Infradapt Blog

This is some blog description about this site

Threat Spotlight: How to Stop Brute Force Attacks

Threat Spotlight: How to Stop Brute Force Attacks

Hackers of all shapes and sizes use brute force attacks to gain access into accounts and infrastructures, but do you know how they work and what your business can do to protect against them? Failing to understand brute force attacks could put sensitive information in the crosshairs of hackers, and leave it vulnerable to ongoing attacks.

What Are Brute Force Attacks?
A brute force attack consists of a hacker repeatedly assaulting a login form with credentials at an incredible rate, hoping to crack the code and gain access without knowing the password to the account or system login. Most brute force attacks are performed by an algorithm that’s designed to rapidly input thousands upon thousands of credentials every second, hence the term “brute force.” Since it takes a more deliberate and frontal assault, rather than using a discrete or intellectual path, it’s considered more straightforward and forceful. Though there are many types of brute force attacks, one of the most common is called a dictionary attack, where password attempts are systematically generated with popular words pulled from the dictionary in order to access the system.

Why They’re a Problem
McAfee Security reports that in 2015, brute force attacks accounted for about 25 percent of all online hacks, second only to Denial of Service attacks. Perhaps this is due to how straightforward these attacks are, since they are deliberate attacks that don’t require skirting around security measures. Those behind brute force attacks know that they will be caught, which makes them particularly dangerous, since all caution is thrown to the wind and forgotten. These types of attacks are used to access accounts or system infrastructures in order to steal credentials like credit card numbers, Social Security numbers, and other data.

Plus, brute force attacks can be used to install a rootkit on a device, or turn a PC into a zombie bot. It’s not uncommon for brute force attacks to be used as a jumping-off point for other major threats.

What to Do
A security solution that can lock out users based on IP location or failed login attempts is one way to protect your business from brute force attacks, but if the attacker is executing the campaign with a botnet, these measures will be limited in their ability to protect you. Botnets consist of several infected computers with various IP addresses, acting as individual users, thus rendering your security measures useless.

One other technology that can be effective at eliminating brute force attacks is two-factor authentication. In addition to your password, two-factor authentication provides an extra layer of security. Basically, if hackers don’t have access to your physical device or a secondary email account, they won’t be able to get the second code required to access your account or infrastructure. Two-factor authentication is a great asset in general, so it’s worth taking into consideration regardless of what type of business you’re running.

Your business should be equipped to handle all types of online threats, particularly those which are dangerous and present a significant threat. Infradapt can help your business integrate solutions designed to maximize your organization’s security and continuity. To learn more, give us a call at 800.394.2301.

0 Comment

Do You Agree with BYOD? 72 Percent of Businesses Do

Do You Agree with BYOD? 72 Percent of Businesses Do

Mobile devices have grown extraordinarily popular in the workplace. Organizations find them to be of considerable value for staying connected and getting work done while outside the office. This trend has presented a serious risk in the form of network and data security. How can businesses support mobile devices in the workplace, without compromising on the security of the device and the data it holds?

Data leakage is one of the major pain points of businesses that allow employee-owned mobile devices in the workplace. Every business has sensitive information that needs to be secured from malicious entities, no matter how benign it seems. As the business owner, it’s your responsibility to ensure that you have a policy put into place to protect your data. In the case of mobile devices, you need a Bring Your Own Device (BYOD) policy that dictates how an employee uses their mobile devices for work purposes.

A recent study by Bitglass shows that 72 percent of various organizations, including financial, technology, healthcare, government, and education, feel that BYOD should be supported for at least some of their employees. As for mobile device management, which is an organization’s control over devices used by employees, only 14 percent of organizations used solutions that protect data with device encryption. This is a significant difference that reveals a tricky situation: company’s like the idea of BYOD, but don’t (or aren’t able to) implement a mobile device management solution.

Naturally, you can’t let your business be the next to lose information due to mobile security threats. Implementing a mobile device management solution from Infradapt can help your business retain complete control over the data that’s stored on your employees’ mobile devices. You can restrict access to data based on work role, whitelist and blacklist app data, and even remotely wipe devices:

  • Whitelisting and blacklisting apps: Some applications will request access to information stored on a mobile device, but some won’t have any real reason to have access. For example, a flashlight app has no business accessing your phone’s contacts or geographical location. By whitelisting and blacklisting apps, you can minimize your data’s exposure to threats.
  • Role-based user access: One of the easiest ways to minimize danger to your organization’s data is to limit who has access to it. By integrating role-based user access, you can allow your team to access data that they need to do their jobs properly, and keep them from accessing that which they don’t.
  • Remote wiping: Sometimes the best way to prevent a data breach is by remotely wiping data from a lost or stolen device. You shouldn’t rely on a lost device showing back up, especially if it were left in a public place like a bus or subway station. You should always be prepared for a worst-case scenario like this.

