Author: samanga gamage

Posted on by Leave a comment

Securing yourself from cyber threats

Securing yourself from cyber threats 

Privacy takes a very important place amongst network users today, and with the number of cyber-attacks mounting, you cannot blame them from looking for precautions. The best solution is using a Virtual Private Network or VPN. 

VPNs explained 

A collection of servers, to which you connect to over your network is a VPN where once connected it appears as if you have localized with the servers, thus it looks like you have shifted from your actual location. A great feature is that all the information moving in and out through the VPN is encrypted, making it inaccessible to another party. 

Even when you are using a public Wi-Fi network such as at a restaurant, sensitive information such as account login information and credit/debit card details can be protected using VPNs. This gives you a great level of security in the case when you need to work while on the move or out in the field. 

In the case when you have government-imposed restrictions on visiting certain sites, using a VPN enables you to gain access to these sites safely.

Selecting a VPN 

Some VPNs are free to use and while some require payments. The free ones may have their own risks, as some keep track of your network activity and may misuse them. Also, free VPNs might not be ad-free and you might find annoying ads popping up from time to time. 

In comparison, paid VPNs offer a better service through better security, as they do not log your activity and come with much better features to ensure safer use. Also, you won’t see any annoying ads, prompting you to visit their sites. 

When accessing a geo-restricted site, the VPN service provider needs to have servers in the region or country where the site is blocked. Also, you need to find out how much browsing data you are allocated and whether it is enough. Check the compatibility of the VPN service with different devices such as smartphones, laptops, and tablets as you might want to work through these devices, depending on the situation. 

After selecting a suitable VPN service, do this final security check. Enter the VPN’s free trial and check if your IP address is being leaked through https://ipleak.net/. If your physical location is discovered, the VPN is not reliable, and you need to find another VPN service. 

 VPNs play a vital role in protecting businesses from cyber-attacks and if you need any help regarding how to keep your business safe, feel free to contact us.  

Posted on by Leave a comment

Optimizing your investments on cyber-security

Optimizing your investments on cyber-security

 Present day businesses have increased their spending on cybersecurity. This may seem to indicate an increased awareness of the possible risks of cyber-attacks. However, the real question is how much of this money spent actually goes towards keeping you safe. Here is how you can spend wisely. 

Assess where you stand 

Periodically assess the current security status and find out where you stand. Rate potential threats detected depending on how lethal it is to your business. Take measures to cull the most lethal issues. Of course, there are no fix-them-all solutions for these threats and depending on the nature and scale of business, you might have to address them accordingly. 

Target the bigger risks 

As mentioned before, attention must be first paid to issues with higher risk. Your resource allocation (spending) too must be done accordingly and not in an overall manner. 

Evaluate your current products 

Products previously purchased to secure your systems may need to be modified or may no longer be needed. Evaluate their effectiveness in the current situation and scrap the ones no longer helpful and update those which need updates. This way you can further minimize unnecessary expenditure while keeping your security systems sharp. 

Knowing where you stand will help you know how to bridge gaps in your cybersecurity systems, and for this, you need to periodically assess your systems. To get assistance on how to do an evaluation, contact us today.  

Posted on by Leave a comment

How safe are your software

How safe are your software

Cybersecurity is a major concern when it comes to businesses and it’s important to identify possible threats that may arise before making an investment in security-related software. Here is why. 

Asses the current security status 

Run frequent checks on cybersecurity of your business. Identify potential risks and hazards and categorize them according to its lethality and frequency of occurrence. With the nature and the scale of the business, the risk assessment techniques vary and through an appropriate method, identify and categorize the threats so the more potent threats can be addressed first.     

Targeting the investments 

Sectors with higher risk need higher investments in terms of time and money. This targeted approach will help you eliminate these threats faster and with better efficiency. 

Evaluate your previous product investments 

Evaluating your previous investments in security will let you know what needs to be upgraded and what is not needed anymore. This way you can cut unnecessary costs. 

