Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

5G Early Reviews

5GVerizon, AT&T, T-Mobile and the other wireless carriers have been hyping 5G technology for years now.  5G technology has recently been deployed in several metropolitan areas, so the first consumer reviews are in and the results are spotty.  When it works, the speeds are remarkable...measured at nearly 2 GIGs of wireless bandwidth.  Unfortunately, the coverage is poor and performance is not predicable yet. 

5G wireless technology offers the potential for 10 GIG speeds.  In order to achieve those speeds, the wireless infrastructure needs to be entirely rebuilt from scratch.  Unlike older wireless technologies where carriers were able to add new antennas to existing towers, 5G technology requires a completely new infrastructure with a much higher concentration of antennas.  Instead of positioning antennas every few miles, the antennas now have to be positioned within 1,000 feet of each other.  Each new antenna needs to be serviced by a new fiber optic line which in turn must be brought back to a switching station where new high-tech routers and switches are concentrated to move the vast volumes of data.  This may be the largest and most expensive communications build-out since the original Bell System installing copper lines across the country over 100 years ago.

All of the carriers see 5G technology as the ultimate replacement for wired connections, which will reduce their operating costs in the long run.  No more copper lines or fiber optic lines into buildings, only a receiver converting the signal into technology recognizable by the equipment in that site.  That is the phone company’s vision.  The build out will take at least 10 years, and will probably take 20 years to hit most of the country. 

One beneficial side effect of the 5G build-out will be much better cell phone reception and faster 4G download speeds.  Since there will be so many more antennas, it is likely that a 4G phone will always connect with five bars of strength.  Combine strong signal strength with new much faster infrastructure behind the senses, and a 4G device should connect at closer to its 300 MG potential speed. 

With the scope of the 5G build-out, it may be years before it rolls into your area.  In the meantime, keep your 4G devices and be happy with the better performance when you're in areas where 5G is deployed.

Click HERE for more information.

0 Comments
Continue reading

Now is the time to buy Cyber Insurance!

cyber insuranceMany insurance companies are jumping into the market for cyber insurance. It is a cut throat business with each insurance company trying to underbid the other or add additional protection features. The net result has been a flood of insurance products at low prices. 

Why do I say the prices are low? We complete the security assessment questionnaires that our clients send us from insurance companies. The vast majority of insurance companies aren’t asking the right questions to accurately determine the cyber security risk of an attack by cyber criminals. Recent awards to cities around the country highlight the poor underwriting by the insurance companies. The Wall Street Journal today reported that the town of Lake City, Florida paid $462,000 in ransom on June 17, 2019 to get its computers back online. The out-of-pocket expense for the town was only $10,000.   Towns see cyber insurance as a way to avoid spending money on cyber security defenses. 

Insurance companies covered by cyber insurance policies that don’t force clients into good cyber security practices are almost always certain to make large payouts.  Cyber criminals know this.  They have also figured out that commercial insurance sales to municipalities has included cyber coverage so they can demand higher ransoms and get paid. As cyber insurance spreads to other business entities, look for the same trend in ransom demands for businesses. If your company is attacked and doesn’t have cyber insurance, the entire IT system is at risk since the ransom will be more than the business can afford since the cyber criminals will be expecting you to have insurance to support big payouts.

Since the cyber insurance market is relatively small, most insurance carriers aren’t paying any attention to the mounting losses being generated by this type of insurance. When the insurance companies finally wake up, they will be out hundreds of millions of dollars and policy rates will rise substantially. The other thing that will happen is the insurance carriers will get better at assessing cyber risk by asking the right questions which will probably include some type of automated network scan and client provided reports to verify the answers being submitted are correct. The insurance industry will begin to treat cyber insurance like fire insurance that has strict guidelines for compliance and the availability of insurance. This realization by the insurance industry is years away, so now is the time to buy cyber security insurance. 

Ironically the insurance industry is ultimately going to do something we in the IT industry have failed at for years. Getting companies to invest enough in cyber security to protect their data.

Click HERE for more information.

0 Comments
Continue reading

Computer Best Practice...turn off your computer at night!

sleep computerSince we started in this business 35 years ago the best practice has been to leave your computer on at night. There were several reasons. In the early days when computer models started with XT, AT and 386, the components, in particular the hard drives, did not like being turned on and off.  Leaving a computer on was the key to making the computer last longer. The other reason computers were left on at night was to run updates and perform system maintenance.

Fast forward to today. Desktop computers increasingly come with solid state drives, and even the spinning drives are much more reliable. Updates can be scheduled to download when the computer is on, and installed when the computer is turned off or when it boots up. The reasons we left computers on in the past no longer apply.

