some things you can do to keep yourself private while online.

Privacy in Browsing

Shielding your online identity inside your browser may prevent your browser’s history from tracking your online activity, but your ISP doesn’t have those kind of restrictions. Your ISP is capable of tracking every site you go to no matter what browser you use. Additionally, websites you visit when you are browsing privately, can also track your IP address regardless of your use of private browser settings. Since your path is left unprotected, it leaves your website activity open for inspection.

On that note, it also should be mentioned that no matter what kind of in-browser private setting you use, your employer, who typically owns the network you are working on, can still see what sites you access. For business owners who are serious about lost productivity from employee web surfing, there are solutions to ensure that you control what your workers can see. If you are serious about keeping your web browsing private, your best bet is to use your own virtual private network (VPN).

Virtual Private Browsing

Using a VPN will keep the connection between your system and your destination hidden, allowing you to choose the location you are browsing from. In hiding your connection under the encryption afforded by the VPN, you can get the privacy you need from anywhere on any Internet connection.

For assistance in implementing a VPN for your business’ browsing needs, reach out to Excalibur Technology at (877) NET – KING.

Can Your Organization Take Advantage of a Private Cloud?

Posted March 13, 2018 by

Illustration of a cloud with a lock going through it.If your business isn’t already taking advantage of the cloud in some way, you’re in the minority. Most businesses use it for something or another, depending on the industry and service rendered. Yet, there are all kinds of different cloud-based infrastructures that your organization can take advantage of, which might make the decision somewhat challenging to make. What’s the best type of cloud solution for your business?

You’ll generally be choosing between the public cloud, the private cloud, or some combination of the two. Depending on which you choose, you can expect to reap considerable benefits. Here are some of the details regarding your choices.

Public Cloud

There are certain reasons why a small business might find the public cloud ideal. Most organizations that don’t have a dedicated IT department will see a cloud solution as more additional management and maintenance that they don’t have time for. This is one of the aspects that makes the public cloud so appealing to small businesses with limited time, budgets, and workforces. The public cloud removes the responsibility of managing a cloud from your business’ shoulders while maintaining an acceptable level of security.

Businesses that take advantage of the public cloud, however, do have some reservations about the control of their data–primarily because the public cloud is generally hosted and maintained by the service provider. While this is great from an operational standpoint, it limits your ability to respond to security threats. Therefore, you must be aware of what customization options are available before making a decision regarding the public cloud.

Private Cloud

In direct contrast to the public cloud, a private cloud is hosted on your company’s in-house infrastructure, which allows for more flexibility and customization on your company’s part. You can essentially customize your cloud solution as per your requirements. Companies that have their technology maintained by an in-house team generally prefer a private cloud solution, but sometimes it’s not necessarily an option.

Companies that don’t have an internal IT department and still take advantage of a private cloud solution might wind up stretching their own resources too far. If you can’t properly take care of your technology, then perhaps a managed cloud is a better approach for your particular business. For those who want the best of both the public and private clouds, a managed private cloud is the ideal solution.

Managed Private Cloud

Small businesses that want the benefits of a private cloud solution while avoiding the heavy lifting of maintaining the server hardware should look into a managed private cloud. Excalibur Technology can use our comprehensive knowledge of managed IT solutions and cloud infrastructures to build you an on-premise cloud solution that we can remotely monitor and maintain. If you want even less to worry about, we can host your server in our own data center so that it’s as hands-off as you can get. To learn more about managed private servers, reach out to us at (877) NET – KING.

Protect Your Organization’s Data with Backup and Recovery

Posted March 13, 2018 by

Concept art depicting a container of data with an arrow going around it.Let’s take a moment to imagine the worst-case scenario for your business. You’ve been struck with a crippling disaster and your infrastructure is rendered inoperable. Maybe it was a fire that burned your office to the ground, or a hardware failure that wiped out any information located on your local network. Maybe a hacker infiltrated your IT infrastructure and installed ransomware on your network, or a user error led to a compromised account and infected network.