Knowing where you stand in cybersecurity helps you optimize the security precautions you need to take and will be easy for future investments. For help concerning cybersecurity, feel free to contact us today.     

Posted on by Leave a comment

Cyber-attack risk alert on Remote Desktop Protocol by FBI

Cyberattack risk alert on Remote Desktop Protocol by FBI

The warnings issued by the FBI concerns the sales of Remote Desktop Protocol (RDP) connection credentials by hacker forums. By purchasing such a connection, anyone can control the server to which the credentials correspond to. As credentials of critical facilities such as those of airports might be available, it poses a great risk to the public.     

The most popular method of RDP attacks occurs through ransomware, where the user is denied access from the system or data. Access is only allowed upon making a “ransom” payment.  

The reason why the availability of such credentials (and at cheap prices) is so risky is that it allows the buyer to access the device remotely and take complete control over it. The device owners may be threatened to be blackmailed or their sensitive documents may be exposed if a sum is not paid. Also, once in control, the crooks have the ability to install harmful viruses which will destroy the system data. 

Here is how you can protect yourself from RDP attacks 

Try to avoid public, insecure networks. Even with credentials in possession of the hacker, frequent logins can be avoided. A firewall, which prevents illegal logins must be used in devices which use RDP for security.   

  • Using strong passwords for your logins. Breaching weak passwords might only be a matter of time, where malicious robots on the network can crack your password.
  • Use 2-step login methods, where logging in does not depend only on the password. Here a verification code will be sent to another device such as your mobile phone. You can choose whether or not to keep a 2-step verification in a particular computer and if you do not need it in that computer you will still be safe as 2-step verification will be prompted for if an attempt to log in from another computer is made. 
  • Set the login lockout settings to lockout a hacker, who attempts multiple failed logins. This will block the IP of the would-be hacker attempting to bust your account. This will further enhance the security of your RDP protocol.
  • Avoid using the 3389 port which is the default. Shifting to another makes it difficult for a hacker to get to your device.
  • Update your device regularly as the new updates will contain solutions for the latest risks and threats. This includes updating your RDP protocol.
Posted on by Leave a comment

An Insight to cyber-security buzzwords and terminology

An Insight to cybersecurity buzzwords and terminology

In order to survive in today’s fast-moving world, we must stay updated in the sectors we are engaged in. Cybersecurity is no different and with the rapidly evolving technology and the threats it is exposed to, it will be to our advantage as to how much we know about it.  

Malware 

A software designed for creating havoc in a system is called a malware. We are familiar with this “trouble-maker” as a virus, which technically speaking actually refers to a type of malware attack, where the software self-replicates. Malware enters our systems and networks, disrupting functions and corrupting files unless proper precautions are taken. 

Anti-virus

 

A common misconception regarding anti-virus is that they protect our systems from malware, though actually, these can only scan the drives they are installed in to detect traces of malware. 

Ransomware

 

This type of malware steals files or personal data and holds it encrypted, out of reach of its owner until a “ransom” is paid to release them. 

Social Engineering 

 

In this case, it is not the computer or any associated system that betrays itself but the user or the human factor involved. Here the user may be tricked into revealing sensitive information, for example, username and password, and this information used for malicious activities. This system referred to as “Social Engineering” does not need complex malware to extract information, it just needs cunning thinking. 

Phishing

 

This is a more technically backed form of Social Engineering where a criminal may impersonate an authorized agent for a reputed company, will attempt to make contact with the would-be victim, hoping to extract personal information. If on any occasion such prompting is done, do not release any sensitive information without verifying the legitimacy of the agent first. 

Zero-day attacks 

 

A malware released and yet to be discovered by cybersecurity companies pose a great threat to systems as there will be no defense against them. Cybersecurity companies release updates as a response to newer threats which come up, and if a newly released malware exploits such a security gap, its termed a Zero-day attack. 

Patch 

 

Patch is a file update to a software, released by programmers in case they detect a security gap in the software. This gap is “patched” using this update and will keep the software safe from malware. 

