Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

Marshall H. Wright President, DeckerWright Corporation Marshall Wright is owner and President of DeckerWright Corporation, an Information Technology Consulting company in Red Bank, New Jersey.

The company primarily serves business clients in New Jersey. Marshall is recognized as a leader in the industry and speaks at national events for ConnectWise and ASCii. For his clients, Marshall brings his expertise on cyber security to help firms comply with HIPAA, PCI, industry regulations and contractual requirements. Marshall is an expert in designing networks for small and medium sized companies that are secure, accessible and recoverable.

As President of the company, Mr. Wright is primary responsible for the strategic direction of the company. Sought after by customers for guidance, Mr. Wright draws on his education, training and the experience of having worked with over 500 business entities in the past 25 years to solve their business problems.

COVID-19 and the mad rush to work from home!

The advent of Covid-19, a Coronavirus, is accelerating a trend we have been seeing with our clients for many years. Employers are seeking out the best person for the job regardless of where they may be located. Many of our clients have employees scattered around the country, and some are using people resources from around the world. The Covid-19 virus is causing our clients with employees still going to the office to rethink how they do business so they can support remote workers. 

Microsoft has two key technologies that can facilitate the move to a remote work force. SharePoint when combined with Teams are enabling technologies for a remote workforce. Office 365 SharePoint provides for structured and secure document storage in the cloud. SharePoint allows for the customization of the landing pages that can include web parts for viewing and managing content. Built-in web parts allow access to calendars, contacts videos, documents, projects, and Microsoft Teams. SharePoint provides a structure for storing documents and corporate data that can be leveraged with Microsoft Teams. With the proper credentials, Office 365 SharePoint may be accessed by an employee anywhere at any time, facilitating remote workers. 

Microsoft Teams provides an important part of the remote worker puzzle. How do you make a remote worker feel like part of the company? Teams has built in features that foster employee collaboration and connections. At its core, Teams is a text messaging system that allows 1 to 1, 1 to many or many to many conversations online. In its early days, Microsoft integrated Skype for Business into Teams. By building Skype into Teams, employees could make point to point phone calls between staff members through their computers. This capability by-passes traditions phone systems and allowed staff members to talk to each other with one click. Teams also supports video calls. The ability to see your counter-part provides a staff connection that texting and hearing a person’s voice cannot.

Teams also has a powerful meeting capability for staff members to collaborate.  It is easy to schedule and run a meeting.  A meeting can either be created through Teams, or Microsoft Outlook.  Once on the schedule, team members simply click on a “Join Now” button to enter the meeting.  These built in features replace the need for Webex or GoToMeeting for internal meetings.  Once in a meeting, Team members will have the ability to share their screens for instant collaboration.  The screen sharing can either be a presentation, or a document everyone is trying to get finished for a deadline.  Either way, the ability to meet and work in Teams is game changer for remote workers.

Teams has integrations to SharePoint and many other Microsoft tools like Yammer, Planner, OneNote, Power BI, and Stream. These applications can be added to Teams giving Team members quick access to other Microsoft tools. Microsoft has also opened Teams up to allow for third party integrations including from Adobe, Salesforce, Zoho and Survey Monkey. Microsoft is investing in Teams and sees it as a key technology for its future.

Any company considering expanding their usage of remote workers in reaction to the Covid-19 virus, should include SharePoint and Teams as part of the solution. Beringer Technology Group is recognized by Microsoft as a leading developer of SharePoint sites and can help guide companies to leveraging Microsoft technology to support their remote workers.

Click HERE for more information on Beringer's development team.

0 Comments
Continue reading

Business Preparation for the Coronavirus

By now everyone has heard about the Coronavirus that started in China.  It is rapidly spreading around the world.  Governments in an effort to slow the spread of the virus have instituted travel bans and whole cities in China are in quarantine.  Businesses in the US are just starting to feel the consequences of having the Chinese parts of their supply chain disrupted by government commerce shutdowns.  So far, the direct impact of Coronavirus infection in the US has been minimal, but the supply side disruptions and potential for the spread of the virus in the US are real.

What can a business do now to be prepared to continue operations when the Coronavirus finally strikes the US mainland?  The simple answer is to setup and/or expand the ability for people to work from home.  It takes time and preparation to enable people to work remotely, especially for an extended period of time. 

Here are some of the things that need to be considered for staff members working remotely:

  • How are the phones going to get answered?  Does the phone system have the ability to call forward to peoples home or cell numbers?
  • How will the staff communicate with clients and vendors?
  • How will the staff member access e-mail? 
  • How will the staff collaborate during the day? 
  • What systems will the staff need to access to do their jobs?
  • If a staff member needs to print, where is it going to print?
  • If a staff member needs to scan a document, is there a way to get scanned document to the right place on the business network?

At Beringer Technology we have a number of staff members that work remotely away from the primary business location.  We’ve worked through the issues above to seamlessly integrate remote workers onto the Beringer team.  Clients and vendors have no idea where the staff members are located.  Our ability to support remote workers came from careful planning, and learning from the experience of supporting remote workers. 

There is no one right way to setup and support remote staff members as the solution for a business will be based on their business processes, phone systems, IT infrastructure, security requirements and the mix of cloud and premise based systems. 

Contact Beringer Technology today at (856) 325-2800 so we can help you prepare for the Coronavirus.

