Posted on

15 Things Your IT Support Wants You To Know

IT professionals can be the number one defence for your business or organisation which means they work hard, even if you don’t always understand what it is they do. Sometimes it can be difficult communicating with your IT support so here are a few things you should know about them the next time you want to interact:

  1. We are on your side

It may feel like we are against you when you feel you need new equipment but we are working within a budget, as all departments do and often new doesn’t always equal the best. We are always there to help you use the equipment you have and listen when you think you need more, we are not against you but don’t forget how expensive tech is, sometimes we aren’t the ones saying no, the budget is.

  1. DON’T CLICK THE LINK

We have discussed Phishing Emails in our previous article, as well as how to spot them, but if you aren’t expecting an email or it seems to good to be true, don’t click the link. Otherwise we have to spend the morning/afternoon/evening performing IT surgery on your devices and checking it didn’t infect the main network to protect everyone else. If you are in doubt, contact the company directly or give one of us a shout, we can spot it a mile away (and if we can’t we have protected environments that we can use to double check.)

  1. Turning it on/off again is an actual thing

It is an ongoing joke that most of the world is in on and it sometimes seems like IT support are messing around when they ask you to try turning your machines on and off again, however the action has merit and is the first, in a long line of troubleshooting that could solve a variety of issues. This is partly because sometimes when a computer error or glitch happens it’s because the software is becoming end of life and needs updating, or your computer has been on for an entire month and could do with a little break to start and refresh. If something is going wrong, close and save your applications and try turning it on and off again before calling tech support, you may find you can deal with it on your own.

  1. Everything needs power

It’s surprising how many calls we get when something isn’t working, only to find that it either isn’t plugged in or it’s been switched off at the switch and no-one has noticed. Always make sure you are plugged into an outlet, your device is charged and the switch is turned on.

  1. We aren’t miracle workers

If you haven’t saved your work in 10 days and your computer dies or you have lost an email from 1992 that you want us to retrieve, it’s not always possible. There are a lot of sneaky tricks that we can try and we can delve into the depths of a computer log, but if the data isn’t there, we can’t give it to you. Sorry!

  1. It’s not an exact science

Unlike actual science there isn’t always a definite fix for everything and as technology advances, your IT support has to adapt and advance with it. This means that we can’t always jump straight onto a solution and fix it straight away. Imagine you get a new phone, it takes a few days for you to learn the new keyboard or layout, it’s the same for us with new software or tech, even updates for things we have been doing for 10 years, it’s not that we don’t know what we are doing, we just need a moment to get used to things. Also, different users have different settings on their devices which means we need a minute to adapt to your way of thinking.

  1. You don’t need to diagnose the problem, that’s what we are here for

It’s fantastic when users have a bit of understanding on their machines because it means you are able to use them effectively, however when they go wrong and you can’t fix it, that’s our job. We just need to know the symptoms of the problem, anything you have tried and what you were doing when it occurred and we can get to work. We know you are trying to be helpful by suggesting what you think is the problem, but we have a system and commonly it’s not the same thing.

  1. Stop illegally downloading

We know you do it, you are on our network, we then have an obligation to follow this up and potentially report it. Don’t download illegally, particularly when you are at work, we can see it, it’s awkward and 9 times out of 10 we can trace it back to you and everyone has to have a discussion, it’s not worth your time or ours. This goes for watching “those sites” too.

  1. The Slow Computer Dilemma

It is a phrase that IT support and professionals are used to hearing, a LOT, “my computer is slow.” However, this is not always the case and can actually be the way it is being used, for example, do you have a ton of tabs open or have you updated recently? Are you trying to do something it wasn’t designed to do or using software that requires more processing power than you have. Speak to your IT professional about what it is you are doing with your computer before going down the slow route, there are plenty of things they can do to help speed it up that may not be the computer at all.

  1. Give us credit

It sounds self-indulgent however there is a lot of time and energy that goes into IT support and you don’t necessarily see the out of hours work or the morning weekend server re-boots that go into ensuring your systems are as stable as possible. But the Wi-Fi in unavailable for 5 minutes and we get a hundred phone calls immediately about us not being able to do our jobs. When you pass them in the halls or at work, thank your IT support guy, particularly when everything is going well, it means he’s been putting the hours in and going above and beyond.

  1. We don’t get the final say

Many IT support staff don’t have the authority to buy you a new laptop or okay the latest tech in the office, event IT managers have to discuss things with finance or other departments but we can be powerful allies. If you can prove a business need for your new tech and convince us, we can help persuade others that it is necessary, plus we are the ones who will have to set it up, maintain it and implement any solutions you put in place so it’s good to get us on board beforehand.

  1. We hate printers too!

They are the bane of our existence, need replacing, are naughty on networks and a lot of them are stuck in the 90’s but they are essential for offices, the hospitality industry and pretty much everything, so until they invent something better, we are all just stuck with them!

  1. Communication is key

How are we supposed to know something is wrong or how long it has been doing it if you don’t tell us? We can appreciate that a malfunctioning computer is frustrating (we definitely know this!) but we need you to explain everything so we can diagnose and fix it as quickly as possible without adding the unnecessary guesswork of trying to understand what you need doing to it.

