The Impact Of False Positives On Network Security

March 27th, 2014

Virus warning

In a previous post, false positives were listed as a factor in ranking the best available security tools. Even for an individual user, false positives can hinder the effectiveness of your security infrastructure but they become significantly more costly when applied to an entire company’s network. Ken Westin of The State of Security explains how false positives and an over-emphasis of security contributes to an insecure environment.

When’s the last time you heard a car alarm and reacted like there was a car in the area being broken into? The car alarm is a perfect example of false positives causing a lack of security. They go off constantly, which has made people ignore them in every situation. They’re now just noise.

In the case of security tools, antivirus programs that flag every download as a potential virus or even those that constantly warn you about a new application running with access to the internet turn into noise. If nine out of ten of the alerts you get from your antivirus program are safe to ignore, the one legitimate warning will likely be ignored also.

In a corporate environment, when the different security tools running don’t communicate with each other, they all flag the same perceived threat. Again, this puts IT professionals in a situation where it’s habitual to ignore security alerts, rather than investigating them.

The gut reaction to a breach of security is to add to the number of tools protecting a network. While that may help protect previously uncovered endpoints, it also creates an overlap of the existing tools. Without an infrastructure that works together, you’re just creating more noise and no more protection. In the case of many more complex security resources, staff will spend an exorbitant amount of time debugging and integrating these tools, which significantly decreases the amount of time available to monitor and mitigate threats.

The tactics of attacks evolve quickly and there are more highly targeted attacks victimizing businesses than ever before. Since most security tools work by recognizing known characteristics and patterns of previous attacks, these tools are less effective at spotting and preventing threats to a network. That’s why it’s increasingly important to have a team in place to review data and activity so a breach can be detected early.

Effective network security requires and investment, but it needs to be made intelligently. For help creating a security infrastructure for your business, contact Geek Rescue at 918-369-4335.

Four Traits Of Effective IT Departments

January 27th, 2014

Two workers at server

Since every company is so reliant on technology, it’s extremely important to have a reliable, efficient IT department behind you. Some business owners aren’t sure how to judge their IT team performance, however. At the Cup of Joe blog, Joe Stangarone published some common traits of effective IT departments so you’ll know what to expect from yours.

  • Know Their Role

It sounds simplistic, but the role of IT and their goals have to be clearly defined if they’re to be successful. To define their role, you must communicate with them to  educate them on what’s needed and discover what’s possible. Above everything else, you need to define what success is for them and understand how they’ll attain it.

  • Use The Right Metrics

Once they know what direction they’re moving in, IT should be measuring their success and trying to improve. There are a number of metrics available, but truly effective IT departments will forego so called “vanity metrics” and instead track metrics that help them improve their performance. These are a measure of statistics that have a direct cause and effect on the team’s effectiveness.

  • Problems Not Symptoms

A common problem of IT departments is that they are overloaded with help tickets and putting out fires. Taking this reactive approach means your IT is limited to a help desk, rather than a problem solving department. Instead of constantly having to solve similar problems over and over, these problems need to be solved on a deeper level so that users stop encountering them. Then, IT can concentrate more time on improving their infrastructure and the overall efficiency of the business.

  • Enable End Users

Similarly, the goal of effective IT departments involves creating self-sufficient users. To do this, IT must not be “gatekeepers”, but rather give users access to all of the tools and applications they need to perform their duties. This benefits them as they’ll spend less time helping users solve common problems and also will encourage fewer users to go around IT when implementing a new device or new software.

These traits make an IT department more focused, more effective and more efficient. To obtain a department that runs on this scale requires an investment, however. If your company needs the benefits of an IT department without the investment in salaries, contact Geek Rescue. We offer a variety of services that make us your on-call IT department.

Lessons Learned From The Attack On Target

January 21st, 2014

Time To Learn on clock

The recent attack on Target that ended with millions of customer’s credit card information being stolen holds multiple lessons for IT departments everywhere. We already reported the facts about the malware used in the attack. At IT Manager Daily, David King has a list of what should be learned from the attack so it less likely to happen again, or at least handled more effectively.

  • Act Quickly

If your body is infected with a virus, the longer you wait the worse it gets. It’s a similar rule of thumb of malware infections and attacks. Not only do you need to secure your network and get rid of the malicious files, but you’ll also need to warn your affected customers and be prepared to handle the influx of calls. This all needs to happen as soon as possible to prevent the situation from getting even worse.