Regardless of the incident, you need to implement measures like data backup and disaster recovery to keep the worst from occurring. Yet many businesses still consider data backup and disaster recovery to be largely the same thing. There is actually a major difference between data backup and disaster recovery. While one aspect focuses on accumulating data in the event a disaster wipes your company off the face of the planet, the other focuses on the deployment of the data backups. One thing is absolutely certain, though; you need both of these aspects of business continuity if you hope to keep your organization running during the worst of times.

Data backup comes in many different forms, but the most common system that had been used was tape backup. Data would be stored on magnetic tapes, which would then be kept somewhere on-site for use in the event of an emergency. These data backups would generally only happen once a day, as more than once would be enough to drag operations to a halt. With the only opportune time to take a backup being after hours, an entire day’s worth of data could potentially be destroyed in the event of a data loss incident–assuming that the disaster hasn’t also destroyed the tape! Add in a rather slow restoration time and you have an overall inconvenient and risky backup solution.

While tape is certainly not the ideal backup and disaster recovery solution for your organization, it’s better than nothing. Yet, cloud-based data backup and disaster recovery is far superior in just about every major part of business continuity. For example, the issue of the amount of data recovered becomes a non-issue due to smaller backups being taken more frequently throughout the day, leading to a smaller loss in the event of a disaster. Furthermore, you can store data backups in the cloud and off-site for later implementation, which is great for securing your business’ future.

Perhaps the most important part of data backup and disaster recovery from Excalibur Technology is that you can restore data at a moment’s notice through the cloud. You can even deploy a backup directly to the BDR device that’s hooked up to your network in the event your server isn’t available or is no longer functional. This gives you valuable time to implement new hardware or find a new temporary office. Could your business use some help with implementing a backup and disaster recovery solution? Excalibur Technology can help. To learn more, reach out to us at (877) NET – KING.

Lack of Security Training is Putting Businesses at Risk

Posted March 13, 2018 by

Hands typing on a laptop.Let’s say that one of your employees downloads an attachment from an email claiming to be a receipt for an Amazon order or other online shopping outlet. The attachment then proceeds to infect their workstation with a virus or malware. This puts the integrity of your infrastructure at risk–all because of a simple mistake. Do you send the employee to cybersecurity training, or do you trust they will learn from the mistake and never repeat it?

This is one of the big choices that you will have to make regarding network security for your business, and it absolutely shouldn’t be made lightly. If you don’t take a stance on network security and employee training, you could be opening your doors to even more threats in the future. What is your business supposed to do in situations like these? After all, you can’t just not take any action at all. Depending on your current security practices, you may need to invest a considerable amount of time and resources into strengthening your resilience against cyberattacks.

It’s important to also keep in mind that you’re not alone in regard to security training for your organization–according to PhishMe, 91% of cyberattacks are the result of a data breach caused by spear phishing attacks. These include targeted attempts to steal account information from your users or downloading threats that can later infiltrate your business’ infrastructure. Basically, hackers try to use an employee’s lack of knowledge about technology to their advantage, or they make themselves appear as someone more familiar or a known contact within your organization.

Security Training is On the Rise

As you might guess, cybersecurity training has become a major industry for those who want to take advantage of this lack of knowledge or awareness. Cybersecurity Ventures suggest that the currently $1 billion industry that is cybersecurity training will grow immensely over the next decade, rising to over $10 billion by the year 2027. With more people being connected to some type of smart technology, and even more people entering workforces that demand some sort of knowledge of these developing technologies, it’s never been more important for your workforce to grow more proficient in network security best practices.

Aspects of Security Training

Your business needs to take a comprehensive approach to security training if you hope to keep your organization secure. Here are some ideas that you should consider for your business’ network security:

  • Identifying phishing emails: Being able to tell when something’s not right is a valuable skill to have–particularly when cleaning out your email inbox. Not everyone can tell when they are being scammed, even when it might seem clear as day. While it’s better to simply make sure that spam stays out of your inbox in general, it’s more difficult when you’re specifically being targeted by spear phishing tactics. Teach employees what they should look for in a legitimate email. And remember–it’s always better to err on the side of caution. If in doubt, ask someone else what they think about it.
  • Password best practices: Ordinarily, we would tell you to always keep secure passwords that include both upper- and lower-case letters, numbers, and special symbols, but these don’t matter if you accidentally give it away to someone claiming to be your technology support. Instead, we want to remind you to never give away sensitive information through email, telephone, or otherwise.
  • Active hands-on security training: Many of the most popular methods of security training have to do with placing your employees in mock scenarios in which they have to respond to a threat. These could include vishing, or voicemail phishing, or even phishing emails themselves, all in an attempt to ensure that they can properly identify and respond to threats.