  1. Data Protection is a legal requirement

Secure passwords, two-form authentication and other policies that your IT department put in place aren’t only there to protect your data, it’s to protect the information companywide. With new GDPR regulations, not taking the proper precautions to protect your own, business or client data can result in huge fines and data protection leaks. Not to mention the spyware, ransomware or nasties that can corrupt your own data. As annoying as it is, please follow our protection protocols, they help everyone.

  1. Karma’s a beautiful thing

IT support help an array of users, businesses and keep networks running, all while dealing with any little issue (or the printer…again) that you have. So be nice, respectful and appreciate that we are doing the best we can and are working on elements that you can’t see, rather than sitting in a basement and gaming all day (some of us do that too.) But ultimately, if you are looking to skip the queue or get something done ASAP, you can catch more flies with honey.

At the end of the day, IT support is there to help you, just try to remember that we are human as well!

Find out more about our IT Solutions here.

Posted on

How To Protect Your Email Password From Hackers

*This article originally appeared here on LinkedIn* How To Protect Your Email Password From Hackers

In my previous article I have showed how easy it is for hackers to get your outlook & 365 password.

The method I showed requires the hacker to be on the same network as you (WI-FI or Local) but usually hackers will use much easier way to obtain your password:

Spearhead phishing & Social Engineering is very effective and works from my experience in many cases – they are waiting for you to be a off your guard for a second and then they will get your email password (you will give them the password … )

There are several very easy steps that from my professional experience reduce the risk significantly:

The basics:

  1. Don’t be cheap and use a business grade email solutions like Microsoft 365 or Google Apps – you are paying for added security / traceability and support. the worst Hacks i have seen are always with “Free” email accounts such as Yahoo, Gmail and such where you don’t have a real “point of contact” when you need help
  2. Use complex passwords ([email protected]!) – don’t use the same password you use for other service !

Use the Advanced feature that the business grade solutions offer you – use 2 Form Authentication (for more information, visit our 2-Form Authentication post for an in depth look at this.)

Use 2 Form Authentication – it will require you provide another authentication via SMS / APP and will make it MUCH more harder for the hacker to hack your email account

Both Microsoft and Google offer 2 Form Authentication solutions,

Microsoft 2FA

Google 2FA

both of them will require you to provide a one time password via SMS / APP when you login.

Both of them also support “APP Password” that will provide you a one time password for your APP ( such as outlook ), This is very useful to avoid the type of “Men in The Middle” attack I have shown in the previous article

Generally speaking Hackers usually search for the ” weak link ” in the chain – dont let it be you – do what ever you can to make it complex for them so they will move on to another person / company.

Never say it wont happen to you… when it does it hurts more and you will regret not taking the basics steps to protect yourself and protect your email password.

Written by Eli Migdal, CEO of TowerWatch Solutions Ltd (UK) and founder of Migdal Computing Solutions Ltd (Israel)

Posted on

12 Warning Signs Of A Phishing Email

The importance of online security is bigger than ever and with criminals coming up with new and inventive ways to catch you, we must remain vigilant. Previously we have discussed how to defend yourself against phishing but with increasingly clever tactics we thought we would highlight some 10 ways you can sniff out a potential threat and detect signs of a phishing email.

As you probably already know, phishing is the act of misleading you into giving away your sensitive information, from login details to your credit card information there’s a wealth of data you don’t want falling into the wrong hands. The most popular way of phishing is via email so we will be looking solely at this, but remember that cyber thieves can masquerade in a variety of different ways so keep an eye out.

Here are the 12 signs of a phishing email that should throw up an immediate red flag.

  1. Email Address

Why is PayPal emailing you from [email protected]*? The correct answer is they are not and if a reputable company is not using their own server email or a recognizable email, then it’s definitely not them. If you are genuinely concerned and are expecting a similar email, do not reply to this one, go to the company’s website and find an email address or contact number of someone you can speak to and you can deal with the quiery directly. Also, contacting the real company helps to raise awareness that someone is using their name to steal data which they can then act upon by contacting customers legitimately and this avoids anyone else getting duped.

  1. Unsuspecting Urgency

If something was really happening with your account then chances are you would have heard something rather than a strange email out of the blue claiming that you MUST ACT NOW. If you aren’t expecting an email, then chances are it’s false and again, you can always contact the company and check. This also stands for unrealistic threats that are suddenly imposed in the email, stop and think about this company and what they are LEGALLY allowed to do, if the threat doesn’t line up it’s because someone is trying to use fear and intimidation to get you to click.

  1. Poor Language

In many instances phishing emails will have poor grammar or language and this could be because they were thrown together quickly with minimal spellchecking, because an automatic translator was used to quickly send to a variety of different countries or alternatively because the writer was writing in their second language. Although businesses can make mistakes, professional business emails are usually written by someone from your own country or at least spell checked and proof-read so this can be a major giveaway.

  1. Asking For Money

Email marketing is strong for a lot of businesses or charities and although you may find you get newsletters and emails drawing your attention to the latest products or services, when was the last time a company asked you for a specific figure to immediately hand over? Even if they are sending you an invoice, most of the time this will be in the form of an attachment, with a legitimate invoice, reference number and contact details so you can always check it out. Asking for money is one of the telltale signs of a phishing email!