For more information about BYOD and mobile device management solutions, reach out to Infradapt at 800.394.2301.

0 Comment

If Your Network is in the Cloud, What Do You Do with No Internet?

If Your Network is in the Cloud, What Do You Do with No Internet?

Thanks to the advancements of virtualization and cloud computing, many businesses are hosting key parts of their IT infrastructure off-site. While this move is great for mobility and productivity, it makes operations extremely dependant upon a working Internet connection. If this scenario describes your organization, what’s your plan to stay productive should your Internet connection fail?

Whether you host just some of your mission-critical data in the cloud or your entire IT infrastructure, a failed Internet connection translates to costly downtime; even those annoying Internet “hiccups” can add up over the course of the workday. Even the best ISPs can’t promise 100 percent uptime, making it very likely that you’ve experienced this pain point before.

Also, what about a worst-case scenario? Imagine for a moment Philadelphia getting slammed with a natural disaster that takes your ISP offline for days. This is more likely to happen than you would think. Here are three solutions to overcome this inconvenience.

Have a Backup IT Infrastructure On-Site
One solution is to have a backup of your infrastructure stored locally on your in-house network. Taking a precaution like this certainly is prudent, although, while locally backing up your infrastructure is a great move, not every business will have the ability or funds needed to enact this proactive measure.

Access a Mobile Network
Another idea to give your office Internet access when your ISP fails is to equip your staff with 4G-enabled laptops and smartphones that can act as temporary hotspots. This will provide your team with the ability to access the files they need over the 4G network, allowing operations to continue humming along. However, before you put a lot of stock into a strategy like this, you’ll first want to check the terms and conditions of your mobile data plan. Having the entire office access your carrier’s 4G network could result in some hefty fees that may or may not be offset by the profits made while working on your mobile network.

Have Your Team Work Remotely
Another approach is to simply take advantage of other working Internet connections that can be found elsewhere. This is one clear advantage to having a mobile workforce. If your office is experiencing Internet troubles, then your staff can take their mobile devices with them to the nearest coffee shop with working Wi-Fi connection, or even work from their homes. A move like this will keep operations going in an emergency situation, and depending on the likes and dislikes of your staff, you may even find such an arrangement to be more productive for your company overall.

According to ZDNet, this option may actually be the best option in terms of overcoming downtime, and it’s worth implementing as a contingency plan: “It's true that businesses are increasingly allowing for remote work and disaster planning is a good argument for it. It may even be worthwhile as an exercise. Require employees to have a plan for working off-site and schedule a day for everyone, or perhaps one department at a time, to do so. You might learn something about productivity while you're at it. 9/11 proved that it's possible your offices may be out of commission for a while. Do you really want to have to make up your plans on the spot when that happens?”

Having a plan in place to account for the loss of Internet is just one of the many potential IT problems that you’ll want to be prepared for. Whether your IT infrastructure is hosted in the cloud or it’s located in-house, there exist a plethora of downtime-causing sceneries that can strike your business at anytime (like hacking attacks, user error, and more). Working with Infradapt to create a bulletproof business continuity plan is the surest way to keep your company up and running, no matter what problems you’re faced with.

To make sure you’re prepared for any and all problems that can affect your technology, call us today at 800.394.2301.

0 Comment

Think You’ve Been Hacked? Here’s What to Do Next!

Think You’ve Been Hacked? Here’s What to Do Next!

b2ap3_thumbnail_employees_make_computing_mistakes_400.jpgYou implement technology solutions to keep your network safe from hackers, but what would you do if your systems were bypassed and infiltrated? Every business owner needs to consider this scenario, because even the best of us can fall victim to hacking attacks when we least expect them. Approaching such an event in a reasonable way is your best chance of making it through in one piece.

First of all, don’t panic. You need to remain calm and make rational decisions concerning the state of your systems. If you can avoid it, try not to let the occurrence immediately go public. You want to know the extent of the attack before informing anyone of what has happened. You also need to determine how much data was stolen or destroyed, and if your systems are still under the influence of the attacker.

