Mannassi IT Solutions

Blog

What's happening.

Posts in Security
Keeping an Eye Out

Video surveillance may now common place in just about every part of the world, but for the longest time the technology never managed to keep up with the rest of the tech world. The cameras were big and bulky with low resolution images, connected via co-ax cable all leading back to some box in a closet that was forgotten, abused, and generally abandoned. When it came time to view the recording because of an incident, it was often discovered that some or all the cameras had stopped working a long time ago, and effectively the cameras had become nothing more than visual deterrent and the box a paper weight. Even when the cameras did work, when thieves broke in what was the first thing they stole or destroyed? That old box with the security camera’s recordings.

Fast forward to the 21st century, and cameras have flourished. New equipment is small, sleek, high definition, connected over a network via CAT6 cable or wireless, and most importantly, their recordings are now stored in the cloud. Security footage is now kept for years as opposed to the ancient days or weeks, and now also can also be sent directly to law enforcement. No bypassing the security cams by trashing the tapes nowadays!

The biggest bonus of the advancement in video tech? What used to cost a pretty penny to set up can now be achieved with a much more reasonable financial investment. Or bypass all the legwork entirely and go for a Video Surveillance as a Service (VSaaS) solution. For one monthly fee get cameras, software, cloud storage, and support without the headache of monitoring it yourself.

Got questions about adding video to your security roundup? Drop us a line on Twitter or Facebook!

The Good, The Bad, and The Ugly: 2017 in Review

As 2017 now fades into the history books, we’re reflecting on the best and worst advances (or rollbacks) in technology.

THE GOOD - Software Defined Wide Area Networking (SD-WAN)
2017 brought the explosion of SD-WAN, an amazing technology that provides high availability, failover, optimized traffic and in some cases a replacement for expensive MPLS.  SD-WAN is an affordable tech option for small and medium sized companies providing benefits once only available on an enterprise class budget.

THE BAD - Ransomware and Cyber Hacking
The worldwide pervasiveness of hacking has continued to dominate the headlines. No one is safe, whether you are a person checking your email and getting ‘spear phished’ or the Pentagon or UK National Health Service disabled by state sponsored cyber terrorism. In 2017 there didn’t seem to be anywhere safe from cyber criminals. An ounce of prevention is worth a pound of care, so in 2018 we’re doubling down on our vigorous backup and security regimens. While you can never be 100% safe, you can put a plan in place to mitigate disaster.

THE GOOD – Cloud Disaster Recovery & Business Continuity
2017 was the year the cloud really took off! Many companies have invested in comprehensive backup programs, but have not addressed what to do when disaster strikes. The ability to spin up servers and production networks in minutes as opposed to days or weeks, is now a reality with cloud solutions, making disaster recovery a minor headache instead of a full blow migraine.

THE BAD – Disrespecting The Technology
Computer networks are an integral component of every business, and you need to make sure you’ve got the tech that can do the job properly. In 2017 we still found companies buying technology that is just not suitable for business needs. From trying to get by with residential routers, or computers bought off the shelf at Best Buy. You’ve got to have the right tech to keep your company running. In 2018 don’t risk your business because you thought you were saving money. Remember the old adage: you get what you pay for.

THE GOOD – Internet of Things (IoT)
If you loved sci-fi as a kid you’ve probably been stoked by the advances in the IoT over the last several years. From vehicles with connected technology that allows manufactures and drivers to know when they need to be serviced or provide directions to the nearby gas station when the tank is running low to paying your mortgage by voice on your digital home assistant. This year was the tip of the iceberg when it comes to what the IoT can bring to businesses. In 2018 watch these connected goodies for even more exciting innovations. 

THE UGLY – Dismantling Net Neutrality
The big fight for the web in 2017 was certainly a low point. The current administration’s FCC has begun the process of removing the laws protecting Net Neutrality, paving the way for ISP’s to preference their own content and throttle competitors. With Net Neutrality rules in place you the consumer can load every website, app, video, .gif, etc., equally, regardless of where the content is hosted, or what its message is. Accessing Netflix is the same as sending a tweet. Without Net Neutrality there’s nothing to stop ISP’s from demanding premium prices for “premium” services like video streaming, or social media, or blocking content they disagree with entirely. The open internet is vital to small businesses, and freedom of speech so this threat is very unsettling. Here’s to hoping in 2018 congress can get behind a bipartisan effort to save the open internet.

