March 2014 - Mosaic NetworX
Can an internet connection save a life?
Last month, our friend Arthur headed to the ER one night, suffering from shortness of breath. He was quickly admitted and the physician ordered X-rays in an effort to diagnose what was going on. As Arthur was wheeled back into a room, the high-resolution digital pictures from the X-ray room were already traveling to the other side of the country where they would be read by the hospital’s contracted radiologist. Within just a few minutes, the radiologist was able to call the ER with a diagnosis, and Arthur was able to get immediate treatment.
Digital films require large networks to transmit, making private line ethernet a good option.
Image courtesy of Wikimedia Commons
In hospitals around the world, every second counts. Transferring data from an exam room to a radiologist or other colleague across the country and back again can’t be delayed by a slow network connection. The same goes for researchers and scientists collaborating on complex problems from different universities and laboratories. From Wall Street traders eager to receive financial information seconds before the competition to film makers collaborating on a final edit from different sides of the world, high speed network connectivity is no longer a mere convenience. For many companies, low latency networks are a necessity for survival.
Read the full article…
Twice a month the network at Clear Blue Pools slowed to a crawl. The office manager would call the company IT provider who would scan the network and invariably find new viruses and malware. Like clockwork, every other Monday, the network became infected and operations were interrupted.
After much investigation, it was discovered that the owner of the company brought his personal laptop with him to meetings with the bookkeeper every other Sunday, and when that laptop accessed the network, all of the viruses and spyware on his machine spread across the company’s IT infrastructure like a cancer. The next Monday morning, the employees of Clear Blue would turn on their machines and be greeted with those same viruses. The carelessness of one person – the owner – was crippling the entire company.
You’ve worked to secure your network. You’ve installed anti-virus on every machine and an enterprise-grade firewall on the circuit. You have a third party managing all patches and updates and perform quarterly security audits and network assessments. You’re doing everything you should do…right on time. But what about the network vulnerabilities that are unconventional, sporadic, and rare? Are you planning for them or simply hoping that the odd intrusions don’t equate to bad luck for your organization? Have you considered the following weak spots in your network?
- Employee devices: If your employees use unmanaged devices to connect to your network, then your entire IT infrastructure is at risk. Malware or spyware on an employee machine can quickly spread throughout your organization if you aren’t careful. Be sure to establish firm rules with employees who want to bring a personal laptop or tablet into the workplace with regard to appropriate usage. Even better, do not allow these devices to access your network at all unless they are under company administration.
- Open machines: It is startling how many businesses do not require a password on each workstation. Just as troubling are the number of machines left unlocked while an employee steps away from their desk for a break or leaves for the day. Make sure that your organization has a firm password and lock policy for all in-office machines. From custodians to other employees, unattended machines are an invitation to breach and intrusion.
- Guest WiFi access: How many times have you walked into a business and been granted the WiFi password by simply asking the receptionist? Or a retail establishment that places the password on a public-facing whiteboard? Just because you have a guest WiFi network doesn’t meant that anyone walking by should have carte blanche to do as they please with your bandwidth. Make sure to change the network password weekly and make it available only by request, not published for everyone to see. Furthermore, put the network device on a timer to shut off automatically outside of business hours so that no one drains your bandwidth allocation while you are away from the office.
- Computer destruction: Every few years you refresh your computer hardware, right? What procedure do you use to make sure old machines are properly cleaned or destroyed? At a minimum, you should remove the hard drive of each machine before getting rid of it. Even better, if possible, is working with a reputable company that specializes in data destruction and asset recovery. The incremental cost of $20 to $50 per machine is worthwhile to make sure there is no chance the private data on your hard drive can be reclaimed by creative and ambitious hackers at a later date.
The above listed vulnerabilities sound incidental in the grand scheme of things, but can present major problems for your network security. Just like Clear Blue Pools above, the slightest misstep can lead to major problems for your entire operation. Implementing enterprise-level security is worthwhile for your organization, but don’t forget to keep smaller risks in full view, as well. A full scope security solution means addressing even the most trivial concerns. Click here to learn more about how Mosaic NetworX can keep your network safe and sound!
The small financial firm was storing tape backups in a safe deposit box. They had been doing so for years, rotating different tapes through the box every couple of days. The ad hoc system worked just fine over the years, but the new IT service provider suggested something different: “We’ll put all your backups in the cloud, it will be much easier!”
The administrators of the financial firm were hesitant at first, but the case was compelling: the backups would happen daily instead of weekly and the added costs would be incremental. The office manager wouldn’t have to drive halfway across town to store the new tapes, and on the rare occasion that a file was accidentally deleted, the new cloud-based system would allow for immediate recovery. The team made the decision to move to a cloud-based backup system and the days of switching out tapes came to an end.
Your data needs to be protected but also easily accessible.
Image courtesy of Scott Adams via Ongoingoperations.com
Read the full article…
Janet called in before 7am and Adam answered on the second ring. “Adam, the site is down. It’s the biggest sales day of the year and our site is down! It was working ten minutes ago and now it won’t load. ” Janet was nervous because this was the busiest shopping day of the year and a big sales day was vital to their success this year.
Adam seemed nonplussed. “Ok, I’ll check right now. I’m sure it’s just increased traffic and I can fix it easily. Don’t worry, boss!” But by the time Janet arrived at the office, Adam had discovered that the problem was far bigger than he’d predicted. “It’s a denial of service. Someone is attacking us, and I don’t know what to do to stop it.”
It was the busiest shopping day of the year and their entire e-commerce operation was dead in the water.
DDoS is serious business and can cripple a network.
Image courtesy of The Joy of Tech
A denial of service attack, or “DoS” attack, occurs when an outside party disrupts a network’s ability to process valid requests. This can mean a barrage of web traffic or manipulative data transfers that confuse and inhibit the network’s capability. DoS attacks are common and can last up to weeks on end. Even scarier, setting off a DoS attack can be inexpensive; attacks that last a week can be put into service for less than $150 on the black market. Every network or website is a potential target and if left unprotected, the administrator is essentially at the mercy of the attacker.
Read the full article…
“No thank you, we have a firewall already.” The office manager of Ed Wells Construction Company politely declined the suggestion of her IT Managed Service provider, who had proposed that a new, enterprise-grade firewall be installed to protect the network. The current firewall was built into the router provided by the telecom company and the provider was concerned it wouldn’t be secure enough, but the decision makers at Ed Wells were having none of it.
The rep for the provider explained, “I understand not wanting to add expense, but the firewall you have really isn’t very strong. I worry that your network is vulnerable.”
The office manager offered a smug reply. “Well, it’s secure enough if no one has managed to hack us yet!”
The rep couldn’t help himself when he replied, “With all due respect, that’s because no one has bothered to try. But this is what I do for a living and I’m telling you – this network is not safe behind that firewall.”
Patches and updates are crucial to network security.
Image courtesy of Microsoft
One of the most common misconceptions among small business owners is that the security systems they have in place for their network are sufficient. These businesses mistake a lack of intrusions or security breaches for evidence that the network is secure. But just as it is impossible to prove a negative, the absence of a network attack does not prove a particular level of security. More importantly, the most common way businesses discover that their network security is lacking is when an intrusion has taken place and it’s too late to do anything about it. Monitoring and managing a small business network doesn’t have to be complicated, but ignoring it because you don’t know where to start is asking for trouble.
Read the full article…