New realities make turning your computer off at night the right thing to do. A typical computer consumes about as much electricity as a 60-watt light bulb. Over the course of a year, that computer left on full time will cost about $60 per year in electricity.  So turning a computer off at night can save at least $30 per year per computer, not to mention the positive impact on the environment from using less energy. 

The most compelling reason to turn off as many computers as possible at night is cyber security.  In analyzing past criminal exploits of client networks, most of the criminal activity is conducted on desktop computers left on overnight. Criminals are smart enough to know that they can’t do network discovery or deploy ransomware while the users are working on their computers.  By turning a computer off at night, the criminals no longer have access to the systems reducing the attack vectors available. A computer that is turned off is protected from criminal attacks. This is especially true on the weekends when most ransomware attacks are conducted. 

Employees should be encouraged to turn off their computers at night to help protect the company network, and to reduce energy consumption. If your employees need help remembering, through DeckerWright’s automation tool, we have the ability to turn off computers for clients if they would like us to do so. 

The new best practice for our industry is if the computer is not in use, turn it off.

Click HERE for more information.

0 Comments
Continue reading

The Dangers of Public Email

email securityMany clients in the small and medium business (SMB) market still use public email accounts from gmail, aol, Hotmail, yahoo and msn.  Using a public email account carries a significant business risk.

One key risk of public email is the inability to regain control of an account if it is taken over by a criminal. If you discover that your gmail account has been compromised, good luck getting technical support to resolve the issue. How does tech support have any idea that the email belongs to you, and not the criminal? By the time you determine the email account has been hijacked, all of the challenge questions have been changed to ones the criminal knows, not you. While you are fighting with tech support to fix the problem, any email correspondence meant for you is now getting responded to by the criminal. Banking and other transactions that may be validated in the account are now being responded to by the criminal. With a private email address, the email administrator is part of your organization and can change your password to regain control of the account. 

Email Phishing by criminals is the #1 way criminals infect computers with ransomware. We use enterprise class spam filtering from Proofpoint that provides effective protection from phishing attacks. A public email has none of these protections, so a company is down to the last line of defense against phishing, the employees. The best way to keep employees from making a wrong click is to keep the email out of their mailbox all together. Public email doesn’t screen the emails, making a company much more susceptible to phishing attacks. 

As an employer, if you allow or encourage employees to use public email accounts for conducting your business, you risk losing clients and money. How? If an employee leaves the company, clients may still contact the former employee with their public email account. You have no way to stop the communications, and no way to recover the emails from the former employee. If the employee had a private email account, the emails could be redirected to another employee. 

Email retention and recovery is also an issue with public email.  Public email may be left on the providers email servers subject to their retention rules. When the email piles up to the limit, emails can start bouncing. If you download the email to your local machine, you can accumulate more email, but if your computer crashes, you risk losing it all. Either option isn’t good. An email service like Office 365 provides for 50 GIGs of email storage, and automatically synchronizes with the Outlook, providing more storage and protection from data loss. 

In environments covered by regulatory or contractual obligations where email archiving is a requirement, using a public email account prevents the setup of email archiving systems.  Email archiving makes copies of emails sent into or out of an email server and freezes the email so it can be used as evidence in a legal proceeding. There is no way to incorporate a public email box into an email archiving system.

If you are using public email for business, contact DeckerWright Corporation so we can get you set up right.

Click HERE for more information.

0 Comments
Continue reading

Phishing for Ransoms

phishingOne of the more technical terms we use in our industry is “phishing”. Phishing in security circles refers to criminal activity using email with a message that is bait for the unsuspecting user to click on. Phishing is the number one method used by criminals to distribute ransomware. 

Criminals put together phishing campaigns just like a company might do a marketing campaign to sell their products and services. Depending on the sophistication of the criminal, the phishing email may be poorly constructed with obvious flaws, or a carefully constructed message meant to mimic a legitimate email. Criminals have access to email lists and tools to create the phishing email content and the ransomware software. 

The better and more targeted the list, the more the criminals pay per email.  The most sophisticated phishing campaigns we have seen have phishing emails look like emails sent within a company from a manager to a subordinate. Many of the phishing campaigns are now role based where the criminals target Human Resources or Accounts Payable personnel. 