What were the trends you were most fascinated by in 2017? Tweet us with your top hits and misses, and what you’re most anticipating in 2018.

No Smoke Without Fire

As of January 1st, California became the latest state to legalize recreational marijuana. With legalization spreading across the country, there have been a slew of new companies applying for licenses and permits to sell and grow marijuana. If you’ve got a plan to launch a new business in the fast-growing marijuana sector don’t forget to fortify your security. For too many new businesses security becomes a second thought until it’s too late.

Pot is, after all, a very valuable commodity. That combined with the fact that marijuana is still federally illegal, meaning financial institutions are not allowed to do business with these new dispensaries, and stores frequently have large stores of cash on hand. A comprehensive security strategy for both your data, and your physical location is a must to keep your investment safe.

It’s more than just your cash deposit and product that needs protection too. The client and patient data of your customers also needs to be protected. You’ll need a security plan that encompasses your digital environment as well as your actual physical business.

We’re experts at building affordable security systems that meet any business’s needs. Give us a call or shoot us an email if you’ve got any questions about how you can better protect your budding business.

As always, find us on Twitter and Facebook for the latest tech updates.

 

Don't Get Bit by HIPAA

Fun fact: HIPAA, the 1996 healthcare legislation that covers the security and privacy provisions for your medical information, is a lot more intensive than you may have believed. Do you know if your business is a covered entity or a business associate? Not knowing these answers could mean big fines.

HIPAA governs security for the obvious: hospitals, private practices, and medical providers. But it also covers the more unexpected: health insurance brokers, your HR department, and even your IT team. Since we began working on HIPAA compliance with clients in early 2017, we’ve found many gaps where business owners didn’t know they were required to be compliant.

If you’re sharing personal client information with a HIPAA compliant entity, even if your business has nothing to do with healthcare, you’re a business associate and you must also be HIPAA compliant! Compliance is also easy to breach; from one unlocked laptop left unattended while its user is at lunch, to not regularly changing your passwords, HIPAA can get really complicated really fast.

Here's the actual rule, straight from the HHS department: “The Privacy Rule requires that a covered entity obtain satisfactory assurances from its business associates that the business associate will appropriately safeguard the protected health information it receives or creates on behalf of the covered entity.” Do you know if your business associates are HIPAA complaint?

Don’t get too far into 2018 without double checking your security requirements. Remember, protected health information (AKA PHI & ePHI for its electronic cousin) covers any potentially identifiable information from phone numbers to official diagnoses and everything in between.

We’re happy to talk HIPAA with you any time. Follow us on Twitter & Facebook & reach out with any questions you might have!

Do You Have A Krack in Your Wifi?

The latest dent in network security is the recent announcement that hackers have figured out a way to breach Wi-Fi connections on almost every single Wi-Fi enabled device. The Krack attack is a major blow to mobile security, but the good news is that iOS and Windows are not vulnerable because of the way Apple and Microsoft implement the security handshake. If you’re an unlucky Android or Linux user however, you are vulnerable.  What it all boils down to is that millions of devices are affected, including embedded devices (otherwise known as the Internet of Things). To protect yourself you need to research all of your wi-fi devices and confirm if they are on the attack list. If they are make sure to download the most recent patch, or immediately take them out of service.

Of course, you can probably tell this can be a labor-intensive process. If it’s too much to handle you can always drop us a line for assistance or advice.

As always, follow us on Twitter or Facebook for the latest tech updates from around the globe.

We Hear You Knocking, But You Can't Come In!

A vital element of network security for any company is to have a business or enterprise class firewall protecting their network. The primary firewall role, of course, is to protect computer assets and data from attack by hackers. What many people don’t realize is that hacking is going on twenty-four-seven! , Many breaches could be prevented, if only you were aware that a person or persons unknown has spend the last two weeks  attempting to break in. Just like in a heist movie, any lock can be picked given enough time, so your firewall needs to be constantly monitoring for intruders.

You need a firewall that is either setup with an intrusion prevention system (IPS) that sends out notifications when it detects significant activity on the the firewall, or the firewall is managed and monitored 24x7x365 by a security operations center, which is known as a managed firewall or security as a service (SaaS). Building a wall alone isn’t enough, hackers can be working to disassemble it brick by brick while you’re asleep!

Mannassi IT Solutions can deploy a range of firewalls from Cisco, Fortinet and SonicWall with IPS, plus we offer security as a service as part of our managed services portfolio.  Contact us to learn more about what options might be right for you.