Fully Understand the Scope of the Attack
The first thing that you should do is assess what the exact problem is with your IT systems. Was it actually a data breach, and if so, how did your assailants infiltrate your system? Did they worm their way in through a spam email, or did they steal credentials to your network? Was it a case of user error, or the result of a vulnerability in your software? Be sure to ask all of these important questions so that you can understand the full extent of the attack before doing anything about it.

Know What Data, if Any, Was Stolen
Next, you want to assess which types of data has been stolen, if at all. Did the hacker take data like Social Security numbers, credit card numbers, account usernames, passwords, etc? If you know what parts of your business were infiltrated, then you probably have a good idea of the extent of the damage. It’s especially important to know if you have other data, like health records or personal information, that may have been exposed to the data breach. If so, you may be subject to some serious fines.

Give Your IT Department Time to Clean Up
Your business should be looking into the hacking attack as soon as you know it’s occurred. This helps you to mitigate the damage and contain the problem before it becomes even bigger. You need to make sure that there’s an environment available to work with while your IT department is investigating the issue. Also, make sure that you have the resources available to ensure that your team can stay productive in the interim.

Identify the Real Problem
Hackers frequently use small hacking attacks to cover up other major issues. For example, a virus could be nothing but a distraction to hide a trojan, which would be a much bigger issue that could lead to future data breaches. You need to identify the source of the problem in order to resolve it. Otherwise, you’re just opening up more opportunities for hackers to infiltrate your systems, which could be both counterproductive and costly.

It’s important to remember that in some cases, your business might not necessarily be the target of some mastermind hacking attack, but rather, you may just be a random victim. This could happen when your business falls prey to phishing attacks, malware, and other threats that spread between contacts and unsafe websites.

Understand Your Compliance Liability
Depending on which information was exposed to hackers, you could have a full-on violation of compliance laws on the table. You could be dealing with expensive fines that are more than capable of breaking your budget. Knowing what your stance on compliance is could help you prepare for the oncoming storm, and is a crucial step toward putting a data breach behind you.

Last but not least, you need to make sure that your data breach disaster is your last. Infradapt can help your business prepare its infrastructure for any type of disaster. To learn more, give us a call at 800.394.2301.

0 Comment

How Colocation Services are a Win-Win Scenario for SMBs

How Colocation Services are a Win-Win Scenario for SMBs

b2ap3_thumbnail_colocated_servers_400.jpgBusiness owners know all too well how painful it can be to manage technology. In addition to making sure that your business functions properly, you also need to keep your technology in working order. Many organizations that rely on technology in order to stay productive free up valuable time and resources by outsourcing their needs to third-party providers.

Your business can benefit greatly from colocation services that are designed to keep your business in top working condition. When we talk about colocation, we’re referring to the ability of a business to manage one or more of their solutions in a private cloud hosted off-site. In most circumstances, businesses that utilize colocation are responsible for maintaining their own IT infrastructure. However, to make things easier, a managed service provider can easily fill this roll, which would allow a business to enjoy the benefits of colocation services without having to put in the time and effort.

Rowland Kinch of Custodian Data Centres writes to Data Center Knowledge explaining the great convenience that your business can reap from colocation services:

For financial directors and IT directors, colocation provides the perfect win-win scenario, providing cost savings and delivering state-of-the-art infrastructure. When comparing the capabilities of a standard server room to a colocation solution, an assessment of the power alone demonstrates the gap between in-house solutions and utilizing the expertise of a specialist.

Some of the major benefits that colocation presents to SMBs include:

  • Consolidation of solutions and space: If your organization focuses on running its infrastructure out of a colocated data center, there’s no reason to be hosting your data internally or on-site. This helps you use your office space and other resources more efficiently.
  • Decreased operational costs: When you host solutions off-site in a data center that’s managed by a third party, you’re saving yourself from hosting them in-house and paying for operational costs. Take a moment to consider how much revenue you can save by eliminating air conditioning and electricity costs. If you do this for multiple pieces of hardware, the savings can quickly add up, and you’ll potentially save a significant amount of revenue that can be used elsewhere.
  • Management and maintenance from professional technicians: Technology can be a hassle to manage, especially if you don’t have a team of dedicated technicians who are responsible for maintaining your infrastructure. When you use a colocation data center to host your technology, it can be maintained by professional IT workers who make it their sole responsibility to keep your systems working properly.