DeckerWright Corporation uses a multi-layer approach to protecting our client’s data. Every email is checked by a spam filter before delivery. Most phishing attempts never reach the client’s inbox. For phishing emails that make it past the spam filter, the spam filter modifies the email so that any embedded URL is checked by the service when it is clicked. If the URL is evil, the spam filter service won’t let the client reach it. We also run AV software and malware protection on each PC. 

As part of the new Compliance Security Service (CSS), DeckerWright is now offering to send phishing emails to test users. If the users click in the email, they get redirected to a training web site where they can review training material on how to spot and avoid phishing emails. The CSS also includes a Security Information and Event Management (SIEM) tool that monitors network traffic looking for bad behavior. The SIEM includes log file storage that would allow us to go back in time to determine the root cause of a criminal attack. 

Current clients receiving Business Security Services can add any of the components included in the Security Service bundle as an option. The Compliance Security Service bundle provides significant savings if the client needs or wants all of the services necessary for regulator or contractual compliance.

Click HERE for more information.

0 Comments
Continue reading

The Dark Web

dark webThe news often reports of nefarious activity conducted on the dark web.  What is the dark web?  The dark web is a term used to describe the parts of the internet developed, used and maintained by criminals.  At the dark web's heart are services on the internet just like Amazon, Google and Facebook.  The difference is that the dark web uses a special “dark” browser, separate domain name servers and “dark” encryption methods. 

In order to access one part of the dark web you need to download and install a Tor browser.  There are a number of websites that allow you to download the Tor browser.  Think of these websites as the portals between two parallel universes.  Once you download, install and start using Tor, you are connected to the dark web.  How do you find things on the dark web?  Just like Google provides a search engine on the internet, dark web search engines include DuckDuckgo, Onion, and TorLinks.  Simply type in your search term in one of these search engines such as, email passwords, and the dark web search engine will return multiple sources for the data you are looking for. 

Communications on the dark web are all encrypted using Pretty Good Privacy (PGP) encryption technology.   Modeled after IPSec, PGP is a public sourced encryption technology available to anyone.  By encrypting the communications between the Tor browser session and data source, criminals are able to hide their activity in broad daylight on the internet.  Internet Service Providers recently reported that about 3% of the Internet’s traffic is dark web PGP traffic.  The PGP encryption makes discovery and monitoring by authorities of criminal activity next to impossible. 

In order to make the dark web work, criminals maintain domain name service host computers that serve up the names and IP addresses of dark websites.  Any computer that has been compromised with malware is a candidate to be a DNS server on the dark web.  Criminals will install the dark version of DNS on a compromised computer unbeknownst to the victim.  The victim’s computer becomes part of the dark web providing a key function.  Thousands of copies of dark web DNS are planted around the world this way.  No need for expensive data centers and servers to run DNS when you can steal someone’s computer and internet bandwidth for free.

DeckerWright Corporation is now providing Dark Web Monitoring services as part of its new Compliance Security bundle so that business owners can get a look at what information criminals are maintaining on the internet about them.

Click HERE for more information.

0 Comments
Continue reading

Introducing Compliance Security Service

compliance security

DeckerWright Corporation is now offering a Compliance Security Service (CSS) that provides additional security services to meet regulatory, HIPAA, PCI and financial industry requirements. CSS differs from the Business Security Services provided to every client today by providing additional security layers built into the latest regulations and industry guidelines.

The current Business Security Service (BSS) provides a layered defense against criminals and unscrupulous employees to protect a company’s data. BSS combines anti-virus and anti-malware software, a firewall with unified threat management, Windows patch management, email spam filtering with attachment and URL defenses, and local and cloud backups. All of these security services are monitored in our network operations center to ensure that software and threat identification data is current and working. Most important, backups are checked daily to ensure that anything from a lost file to a ransomware encrypted server can be quickly recovered.

The Compliance Security Service builds on the Business Security Service and adds services required to be in compliance with regulatory, PCI and financial industry requirements.These additional services include Security Information and Event Management (SIEM), employee training, dark web monitoring, multi factor authentication, email archiving, and a 24x7 security operations center that monitors the network for bad behavior. The SIEM system provides for device log file management and retention and analyzes the log files to look for bad behavior. The SIEM connects the dots found in the log file following the data bits from its source to its destination across multiple devices on the network to the internet. What may elude stand-alone security products is exposed through the SIEM’s heuristics. The SIEM alarms are sent to the security operations center where the SOC team immediately acts to defend against the attack. 

Along with the CSS, DeckerWright Corporation provides Chief Security Office (CSO) oversite of a client’s documentation, and governance as called for in regulatory and industry guidelines. Clients may opt to receive CSO services as used, or as part of their monthly Security as a Service fee. Components of CSS may be added to the Business Security Services to provide enhanced security to businesses.

