Get Started Today!  732-747-9373   

croom new

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Kaspersky Labs - Back Door for the Russians?

In early summer the federal government issued a directive to have any government agency using Kaspersky Labs anti-virus software to remove it immediately from their computers. Why? The government’s cyber security team linked attempted breaches to cyber criminals using access built into Kaspersky Labs AV software in attacks on government systems. The Wall Street Journal headlined that “Russia has Turned Kaspersky Software into Tool for Spying”.  The software routinely scans computers for malicious files, but can also be used to look for data files that might be valuable to cyber criminals or foreign governments. Apparently, the federal government’s cyber defense team has documented cases where the Kaspersky software was used as a tool for taking federal government documents. 

Kaspersky Labs denies the allegation, saying that it has no ties to either Russian crime syndicates or the Russian government. The US government thinks otherwise. What should you do if you're using Kaspersky Labs AV software? We recommend replacing Kaspersky Labs with another AV software package. Why take the risk? DeckerWright Corporation uses Webroot with all of its clients and recommends this software, but most of the AV programs on the market do the job.

Click here for more details.

0 Comments
Continue reading

Cell Phones Thefts for Two-Factor Authentication (2FA)

There is a growing problem with cyber criminals stealing cell phones to access a victim’s two-part authentication in order to access financial accounts. Unlike the typical theft of a cell phone, the cyber criminals in this case transfer the victim’s phone number to a phone in their possession. They do this by compromising the victim’s email and then instructing the cell phone carrier to transfer the phone number to another device through the cell phone carrier’s web site. The victims find out about the change when they are unable to send or receive calls and messages on their phones. Getting this fixed with the cell phone company is time-consuming and painful. In the meantime, the bad guys have full access to the victim’s email account to reset passwords and the cell phone to get the 2FA code. By the time the victim realizes what is going on, their accounts are cleaned out. 

This problem first surfaced for people with BitCoin accounts. Cyber criminals are able to search social web sites looking for any reference to BitCoins. Once a target is found, they use dark web databases to identify the victim’s email addresses and possible passwords. Once the cyber criminals gain access to the email account they have access to the user’s cell phone listed in case of a problem. With the cell phone number, the cyber criminals are able to find out the cell phone carrier. The last piece of the puzzle is identifying possible BitCoin wallet locations, like CoinBase, to target. Once they confirm that they have found the right “wallet”, they move to the last step: transferring the phone number. With the email address and control of the cell phone, the criminals now have access to the victim’s accounts. When the criminals transfer BitCoins to their account, the transaction is not traceable and it is not reversible. Forbes magazine interviewed several victims who lost thousands of dollars from this exploit. 

In order to protect yourself, use complex passwords. If you discover your cell phone number has been transferred, reach out to your bank and BitCoin “wallet” companies to try and freeze the accounts. Insulate your BitCoin accounts by linking them to bank accounts or credit cards with low balances. Make sure the information your cell phone company has is current, and that you get notified of any changes. Use a back-up email account for account validation to reduce the likelihood of your email getting hacked.

Click here for more details.

0 Comments
Continue reading

When 1 GIG of Bandwidth Isn't Enough

Verizon recently announced the availability of 1 GIG internet connections in selected markets. Google also provides 1 GIG service in several metropolitan centers across the US, so 1 GIG internet is not far off even if you don’t have it now. What difference does it make? 

If you download thousands of movies or songs, it will take less time on a 1 GIG connection. What it won’t do is make your Netflix or Spotify streaming any better. Going to 1 GIG connections for most businesses will provide the opportunity to do more, faster. However, there are limits to the positive business impacts of these new higher bandwidths. A second characteristic of every internet connection is latency. Latency is measured as the time it takes for one packet of information to go to a web location and return. The amount of bandwidth doesn’t have any impact on latency since latency is dependent on the distance to and from the web location and all of the technology in between. Latency is measured in milliseconds (1000 ms equals 1 second). On a local area network, the typical latency between your computer any anything else is 1 ms. Put your server on the internet on the opposite coast, and the latency ranges between 40 to 90 ms depending on the service provider and location. 