If your business wants to take a modern approach to technology maintenance and management, colocation is as good a start as any. To get your technology infrastructure and your budget under control, give Infradapt a call at 800.394.2301.

0 Comment

Chances Are, Your Employees Care More for Convenience Than Network Security

Chances Are, Your Employees Care More for Convenience Than Network Security

b2ap3_thumbnail_network_security_failure_400.jpgSecurity is a top concern for anyone that utilizes the Internet. The problem for businesses is that the average employee probably doesn’t care much for your security practices, and it can be challenging to get them to comply without upsetting them.

Employees tend not to follow security practices that they find inconvenient, unnecessary, or time-consuming. The issue here is that the best solutions are often designed to keep data secure, while also making it somewhat more difficult to access crucial accounts. A good example of how security is undermined by employee indifference can be seen in a Bring Your Own Device policy. While it might make it more difficult for hackers to access your data, your employees might not want to go through the process of setting up BYOD on their own devices, which can put your data at risk.

Ultimately, it becomes a question of freedom vs security. Your employees want to use their own mobile devices and be free to work how they want, but this cannot happen without sacrificing security oversight. Unfortunately, this is a point that you have to insist on if you want to ensure maximum security for your critical data. It’s your responsibility to make sure that your team is following proper best practices in order to facilitate the further functionality of your organization.

If your team tends to dodge following best practices, this is even more important and necessary. Many outside threats understand that your employees are likely the weakest link in your business’s security, making them big targets for the likes of hackers and scammers. Unlike security patches and updates, this is a vulnerability that won’t go away with a software update. You have to educate your staff on the following best practices:

  • Regularly changing passwords: All of your employees should be using complex passwords, which include lower and upper-case letters, numbers, and symbols. Changing your passwords frequently is also important, but if you’re always changing to complex passwords, you’re sure to forget them once in a while. An enterprise-level password manager can be exceptionally beneficial to securely store and retrieve passwords when they’re needed.
  • Stopping phishing scams: Employees need to know how to look for phishing scams that may hit their inbox. This includes educating your team members on how phishing scams work, and what the telltale signs are for them. Infradapt can help your employees understand how best to avoid and detect phishing scams.
  • Using two-factor authentication: Accounts that have access to important information need to be using secondary security features, like two-factor authentication, in order to best protect your data. This makes it more difficult for hackers to access accounts remotely. Many two-factor authentication procedures require physical access to devices, which makes it much more difficult for hackers to compromise an account.

If you think you’re at risk of hacking attacks due to lack of adherence to security measures, you should implement a Unified Threat Management (UTM) solution. With a firewall, antivirus, spam blocking, and content filtering solution, your business will experience minimal exposure to threats, and promptly eliminate those that do manage to get into your systems.

For more information about cybersecurity and other data security best practices, give Infradapt a call at 800.394.2301.

0 Comment

What You Need to Know About the Cloud Before Signing Up

What You Need to Know About the Cloud Before Signing Up

b2ap3_thumbnail_cloud_computer_400.jpgIn an infamous 2012 survey by Wakefield Research, the ignorance of the general public regarding cloud computing was revealed: 51 percent believed that stormy weather interferes with cloud computing, and 29 percent thought that the cloud was an actual cloud. Furthermore, what may elude many computer users is the fact that a process known as virtualization is actually what’s behind cloud computing (not atmospheric conditions).

Essentially, virtualization takes a physical component of your IT infrastructure, like a server or workstation, and stores it in a virtual environment that can be accessed via an online interface. Users that take advantage of cloud computing are familiar with this interface and use it to access their data and applications stored in the cloud. Some popular examples include software like Microsoft OneDrive and Google Drive, as well as email services like Gmail and Outlook.

Another way to understand cloud computing is to view it as keeping your data on someone else’s computer. This computer is located off-site and it is (hopefully) maintained and managed by IT professionals. More often than not, these hosted machines are powerful and can provide you with more computing resources for the money compared to purchasing the same equipment for your office.

Plus, when your cloud data is managed and maintained by professionals like a managed service provider, that’s one less thing for you to worry about so you can better focus on running your business. Alternatively, it’s entirely possible to use the virtualization process for accessing data stored on your in-house servers or workstations. While going this route will provide your company with all of the benefits and advantages of cloud computing, it also means that you’re responsible for the upkeep of your own equipment, so be sure to account for this when choosing this computing option.