  1. Wrong Child Domains

A favourite trick is to create a child domain which involves having a domain underneath an original, meaning that the parent domain details are in the URL which is how they catch you out. For example, Information.Security.TowerWatchTech.com would be a child domain of our own website and this is clearly indicated if the parent domain is on the RIGHT-hand side due to the way DNS naming works. However, a spoof version of this would be TowerWatchTech.com.phishing.com but because the brand name is in the URL, you get confused into thinking it is legit. The best way to remember it is:

On the LEFT, I’m LOSING money

On the RIGHT, everything is all RIGHT

  1. It Asks You To Log In

Be wary of any email that asks you to log into an account direct from their email. Most companies will ask you to log in but will not provide you with a link, or will provide a generic link to their own website that you will recognise. Links are often disguised as a dummy website which records your login data! If you think it is from a reputable company the easiest thing to do is manually go to their website and log in the same way you usually do, the extra minute it will take you to do this is better than the hassle if you don’t.

  1. TGTBT

Too good to be true. At the end of the day, if someone randomly wants to send you a £million then it’s probably not your lucky day. Do you REALLY think that if you had come into that much money they would contact you via email? No, they would use several points of contact, (as unlikely as it is anyway) or official channels. If it sounds too good to be true, it probably is.

  1. Embedded Links

Linking content can be beneficial in an email but it is also an excellent way to hide nefarious links! Many people don’t realize that embedded links can be checked by simply hovering over them (on a desktop) computer and seeing the actual link (rather than clicking on it!) Ask yourself if the link is reflective of the company you’re expecting, if it isn’t then DO NOT CLICK ON IT, and definitely don’t click on it to “see what it does.”

  1. Lack of Personal Info

This doesn’t always work as some criminals are getting more sneaky but a lot of the time, legitimate brands or businesses with your email address will use at least your first name, if not your first and second. “Valued customer”, “friend” or “client” are all ways of saying “I don’t know your name but I am going to pretend to anyway” and should be avoided, particularly if they are asking you to share personal information.

  1. Naked Signature

A business, brand or professional will sign an email with more than just a name at the bottom, even if it is a generic email it will still have “The Team” with contact information or website addresses underneath because it’s a marketing tool. Giving out as much information so that customers can contact you and potentially turn into a sale is good business practice so be wary of any “business” who is not willing to share that information and a name-only signature is a good way of doing this.

  1. Header Name

The header name can be inputted, the email address cannot be changed so ignore the header name and go straight to checking the email. Always check the little arrow to look at the email as a first point of contact. A lot of the time people don’t realise you can and that is why few emails will actually cover this up so you can save a lot of time and heartache by dealing with this first.

  1. Unexpected Attachments

Always double check before you click on an attachment, particularly those that you aren’t expecting, have strange names or aren’t mentioned in the email itself. This tactic plays on curiosity to see what it is and that is how they will get you! Normally, the sender will tell you what is attached, why and how it is relevant to you so that you know what you are looking at, the first warning signs of a phishing email is when they don’t tell you and the second is when they tell you it contains irrelevant information or info they could have just written in the email. If something sounds suspicious, don’t open it.

Find out what to do if you accidentally click on our “Defend Yourself Against Phishing” article or check out our Information security services to see how we can help you protect your business’s data.

Posted on

8 Reasons Why The Hospitality Industry Needs IT Management

We are going to answer the common question on why IT management is essential for the hospitality sector because it is one that is frequently asked! Simply put, the hospitality industry needs IT management. Firstly, you need to remove the mindset that IT needs are exclusively in an office environment and consider the technology used to run a business in the hospitality industry. From restaurants to theme parks, the dependence on technology is increasing and therefore so does your need for IT management, for example, let’s look at the amount of technology used in a restaurant and set aside the service element for a second, you have:

  • EPOS (Electronic Point Of Sale)
  • Databases with staff and client information
  • Ordering systems (for customers)
  • Stock ordering and management (in-house)
  • Tablet managements system
  • Security systems
  • Online ordering
  • Websites
  • Employee computers/laptops
  • Internet Accessibility

And this doesn’t even consider the advancement of technology such as smartphone payments, new apps and ongoing changes in security regulations. A business in the hospitality industry is still a business and needs to be treated as such because the industry as a whole is years behind on tech, partly because what is available it isn’t managed or maintained. This is where an IT manager comes in and here’s a few of the things they do to prove why you need them:

  1. Online Security

Whether it’s customer data, sensitive documents and emails or your employee databases, your information needs to be kept secure and changing your passwords regularly won’t cut it (although it’s an excellent place to start. With the new GDPR (General Data Protection Regulation) legislation coming into effect, your business can face massive fines regardless of whether you are in finance or hospitality, you have a responsibility to keep data secure. An IT manager can provide safety protocols and security measures to safeguard your data as well as train you and your staff on how to avoid lapses in security for the business. Technology is advancing and your security needs to go with it.

  1. Project Management & Installation

Thinking of expanding, having a site overhaul or changing the way your business looks? We can help with the technology side to liaise with the project managers so that you can still provide the service in the aesthetic that you like. Doing this during the building phases helps to minimise disruption to your business and makes sure that you don’t have any lapses or poor technology issues which can look bad to customers. An extension is great but if your free Wi-Fi doesn’t reach outside anymore your patrons aren’t going to be happy.

  1. Upgrades

An IT manager knows when it is time to upgrade and what you should upgrade to and that doesn’t always mean the most expensive or newest products. Stability and performance are the two key factors we aim to combine and with our insider knowledge we know what is going to work and what software or hardware hasn’t quite worked out the kinks.

  1. Day-To-Day Assistance

The hospitality industry tends to require multi-tasking as processing are different than a standard office, you need day-to-day maintenance and checks as well as someone being on hand to deal with issues that arise. While your go-to IT person can handle some of the problems, you can’t expect them to handle multiple sites and locations as well as any projects, upgrades, repairs and installations all by themselves!

  1. Quicker Resolutions Of Problems

Knowing who to talk to can get a job done quickly and right! Have you ever been passed around from one department to another trying to get support, with everyone claiming nothing is their fault? Cut out the middle man and let us do it for you, not only can an IT manager discuss and organise on your behalf but they also have the contacts to get things resolved swiftly (and escalate problems properly that aren’t getting fixed) This solves problems in half the time and allows you to focus on the other important aspects of running a business.

  1. Translate Tech jargon

Those error messages that you don’t understand, we do! We know what they mean and how to resolve them as well as what’s normal and when to start panicking! Technical language can be confusing and with our knowledge we can provide the translation and help make it easier for users to understand, removing the “fear” of something going wrong.

  1. Back Up Solutions

Have you ever been writing a document, your computer freezes and you have to restart it, then you remember you haven’t clicked save for about half an hour? Imagine this on a larger scale. Sometimes things go wrong, it’s a fact of technology but an IT manager can help provide regular back-ups to ensure you and your employee’s data is safe. We make sure that redundancies are in place so that there is minimal disruption when restoring information and everything is backed up. We offer cloud based solutions which we feel are the most flexible, secure and effective (as well as quick and easy to restore to get you back up and running in the event of a failure.)

  1. Staff Training

Let us teach your staff how to use their technology in the most effective way, from shortcuts to user-guides, IT management aims to create a unified relationship between user and technology so you are using it to its fullest potential for your business. Knowledgeable staff are able to cope with problems without panicking as well as knowing what to do in basic situations and when to call the experts, think first aid training for computers. A handy skillset for your employees.

Ultimately, IT management can streamline processes, boost productivity and improve customer service in the hospitality industry and at the end of the day, it’s the service that matters. For these reasons, hospitality industry needs IT management.

If you’re in the hospitality industry and want more info on what our IT managers can do for you, visit our list of services or get in contact.

Posted on

How Easy It Is To Steal Your Outlook & 365 Password

*This article originally appeared here on LinkedIn* How Easy It Is To Steal Your Outlook & 365 Password

During a penetration testing project, I was working on finding the weak spots in the IT system of the company and finding the best solutions to patch them up.

The client had most of the traditional security solutions such as firewalls and external penetration was not useful / efficient.

But when we did an internal penetration test  I saw something very disturbing in the way that Outlook works, and how due to poor design in Outlook’s security warning it’s easy to obtain a user’s password.

The same method allowed us to obtain outlook password outside the company perimeter as well.

It’s quite easy to steal your Outlook & 365 password.

Case study:

Environment:

·      Windows 7 Pro computers

o  Tested on Windows 10 Pro as well

·      Outlook 2016 connected to Microsoft 365

o  Tested on outlook 2013 connected to Microsoft 365 as well

Penetration testing:

We used a classic “Men in the Middle Attack” between the client and the gateway, see Diagram 1.

Diagram 1

Results:

Outlook’s behavior was very problematic,

Once we started poising the ARP the following Prompt, (See prompt 1) was shown to the user:

Prompt 1.

The advanced users who decided to push the “View Certificate” have seen the following screen,(prompt 2.)

Prompt 2.

The “injected certificate” is an outlook.com which is not trusted but to most users outlook.com is “good enough”

Most of the users didn’t give this small prompt a lot of thought and pressed YES to proceed:

 This caused outlook to send information on a non-encrypted method and any sniffing tool instantly showed us the Outlook password (Which is also the main active directory computer/domain login)

This exercise was done within the company network, later we decided to follow one of the users to a meeting at a coffee shop where is connected to a public WIFI which we have also joined, and we managed to do the same process outside the company perimeter.

Analysis:

1.   Outlook’s security prompt is very small, hardly noticeable, none alarming and doesn’t deliver the severity of the issue

  • Compare it with the prompt the Google Chrome provides when you try to send information at a non-encrypted method – the Google Chrome is “Scary” and makes the users stop and think

2.   Most of the users don’t understand the security prompt at all

3.   Most of the users will automatically press yes on this prompt to continue working

Is it a user behavior error – No! – the security prompt is poorly showed that only IT users are expected to understand the severity

Resolving the issue:

1.   We implemented a GPO settings that doesn’t allow outlook to work on non-secure layer at all

2.   We did user awareness cyber security training to show to the users how risky this little prompt is.

3.   We reported this vulnerability was reported to Microsoft  – Microsoft responded that it isn’t a real vulnerability because the user gets a prompt!, i think the prompt itself is not designed correctly and allows a big room for user error.

How to protect your outlook against this type of attack:

We deal with protecting yourself in our next article on How To Protect Your Password From Hackers

Written by Eli Migdal, CEO of TowerWatch Solutions Ltd (UK) and founder of Migdal Computing Solutions Ltd (Israel)

Have more questions? Check out our Smiley Geeks IT Help Membership from only $69 a month!

Posted on

Making sure You’re Protected From RANSOMWARE Attacks

All Disaster Recovery plans include ways of dealing with fires, floods or earthquakes, but do not mention RANSOMWARE attacks – why is that so, and what to do if you want to be protected?

This article includes:
1. Defining RANSOMWARE as disaster
2. How do avoid getting infected by RANSOMWARE programs
3. How to deal with infection after it happened
4. Structure of backup and fast replication systems
5. Conclusion

It may be a real surprise for most of us to learn that many major organizations and companies have high-quality DR/BCP plans that do not include preparedness for RANSOMWARE attacks.
Disaster recovery planning usually gives sufficient response for the events caused by natural disasters (such as massive floods, fires etc) or even to events caused by human error or malicious actions. At the same time, possible damage in case of RANSOMWARE attacks is frequently left by the wayside, with the IT departments not assuming full responsibility for the consequences of such events.
Is RANSOMWARE attack a disaster event? In my professional opinion, it is, and very much so! Definition of disaster event in the IT environment should be influenced by the event’s business impact, and by the level of downtime experienced by the organization due to the event’s occurrence.
I am convinced that RANSOMWARE attacks should be defined as disaster events that can frequently cause a total shutdown of the organization, therefore there is need to plan for this kind of attack as it would be for any other significant disaster.
RANSOMWARE attacks have already caused widespread damage to various organizations, such as major hospitals, causing financial damage as well as endangering human lives. This proves once again that RANSOMWARE attacks should be classified as disaster-level events and dealt with accordingly.
Having concluded that dealing with RANSOMWARE attacks should be made part of your Disaster Recovery (DR/BC) Plan, we need to know how to prepare for it.

How to prevent being infected by RANSOMWARE

This is a theme for an entire a separate essay, but these are the main steps every organization should undertake on this issue:
1. Raising the awareness of personnel to the dangers of such infection
2. Minimizing the number of Admin authorizations to the absolute minimum, and making sure that those authorizations are given only to those employees that really need to have them
3. Control over software inside the office – you need to work on a strict WHITELISTING basis, so that pre-authorized applications can be run on your company’s IT network (mapping all the software inside the company may take time, but it is worth it)
4. Blocking applications in sensitive locations such as APPDATA
5. Blocking all scripts throughout the organization except the Whitelisted ones
6. Using anti-virus software with features that provide protection against RANSOMWARE, anti-virus programs without those features cannot be considered worthy of the name

Nowadays there are more steps to be taken, of course, I will describe them at length in a separate article that will be forthcoming

How to deal with RANSOMWARE infection

This chapter is the most relevant to the issue, as it is only a matter of time until your organization will be hit by a RANSOMWARE attack. IT professionals have to be fully ready to the “day after” that follows such an event. The process of dealing with RANSOMWARE attack should be part and parcel of your DR planning.
In my professional opinion, the best way to effectively deal with such an event is to ensure fast restoration of your data and servers, together with immediate forensic investigation that will help out to locate the way your organization got infected in the first place.
The decision on whether to initiate restoration of a file, a folder/directory, a server or a whole server cluster has to be taken according to the level of infection and its influence on company’s operations. There is a need for a clear Rule Book that will define when to step up from restoring a single file to the level of restoring the whole server. In such situations there is usually not enough time to deliberate on the possible consequences for the company, the best way is to operate according to a clearly delineated Rule Book that is compiled according to calculations and projections made well before the emergency occurs.
My professional experience exposed me to multiple cases in which the organizations lose precious hours or even days while trying to figure out in real time “what to do” instead of “doing it”.
This is when the proven methodology of Disaster Recovery Plan should kick in and save the besieged organization, when the employees and managers work according to a pre-approved, clearly defined and pre-tested process stages. All employees should know well their roles in the process, what and when to do – this will result in the company quickly returning to routine full-capacity operation.
Below you can find a concise template for Disaster Recovery process for organizations dealing with RANSOMWARE attacks:

  1. RANSOMWARE identification – the identification can be delivered by a server monitoring system, or by HELPDESK staffers that get complaints from the users concerning files or folders that “do not open/do not work”
  2. Absorbing the information about the infection and performing the initial analysis of the event – what files are affected, in what department, in what directories, this will help to identify the computer that was the source of infection
  3. Isolating or detaching the affected sector of the company’s IT network so that further infection will be prevented
  4. Making decision on the crucial subject of whether to restore only certain files/directories or the whole server/server cluster – this decision should be taken by the appropriate manager according to the chosen indicators as projected in the DR plan
    1. Usually the trigger indicators are defined as follows:
      1. If the infection is found in one separate department/unit and just a few files are infected there – only those files or folders containing them may be restored
      2. If there are indications that the server itself (in its system files or databases) has been infected – then there is a need to restore the whole server
    2. Every manager and employee of the affected department should understand clearly what his role is in the process, as defined by the DR plan
      1. All the team members should undergo training and simulations for the DR process
  5. If the process of full server replication is initiated – great back-up and recovery tools, such as VEEAM, can ensure very fast Instant Recovery capability, especially when it is possible to define a SNAPSHOT back-up procedure with hourly recurrence, so that you will never lose more than the latest hour’s work
  6. You will be able to bring the affected server back to operational status while still accessing the infected version in a SANDBOX mode, so that you will be able to extract some of the freshest data from it manually
  7. After the restoration process is complete – you need to evaluate the situation, making sure that:
    1. There are no more affected files
    2. Source of infection has been identified and isolated

 

Structure of Back-up and Restoration System

As could be seen in the preceding chapter, protecting yourself from RANSOMWARE attacks is based mostly on thorough back-up and fast effective restoration.
Every organization has to make sure that it has the following:

  1. Full back-up on hourly, daily, weekly, monthly and annual level
  2. Offline/Offsite back-up capability – Offsite back-up should include historical versions of your data, separate back-up file created during each back-up session can be considered as Offline back-up. It can be done in several sites, my recommendation is to use Cloud services, perfect for the purpose
    1. No, there is no need to return to the era of back-up tapes
    2. It is also possible to ensure that there is no overlap of authorizations, so that the back-up system can read data from a Production system, but not vice versa (so that RANSOWARE would not be able to infect your back-up system)
    3. Nowadays we have numerous solutions for Offline/Offsite back-up, I would certainly recommend utilizing Cloud solutions such as AWS and Azure
  3. The organization should implement a high-quality Backup and Replication solution such as VEEAM – experience shows that this product can save IT networks from destruction or massive damage
    1. It allows for fast and efficient back-up
    2. It provides for back-up through separate PROXY servers – this increases the back-up speed and also adds to the level of system segregation
    3. Back-up on the level of Virtual Machine/Host greatly reduces the possibility of severe malware infection
    4. VEEAM uses Always-On approach which is so essential in current threat environment
    5. It is very important to keep VEEAM back-up copies at an Offsite location, there is no real DR without that
  4. There is a need to invest in a separate solution for Offline file back-up (below the threshold of server/server cluster) which back up the files with Unlimited Version History – there are solutions like CrashPlan that, while not enabling fast recovery, do allow the unlimited number of versions to be saved
  5. You will need to enable Volume Shadow Copy; in most cases it ensures quick recovery of affected files (otherwise RANSOMWARE infect those as well)
  6. You need to make sure that the back-up structure is designed and implemented correctly for data integrity
    1. Back-up of SQL systems should be enacted in the highest possible resolution (every 15 minutes) at the data level, and at hourly rate on the VM level – this way you will be protected even in cases of deep and widespread infection

If your system still runs on physical / non-virtual machine environment – this is the time to change that, advance to virtualization, because when your system operates as VM, there are so many more possibilities for fast assured back-up and Restoration!
Most organizations nowadays do not have any justification for not working with a virtual system, usually the reason for not advancing is the difficulty and complexity of replacing Legacy systems that are especially susceptible to RANSOMWARE attacks and other major malfunctions.

Conclusions:

1. RANSOMWARE attacks should become an integral part of your DR plan
2. Your team has to be trained and ready to deal with those attacks
3. The foundation for effective and fast solution to such attacks is a fast back-up and restoration system
4. It is much easier to protect a fully virtual environment – do not hesitate to start the process of moving from physical to virtual environment

Prepared by Eli Migdal, CEO of TowerWatch Solutions Ltd (UK) and founder of Migdal Computing Solutions Ltd (Israel)

Visit our Information Security page for more information on our services.

Posted on

Bandwidth Vs Speed – How to Have Both in Major City Centres

First of all, what is the difference between bandwidth and speed? Is there a difference at all? They are the same, right? The short answer to this is no, so let’s look into this in more detail.

To start with, what do we mean when we say “bandwidth”? Essentially, this is the capacity or the amount of data that can be transmitted over an electronic channel during a specific period of time. Think of it like the lanes on a highway, it allows more traffic to go through at once whilst still retaining higher speeds. A lone car can speed down a single lane road, in the same way a lone network request can function with low bandwidth capabilities.

But what happens when you have multiple requests going through a network simultaneously? For example, one user using a VOIP program such as Skype and a second user requesting to download files from the cloud will suffer slow speeds and poor quality because these requests are held in a queue and completed one after the other. A high-bandwidth connection, on the other hand, can service many users and requests without sacrificing speed which translates into better performance for users, just like a highway has multiple cars moving alongside each other at once.

A lower bandwidth internet connection will not (generally) allow for uninterrupted media streaming, even with smaller audio files. Other processes, such as uploading and downloading files, are also significantly slower than, say, broadband or high-bandwidth connections which negatively affects office productivity, especially in the hospitality sector, where you can expect slower payment processing as a result.

In most major cities’ centres in the UK, including central London, there is a reliance on ADSL due to old copper infrastructure which limits the internet bandwidth. So, how do you work around this? The easiest way to improve bandwidth in this situation is to purchase and install a high speed dedicated leased line – however, this comes with its own set of issues.

First and foremost, the cost in not sustainable for small to medium (or even in some cases larger) non-technology based organisations, and they are not always readily available in the most central areas of bigger cities such as London.

TowerWatch has a way around this – we can implement a combination of solutions to increase your bandwidth with the ability to also manage and control it! Which ultimately means you reduce costs or the need for super-high-bandwidth solutions. Without giving away all of our trade secrets, this is what we can do:

  • Give you multiple cheaper lines combined with a high-grade business router

    • This gives you smart traffic load balancing, making sure your important data is always transferred first!
    • Options for redundancy in case of internet outages
    • Reports on bandwidth usage allowing you to see where your bandwidth is being monopolised
  • A world-class WiFi solution

    • Control – Allowing you the control over all your wireless devices bandwidth usage prioritising business devices over personal ones.
    • Great reliability – some of our clients do not even know where their access points are, having never touched them for a reboot!
    • Super coverage – meaning your employees can work freely without worrying about speed or signal

All the above gives you the full system solution with the correct bandwidth and speed for your business needs without wasting your monthly income on excess IT expenditure. This means you will be able to focus on what your business does best without worrying about how slow your internet is, because let’s be honest, this is the worst!

Written by James Ratcliffe  – Project Manager at Towerwatch Solutions LTD

Visit our IT Solutions page for more information on what we can do for you.

Posted on

Wi-Fi – Need or Must? (Luxury or Necessity in Hospitality?)

75% of people say that a week without WI-FI would leave them grumpier than a week without coffee. We are seeing more and more mobile devices needing WI-FI, to the point that it is becoming essential to attract the customer. So is Wi-Fi in hospitality needed?

When was the last time you booked a hotel without Wi-Fi? Hotel Chatter found that 94% of people cite internet access as their most important amenity, yet they found that only 64% of hotels offer it free to their customers. The hospitality industry should take note, as 38% of hotel customers say that they would book elsewhere if there was no Wi-Fi available.

Wi-Fi in the Hospitality Industry

Things to bear in mind when offering Wi-Fi include:

  1. Is it reliable?

    • People are more likely to be put off by bad Wi-Fi, rather than no WI-FI
    • You must factor in capacity as more and more people are carrying more than one or two devices (e.g. Work Phone, Personal Phone, Tablets etc.)
  1. Is it Fast?

    • Can it support multiple devices uploading photo/video as well as voice and video calls simultaneously?
    • Do you have the infrastructure and bandwidth on-site to handle the extra load once you offer Wi-Fi?
  1. Impact on staff/operations

    • When offering this speed for your clients you must also look at:
      • The costs of the bandwidth
      • Allocations of speed and bandwidth to staff, client and business devices
      • Ensure that you are not hindering your own core operational devices and services
    • Permitting and monitoring staff access to Wi-Fi during breaks/out of hours.
  1. Legal

Is your guest Wi-Fi in line with government legislations for your city or country?

  1. Security

Wi-Fi is an easy target.

  • Are you securing your business devices?
  • How are you protecting your clients?
  • Is your current solution taking up valuable IT resources?

So how do you meet these requirements, while keeping your technologically inclined and demanding customers happy?

You will need a Wi-Fi solution that covers the following:

  1. High Quality Business Grade Hardware

    1. Giving software reliability
    2. High Speed
    3. Durable Hardware
    4. Great Security
    5. Regular updates for both security and legislation
  1. Cloud-Based Management

    1. Allowing control of multiple sites
    2. Giving easy “big picture” monitoring and alerting
  1. Fast and Simple Deployment

  1. Easy Multiple SSID Control

    1. Allowing bandwidth control
    2. Allowing Separation of Data

In planning, designing and implementing a Wi-Fi solution for clients that need to tick all of these boxes, I found a solution that handles this and much more. This allows a smooth, non-invasive deployment, leaving a Wi-Fi resolution that is robust, easy to grow and light on IT Management resources.

We had a very positive experience with Meraki (Cisco Meraki) products to deliver best-in-class Wi-Fi solutions.

Written by James Ratcliffe  – Project Manager at Towerwatch Solutions LTD

Posted on

How to protect yourself from Password Hacking – Two form Authentication – (Because Just a Password is Not Enough)

Let us start with a reality check – passwords get hacked and stolen all the time, this is a fact! So proactively protecting yourself from password hacking is a must!

Passwords are compromised when they are “hacked” by professional hackers, or exposed through careless user behavior, and even discovered by “password guessing”, which uses information readily available in social media and other sources, things like birthdays, names of children and relatives, pets, school names and so on.

Even if you are a careful and responsible user, choosing only secure and smart passwords, you can be under threat from a penetration from the server side, which is totally outside you control.

You need a password anyway – so choose it wisely:

  •  Create a password which is not connected to yourself in any direct way. For example, you can always choose something suitable for  the moment, or chose an object that is right in front of you
  • Create a smart password that includes letters, numbers and at least one complex symbol
  • Create different passwords for different sensitive accounts, for example – different and non-connected passwords for your bank, Facebook or eBay accounts, so that if one of the password is compromised, other accounts still remain protected.
  • You should be especially careful when working with systems that can cause significant financial damage, like banks, PayPal, etc

How can you protect yourself ?

You cannot depend just on your password, you also should use an additional authentication method:

Two-Form Authentication is based on the principle of using two verification stages in order to access the system:

  • PASSWORD
  • Additional verification key, such as text message or a mobile app

Accessing a secure system must necessitate verification by both methods simultaneously, so that even if the password is lost or stolen, and comes into possession of an unauthorized persons, it will not be possible to access the system without the additional verification.

phone lit with black background

The Way It Works:

It can be seen using the example of Gmail: if you have a enabled a two-form verification function for your Gmail account, you will be required to type in your password, and straight after that to input a code that will be sent to your mobile phone by text message.

Why It Works:

Two-Form Authentication raises the level of verification for your personal identity and makes it much harder for a stranger to hack your account

In most cases, two-form authentication is based on using your mobile phone, utilizing text messages or dedicated applications.

  • Mobile phones and the text messaging tools are usually the more secure of most personal computer systems. They are very difficult for most hackers to be able to penetrate them, most of them just do not have the tools for that
  • Your mobile phone, together with its text messaging ability, is usually in your direct and personal possession, ensuring that an additional verification code will be delivered to you personally, checking your identity in order to be sure that you are the person trying to access the account

This way a two-form authentication system ensures that you are the person typing in the password, and not a wrongdoer.