Intrusion Protection System (IPS) 

These IPSs offer a great level of protection against malware, where it monitors the activity of this destructive software from within the system firewall itself and puts a dead-stop to any malicious software trying to sneak in.    

Redundant data 

Back up your data in an offline, offsite facility, where it will be safe from malware should anti-virus, Intrusion Protection or patches fail.  

Hope this helped you gain some knowledge regarding cybersecurity. For more information regarding cybersecurity and its developments, feel free to contact us. 

Posted on by Leave a comment

5 Ways to keep your router connection secure

5 Ways to keep your router connection secure

As a rule of thumb, we make sure to keep our smartphones, laptops, and tablets up to date by updating the software. We know this will keep us secure from the latest threats lurking about in the cyber world. However, a much-overlooked device is the router, which is the actual essential component in keeping us connected. By doing some simple adjustments to the settings in the router, network security can be improved drastically. Here is what you need to know. 

In order to manage router settings, you need to enter the router admin console. Though it may look confusing at first, sticking to these simple steps will help you configure your router easily without a hitch. However, it is recommended you save the current settings first just in case you need to revert. 

To access the console, connect to your router and type in the router IP address into the web browser search bar. Your router may have one of the following IP addresses – 192.168.1.1, 192.168.0.1 or 192.168.2.1. IP address will be mentioned in your router’s manual (If you no longer possess your manual check online in either ManualsOnline or ManualsLib). If a login is prompted, log in and change the default username and password to one of your choices. 

Now that you are logged in, here are 5 setting changes you need to do.

1. Proper encryption 

Without proper encryption, your devices may be vulnerable to hackers who might steal your information or use your network to break the law. Having a password protection to enter Wi-Fi gives you a certain level of protection. There exist different kinds of encryption which offers different levels of protection, the most widely used being WPA2. The newest version of security, an update from the age-old WPA2, is the WPA3, which will be supported by routers due to be released into the market soon. You will find encryption settings under the Wireless menu or Security menu. 

If you are using a WPA2 security standard router, the best encryption option available would be “WPA2-PSK AES”. Always make sure never to keep your router in the “no security” or “Open” state. If you are currently using WEP, switch to WPA. Some routers may only support WEP or WPA, and it probably needs a firmware update. If this doesn’t get you sorted out, it is probably time to get a brand-new router. 

2. Strengthen the security of your network 

A VPN or Virtual Private Network is a popular and effective method to improve privacy and security while you are online. With VPNs your IP address is hidden and your identity will be unknown. Encryption makes the data you handle inaccessible for any third party. Though VPNs are usually used through software in your device (such as laptop or smartphone), modern routers have the capability to support VPNs. This way all devices connected such a router will be protected through encryption and by maintaining user/device anonymity. These routers can be used with open source software, where VPN services like OpenVPN can be used. 

3. Parental control 

If you are a parent and your kids have access to the internet, you might worry them coming across age-inappropriate content. With various new features being included in modern routers, parents can adjust settings which will filter out inappropriate content. Some even sport time limiting features where only a set duration of browsing can be done through the network. These adjustments can be done through the router’s admin page or “Access control”. Here limitations to certain sites, and when these limitations need to take place can be customized. Also, the devices which face these restrictions can be selected through the settings. This can be done by adjusting Multimedia Access Control (MAC) filtering, where the MAC address corresponding to a specific device can be set as to when it can access the network. 

4. Have more than one network 

Having an auxiliary network for your personal devices like smartphones and laptops allows you to protect your major devices, such as those you intend to use for business applications, secure from prying cybercriminals. This can be done by creating a guest network in your existing router or even simply by using a separate router. If you opt to use a guest network, use a different network name (and a strong password) to avoid mistaking the two. 

Using a separate network allows you to keep your devices secure from cyber-attacks while you play safe as it isolates the sets of devices you work with. 