If your business needs help training its employees, Excalibur Technology can help. To learn more, reach out to us at (877) NET – KING.

Cloud-Based Document Management Helps Businesses

Posted March 13, 2018 by

Person holding a tablet beneath a hologram of document icons.Paper documents can hold businesses back for several different reasons. For example, have you ever tried to move to a new office and drag along countless heavy filing cabinets? What about digging through folders just to find one specific document? It’s difficult to sort them in the first place as it is. Technology has made this job much easier, providing businesses with tools to better manage and maintain their wealth of paper documents in the form of a digital cloud environment.

A cloud-based document storage infrastructure is a great way to help your business overcome the annoyances and drawbacks of keeping paper files and storage in your office. Here are some of the best reasons why your organization should consider cloud-based document management systems.

Easy Organization and Access

We’re sure you’ve felt the frustration of storing paper files into folders, and then further storing them in large filing cabinets. A document management system makes this much easier to handle as you are storing files on your in-house network in an organized and efficient manner. It’s just like using folders on an ordinary computer or network infrastructure, and as long as you stay organized, you shouldn’t have any issues finding the data you’re looking for. Plus, you’ll be able to access any files stored in your cloud from pretty much any connected device, which creates a more flexible work environment.

Easier to Navigate

Just like your browser’s search bar or your basic search engine like Google, you can search your document management system for specific files. You certainly can’t do something like that with your filing cabinet! This alone is a great way to ensure that your documents are efficient to locate at all times. With a document management system based in the cloud, all you need to do is just type your searches into the system and you can find whatever information you’re looking for easily enough.

Easier to Preserve

How would your filing cabinets hold up to a fire in the office? What about a flood or similar natural disaster? Chances are that “not well” is the answer. As with any asset, you should be able to have a backup in the event of a worst-case scenario, but this is difficult for physical document storage. Digital cloud-based document storage should always be backed up with external solutions, like a backup and disaster recovery solution so that these worst-case scenarios don’t prematurely end your business.

The Primary Risk: Data Security

The issue with storing any data in a connected and online environment is that you’re exposing it to potential hackers and other security risks. There are threats out there that are always on the lookout for ways into any type of infrastructure, and threats are growing stronger each and every day. Therefore, you should have solutions implemented that optimize security against threats, as well as data backup and disaster recovery to ensure a random incident doesn’t keep your business from succeeding.

To get started with a cloud-based document management system, reach out to us at (877) NET – KING.

IRS to CPAs – Hackers are Targeting You

Posted March 12, 2018 by

Calculator and tax documentsThe IRS has issued a warning to tax professionals to step up their cyber security to prevent sensitive taxpayer information from being stolen. CPA firms, large and small, are being targeted by hackers and identity thieves, especially during the high traffic tax season.

CPAs collect and store a treasure trove of sensitive information that is deemed valuable to cybercriminals. This includes client contact information, credit card information, and social security numbers. Plus, the bad guys know that even though smaller, local tax professionals might not have as many clients as a nationwide firm, but the chances that their data is easier to get to makes them a viable target.

How easy could it be for someone to steal all of your clients’ sensitive information? Depending on the security you have in place, it could be shockingly simple. All it takes is parking near a CPA firm and finding an exploit to get connected to their Wi-Fi. If proper measures aren’t in place, that is enough to give the criminal carte blanche access to any data that isn’t properly protected. Then they can simply drive up to the next tax professional in town and attempt it again.

If the hacker wants to save on gas, they could also target hundreds of thousands of tax professionals at once with a single mass email. The email could look like a legitimate message from a client or organization, but contain an attachment that installs malware and instantly gives the hacker access to what they want.