Follow us on Twitter or Facebook to keep in the loop on the latest security updates.

Swimming with the fishes!
Cybersecurity Month Times Square COMPLETE.jpg

Phishing attacks have been ubiquitous cybersecurity threats almost since the invention of email, but in 2017 hackers have really stepped up their game.

We’ve had several clients very nearly fall victim to these suped up schemes. With spoof messages that are designed to look identical to the real thing, it can be harder and harder to spot the troublemakers lurking in your mass of unread emails.

The latest attacks seem to follow the same formula: after your email is compromised it is used to send your accounting department requests for wire transfers. These scam emails look exactly like the real deal, leaving companies playing guess and check with their security and money!

The advanced nature of phishing attacks in 2017 is why we always recommend more than just your email host’s basic security options. These advanced level attacks aren’t being caught by default email security, even in Office 365, so you need an extra layer of advanced security. We’d rather be safe than sorry by using advanced cloud email security applications like the award winning Proofpoint. These can spot those tricky spoof emails and prevent them from ever daring to enter your inbox!

October is cybersecurity awareness month, so we’re offering a special email security package! Customers who sign a new 12-month contract with Mannassi IT Solutions before October 31st will get free Office 365 migration and one month of free cloud email security with Proofpoint. The best defense is a strong offense, so reach out to us today.

Want more of the latest in cybersecurity? Follow our Facebook or Twitter @MannassiIT.

3 Little Known Security Secrets that Can Make A BIG Difference

If you’ve been following us long you know that we’re always harping on about security here at Mannassi IT Solutions. We firmly believe that a solid offense is the best defense, especially when it comes to protecting your data and by extension your business. The big threats most everyone is aware of; malware, ransomware, phishing scams etc. But what are the most overlooked security threats? Here’s three security vulnerabilities that are oft forgotten.

1: Where’s that WiFi coming from?
Ever sent a personal email over the coffee shop WiFi? It’s not secure! One of the top ways hackers can break into your laptop or cell phone is by using a public wifi connection. Not to mention, if you’re required to be HIPAA compliant, sending an email that contains ePHI over an unsecured WiFi connection is a big no no.

2: Calling all charging ports!
You’ve probably been stranded in an airport at some point in your life, with your cell battery running low and so many work emails to answer. Many airports have provided a simple solution, USB charging ports. But these ports are often home to those with nefarious purposes! A USB is a simple way to break into your device, so plugging in to a public USB connection is kind of like wearing a sign that says “KICK ME”.

3: Ma, don’t write down your password!
One of the top ways someone can get into your computer is when you’ve written down your password & stuck it to your monitor. We’ve even seen laptops with passwords stuck to the outside! Why don’t you give the neighborhood thief the keys to your car while you’re at it? Your password is your first line of defense, and should be strong as well as secret. If you really can’t manage to remember all you passwords consider using something like Keypass, which allows you to securely store the keys to everywhere your tech takes you.

There you have it! Are you guilty of any of these security faux pas? Tweet us @MannassiIT & tell us your security stories.

Don’t Let Power Problems Eclipse Your Business

With the great American eclipse just passed (hope you remembered your viewing glasses!) now is a great time to review your IT and power! California power providers had been working on a plan for two years to support the electrical grid when the eclipse took effect, in order to adjust for the substantial loss of solar power generation.  However, they still issued a warning that there could be potential power outages!

As a small business, you can’t afford to be caught without power; servers, network equipment, and other vital tech could all suddenly shutdown! Immeditaely causing you to lose money and productivity. Although the eclipse lasted for only for an hour or two, the damage to computer hardware and software comes from tech being suddenly turned off and the resulting spike in power when the grid comes back online.  

All your computer equipment should be protected by surge protection strips, but make sure you don’t go for the cheapest one you can find, as these offer little to no protection!  It’s best to get a surge protector that comes with a warranty to repair or replace equipment if damaged. Since turning off a server suddenly can corrupt operating systems and applications, your servers should have battery backup systems that automatically signal it to shutdown cleanly. 

Finally, now is a great time to double-check your backups! If the worst happens and your system is fried, knowing your backups are solid gives you the piece of mindto know you can get back to business quickly and with minimal loss. 

Remember, even though the Great American Eclipse has moved on, power problems are an ever present risk to your systems and your business. An ounce of prevention is worth a pound of care!