5. Hacker proofing 

Use a firewall to protect yourself from hackers. Even if they possess your IP address, hackers cannot access your network or its associated systems. Most new routers consist of firewall facilities and by configuring your router settings, you can protect your information and resources from any lurking hacker.  

Posted on by Leave a comment

Where are Virtual Desktops most suited for

Where are Virtual desktops most suited for? 

Are you and your employees having a difficult time managing your computers and other devices at your office or business? By using Virtual desktop Infrastructure or VDI, managing your systems is going to be a breeze and this can be done even through a mobile device, wherever you are. VDI systems have been identified as ideal in the following sectors. 

Hospitals 

In the case of the healthcare sector, patient’s health records can be accessed remotely and through any compatible device. However, any restrictions concerning the extent to which a health expert/doctor has in accessing the patient’s records can be customized, protecting the customer, who in this case is the patient. Hence options such as restricting access to patient’s records which are irrelevant to a particular expert can be opted to. 

Schools and colleges

By adopting a Virtual Desktop, students can access the system, where through certain restrictions being imposed, a disciplined working environment can be created. The same desktop can be accessed through a variety of devices by the students. 

Corporate world 

At offices which primarily involve using computers, implementing VDI presents great advantages. This is highlighted in places where employees work at shifts. A single computer may be used by multiple people for their work and using a VDI allows an employee to login into their Virtual Desktop. This minimizes the number of devices required and once the shift is over, the employee can log out and hand over the system to the next shift. 

Using more than one computer 

Some jobs may require the use of more than one computer, which is probably situated in two different locations. For such applications, synchronization is important, and this can be done easily through VDI. 

Outstation operations 

Depending on the sector, employees may require working out of office and might need access to the company’s computer system. This can be easily accomplished through VDI, where accessibility is available regardless of the where or when it is needed and through any device. Through such a system, efficiency and effectiveness of employees can be improved greatly. 

With rapidly improving technology, VDI systems broaden its scope further and further catering the needs more and more sectors. For more information on how and what VDI can do to help your organization, give us a call today.

Posted on by Leave a comment

Optimizing staff in your business

Optimizing staff in your business

In today’s businesses, keeping up with the competition while minimizing operational costs is a might be a nightmare. In the case of small and medium scale businesses (SMBs), with an optimized number in staff who already have their plates full, finding time for implementing newer business technology and maintaining them would be a challenge. 

A great solution for this employed by many companies is outsourcing their operations to other companies. With newer technology available, these third-party companies can manage your operations with greater efficiency and security and at a lower cost. 

IT Managed Services explained 

Through these services, you partly or fully handover the management of your IT sectors, such as network management, disaster recovery and desktop management to a company who charges you for the volume of work they handle. This is much cheaper than investing in in-house facilities. With more complex applications and systems being acquired by small and medium scale businesses, these are beginning to turn towards these services. A recent survey done reveals that 46% of SMBs have outsourced their IT needs, while many have plans to outsource soon. 

How these Managed Services assist business expansion

By handling the load on IT, planning required in maintaining and managing this sector of your business is minimized, allowing more time and effort to be invested in the expansion of the business. The number of employees can be adjusted accordingly or redirected towards other branches of your business, which will have a direct impact on the revenue. 

With the expansion of your SMB, your IT needs become more complex and you will need more than an employee with good tech knowledge (which happens in many cases of SMBs with small numbers in staff) to handle problems that will arise. The need to employ a full-time IT expert or Management Services company will be imminent. However, a service providing company may prove to be cheaper as they only charge for the volume of services performed whereas a fulltime in-house employee may prove expensive if the probability of facing a problem is low.

Protecting your business through Managed Services 

With a lot of top-notch hacking and cyberattacks going on today, your business may be vulnerable to one of these. Employing an on-site team to manage these threats may be impractical for an SMB considering the cost and the time needed to filter out the skills and expertise needed. Since a cyberattack may occur at any time and without warning, having a third-party company monitoring you 24/7 all year around is advisable. Selecting a Managed Services provider with vast experience in the field of cybersecurity will protect you in the case of an attack, as they will be able to quickly detect and react to the situation. 