  • Secure All Points Of Access

The wrinkle in the attack on Target is that computers weren’t infected with the malware. Instead, the point of sale system was the target. Similarly, recent stories have reported that anything connected to the internet, including refrigerators, can be infected with malware and used by criminals. That makes it vital to secure every device that is connected to the internet and put security tools like firewalls in place to protect your entire network.

  • Plan For Recovery

Part of the key for acting quickly is to make a plan for recovery before disaster strikes. This way, every part of your organization knows what their job is and everything will run smoothly. This plan will need to be updated when applications and personnel change and altered for new forms of attacks.

These three tips won’t keep you completely secure from a data-scraping malware attack. Unfortunately, nothing can guarantee the safety of your data. But, when you follow the correct protocol, you’re less likely to become a victim and are able to risk less.

For help improving the security of your company’s data, or for help recovering from an attack, call Geek Rescue at 918-369-4335.

 

Three Ways To Reduce IT Costs

January 16th, 2014

Scissors cutting 'Costs'

Regardless of the size of your business, there’s never enough money in the budget for IT needs. It’s important to save where you can in order to invest in vital elements like security. At The Accidental Successful CIO, Dr. Jim Anderson published some ways you can reduce software costs.

  • Asset Management

The worst way to waste money is to spend it on something you don’t use. Unfortunately, many companies are doing this everyday. There are likely a number of applications vital to your business and the more software you need, the easier it is to lose track of them. A recent study revealed that almost a third of all companies have software that is either unused or underdeployed. This is money down the drain. By creating a more effective asset management plan, you can save money by getting the most out of software you’ve already paid for and avoiding applications you don’t need.

  • Software Vendors

It’s important to choose your vendors carefully. You aren’t just buying their software, you’re buying their service. If you can’t rely on them to pick up the phone when there’s a problem or to deliver on their initial promises, it’s not worth the money. Good vendors will be able to offer you a solution that fits your needs exactly with no excess costs. Ill fitting solutions end with you paying more each month than you need to. Make sure you hold your vendors accountable and get what you’re paying for.

  • Look For Alternatives

At the end of the day, you’re running a business, which demands you save money where you can. Being overly loyal to one application or vendor could be costing you money. There are very few products that have no direct competition and while it isn’t always the right choice to use the cheapest option, you should at least explore which is right for you. You can even talk about your needs with your current vendors. If they know you’re looking for cheaper alternatives, they may be willing to give you a better deal to keep you as a customer, or they may be able to offer you an alternative to software you’re getting elsewhere.

These three tips can save your company big money in the long run. If you’d prefer to take all of the issues and concerns of IT management out of your hands, call Geek Rescue at 918-369-4335. We have all the knowledge and service required to be your on-call IT department.

Planning And Avoiding Disaster During IT Upgrades

January 15th, 2014

Upgrade clock

Making scheduled upgrades is mandatory for the success of a company’s IT infrastructure. Existing applications may have become outdated, or it’s just time for an update to close security vulnerabilities. It’s easy for what seems like a routine update to go horribly wrong, however. Recently, Dropbox tried to perform an update and ended up with a prolonged outage. David King of IT Manager Daily has some tips for you to follow before your next upgrade to make sure everything goes as smoothly as possible.

  • Notifications

For some of the upgrades you perform, a period of downtime is unavoidable. In these cases, such as changes to your servers, be sure to warn users ahead of time. Tell them how long the outage is expected to last and what services will be unavailable. Other times, upgrades may not be expected to cause any downtime, but an outage is always a possibility. In those cases, it’s usually a good idea to plan for the worst. It’s better to alert users that certain applications may be down at a certain time than leave an employee without access to a vital application at the worst possible time.

  • Time

A popular time for upgrades is Friday at midnight because it’s unlikely that an outage would affect anyone at that time. When every employee only works from their desk at the office, that’s an acceptable assumption. However, with mobile access, there’s never a time when you can be sure that an outage won’t affect someone. Conducting upgrades outside of normal business hours is still the best practice, but regardless of what time you decide to perform maintenance, advance warning is needed.

  • Recovery

Before conducting any upgrades or making other changes to your network, it’s a good idea to back-up data and make sure you have a disaster recovery plan in place. Failing to do so could result in downtime lasting longer than it needs to. Testing even more than you think is necessary is also a good way to avoid unwanted surprises. You need to be prepared for how your network will react to these changes so you can plan for possible problems and be prepared even for the unforeseen ones. Also, understand that even with a good plan in place, recovering might take some time. Don’t expect to be able to restore data and service immediately.