Click HERE to learn more about SIEM.

0 Comments
Continue reading

Why GIG Internet Doesn't Work

GIG

Verizon recently came out with its Gigabit internet connection service. We have several clients that have gotten the 1 GIG service only to find that they aren’t getting 1 GIG throughput when they run speed tests, including Verizon’s speed test. Why?

There are two main factors in explaining why clients aren’t getting 1 GIG speeds. The first is fine print. In speaking with the Verizon installers implementing 1 GIG service, they explained they certify 1 GIG service with speeds as low as 750 MGs. In visiting the Verizon FiOS web site, in the footnotes and fine print on the 1 GIG Internet speeds page, Verizon states they only guarantee speeds of 750 MGs on the 1 GIG service. That means the 1 GIG service is really Verizon marketing, and not what's getting delivered to customers. 

The second reason is technology. In order for a customer to achieve 1 GIG performance, everything between their device and the website or app they're using needs to support 1 GIG speeds. This is rarely the case. Typical device interface speeds are either 100 MGs (0.1 GIGs) or 1 GIG. Let’s look at a case where every firewall, router, wire and web site service being accessed has 1 GIG interfaces. If you're lucky enough to access that website when no one else is accessing it, you would achieve 1 GIG speeds. As soon as other people access the same internet resource, the 1 GIG pipe becomes shared, effectively reducing the throughput of your connection. To keep it simple, divide the pipe size by the number of simultaneous users to estimate the speed. New technology supports 10 GIG device speeds, but the technology is not widely deployed, and over 95% of the internet connected devices have 1 GIG or slower interfaces. When everyone was accessing the internet with 25 to 100 MG connections, 1 GIG interfaces were sufficient. Suddenly they are not.

The client’s local network and equipment also provide a bottleneck to achieving 1 GIG speeds. Many clients have older firewalls and networking equipment that only support speeds to 100 MGs. 95% of the firewalls we deployed at client locations will not support 1 GIG speeds. Firewalls, routers, switches and network cabling all have to be up to specs in order to achieve 1 GIG bandwidth from your wired devices.

Even after a client upgrades their physical infrastructure to support a 1 GIG connection, they are disappointed with the performance of their wireless devices. Turns out, they will need to upgrade their wireless access points and make sure their wireless devices support the latest 802.11ac standards. Most WiFi operates in the 802.11b/g/n 2.4 Ghz radio spectrum, which is where the majority of access points and wireless devices operate. Many of the newer wireless enabled devices will operate in the 5 Ghz frequency range which supports the 802.11a/n/ac wireless standards. Even if a client has a new access point and device that auto selects the right frequency and communications standard, WiFi technology adjusts the bandwidth according to the signal strength. The worse the WiFi signal, the slower the connection regardless of the WiFi technology.  To achieve 1 GIG on a wireless device, a client needs an 802.11ac access point, with a device that supports 802.11ac and the client must be standing within 10’ of the access point. If the client wonders away, or has walls between them and the access point, the speeds will drop dramatically.

If you're thinking of upgrading your internet connection to 1 GIG, contact DeckerWright Corporation so we can assess your network before you purchase the 1 GIG service to see if your network can support it.

Click HERE for more information on wireless technologies.

0 Comments
Continue reading

Browser Wars - Round 2

browser wars

Since the inception of the World Wide Web in the mid-1990’s, there has been a battle between competing web browsers.  In the early days, the competition was between Netscape and Microsoft.  The competition got so intense, the US Department of Justice stepped in to regulate some of Microsoft’s behavior.  If you can’t remember Netscape, that’s okay, they are no longer in business.  For many years, Internet Explorer was the only browser in town so there was relative browser stability.

Today’s browser war is very different.  The top three browsers today are Microsoft’s Edge (Internet Explorer), Google’s Chrome and Mozilla’s FireFox.  Both Microsoft and Google have nearly unlimited funds to spend on developing their browser technology.  Unlike Netscape in the past that was relying on licensing revenue from people using their browser, Microsoft and Google have different revenue models that provide funding for their browsers.  Both see their browsers as a significant technology in the delivery of their core services.  The third browser, Mozilla’s FireFox, is developed based on Netscape technology assigned to a non-profit organization that doesn’t have the resources to match the big two, so they are always playing catchup.