Lower costs 

As mentioned before, the savings are great through Managed Services as no investments for new software and servers are needed. With Service companies offering monthly subscription schemes, budget planning will be easy as the cost is fixed. With flexibility on scaling your IT sector, you can scale up or down as required and pay for the volume of services you acquire. 

 

However, though the advantages of IT outsourcing seem vast, depending on the size and nature of your business, it may or may not be practical. When it comes to data confidentiality, company rules may conflict with complete IT management. Some booming SMBs in the U.S has opted for partial outsourcing, where combined services in both IT and business sectors are employed. To find out what’s most suitable for you, feel free to contact us.  

 

 

Posted on by Leave a comment

Managing risks in Virtualization

Managing risks in Virtualization

Indifferent to risks associated with other IT sectors you associate, virtualization too, faces its own risks. To keep your business safe, it is important to take precautions. Here are some risks and what you should do to keep them at bay.

  • The complexity of the Virtualization system

The system being complex may pose greater difficulty to detect malfunctions and managing these malfunctions will similarly be difficult. 

  • Constant change 

With the dynamism involved in virtualization, an increased number of virtual systems will make it hard for you to keep track of it all and hence be harder to protect. Unlike a physical system where you can actually touch and feel, virtual systems are not subjected to such interactions, and hence it would be harder to maintain and protect. 

  • Moving your data 

With your virtualized system growing, time to time you may need to move your data from one sector to another, while this may seem normal, if the target sector has lower security as compared to the current sector, your data may be at a risk. 

Keeping these risks at bay is important if you are to stay safe and sound. A few sectors where you need to pay attention to are mentioned below. 

  • Auditing 

Frequently audit your systems for security flaws and other issues. If possible, automate such processes, where a separate system may be implemented to manage your virtual system. 

  • Departmentalization 

Keep separate departments for testing, developing and producing where virtualization is involved. 

  • Update

Frequently update your Virtual systems, where security gaps can be filled with patches released by the software companies. 

  • Human factor 

Keeping a human factor involved in the security of your virtual system might be a good idea. Whether it be in-house or outsourced, such a measure will drastically improve the security of your system. 

 

For more information regarding the security of your virtualized system, feel free to give us a call. 

Posted on by Leave a comment

How to maintain your privacy on Windows 10

 

How to maintain your privacy on Windows 10

We no longer keep our valuable information physically secure under lock and key within a safe. With the introduction of computers and associated password protected data storage systems, our privacy protection is at a very high level… or is it? 

Despite some rumors regarding Windows 10 data collection policies breaching user privacy rights, these useful tricks will put your mind at ease. 

 

Switch off location tracking on your devices 

With location tracking enabled, you get a ton of advantages when navigating via maps, getting an Uber or Geotagging your favorite clicks. However, you might want to have some peace from things like local weather and nearby places to visit suggestions every now and then.  

It’s easy. Go to settings and switch off location tracking. Or you can select which apps have access to your location.

 

Get rid of ad tracking

Ever wondered how you just googled some product and you start seeing ads on similar products on places such as your email platform? It’s all the handiwork of ad tracking which can be easily deactivated. In Windows 10 however, app usage and activity are monitored too. This can be deactivated through settings as well.    

 

Cortana 

Just like Siri, this Windows assistant gathers a lot of your personal information. Turn it off and clear her cloud information storage to delete all the information she had collected so far. 

 

Customize your privacy settings 

Go to the Settings app, under Privacy settings, you can customize your preferences for privacy at an advanced level, where detailed preferences can be made. 

 

Wi-Fi Sense 

Wi-Fi sense allows you to share your network with people. This allows other users to access the bandwidth of your network without them accessing the whole network.  While some may misuse it, you might want to disable “Connect to suggested open hotspots” and “Connect to networks shared my contacts”.