Managing your IT infrastructure can be difficult and costly. For help with yours, call Geek Rescue at 918-369-4335.

3 Tips To Improve Security Without Spending More

December 13th, 2013

Locked up cash

An increased IT security budget is a good idea for any business, but it just isn’t always possible. Only about a quarter of respondents in a recent survey reported any type of growth in their security budget for 2013. For those with identical budgets than last year, or decreasing budgets, it’s important to find ways to improve security without spending more. David King of IT Manager Daily suggests three ways to do just that. These tactics will better protect your company without the need to ask for an increased security budget.

  • Focus Your Efforts

There should be security precautions in place across your entire network, but there are likely some areas that need more protection than others. These will be users that have access to more data, all financial documents and applications housing valuable customer data and IT, who has access to critical points. Securing these areas better protects you because they are most likely to be targeted by criminals and would be the most costly if compromised.

  • Test

It’s important to test all precautions that you’ve put into place so you can learn how to improve them. That goes for both built-in protections and user training. Periodically, launch a test attack against your own system to find out how protected you really are. Send suspicious emails to your users to find out if your training is really paying off. You may find that more training or a tweak to an application is needed to improve security.

  • Patch And Update

It costs nothing to update and patch the applications you’re currently running. But, it makes a huge impact on the effectiveness of your security. Out of date programs contain vulnerabilities with known exploits. This means hackers have discovered security flaws and know how to use them to infiltrate your network. By keeping all applications up to date and patched, you eliminate these vulnerabilities as they’re discovered.

An efficient use of your security budget is important to make your business as secure as possible. For help spending smarter, contact Geek Rescue at 918-369-4335.

The Capabilities Of Security Within The Cloud

November 22nd, 2013

Cloud security concept

Cloud computing holds a number of advantages for businesses, but some are still apprehensive citing security concerns. Ricky Ribeiro, of BizTech Magazine, spoke with security expert Kurt Roemer, to uncover how companies can stay secure while using the cloud. Here’s a look at the most compelling information.

  • Overall cloud security

In order to properly secure your company’s data using an entirely physical infrastructure, your security budget has to be incredibly large. Because of this, security in the cloud is, in many ways, an improvement because it takes a smaller budget to put necessary security in place. A company needs to diagnose their security needs and speak to a professional cloud provider, who can manage their cloud services and provided the needed security.

  • Hybrid cloud security

A hybrid cloud set-up allows a business to use both a private cloud, which can be organizationally owned or managed by a cloud provider, and public cloud services. Security provisions must be in place in both the private and public cloud to keep sensitive data safe, whether it’s being stored or passed between clouds. To ensure security, connection points between the clouds need to be automated.

  • Mistakes of cloud security

While cloud computing offers an alternative to the traditional data center, it can’t be managed the same way. When IT departments view the cloud the same way they’d view physical machines, it seems that private clouds are the only viable option. It’s true that the public cloud isn’t right for every application, but they can be used effectively in some situations to increase the cost-effectiveness of the cloud. Data security needs to be diagnosed to decide what is appropriate for the public cloud and what needs the added safeguards of a private cloud.

  • Typical hacks

The downfall of cloud security comes in many forms that will be familiar to those with experience in traditional data centers. Weak passwords, account sharing and absence of encryption all lead to common security problems in the cloud. There are a number of protection options in the cloud to overcome these concerns, however. Multitenant administration, delegated responsibilities, distributed lifecycle management and security automation can all help you overcome typical user weaknesses.

If your business isn’t using cloud technologies yet, you’re falling behind your competition. To find out how cloud computing helps make your business more efficient, call Geek Rescue at 918-369-4335.

How To Overcome Common Virtualization Security Concerns

November 14th, 2013

Virtualization concept

Virtualization is becoming a staple of businesses of every size. According to a Cisco survey, 77-percent of small to medium businesses have already virtualized part of their infrastructure. In the next two years, the virtualization budgets will increase for about 70-percent of all businesses. As Sam Narisi, of IT Manager Daily writes, virtualization allows companies to save money while increasing flexibility and scalability, but there are some security concerns. Here are the top three security issues associated with virtualized services and how to overcome them.

  • Limiting Access

Many organizations host multiple virtual machines on a single physical machine. This is the nature of virtualization and why it is so popular. This opens the door for devastating attacks, however, if the virtual machines aren’t properly separated. It’s important to grant employees access to only the VMs they need. This way, if their access is compromised, your entire virtualized infrastructure isn’t.