When it comes to successfully implementing cloud computing for your business, the better you understand what cloud computing can do, equates to you being able to better take advantage of these benefits. What you want is a cloud service package that’s customized to meet the unique needs of your company, instead of a generic, one-size-fits-all package. To that end, Infradapt takes the time to understand the computing needs of your business, and then match your needs with cloud solutions that are the right fit, whether it be hosting your data in-house or having us manage your cloud data.

To get you started with cloud computing, be sure to ask yourself these questions:

  • How much control do you want over your data?
  • Are you equipped to take care of your own IT equipment?
  • Would it be better for your budget to buy your own IT equipment, or outsource your IT needs?
  • Do you have remote workers?
  • Do you handle information that’s sensitive in nature and subject to fines if handled improperly?

Finally, it might be in your best interest to go with virtualization instead of cloud computing. While virtualization is what drives cloud computing, you might be able cover your needs with virtualizing your own IT network, instead of migrating your IT infrastructure to the cloud. Of course, the best way to know for sure what your computing needs are is to have a conversation with Infradapt. It’s easy to do, just pick up the phone and call 800.394.2301 to schedule your IT assessment today!

0 Comment

Can Your Business Survive One of These Catastrophic Data Loss Disasters?

Can Your Business Survive One of These Catastrophic Data Loss Disasters?

b2ap3_thumbnail_continuity_strategy_planning_400.jpgYour business relies on constant access to its data and information systems in order to maintain operations. Businesses that become victims of data loss disasters and are unable to recover their data, will more likely than not go out of business within one year of the incident, making it more important than ever to ensure that you have a plan in the event of the worst-case scenario. Would your business be able to get back on its feet following a data loss disaster?

At times, backup and disaster recovery might seem like an unnecessary expense. Some business owners think that their systems are relatively safe from impending doom, so rather than focus on preserving existing information and infrastructure, they choose instead to implement new solutions that are designed to augment their income. Unfortunately, this hard-earned revenue will mean nothing if your data is lost due to unforeseeable circumstances that render your business inoperable.

One of the most common ways that a business can lose their data is through natural disasters. Depending on your business’s location, you could be subject to data loss from several different disasters. For example, people in areas that have exceptionally harsh winters understand the difficulties that come with heavy snow and ice accumulation, including infrastructure damage and downed power lines. Other locations are at risk of tornadoes, which are capable of completely destroying your office. Other types of natural disasters, like fires and electrical storms, are more common, but under the right circumstances, they are just as damaging as major storms. The lesson here: regardless of where you are in the world, a natural disaster could destroy your data, and maybe even your office.

If you add in the constant threat of hackers, who are unpredictable and can strike at any time, you could have an unexpected data loss disaster that’s difficult to recover from. Unlike a natural disaster, which exhibits warning signs, hackers will generally be discreet, being careful not to alert you to their presence. Hackers will steal and destroy your data with no concern for your business’s livelihood, seeking only to profit and benefit from your hard work. Look at the recent explosion of ransomware that has been threatening businesses. If they manage to get into your systems, it could spell trouble for your business in the form of hefty compliance fines, especially if you deal with personal credentials.

Another cause of data-loss that is often overlooked when it comes to planning is human error. Important files can be moved or even deleted altogether. Accidents like these are why it’s important to make sure that your employees understand the importance of following your best practices when using your network. Human error is also another reason it’s important to have a powerful back and disaster recovery solution.

With a backup and disaster recovery (BDR) solution from Infradapt, your business can minimize the downtime and data loss that’s often associated with unexpected hardware failure, natural disasters, and user error. A BDR can take multiple backups throughout the day, which are sent to both the cloud and a secure, off-site data center. The BDR minimizes downtime by acting as a temporary server in the event your current hardware fails to function properly. This gives your business adequate time to find a replacement.

When working with complex technology solutions, there are plenty of risks that need to be managed properly. Proactive IT solutions do this substantially better than the traditional break-fix IT model. Infradapt focuses on providing services that are designed to prevent issues from becoming more serious problems, like powerful security solutions that can detect threats to your infrastructure, and preventative maintenance.

Infradapt can provide all of the above managed IT services, plus some, all so your business doesn’t have to. For more information about business continuity and our BDR solution, give us a call today at 800.394.2301.

0 Comment