What difference does latency make? Different types of applications are designed to expect different latency. A database package like QuickBooks is designed to run with latency below 3 ms, so you couldn’t put your Quickbooks database on a server on the other coast and expect it to work. Web sites are engineered to support high latency and won’t care about 70 ms connections. Software applications need to be carefully architected to match the network they are going to be running on. 

Latency doesn’t have much impact on steaming services like Netflix or Spotify. Once the first packet arrives, the rest are right behind. The internet service most susceptible to high latency is Voice Over IP (VOIP) phones. When latency gets over 200 ms, VOIP call quality suffers. High latency is one reason help desk calls to India are so bad. 

So go ahead and order the new 1 GIG service when it is available in your area. Just remember that bandwidth is only one factor in making your applications work.

Click here for more details.

0 Comments
Continue reading

Coming this Fall: A (more) Streamlined Service Delivery Process

 For the last several months, we've been hard at work revamping our service delivery and ticketing process to better serve you. What we're hoping to achieve is a smoother flow of tickets from open to close as well as a higher level of communication with clients on ticket progress. Clients will be receiving more automated communications when ticket statuses change. The system is interactive, so the client may respond with questions or additional information.

The system is designed to prevent tickets from getting stuck. In cases where we are dependent on third party information or action to complete a ticket, a client may be notified that the ticket is "pending closure", as we have not yet received the required information. These regular and scheduled follow-ups will help push issues through to positive conclusions for our client.

The process begins with the creation of a ticket. It's here that we would like to emphasize how important it is to send service requests through the "front door" versus contacting engineers directly. Requests sent directly to engineers, whether by email or phone call, might go unaddressed for hours if not days depending on the engineer's busyness and schedule. Service requests sent to help@deckerwright.com or made by calling the Help Desk will be responded to more quickly than service requests sent directly to engineers. Clients should expect to get reminders when they don't follow the right process for opening tickets.

Another add on to this process is more real-time client satisfaction scoring. The survey is simple: select either a happy face, a neutral face or a sad face to express your satisfaction with the service provided. Adding a quick comment is optional. The results are recapped and shared with our technical services and sales teams. 

0 Comments
Continue reading

PREPARING SYSTEMS FOR HURRICANE SEASON

Having a business at the Jersey Shore during hurricane season you become addicted to the weather channel. Where is the latest hurricane, and is it going to impact us? After making it through Super Storm Sandy, here are some pointers to relieve your stress about the inevitable storm: 

  1. If you are in a flood prone area, make sure you have a plan for getting your computer equipment to higher ground.
  2. Keep equipment in inner rooms away from windows. 
  3. Make sure your backups are functioning and that there is a cloud copy of your data.
  4. Have a paper copy of key business information, bank accounts, key clients, employees and vendors with you.  This should be part of your Business Continuity Plan.
  5. If a storm impact is imminent, gracefully shutdown all of your computing resources.
  6. Distribute your systems and have some systems cloud based. Data redundancy between local and cloud systems will provide for business continuity in the event you lose power for an extended period.
  7. Establish a cell phone account with a data plan that allows you to use your phone as a mobile hot-spot. 
  8. Have a location with backup power available. Use your phone as a hot spot to get Internet connectivity.
  9. Have spare batteries and fuel for at least three days to keep your phones and computers charged. 
  10. Establish communications protocols with your staff on how to communicate in the storm’s aftermath.  
  11. Maintain access to your data remotely. If not used daily, test periodically to make sure the remote access to your data works. 
If you follow these steps and are able to get at least some of your key data cloud hosted, your business should be able to weather the storm with no problem.