Follow us on Facebook and Twitter, @MannassiIT, for more about protecting your business from anything life can throw at it! Stay tuned to our Facebook for our weekly exclusive tips, coming to you on Thursdays.

Thought Your Mac Was Malware Safe? Think Again!

One of the most often applauded perks of Macs is their invulnerability to viruses. Well, the bubble of virus-free Apple products has officially burst.

A recent outbreak of the highly invasive malware “fruitfly” has been wreaking havoc on Mac users for the past six months. The sneaky virus went undetected for years, and allows the controller of take complete control of your Mac—from files to your keyboard, from your webcam to your mouse.

Apple did recently release security patches to fight the “fruitfly” but new variants have emerged. Since Mac malware is so rare, it’s been particularly difficult to corral.

A report on CBS news follows some of the techies working to combat this “fruitfly” but it seems reigning it in is proving to be difficult, especially since no one knows exactly what the malware does or why it would be implemented.

So what can you do to protect yourself? Here’s three tips:

1. Make sure all your software is up to date. Security patches can only help you if they’re updated regularly and your system matches their requirements.

2. Always back up your computer regularly. Don’t get caught without your important documents in the event you’re infected.

3. Take security precautions seriously: have a strong password (your cat’s name is not usually a safe bet), don’t click links within emails, minimize your downloading activity, and use a pop-up blocker.

With a little due diligence you can do a lot to prevent a malware attack from crippling your tech. Don’t wait until it’s too late!

Follow us on Twitter @MannassiIT or like us on Facebook for more security in the news.

Cyber Security – A Self Inflicted Pain

The recent news of another pandemic ransomware cyber-attack and all the businesses and individuals affected, brings into sharp focus how sometimes doing the bare minimum is the same as doing nothing at all. People can take their technology for granted, assuming they are safe because they thought their operating system has been updated, without ever checking to make sure this is the case. The same goes for antivirus, how many people take the time to check to see if their anti-virus/anti-malware is current? When was the last time you double checked yours?  Most people’s answer will be “I don’t know”.  Relatively simple steps can save a lot of headache down the line, and save you from long downtimes when you can’t access your systems.

We have found that many companies run their IT security and data protection based on the “fingers crossed” concept.  They skimp on the expense of putting in proper firewalls and instead go for the cheapest option on the shelf. Then they end up wondering why their company is paralyzed by ransomware! Network security should be multi-layered, with protection for inbound email, URL filtering to stop users going to malicious web sites, business class firewalls with intrusion prevention software, end point protection for all workstations and mobile devices and most importantly a proactive approach to monitoring all of these technologies. And finally, even with all this protection, there is always a chance something will get through, so having comprehensive data protection in the form of backups that are separate from the core network, and thus out of the reach of ransomware encryption. And yes, backups need to be checked regularly, including doing test restores.

So, come on people! Stop procrastinating and going for the cheap and basic options. You need to own your cyber security and make it a way of life.

If you don’t know where to start or need help, call us! We’re happy to talk security any day.

Want more cybersecurity straight from the headlines? Follow us on twitter: @MannassiIT

Plugging potential leaks before they spring!

Many companies automatically setup a new employee’s personal smartphone with corporate email, but when the person leaves it seems that there is frequently not as much due diligence to make sure that any corporate email or data is wiped from the device. The same goes for file share and sync programs such as DropBox; confidential data can easily ‘leak’ from a company if procedures are not put in place early to make sure all corporate data is wiped from personal systems immediately upon an employee leaving the company. 

Technology such as Mobile Device Management software can bring you that level of control: it not only remotely wipes data, but is an essential tool for tracking and managing company issued mobile and portable systems.  But this software only works if you remember to use it! This is why there should be clearly documented standard operating procedures for all exiting employees.  A company like Mannassi IT Solutions can work with your HR department to design and implement onboarding and offboarding procedures for staff, making it easier for you to keep track of who has the keys to what!

Don’t get held for ransom!

The news is currently saturated with talk of the WannaCry/WannaCrypt ransomware virus that infected systems across the globe.  So, what is ransomware?

Ransomware is a type of malicious software that blocks access to the data on your computer until a fee is paid to the attacker (hence the “ransom”). The most advanced versions of the software can lock up your entire computer until a bitcoin ransom is paid. With little warning, and almost no way around the attack, victims sometimes pay large sums of money to regain access to their data.