  • Vulnerabilities

Any software will contain bugs and vulnerabilities that can be exploited by intelligent hackers. Virtualization software is no different, but allowing a hacker to use these vulnerabilities could prove much more costly than other software exploits. Patches and updates are constantly being made available to fix these flaws. It’s important to stay current and update your software each time a new patch is released so you can close holes in security before an attack takes advantage of them.

  • Management 

More than ever before, it’s important to have a firm grasp on the IT assets in existence and who has access to each in your company. This was a simpler job when each machine was physical. With virtualization, VMs can be created and moved quickly, which sometimes leaves IT out of the loop. If a problem comes up, it’s much easier to solve it when you know where each machine is and who is able to access it.

Virtualization offers a number of benefits for businesses, but it also comes with increased responsibility and security concerns. Geek Rescue helps take the uncertainty and labor out of virtualization. Call us at 918-369-4335 to find out what services will give your business a competitive advantage.

Is Your Business Equipped To Use Threat Feeds?

November 7th, 2013

Thinking businessman

What do you know about threat feeds? These are a real time warning system that allow security teams to take necessary precautions to prevent the latest threats. They can be an incredibly useful resource for protecting your business. As Eric Ogren, of Computer World, points out, however, you may not have the necessary resources to adequately use threat feed. Instead, they might be best left to a third party vendor who handles your security.

  • Find Threats Specific To Your Business

A threat feed isn’t tailored to you specifically. Instead, it’s a broad view of the latest threats in the wild. So, part of the investment involves combing through these feeds with a knowledge of your IT infrastructure and being able to recognize the threats that pose the biggest danger to you. This takes time and a high level of expertise. If you have both of these, a threat feed can serve you well. If you don’t, you’ll probably be better served letting a third party handle it.

  • Developing Your Own Protection

Once you’ve discovered threats that are dangerous to you, you’ll want to protect against them. That means developing your own anti-malware signatures and patching your own security. These are the same types of actions an antivirus program would take, but you’ll be able to roll them out faster. That is, if you have the resources and knowledge available.

  • Do You Have The Resources?

As mentioned, threat feeds present an opportunity to stay ahead of cyber attacks by recognizing the latest threats to your business. You have to have the capabilities to not only identify these threats, however, but also to take action to prevent them. If your team is capable, threat feeds should become a staple of your security.

If you’d like to leave your company’s security in the hands of the professionals, call Geek Rescue at 918-369-4335. We’re equipped to protect you against the latest threats and keep your data secure.

The Cost Of Cyber Attacks Continues To Rise

November 7th, 2013

Money on fire

There are many reasons to protect against cyber attacks. You need to protect your data, and your customer’s information, from third party criminals. You also want to avoid downtime, which prevents your customers from accessing your services or your employees from working. There are many issues involved in the fallout of a cyber attack, but the most telling is the monetary cost to your business. Jesmond Darminin, of IT News, reports that the cost associated with cyber attacks has grown for the fourth consecutive year. In addition to the costs, the frequency of attacks and the time it takes to resolve them are also on the rise.

The Ponemon Institute conducted their initial Cost of Cyber Crime Study four years ago. Since then, the cost has increased by 78-percent to an annual cost of more than $11.5 million on average, per company. In the past year alone, the average cost increased 26-percent, or $2.6-million more per attack. The companies involved in the study reported a range of costs between $1.3-million to $58-million. The average cost to overcome a single attack has reached $1-million.

During the same four-year time span, the amount of time it takes to overcome a cyber attack has also increased significantly. It takes nearly 130-percent longer to resolve a cyber attack now than it did in 2009. Companies reported it took an average of 32 days to resolve an attack. During this time, companies suffered a loss of about $33-thousand per day.

These increases can be attributed to more intelligent, sophisticated cyber attacks. More attention to security is needed than ever before and when an attacker finds a vulnerability, they’re able to do more damage and remain undetected for longer.

Companies suffered an average of 122 successful attacks per week, which is skewed by larger enterprises, but still illustrates the severity of the situation. Even though smaller businesses will likely experience fewer cyber attack attempts, once they become successful, they’ll likely begin to experience more.

That’s why a robust and effective security infrastructure is vital for your business. For help keeping your company safe, or for help recovering from a successful attack, call Geek Rescue at 918-369-4335.