The time to protect yourself (and your clients) is now. The IRS is urging tax professionals to encrypt all sensitive data and ensure that their network is equipped with the proper measures to protect data. Educating employees on how to not get baited into fake phishing emails is also critical. Excalibur Technology can audit your network and help you protect the identities of your clients. Don’t wait. Give us a call today at (877) NET – KING to get started.

Why Your IT Toolkit Should Include a VPN

Posted March 09, 2018 by

Laptop screen with a badge icon that says "VPN"Have you ever felt like someone was watching you while you’re doing your work from somewhere outside of your business’ infrastructure? If you’re working from a remote location, this situation might not be far from the truth. If you’re not using a private connection, onlookers could see everything that you’re doing or steal data. How can you keep your business secure while working out of the office?

The easiest way to do so is with a virtual private network, or VPN. You might have already heard quite a bit about VPNs thanks to the Federal Communications Commission’s verdict on Net Neutrality. Many users are hoping to take advantage of VPNs to limit the potential issues caused by ISPs selling browsing information to advertising companies, and just in general to protest the ruling. However, VPNs have a very important role in the business world as well, and they are an essential part of securing your organization.

Basically, a VPN works by encrypting your connection to important assets on your company’s network. This data is encrypted while it’s in transit, meaning that even if a hacker could intercept it, they would see nothing but a bunch of jumbled up letters, numbers, and symbols. Encrypted data is often simply useless for hackers as the time needed to crack the code is rarely worth spending. This goes for any data that’s being sent to or sent by your device, meaning that essentially any data that you need to send or receive is protected by military-grade encryption.

Think of it like this; you’re sending a letter to someone, but it’s locked in a box. The box can only be opened by specific users who have the key to it. Therefore, anyone hoping to intercept the box won’t be able to take the contents. Sure, they could steal the box if they want, but without the key, it won’t be of any use.

Overall, a VPN is the best way to keep your business from suffering data leaks or loss altogether. However, you want to ensure that the one you implement is an enterprise-level VPN that is capable of securing all of your business’s devices. If your business is in need of a powerful VPN, Excalibur Technology can help. To learn more, reach out to us at (877) NET – KING.

Tip of the Week: How to Avoid Spam Emails

Posted March 07, 2018 by

A business person buries in a pile of mail envelopes.Would you just give your bank account information to anyone who called you up and asked for it? Probably not. For the same reason, you wouldn’t just download attachments from your email messages without a second thought. This can be a dangerous practice, as some of the most common threats nowadays spread themselves via unwanted email attachments. It’s important that you can identify when it’s the right time to download an attachment, and when it’s best to just leave it be without exposing your business to unnecessary risk.

First, a little information about why you might be forced to make this decision in the first place. Spam messages are often the easiest way to spread the influence of malware and other threats. It’s simply a fact that you can send one message to countless individuals knowing that at least some of them will be fooled into downloading the attachment, and in turn, downloading all of the nasty things found in it.

For example, ransomware makes its home on workstations due to infected attachments. Your company might receive an unsolicited message from a prospective employee, who has attached their resume for review. Before your HR department knows what’s happening, their files are encrypted due to the attachment actually containing malware from a hacker. Surprise–your organization has fallen victim to a targeted phishing attack, with an infected infrastructure being the fallout.

While your spam filter might flag some of these messages as dangerous, it’s unlikely that the most dangerous ones will be caught in its web. Be wary of messages that claim to be receipts, shipping information, resumes/CVs, and other information that might be important for your organization. Hackers understand this and want to take advantage of that knowledge, which could potentially put your company in a tight spot.

Ultimately, the best way to keep your company safe is by taking a two-pronged approach–educating your employees on the importance of email security, and a technology solution designed to eliminate the majority of spam in the first place. The first can be maintained simply by holding awareness training and actively practicing proper email etiquette. Teach your employees that they should never open attachments from anyone they don’t know, and to always investigate the source of the message before declaring that it’s safe enough.

For the second measure, you can rely on Excalibur Technology to help you out. Our technicians can set you up with our enterprise-level spam filtering service to keep the majority of dangerous messages from making their way to your inbox in the first place. It’s a great measure that can minimize your employees’ exposure to risky elements. To learn more, reach out to us at (877) NET – KING.