For healthcare and associated organizations, it is especially dangerous because a successful ransomware infection of a system that has access to, or stores electronic protected health information (ePHI) is also a major breach of HIPAA compliance.  The following excerpt from the Health and Human Services website (emphasis mine) can shed some light:

Q: Is it a HIPAA breach if ransomware infects a covered entity’s or business associate’s computer system?
A: Whether or not the presence of ransomware would be a breach under the HIPAA Rules is a fact-specific determination.  A breach under the HIPAA Rules is defined as, “…the acquisition, access, use, or disclosure of PHI in a manner not permitted under the [HIPAA Privacy Rule] which compromises the security or privacy of the PHI.”  See 45 C.F.R. 164.402.6
When electronic protected health information (ePHI) is encrypted as the result of a ransomware attack, a breach has occurred because the ePHI encrypted by the ransomware was acquired (i.e., unauthorized individuals have taken possession or control of the information), and thus is a “disclosure” not permitted under the HIPAA Privacy Rule.
Unless the covered entity or business associate can demonstrate that there is a “…low probability that the PHI has been compromised,” based on the factors set forth in the Breach Notification Rule, a breach of PHI is presumed to have occurred.  The entity must then comply with the applicable breach notification provisions, including notification to affected individuals without unreasonable delay, to the Secretary of HHS, and to the media (for breaches affecting over 500 individuals) in accordance with HIPAA breach notification requirements. See 45 C.F.R. 164.400-414.

After a 22-year-old wunderkind managed to thwart last week’s global attack by registering an embedded domain, he warned that the software only needed to be modified before it would be ready to be relaunched. Ransomware attacks are likely only going to increase, therefore proactive steps to protect your network are essential. Make sure you know what security your IT system requires to keep you from being held hostage! We can assess your network and strengthen its defenses against these types of attacks. Even if you escaped unscathed this time, don’t risk getting caught up in the next ransom!

What's my Password Again?

We’ve all been there, ready to login and get to work on a server only to realize you don’t know the password. The only reset relief is in the brain of your IT guy, who just happened to pick this moment to go on a Bora Bora vacation. You’re stuck.

Documentation of a network is critical to business operations and disaster recovery. I’m sure you can imagine the headache and cost of having to rebuild all or some of your network after a major outage without comprehensive documentation. It’s true what they say, you can’t go home again and you’ll never be able to rebuild a network exactly the way it was before.

A centralized network documentation system is a live-saver. You have all the information you need in one place, easy for you to access without having to call every member of your IT department. A centralized system also makes things easier when you need to branch out and have IT consultants perform work for you; they can see all the moving parts understand your system’s unique architecture so they won’t step on any land mines while working. Be the master of your own IT domain!

So, where do you start with a centralized documentation system? Coming soon in 2017 from Mannassi IT Solutions is Documentation as a Service. Providing you with a secure, encrypted, cloud based repository for all your documentation, passwords, and diagrams. Never get locked out again!

Follow us on twitter, @mannassiIT for the latest news and updates, including when DaaS is launched!

3 Tips to Make Sure Your Security is Up to Snuff.

Cybersecurity is all over the news at the moment: every day there seems to be a new security breach or ransomware attack. So how can you make sure you’re protected from the bad guys? Here are three tips to keeping your security strong.

It’s a marathon, not a sprint. Security is an ongoing process. You need constant monitoring and adjustments just to stay ahead of the game. Hackers are constantly changing their methods to match updates in technology and you’ve got to be ready to adapt ahead of the curve and make sure your security steps stay current.

It’s like an onion, layered. There’s no “one size fits all” approach. Start with a business or enterprise class firewall with intrusion prevention enabled and build from there to anti-virus and anti-malware endpoint protection software.

Watch for the enemy within. A lot of security breaches come from the inside, so no firewall or anti-virus software is going to protect you. Manage your passwords effectively with company-wide best practices for complexity, length, and duration. Don’t forget to cancel access for employees who have left your company! Former staff with unfettered access is one of the most common security gaps.

Your security mantra should be making security a way of life, not just a footnote. Staying on top of your security needs can save you a big headache in the long-term. Security as a service is a great option for the not-so-security-savvy among us. Letting a pro take the wheel can save you time, money, and let you get back to business.

Drop us a line to hear more about our security as a service options. And make sure to follow us on twitter @MannassiIT for updates on the world of cybersecurity.