Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

DeckerWright Corporation has been serving the Red Bank area since 1984, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Dangers of Public Email

email securityMany clients in the small and medium business (SMB) market still use public email accounts from gmail, aol, Hotmail, yahoo and msn.  Using a public email account carries a significant business risk.

One key risk of public email is the inability to regain control of an account if it is taken over by a criminal. If you discover that your gmail account has been compromised, good luck getting technical support to resolve the issue. How does tech support have any idea that the email belongs to you, and not the criminal? By the time you determine the email account has been hijacked, all of the challenge questions have been changed to ones the criminal knows, not you. While you are fighting with tech support to fix the problem, any email correspondence meant for you is now getting responded to by the criminal. Banking and other transactions that may be validated in the account are now being responded to by the criminal. With a private email address, the email administrator is part of your organization and can change your password to regain control of the account. 

Email Phishing by criminals is the #1 way criminals infect computers with ransomware. We use enterprise class spam filtering from Proofpoint that provides effective protection from phishing attacks. A public email has none of these protections, so a company is down to the last line of defense against phishing, the employees. The best way to keep employees from making a wrong click is to keep the email out of their mailbox all together. Public email doesn’t screen the emails, making a company much more susceptible to phishing attacks. 

As an employer, if you allow or encourage employees to use public email accounts for conducting your business, you risk losing clients and money. How? If an employee leaves the company, clients may still contact the former employee with their public email account. You have no way to stop the communications, and no way to recover the emails from the former employee. If the employee had a private email account, the emails could be redirected to another employee. 

Email retention and recovery is also an issue with public email.  Public email may be left on the providers email servers subject to their retention rules. When the email piles up to the limit, emails can start bouncing. If you download the email to your local machine, you can accumulate more email, but if your computer crashes, you risk losing it all. Either option isn’t good. An email service like Office 365 provides for 50 GIGs of email storage, and automatically synchronizes with the Outlook, providing more storage and protection from data loss. 

In environments covered by regulatory or contractual obligations where email archiving is a requirement, using a public email account prevents the setup of email archiving systems.  Email archiving makes copies of emails sent into or out of an email server and freezes the email so it can be used as evidence in a legal proceeding. There is no way to incorporate a public email box into an email archiving system.

If you are using public email for business, contact DeckerWright Corporation so we can get you set up right.

Click HERE for more information.

0 Comments
Continue reading

Phishing for Ransoms

phishingOne of the more technical terms we use in our industry is “phishing”. Phishing in security circles refers to criminal activity using email with a message that is bait for the unsuspecting user to click on. Phishing is the number one method used by criminals to distribute ransomware. 

Criminals put together phishing campaigns just like a company might do a marketing campaign to sell their products and services. Depending on the sophistication of the criminal, the phishing email may be poorly constructed with obvious flaws, or a carefully constructed message meant to mimic a legitimate email. Criminals have access to email lists and tools to create the phishing email content and the ransomware software. 

The better and more targeted the list, the more the criminals pay per email.  The most sophisticated phishing campaigns we have seen have phishing emails look like emails sent within a company from a manager to a subordinate. Many of the phishing campaigns are now role based where the criminals target Human Resources or Accounts Payable personnel. 

DeckerWright Corporation uses a multi-layer approach to protecting our client’s data. Every email is checked by a spam filter before delivery. Most phishing attempts never reach the client’s inbox. For phishing emails that make it past the spam filter, the spam filter modifies the email so that any embedded URL is checked by the service when it is clicked. If the URL is evil, the spam filter service won’t let the client reach it. We also run AV software and malware protection on each PC. 

As part of the new Compliance Security Service (CSS), DeckerWright is now offering to send phishing emails to test users. If the users click in the email, they get redirected to a training web site where they can review training material on how to spot and avoid phishing emails. The CSS also includes a Security Information and Event Management (SIEM) tool that monitors network traffic looking for bad behavior. The SIEM includes log file storage that would allow us to go back in time to determine the root cause of a criminal attack. 

Current clients receiving Business Security Services can add any of the components included in the Security Service bundle as an option. The Compliance Security Service bundle provides significant savings if the client needs or wants all of the services necessary for regulator or contractual compliance.

Click HERE for more information.

0 Comments
Continue reading

The Dark Web

dark webThe news often reports of nefarious activity conducted on the dark web.  What is the dark web?  The dark web is a term used to describe the parts of the internet developed, used and maintained by criminals.  At the dark web's heart are services on the internet just like Amazon, Google and Facebook.  The difference is that the dark web uses a special “dark” browser, separate domain name servers and “dark” encryption methods. 

In order to access one part of the dark web you need to download and install a Tor browser.  There are a number of websites that allow you to download the Tor browser.  Think of these websites as the portals between two parallel universes.  Once you download, install and start using Tor, you are connected to the dark web.  How do you find things on the dark web?  Just like Google provides a search engine on the internet, dark web search engines include DuckDuckgo, Onion, and TorLinks.  Simply type in your search term in one of these search engines such as, email passwords, and the dark web search engine will return multiple sources for the data you are looking for. 

Communications on the dark web are all encrypted using Pretty Good Privacy (PGP) encryption technology.   Modeled after IPSec, PGP is a public sourced encryption technology available to anyone.  By encrypting the communications between the Tor browser session and data source, criminals are able to hide their activity in broad daylight on the internet.  Internet Service Providers recently reported that about 3% of the Internet’s traffic is dark web PGP traffic.  The PGP encryption makes discovery and monitoring by authorities of criminal activity next to impossible. 

In order to make the dark web work, criminals maintain domain name service host computers that serve up the names and IP addresses of dark websites.  Any computer that has been compromised with malware is a candidate to be a DNS server on the dark web.  Criminals will install the dark version of DNS on a compromised computer unbeknownst to the victim.  The victim’s computer becomes part of the dark web providing a key function.  Thousands of copies of dark web DNS are planted around the world this way.  No need for expensive data centers and servers to run DNS when you can steal someone’s computer and internet bandwidth for free.

DeckerWright Corporation is now providing Dark Web Monitoring services as part of its new Compliance Security bundle so that business owners can get a look at what information criminals are maintaining on the internet about them.

Click HERE for more information.

0 Comments
Continue reading

Introducing Compliance Security Service

compliance security

DeckerWright Corporation is now offering a Compliance Security Service (CSS) that provides additional security services to meet regulatory, HIPAA, PCI and financial industry requirements. CSS differs from the Business Security Services provided to every client today by providing additional security layers built into the latest regulations and industry guidelines.

The current Business Security Service (BSS) provides a layered defense against criminals and unscrupulous employees to protect a company’s data. BSS combines anti-virus and anti-malware software, a firewall with unified threat management, Windows patch management, email spam filtering with attachment and URL defenses, and local and cloud backups. All of these security services are monitored in our network operations center to ensure that software and threat identification data is current and working. Most important, backups are checked daily to ensure that anything from a lost file to a ransomware encrypted server can be quickly recovered.

The Compliance Security Service builds on the Business Security Service and adds services required to be in compliance with regulatory, PCI and financial industry requirements.These additional services include Security Information and Event Management (SIEM), employee training, dark web monitoring, multi factor authentication, email archiving, and a 24x7 security operations center that monitors the network for bad behavior. The SIEM system provides for device log file management and retention and analyzes the log files to look for bad behavior. The SIEM connects the dots found in the log file following the data bits from its source to its destination across multiple devices on the network to the internet. What may elude stand-alone security products is exposed through the SIEM’s heuristics. The SIEM alarms are sent to the security operations center where the SOC team immediately acts to defend against the attack. 

Along with the CSS, DeckerWright Corporation provides Chief Security Office (CSO) oversite of a client’s documentation, and governance as called for in regulatory and industry guidelines. Clients may opt to receive CSO services as used, or as part of their monthly Security as a Service fee. Components of CSS may be added to the Business Security Services to provide enhanced security to businesses.

Click HERE to learn more about SIEM.

0 Comments
Continue reading

Why GIG Internet Doesn't Work

GIG

Verizon recently came out with its Gigabit internet connection service. We have several clients that have gotten the 1 GIG service only to find that they aren’t getting 1 GIG throughput when they run speed tests, including Verizon’s speed test. Why?

There are two main factors in explaining why clients aren’t getting 1 GIG speeds. The first is fine print. In speaking with the Verizon installers implementing 1 GIG service, they explained they certify 1 GIG service with speeds as low as 750 MGs. In visiting the Verizon FiOS web site, in the footnotes and fine print on the 1 GIG Internet speeds page, Verizon states they only guarantee speeds of 750 MGs on the 1 GIG service. That means the 1 GIG service is really Verizon marketing, and not what's getting delivered to customers. 

The second reason is technology. In order for a customer to achieve 1 GIG performance, everything between their device and the website or app they're using needs to support 1 GIG speeds. This is rarely the case. Typical device interface speeds are either 100 MGs (0.1 GIGs) or 1 GIG. Let’s look at a case where every firewall, router, wire and web site service being accessed has 1 GIG interfaces. If you're lucky enough to access that website when no one else is accessing it, you would achieve 1 GIG speeds. As soon as other people access the same internet resource, the 1 GIG pipe becomes shared, effectively reducing the throughput of your connection. To keep it simple, divide the pipe size by the number of simultaneous users to estimate the speed. New technology supports 10 GIG device speeds, but the technology is not widely deployed, and over 95% of the internet connected devices have 1 GIG or slower interfaces. When everyone was accessing the internet with 25 to 100 MG connections, 1 GIG interfaces were sufficient. Suddenly they are not.

The client’s local network and equipment also provide a bottleneck to achieving 1 GIG speeds. Many clients have older firewalls and networking equipment that only support speeds to 100 MGs. 95% of the firewalls we deployed at client locations will not support 1 GIG speeds. Firewalls, routers, switches and network cabling all have to be up to specs in order to achieve 1 GIG bandwidth from your wired devices.

Even after a client upgrades their physical infrastructure to support a 1 GIG connection, they are disappointed with the performance of their wireless devices. Turns out, they will need to upgrade their wireless access points and make sure their wireless devices support the latest 802.11ac standards. Most WiFi operates in the 802.11b/g/n 2.4 Ghz radio spectrum, which is where the majority of access points and wireless devices operate. Many of the newer wireless enabled devices will operate in the 5 Ghz frequency range which supports the 802.11a/n/ac wireless standards. Even if a client has a new access point and device that auto selects the right frequency and communications standard, WiFi technology adjusts the bandwidth according to the signal strength. The worse the WiFi signal, the slower the connection regardless of the WiFi technology.  To achieve 1 GIG on a wireless device, a client needs an 802.11ac access point, with a device that supports 802.11ac and the client must be standing within 10’ of the access point. If the client wonders away, or has walls between them and the access point, the speeds will drop dramatically.

If you're thinking of upgrading your internet connection to 1 GIG, contact DeckerWright Corporation so we can assess your network before you purchase the 1 GIG service to see if your network can support it.

Click HERE for more information on wireless technologies.

0 Comments
Continue reading

Browser Wars - Round 2

browser wars

Since the inception of the World Wide Web in the mid-1990’s, there has been a battle between competing web browsers.  In the early days, the competition was between Netscape and Microsoft.  The competition got so intense, the US Department of Justice stepped in to regulate some of Microsoft’s behavior.  If you can’t remember Netscape, that’s okay, they are no longer in business.  For many years, Internet Explorer was the only browser in town so there was relative browser stability.

Today’s browser war is very different.  The top three browsers today are Microsoft’s Edge (Internet Explorer), Google’s Chrome and Mozilla’s FireFox.  Both Microsoft and Google have nearly unlimited funds to spend on developing their browser technology.  Unlike Netscape in the past that was relying on licensing revenue from people using their browser, Microsoft and Google have different revenue models that provide funding for their browsers.  Both see their browsers as a significant technology in the delivery of their core services.  The third browser, Mozilla’s FireFox, is developed based on Netscape technology assigned to a non-profit organization that doesn’t have the resources to match the big two, so they are always playing catchup.

Why are we experiencing so many browser issues?  Website development is based on the industry “standards” that are in place at the point in time a website is developed.  Remember Microsoft’s Silver Light?  Most people can’t.  It was a technology Microsoft was pushing as an alternative to Java.  Proprietary to Microsoft’s browsers, Silver Light never got traction in the market, so Microsoft killed it.  Unfortunately, there were some large websites developed using that technology.  Today we keep a copy of the last release of Silver Light in a safe place so that we can install it with Internet Explorer (IE) 11 for some clients.  Other technologies that have been consumed by the browser wars include Java and Adobe Flash.

Microsoft and Google have little regard for those dependent on their browser technology.  A seeming innocent security update can hobble websites.  What may have been an acceptable security method five years ago doesn’t cut mustard today.   For many clients, we have had to freeze browser versions so apps can continue to function.  Chrome is probably the worst in pushing out updates that break things.  Chrome automatically updates itself whether you want it to or not unless you are running the corporate (Stand Alone) version of the browser.  How plugins are secured and executed in each browser is different causing various problems with websites. 

Needless to say if Google comes up with a “standard” Microsoft doesn’t like, Microsoft won't implement it.  Different Microsoft plugins won’t work with Chrome.  There is a standard settings board that sets standards for browsers.  As with any standards setting board, it moves slowly to make changes.  Microsoft and Google regularly introduce technology in their browsers long before the technology is even presented to the standards board.  Since neither company can knock the other one off financially, the browser wars are going to continue long into the future.  Make sure you have all three browsers loaded on your computer.  You never know which one will work.

Click HERE for more information.

0 Comments
Continue reading

Technology Provisioning

technology purchase

Every business relies on technology to run their business.  Where each company acquires their technology rests on a number of factors, including how much the company values staff time.  The purchasing of technology to place in service requires four phases.  The first phase is figuring out what to purchase.  The second phase is ordering the equipment.  The third phase is preparing the equipment for deployment and the final phase is deploying the equipment into the business.

The first technology purchasing phase entails researching the products available to solve a problem.  For example, a staff member needs a laptop.  The right solution has to factor in how the employee is going to use the laptop, the laptop manufacturer, the product warranty, delivery and price.  With hundreds of products to choose from, dozens of manufactures and an endless number of sources, it typically takes between 1 to 2 hours of research to select a manufacturer, model, source and price per item. 

Ordering the equipment can be complicated depending on the vendor.  Many vendors require being paid up front, or by credit card which can be a problem for public and non-profit entities.   Another common issue with online ordering systems, is they don’t verify product availability until after the order is placed.  This often happens on the Internet where items that are shown as “In Stock” are actually out of stock.  Following up on orders to determine delivery dates also takes up time.  Every order placed consumes about 1 hour of staff time for provisioning and follow-up.

Once the equipment arrives at the company, it has to be prepared for delivery to a staff member.  For a typical laptop, this means removing it from the box, turning it on, and going through the equipment setup wizard.  Once the setup wizard completes, all of the “bloatware” needs to be removed from the computer and any security patches needed to be downloaded and installed.  If there are any applications like anti-virus and Microsoft office, they need to be installed at this time too.  What if the laptop that arrives is either wrong or doesn’t work?  A common problem our clients encounter is ordering a cheap laptop that comes with the wrong version of the Windows 10 operating system.   In our experience in dealing with clients that self-provision, 1 in 4 orders will have a problem requiring 1 to 2 hours of staff time to straighten out and follow up on. 

The final phase of the technology purchasing cycle is deploying the technology to the staff.  If the client has a rigorous setup process, the computer delivered to the staff member should be ready to use.  However, most users have some local settings that they want to retain on the new system.  Migrating user settings and documents (known as the user’s profile) can take from 1 to 3 hours depending on the amount and type of data being transferred. 

DeckerWright Corporation provides technology provisioning services to our clients.  We take the time and stress out of the purchasing process.  We have flexible payment terms including credit card, ACH, check, cash, and purchase orders.  Using our Hardware as a Service (HaaS) program, we can even include the cost of the technology in a client’s monthly service amount.  Leasing options are also available to facilitate the acquisition of new technology.  Prices are competitive, but are higher than the lowest price that may be found on the Internet.  When a company factors in the time spent on the entire provisioning process, spending a little more to purchase through DeckerWright saves a company a lot of time and money.

Click HERE for more information.

0 Comments
Continue reading

WiFi...Great Technology When It Works!

WiFi

The explosion of the Internet of Things (IoT) and mobile devices has put an increasing load on existing WiFi networks.  Originally engineered to provide access to a few laptops and mobile devices, WiFi networks are now being tasked with streaming video from cameras, and a host of other IoT devices, impacting a WiFi infrastructure that was not engineered for the load.  Another big problem with business WiFi, is most small and medium sized businesses are in multi-tenant office space with many businesses.  Sitting at my desk, I have 18 different WiFi networks I could connect to.  The more access points that occupy a frequency, the more they interfere with each other degrading WiFi performance.

Another common problem we see with client’s WiFi networks is that they are not engineered to provide the right level of security based on the evolving usage profile.  Many business WiFi networks work in two worlds, the world of using WiFi to access a client’s business network to do work, and WiFi to allow clients and employees to access the internet with their mobile devices.  New IoT applications may have different network security requirements.  When planning out a WiFi network, security must be part of the design consideration.  You don’t want clients or guests to be connected to the company’s business network.  They should be isolated on a guest network with only internet access allowed.  Conversely, computers that need to be connected to the company’s network via WiFi should be. 

The last problem with WiFi networks is the usage of the public frequencies of 2.4 Ghz and 5 Ghz.  The 2.4 Ghz frequency is particularly subject to interference from other technology like wireless phones, microwaves, alarm systems and electric motors that can broadcast on this frequency.  The 5 Ghz frequency is less heavily used by other manufacturers, and does better in facilities with more walls and obstructions based on its wavelength.  The trade-off for the improved quality, is distance.  A 5 Ghz transmitter only goes about half the distance of a 2.4 Ghz transmitter. 

If the WiFi in your company is not performing up to expectations, contact DeckerWright Corporation for a consultation and a site survey

Click HERE for more information.

0 Comments
Continue reading

Should There Be Independent Cloud Backups?

cloudbackup

As the move to the cloud continues, one nagging question remains. Should there be an independent backup of cloud resources?  The answer is YES for a number of reasons.

Although it doesn’t happen often, there is a chance that the cloud service provider being used goes out of business. This shouldn’t be a concern if the cloud company is Microsoft or Amazon, but it should be a concern if it is a local Internet Service Provider, web hosting company or a vertical application hosting company. Several times a year we get panic filled calls from clients who just received notice that their service provider is closing their doors. On several occasions the client found out when they could no longer access their web site or data. Microsoft is famous for ending services or technology and leaving the clients hanging. There is a risk associated with the cloud service provider ending business operations or suspending services being used. Having backups reduces this risk.

Another reason for having independent backups of cloud resources is to provide recovery points farther back in time. While Microsoft doesn’t document the Office 365 retention policy, it is generally accepted that they will retain two weeks of data. Although Microsoft keeps the data, the recovery is restricted to the recovery options built into the applications, like the recovery of deleted files in Outlook. Microsoft does have various backup methodologies built into the Azure cloud, so it is possible to backup Microsoft hosted cloud services to other Microsoft cloud infrastructure. At Amazon you are not so lucky. Amazon does not backup ANYTHING. If a company has a server hosted at Amazon and the server crashes, unless it is backed up to some other resource, everything is lost.  Lack of any backup is part of Amazon’s marketing plan that encourages clients to buy more Amazon resources for redundancy and backups – a brilliant marketing plan! There is a risk associate with the backup policies of the cloud service provider. Before moving to a cloud resource, a company needs to fully understand this risk.

Other data retention issues may be important to regulated entities and government agencies. Most regulated entities and government agencies have data retention requirements that range between 7 to 10 years. These long data retention periods are seldom met by cloud hosting companies. In these cases, an independent third-party backup would be a requirement.

The method for restoring data should also be clearly understood before a restore is necessary. Here are some questions that should be addressed by the cloud service provider:

  • Can individual files, folders, or mail boxes be recovered?
  • In database restoration, does the whole database need to be recovered or can individual records be recovered?
  • Can a full volume be recovered?
  • Does the recovery require booting up a full working image of the resource to recover the desired data?

There has been an explosion of new services becoming available to backup cloud resources.  Industry best practices dictate that backups should be made to independent third-party backup locations that use different software, storage and infrastructure so that a catastrophic failure at the primary hosting location will not affect the backups and the ability to recover.  The independent backup location should be coupled with an ability to either directly or indirectly support a recovery if there's a catastrophic failure with the primary cloud host.  DeckerWright can assist in building a cost effective backup of a company’s cloud resources.

Click HERE for more information on Office 365 data retention - see section 6.

0 Comments
Continue reading

Protecting the Internet of Things

IoT

The largest growth of devices connected to the Internet are not computers, but devices designed to perform a specific function. These devices include cameras, smart phones, light bulbs, Amazon Echos, garage door openers, TVs, automobiles, sound systems, programmable logic controllers (PLCs), HVAC systems, elevators, security systems, ovens, refrigerators, thermostats, water heaters, heart monitoring systems and more. These devices are part of the Internet of Things (IoT) that is flooding the Internet with new devices. This explosion of new devices is creating massive new security concerns.

All of the IoT devices share a common foundation - modified versions of the Linux operating system. The popularity of Linux is because most versions of Linux are free with access to the source code. The operating systems are then highly modified to adapt to nearly any device. While this flexibility has caused an explosion of devices that we can not monitor and manage over the Internet, it also possesses security problems since at their core, every IoT device is a Linux computer with usernames, passwords and vulnerabilities.

The New Jersey Cyber Security and Communications Integration Cell (NJCCIC) provides security focused companies like DeckerWright Corporation weekly and emergency updates on the state of cyber threats. The reporting of cyber threats on IoT devices has grown exponentially over the last year. Why is that? First, there has been an explosion of new IoT devices, the more attack surfaces. Second, IoT manufacturers are not typically well versed in cyber security . As a result, IoT devices are often released with little regard for security after the basic device functions are proven to work. Third, most IoT devices are never upgraded with new "firmware". As a manufacturers have become more tuned into the security risks associated with their products, they have been issuing "firmware" updates to patch security holes. When was the last time anyone upgraded the firmware in their network camera? Fourth, as cyber criminals begin to notice the vulnerability of IoT devices, they are developing methods for identifying IoT devices and are publishing successful exploits on the dark web. We are only seeing the first generation of exploits targeting IoT devices. Expect the next generation to be much more targeted and ferocious.

Unfortunately, anti-virus (AV) software companies don't have any solutions for protecting IoT devices. Even with a common Linux operating system base, the Linux systems are so highly customized that AV software companies have no way to write software to protect them.

Here are some ways to protect your IoT devices from being compromised by cyber criminals.

  • Always place your IoT device behind a firewall that can be used to monitor and restrict access to the IoT device.
  • At least every six months, check your IoT devices firmware to make sure you are running the most current version.
  • If possible, only setup IoT devices behind firewalls with NO internet access.
  • ALWAYS change the default password on the device to a complex password or a pass phrase.

Our industry is scrambling to come up with ways to monitor and protect IoT devices on networks. The best defense we have today are Security Information and Event Management (SIEM) systems which can quickly identify suspicious network activity and alert cyber security experts. Since the devices will never be smart enough to defend themselves, we must rely on perimeter technology, advanced monitoring and proper device setup to protect the ever growing population of IoT devices.

Click HERE for more information.

0 Comments
Continue reading

Mobile? Grab this Article!

Qr Code

Latest Blog

Many clients in the small and medium business (SMB) market still use public email accounts from gmail, aol, Hotmail, yahoo and msn.  Using a public email account carries a significant business risk.One key risk of public email is the inability to regain control of an ac...

Account Login