Click here for FEMA's recommendations for small businesses

0 Comments
Continue reading

EQUIFAX AND YOU: WHAT WE KNOW

Equifax recently announced a breach that compromised the records of up to 143 million clients. The data gathered by the criminals includes names, social security numbers, addresses and birthdates. For anyone who has had their identity stolen, you find out quickly that with this information, a criminal can open a line of credit in your name and start drawing on it. 

How did it happen? Criminal attacks, or “exploits”, fall into two broad categories: those that are custom-targeted at a specific client and those that are designed for a broad market. The Equifax attack was a custom attack directed at Equifax. The attack took advantage of a web server vulnerability that the criminals discovered during their probing process. Anyone who has an internet connection is constantly being probed by criminals looking for a vulnerability they can exploit. With Equifax, the criminals could easily identify Equifax web sites and the underlying web server technology. With that knowledge, the criminals were able consult dark net web resources to customize the attack by looking for a specific weaknesses. Once inside the web server, the criminals were able to piggyback on connections to the Equifax database filled with consumer information. By hiding their activity in the millions of daily transactions, the criminals were able to mask their activity for months. Equifax began to look for a breach when the possibility of a breach was brought to their attention by a third party. 

How can Equifax figure out what happened? By searching through billions of log file entries. The task is painstaking and time-consuming. Equifax retained the leader in breach forensics, Fire Eye, to conduct the investigation. Finding the “Day Zero” event is like finding a needle in a hay stack, but not knowing which hay stack of 100’s to start looking in. After reviewing the log files, experts can find a trail of log entries that would lead them to the “Day Zero” event and give them a rough idea of what happened. Unless the log files are carefully taken care of, the criminals have the ability to modify them, in effect completely masking their activities. 

What can you do to protect yourself? Unfortunately, if you use credit, do online banking, or have credit cards, you are at the mercy of the financial and credit reporting companies to safe guard your data. Sign up with a credit reporting agency that can monitor activity on your account and put stops on the issuance of new credit. Yes, Equifax was one of the big three credit reporting companies, but unfortunately the credit reporting companies are the main gate keepers for credit reports. Ironically, the breach of a credit reporting company makes having an account with a credit reporting company more of a necessity.

Click here for more information on how to protect yourself.

0 Comments
Continue reading

NEW CYBER SECURITY SERVICE

DeckerWright is pleased to announce the launch of a new service offering, Cyber Security as a Service (CSaaS). The service is designed to meet regulator and/or contractual requirements for IT. With cyber security service, key security services are provided that are normally lacking at small and medium sized businesses. These services include network and server log file retention for six months, cyber security meetings, public IP address penetration testing, end user phishing attack testing, and end user training. This service offering supplements a client’s defenses to provide the critical pieces of the security puzzle that are needed to be compliant. Additional cyber security consulting services include Security Risk Assessments, baseline security document development including Business Continuity Plans, Document Retention Plans, Document Destruction Plans, Employee Acceptable Use policy, and other documents as required by contract. Contact us for more details!

Click here for more information

0 Comments
Continue reading

All Clouds Are Not The Same

We have been actively moving clients into cloud environments over the past few years. The cloud environments we use include Green Cloud Technologies, Tetherview, Amazon Web Services (AWS), and Microsoft Azure. Each cloud technology addresses a different client need.

Green Cloud’s cloud infrastructure looks and works a lot like an enterprise IT infrastructure. It provides the easiest path to a cloud infrastructure by allowing you to move things from an existing premise-based Windows environment to a cloud-based Windows environment. The relatively simple pricing model charges for computing resources and bandwidth used. 

Tetherview provides a cloud infrastructure for companies looking to replace their existing networks or gain control of distributed employees and cloud resources on one desktop. The Tetherview pricing model is the easiest to understand: you pay per virtual desktop and for the amount of storage used collectively. 