Are Mobile Devices Putting Your Workplace at Risk?

Posted March 05, 2018 by

A hand holding a smartphone.How many devices find their way into your office every day? In this age of mobile devices, it’s no surprise for each of your employees to have everything from a smartphone or tablet, to wearable technology like a Fitbit. Depending on the type of device, you’ll want to ensure that you have every opportunity to secure it so that it doesn’t become a security problem down the road.

The reasoning for doing so is simple; the more devices on your network, the more opportunities that a hacker has to gain entrance to it. If you don’t maintain who can or cannot access your network with specific devices, you could be leaving the backdoor open to any number of threats out there. Therefore, you need to take a multilayered approach to network security for mobile devices, and it all starts with a Bring Your Own Device strategy.

Bring your Own Device, or BYOD, aims to manage the risk of employees bringing their own devices to the office without sacrificing the privilege of doing so. Some of the major features of BYOD are great ways to augment mobile device security for your organization, so here are a couple of them to consider:

Blacklisting and Whitelisting Apps

The apps downloaded to your device have a lot to do with your business’ security. There are apps out there that are known to cause security discrepancies for your organization, so it makes sense that your business has a way to keep undesired apps off of your devices. By blacklisting and whitelisting apps, you can control your devices to an extent, keeping known threats off of smartphones and tablets.

Remote Wiping

Losing a device is a worst-case scenario for a lot of organizations. Not only do you risk the device falling into the hands of someone who refuses to return it, but you also risk the data on the device being compromised. In any case, you should enable the option to remotely wipe any lost, misplaced, or stolen devices so that they can’t be accessed by malicious actors. This way, you preserve the right to protect company data while still allowing employees to use and access their devices.

Let’s start talking about implementing your BYOD policy. Excalibur Technology can help your organization implement a solution that’s ideal for your specific needs. To learn more, call us today at (877) NET – KING.

Are the Apps on Your Device Safe?

Posted March 02, 2018 by

Information bubble with many app icons above a laptop.It’s difficult to judge whether or not an app can expose your business to risk without first downloading it. Despite their best efforts, Google Play and the iTunes store can’t possibly identify every single malicious application out there. Unfortunately, you’re charged with taking the security of your mobile devices into your own hands, but thanks to Google Play Protect, this responsibility is a bit more mild.

Google Play Protect is a new way to help users protect themselves from dangerous smartphone applications. It’s not necessarily an app on your device, but is instead a feature of the Google Play store itself. It’s found on Google Play Services v.11 or higher. Essentially, Google Play Protect scans your apps in the background and looks for anything sketchy going on behind your back. It can also manually scan your device for threats, as well as improve the detection of harmful apps that haven’t been installed through the Google Play store.

One of the major downfalls of Google Play Protect is that it can’t immediately scan an app that you install. Instead, you have to scan the app before you open it for the first time. We recommend that you always approach any new application with caution long before you download it from the Google Play store.

Even with Google Play Protect handling some of the dirty work behind the scenes to keep your devices safe, there are still measures that you can take to augment its approach. Here are just a few of them.

  • Only download apps from trustworthy sources: You might run into links that allow you to download an app to your device. By default, your device won’t let you download apps from external sources, and this is for a good reason. There is a greater chance that your organization could run into a malicious app while outside of the Google Play store. To be safe, only trust those that you find in the store itself.
  • Be wary of app permissions before downloading: Depending on the app you’re downloading, you might find that apps will require permissions to specific information on your device. An easy giveaway that an app isn’t the most secure is when it’s asking for too many permissions than you’re comfortable with. A great example is a flashlight app–why would it need access to your calls or text messages?
  • Consider Bring Your Own Device (BYOD): If each of your employees has a smartphone, a tablet, and a laptop, that’s three devices per user that are accessing important data. Therefore, it makes sense that in order to minimize risk, you implement some type of BYOD strategy that blacklists apps, remotely wipes compromised devices, and enhances mobile security.

Does your business need a way to ensure mobile security? Excalibur Technology can set you up with a great mobile device strategy that can help your organization minimize risk. To learn more, reach out to us at (877) NET – KING.

Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology