Need Assistance? Call us at (512) 814-8044, or submit a ticket

5 Critical Facts You Must Know Before Hosting Your Business In The Cloud

A laptop user connecting to multiple devices using cloud computing

Cloud hosting seems to be the rage these days, and for very good reasons.

When you decide to look into transitioning the computer network and operations of your business or organization to  cloud hosting, you will probably be faced with conflicting advice, confusion and no real answers to your questions and concerns over security, cost and whether or not it’s appropriate for your organization.

Besides that, the simple fact is, cloud hosting is NOT a good fit for every company, and consequently, if you don’t get all the facts or fully understand the pros and cons, you can end up making some VERY poor and expensive decisions that you’ll deeply regret later. (more…)

Share

Comments Off on 5 Critical Facts You Must Know Before Hosting Your Business In The Cloud

Commercial Printers Need Patch Management for Better Productivity

Regular patch management is crucial for the security of the computer network of your business.

Patch Management by Tech PrognosisWhether it is from Microsoft, Adobe, Quark, Océ, Kodak, Xerox, or for SmartBoard, PitStop, Quite Imposing etc., patches are released by software vendors usually to address security issues or to provide bug fixes. Occasionally they enhance or add new features.

Because software security vulnerabilities are the most common ways through which malware can penetrate your computer network, patch management is a good security blanket. While antivirus solutions are great for detecting and removing malware once it is detected on your system, security patches are aimed at closing the doors that malware can use to reach to your system.

Since 2005, there have been over eleven million records breached, according to Privacy Rights Clearinghouse. And those are just from the publicly disclosed data breaches. The large majority of security vulnerabilities that led to those data breaches could have been fixed by applying the latest patches provided by software vendors. But as we know, commercial printers have unique environments with sometimes ridiculously outdated hardware and software – Novell 3.1 anyone? How about that DocuTech 1.0 with software that can only be fixed by that guy in California?

Then you have Canon, Xerox, and Océ with their servers and workstations that no one knows what they are doing other than we “just send files to them”. And you can’t update them either, or something will break. We still have a couple of those stuck on Windows XP, or Windows 7.

If you need more proof about the critical nature of patch management, according to ServiceNow, as noted in this article, a survey of nearly 3,000 cybersecurity professionals around the globe found that “almost half of organizations suffered a data breach in the last two years. Of these, the majority said that they had been breached because of a vulnerability—for which a patch was already available.” (more…)

Share

Comments Off on Commercial Printers Need Patch Management for Better Productivity

Credential Management Vulnerabilities Exposed By Breaches

Credential Management BreachThe recent breach of OneLogin is once again shining the spotlight on the safety and sanity of entrusting sensitive data to cloud-based credential management services. OneLogin provides single sign-on for cloud-based applications.

What Is A Credential Management Service?

Credential management services that offer Single Sign-On or SSO are great, but as we are beginning to find out, it could also be a single point of entry to a treasure trove of sensitive data for cyber criminals.

How Does A Credential Management Service Work?

The way credential management services work is that after a user of these Identity and credential management services sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications. It pretty much attempts to save the user the pain and stress of trying to remember numerous passwords, security questions and other hoops people normally have to jump through just to access some online services.

What Is The Problem With Credential Management Services?

While a lot of these services promise secure access to, and a simplified Identity and Access Management (IAM), the recent spate of multiple breaches of LastPass and now OneLogin makes us wonder just how efficient and  secure these credential management services really are. And here is why: a single compromise exposes the credentials of all users, especially if that data theft includes the ability to decrypt encrypted data [thanks to Mark Maunder of Wordfence for that emphasis].

A breach that allows intruders to decrypt customer data could be extremely damaging for affected customers.

The vulnerabilities in credential management services like LastPass were so bad that Tavis Ormandy, a security researcher at Google’s Project Zero wondered if people were “really using this lastpass thing” because he took a quick look and could see “a bunch of obvious critical problems”. (more…)

Share

Comments Off on Credential Management Vulnerabilities Exposed By Breaches

Why Your Organization Needs an Email Policy

Email is an important and necessary part of your business or organization. It provides an economical and instant means of communicating with staff, customers, and vendors - that's both simple to use and enables increased efficiency. An email policy is required to protect this necessary business tool. An email policy is a legal document that details your organization's definition of acceptable use for the company email system. It should indicate who emails can be received from or sent to, as well as outline what constitutes appropriate content for work emails.…

Comments Off on Why Your Organization Needs an Email Policy

The DigiNotar Breach: Another Exposure of Negligence

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter. (more…)

Share

1 Comment

The Distribute IT Fiasco: Risk Management Done Wrong

“It is not the strongest species that survive, nor the most intelligent, but the ones most responsive to change” – Charles Darwin.

In today’s business world, where organizations face ever-escalating customer demands and expectations and little room for downtime, logic dictates that businesses today are seriously revamping their business continuity and risk management plans, or developing one if they did not have any.

This is even more pertinent given what we have witnessed in recent months in the areas of data breaches, hack attempts and the underground “war” being waged in cyberspace that has put most of the world’s powerful organizations on the defensive. (more…)

Share

Comments Off on The Distribute IT Fiasco: Risk Management Done Wrong
Close Menu
Share
Share