Why are we experiencing so many browser issues?  Website development is based on the industry “standards” that are in place at the point in time a website is developed.  Remember Microsoft’s Silver Light?  Most people can’t.  It was a technology Microsoft was pushing as an alternative to Java.  Proprietary to Microsoft’s browsers, Silver Light never got traction in the market, so Microsoft killed it.  Unfortunately, there were some large websites developed using that technology.  Today we keep a copy of the last release of Silver Light in a safe place so that we can install it with Internet Explorer (IE) 11 for some clients.  Other technologies that have been consumed by the browser wars include Java and Adobe Flash.

Microsoft and Google have little regard for those dependent on their browser technology.  A seeming innocent security update can hobble websites.  What may have been an acceptable security method five years ago doesn’t cut mustard today.   For many clients, we have had to freeze browser versions so apps can continue to function.  Chrome is probably the worst in pushing out updates that break things.  Chrome automatically updates itself whether you want it to or not unless you are running the corporate (Stand Alone) version of the browser.  How plugins are secured and executed in each browser is different causing various problems with websites. 

Needless to say if Google comes up with a “standard” Microsoft doesn’t like, Microsoft won't implement it.  Different Microsoft plugins won’t work with Chrome.  There is a standard settings board that sets standards for browsers.  As with any standards setting board, it moves slowly to make changes.  Microsoft and Google regularly introduce technology in their browsers long before the technology is even presented to the standards board.  Since neither company can knock the other one off financially, the browser wars are going to continue long into the future.  Make sure you have all three browsers loaded on your computer.  You never know which one will work.

Click HERE for more information.

0 Comments
Continue reading

Technology Provisioning

technology purchase

Every business relies on technology to run their business.  Where each company acquires their technology rests on a number of factors, including how much the company values staff time.  The purchasing of technology to place in service requires four phases.  The first phase is figuring out what to purchase.  The second phase is ordering the equipment.  The third phase is preparing the equipment for deployment and the final phase is deploying the equipment into the business.

The first technology purchasing phase entails researching the products available to solve a problem.  For example, a staff member needs a laptop.  The right solution has to factor in how the employee is going to use the laptop, the laptop manufacturer, the product warranty, delivery and price.  With hundreds of products to choose from, dozens of manufactures and an endless number of sources, it typically takes between 1 to 2 hours of research to select a manufacturer, model, source and price per item. 

Ordering the equipment can be complicated depending on the vendor.  Many vendors require being paid up front, or by credit card which can be a problem for public and non-profit entities.   Another common issue with online ordering systems, is they don’t verify product availability until after the order is placed.  This often happens on the Internet where items that are shown as “In Stock” are actually out of stock.  Following up on orders to determine delivery dates also takes up time.  Every order placed consumes about 1 hour of staff time for provisioning and follow-up.

Once the equipment arrives at the company, it has to be prepared for delivery to a staff member.  For a typical laptop, this means removing it from the box, turning it on, and going through the equipment setup wizard.  Once the setup wizard completes, all of the “bloatware” needs to be removed from the computer and any security patches needed to be downloaded and installed.  If there are any applications like anti-virus and Microsoft office, they need to be installed at this time too.  What if the laptop that arrives is either wrong or doesn’t work?  A common problem our clients encounter is ordering a cheap laptop that comes with the wrong version of the Windows 10 operating system.   In our experience in dealing with clients that self-provision, 1 in 4 orders will have a problem requiring 1 to 2 hours of staff time to straighten out and follow up on. 

The final phase of the technology purchasing cycle is deploying the technology to the staff.  If the client has a rigorous setup process, the computer delivered to the staff member should be ready to use.  However, most users have some local settings that they want to retain on the new system.  Migrating user settings and documents (known as the user’s profile) can take from 1 to 3 hours depending on the amount and type of data being transferred. 

DeckerWright Corporation provides technology provisioning services to our clients.  We take the time and stress out of the purchasing process.  We have flexible payment terms including credit card, ACH, check, cash, and purchase orders.  Using our Hardware as a Service (HaaS) program, we can even include the cost of the technology in a client’s monthly service amount.  Leasing options are also available to facilitate the acquisition of new technology.  Prices are competitive, but are higher than the lowest price that may be found on the Internet.  When a company factors in the time spent on the entire provisioning process, spending a little more to purchase through DeckerWright saves a company a lot of time and money.

Click HERE for more information.

0 Comments
Continue reading

Mobile? Grab this Article!

Qr Code

Latest Blog

Verizon, AT&T, T-Mobile and the other wireless carriers have been hyping 5G technology for years now.  5G technology has recently been deployed in several metropolitan areas, so the first consumer reviews are in and the results are spotty.  When it works, the s...

Account Login