Two-Form Authentication – two barriers for the hacker:

Two-form authentication forces the hacker to try and penetrate two defence barriers simultaneously. This makes the penetration process extremely difficult, and in most cases this will be enough to deter the wrongdoer from even trying.

Activating it – for a private user:

These days, most popular websites and applications, such as Gmail, Facebook and Dropbox, are equipped with integral built-in two-form authentication capability, you just need to activate it.

Below you can find the activation links:

Facebook https://www.facebook.com/note.php?note_id=10150172618258920

Gmail https://support.google.com/accounts/answer/180744?hl=en

Dropbox https://www.dropbox.com/help/363


Activating it – for a business user:

These days a business user cannot have any excuses for not securing his system, as the two-form authentication can be integrated in almost any business or office system.

Now it is possible to implement two-form authentication even for SSO (Single Sign On) systems, and obtain the management and security capabilities of Active Directory environment together with the protection given by two-form authentication.

Here is the list of business services that have the capability for integrating two-form authentication:

  • Active Directory (for accessing the operating system)
  • Terminal Server
  • Outlook Web Access
  • VPN
  • ERP systems
  • CRM systems
  • All the AZURE/365 products, provided by Microsoft, have the capability for integrated two-form authentication solution
  • FORTINET offers  integrated two-form authentication in most of its products, through the easy and effective use of their cloud  network, which serves as a verifying tool, without a need to integrate a RADIUS server

Below you can see our demo clip for Secure Envoy application that enables 2FA in the full AD environment, describing access to a computer, terminal server and OWA

Posted on

Protecting Your Data In The Age Of Mobile

Today, one of the main tasks for all institutions is achieving maximum protection for their data while ensuring full accessibility and mobility. Protecting your data has become the responsibility of both users and the organization holding it.

The complexity and the resulting problems are caused by a following sequence:

Increased mobility leads to improved employee productivity leading to wider dispersal of data leading to increased chance of dangerous data leakage

Below, I will focus on the example of the widely used DROPBOX tool.

The challenges we face tend to increase as the tools providing accessibility and mobility improve drastically.  A good example of this is DROPBOX – it enables users to effectively access their data, while the integration and training efforts for them are kept to a minimum.  This tool is very much liked by most users, and they work with it extensively. DROPBOX gives us the ability to access the data from any mobile device anyplace, and enables us to work OFFLINE as well.

I do not doubt the fact that DROPBOX is a very effective tool that can significantly increase employees’ productivity.  For example, a salesperson can quickly generate a price offer while being on the move, using a mobile device, and instantly share it with his co-workers – this is quite an achievement!

So if it is true, then why has DROPBOX earned such a bad reputation within IT managers’ community as a tool contributing to harmful data leakage?

This is first and foremost an issue of control!

DROPBOX can sometimes lead to a loss of control, resulting in some segregated files leaking outside the institution.

It is important to note that a similar problem can also occur in any Windows Server environment, but the ease of using DROPBOX can be very conducive to such problems happening much more often.

How do we stay in control?

The newer and more sophisticated product, DROPBOX FOR BUSINESS, does offer advanced control facilities, such as compartmentalization, 2-Form Authentication, control of outside sharing, centralized file management and Active Directory authorization management (using an additional third-party tool, though).

Is all this enough?  Sadly, no…

All these features help in protecting your data if your company’s employees are honest and dependable, and not tinged with corruption or carelessness, which can easily lead to data leakage.  In addition, these tools cannot provide protection in an OFFLINE mode, which is especially important in cases of your device being misplaced or stolen.

The protection should be applied to the files themselves, and not to the outer envelope that contains them. The protection/encryption should be applied on the file level itself, so the files would be protected at all times while opened in different gadgets or applications:

  • PC/laptop
  • Smartphone
  • Tablet/PDA
  • DROPBOX
  • SkyDrive

Basic RMS by Microsoft and more advanced tools, such as Secure Islands IQP, provide effective encryption solutions that focus on safeguarding the files, and not the outer shell, which is proving to be so difficult to protect nowadays.

The mobile devices themselves should be encrypted, so the data will still be safe even in case of lost or stolen devices.

  • For most laptops – use the file encryption system such as centrally controlled BitLocker
  • For mobile devices such as smartphones or tablets – several centrally-controlled MDM tools that can enforce the devices’ encryption from a central node

All your mobile devices should be equipped with centrally-activated active encryption, ensuring that losing the device will not lead to data misappropriation. This process is an effective way of protecting your data.

Conclusions:

  1. A classified file that has been properly encrypted, with a tool such as Secure Islands IQP, can be disseminated on all kinds of media and devices – office computer, tablet, home computer, mail program, DROPBOX.  In all the cases the access to the file will be open only to a person authorized for it
  2. A standard file, protected by DROPBOX (for example), and placed in the DROPBOX offline cache directory, will still be protected, even if the mobile device was lost or stolen

So, can the use of the DROPBOX tool on employees’ tablets work with data security rules? The answer is YES – if the IT System is designed correctly, using the modern methods of data security assurance!

Eli Migdal, CEO of Migdal Computing Solutions LTD

Visit our Information Security page for more information and find out how we can help you.