Microsoft and AWS provide the most flexible and scalable cloud technologies. Both support Windows and Linux virtual machines. The pricing model used by both services meters resource and bandwidth usage by the minute or by the byte. While the per minute or byte fees seem small, they can quickly add up to large bills. The Microsoft Azure cloud works seamlessly with Office 365, making it a good choice for companies looking to expand capacity with high integration to Office 365. Amazon provides the most scalable and buildable architecture. With Amazon, you can select a datacenter and choose where in the datacenter to put your machines. The systems may be set up with automated failover to other datacenters and could even be configured to allow auto scaling to add CPUs, memory, or disk space with no human involvement.  Again, with the per minute and per byte pricing model, setting up redundancy requires moving large blocks of billable-per-byte data, creating a gold mine of revenue for Amazon. 

Regardless of your cloud needs, DeckerWright Corporation has the experience and skills to help your business soar in the clouds!

Click here for more information.

0 Comments
Continue reading

New NIST Guidelines Specify Two-Part Authentication

The new National Institute of Science and Technology (NIST) security guidelines document two important frameworks for the implementation of security on networks. First, a couple of definitions:

  • “Authentication” is the system process which verifies that the credentials are being provided by the right person.
  • “Credentials” are the pieces of data we provide that allow the authentication system to verify who we are. 

The gold standard for authentication systems has been two factor authentication, wherein a user presents two of the three following items: something you know (a password), something you have (a token or code), or who you are (biometrics). Typically, the systems use a password and a token or code for two factor authentication (2FA). 

The guidelines identify three groups of data that should be protected by different levels of credentials and authentication. The first level of credentials/authentication protects data that is not covered by HIPAA, PCI, PII, or other privacy regulations. For level 1 data, a password that meets the new complexity requirements is sufficient. The second level of credentials/authentication is for data that is protected by regulations including HIPAA (PHI), PCI, PII and other privacy regulations. For level 2 data, the NIST is now requiring two factor authentication. Level three data covers highly classified government information. Level 3 credentials/authentication requires 2FA, but at the highest level of authentication. 

NIST guidelines are normally adopted by private industry, so it is just a matter of time before the regulatory and industry groups require 2FA for all users. We will be discussing this pending requirement with our clients to prepare them for the security changes.

Click here for the NIST security guidelines.

0 Comments
Continue reading

NIST Releases NEW Security Guidelines

 

In June, the National Institute for Science and Technology (NIST) released new guidelines on passwords and, more broadly, on credentialing and authentication. For those who don’t know, the NIST is the government agency that writes the standards which the Federal government must follow in the implementation of their technology. The last NIST password guidelines were issued in 2000 and include all of the guidelines we have been following for credentials and passwords. The requirement we follow today for complex passwords of at least 8 characters that needed to be changed every 90 days was in the old NIST document. The new guidelines released in June describe in great detail how authentication systems work, explain what types of data need what level of authentication, and issue new guidelines for passwords.

In the NIST report, the study team reported that for the first time they were able to access a vast trove of user passwords to analyze the effectiveness of the old guidelines. The database they used for their analysis was one used by hackers for hacking people’s accounts. It turns out that neither the government nor private entities were willing to share their end user password data with researchers. The hackers on the other hand made their database of compromised passwords readily available on the dark web. Researchers extracted data from the hackers to help improve everyone’s security. In analyzing the data, it became clear that people took the guidelines seriously, but in a predictable way. Passwords like P@ssword1, Monkey123, and 123456 were the most common passwords. 

The new password guidelines eliminates the need to change a password every 90 days, but reinforces the need for random passwords, or passwords that are much longer. The NIST guidelines suggest using combinations of words that can be remembered, but are much longer. Shorter passwords need to be 8 characters and truly random. Common names spelled with special characters and numbers are all documented in hacker web sites and are easily guessed.

For more information on the new guidelines, click here.

 

0 Comments
Continue reading

Latest Blog

In early summer the federal government issued a directive to have any government agency using Kaspersky Labs anti-virus software to remove it immediately from their computers. Why? The government’s cyber security team linked attempted breaches to cyber criminals ...

Account Login