Click HERE for more information.

0 Comments
Continue reading

Security Concern #3 - Physical Security

physical securityOne of the lesser emphasized areas of cyber security is physical security. HIPAA regulations cover in detail the physical security of computer systems. If you get a HIPAA Risk Assessment and it doesn’t include on-site visits to each location, the Risk Assessment document is incomplete. A growing area of concern is mobile computing, and multi-factor authentication using smart phones. With data now readily accessible outside the office, physical security has taken on new meaning. 

Breaching physical security of data systems means that a person who is unauthorized gains access data. The unauthorized person is most likely an employee, but could be a client, vendor, criminal or other person. The most common physical data breach happens when a computer systems is left logged in and unattended. A curious employee would be able to impersonate an authorized person and gain access to data they should be seeing. 

As part of a HIPAA Risk Assessment, physical security of a company’s data systems are evaluated. Are the computers in areas secured from unauthorized persons? Very often computers need to be in areas where they intersect with unauthorized persons, such as in a retail environment. In cases like this, computers should be set with short timeouts to lock the computers when not in use. Laying out a work space so that monitors are not facing public areas is also a good practice. 

Local data storage on servers, computers and storage devices must also be protected. The best practice is to have the servers hosting the data to be in a secured and locked room. The room must have adequate ventilation to ensure the room remains at room temperatures. Servers need to be protected from theft so that the data on them is protected. 

The latest threat to physical security is the increasing dependence on mobile computing. Smart phones, tablets and laptops are setup to access corporate data with remote access software. Sometimes corporate data is also stored on these devices. Since there is no way to “lockup” a mobile device, precautions must be implemented to protect the corporate access to data on the devices. Devices should be protected with a password or bio-metrics for access. Any data on the devices should be encrypted. The operating assumption from a security perspective isn’t if the device will be lost or stolen, it is when the device is lost or stolen.  Without planning and implementing best policies on mobile devices, a criminal can gain access to corporate data by stealing a mobile device. 

The smart phone has become the de facto “token” for multi factor authentication (MFA). Smart phones serve as MFA tokens either by getting a text message with a six digit code, or through apps like Google and Microsoft Authenticator. A criminal wanting to impersonate you has a high interest in stealing your cell phone. A recent Wall Street Journal article chronicles how cyber criminals targeted a person and stole his phone to gain access to his MFA (He Thought His Phone Was Secure; Then He Lost $24 Million to Hackers). His estimated loss was over $24 million dollars.

https://www.wsj.com/articles/he-thought-his-phone-was-secure-then-he-lost-24-million-to-hackers-11573221600

Physical security is often over looked in our high tech industry, but it must be considered and planned for in order to protect corporate data.

Click HERE for HIPPA physical security regulations.

0 Comments
Continue reading

Security Concern #2 - Employees

security concernsDespite the industry focus on cyber-criminals and defending against different attack methods, employees continue to be the primary source of data loss to businesses. In this article we will discuss different documented ways employees have stolen corporate data for the employee’s benefit.

Employees achieve economic gain by stealing business data through three primary methods. First, an employee can steal cash from a business. Often an employee is entrusted with taking care of the company’s financials. If the employee has end to end authority over financial transactions, it is easy for the employee to divert funds into their pockets. There are many examples of this type of employee criminal behavior including processing false reimbursement vouches, cashing fraudulent checks and paying factious invoices to company’s controlled by the employee or an accomplice. Safeguarding the company’s accounting system is based on establishing clear procedures with at least two people involved in every transaction. The person processing accounts payable should NOT be the person paying the bills.  Expense vouchers and bills should be reviewed by a second person prior to payment to reduce fraud.

The second way employees attempt to profit by stealing business data is to use that data to either enhance their position with a new employer, or to start their own business. The most common theft is of client contact and sales information which can be used by the new entity to market to company’s clients.  There are two ways to combat this type of loss. One method uses tools after the theft to legally pursue the former employee, and the second relies on technology to try and stop a theft in progress. In order to pursue a former employee for possible data theft a company needs both contractual protection and electronic proof of theft. Legal protection is normally included in the employee hand book or employment contract. Electronic proof can come from phone logs, computer security logs, videos, emails and hi-tech monitoring software. Putting together the evidence of theft is often impossible for companies that haven’t done the proper up front work to retain log files and archive emails. 

The third way employees attempt to capitalize on business data theft is by selling the data. A recent example of this was the Capital One data theft. The cyber-criminals used knowledge gained as a former employee to gain access to Capital One’s client financial data. Once stolen, the employee attempted to market the data on the internet. These types of threats are increasing in frequency and intensity. Methods to prevent these types of business losses include limiting employee access to only the data they need to perform their business tasks. Make sure logging is enabled and that log files get archived so that if there's a breach, log file forensics can determine who and what was taken.

DeckerWright supports multiple employee tracking software systems including Veriato and Teramind. These software solutions track everything an employee does and can provide alerts if the employee is doing suspicious activities. While these solutions aren’t cheap, they do provide a method for using technology to both prevent and then document employee data theft.

Click HERE for more information.

0 Comments
Continue reading

Remote Users: Security Concern #1, Cyber Criminals

BOYDOne of the major trends in our industry has been the proliferation of remote workers using “Bring Your Own Device” (BYOD). Since the devices are owned by the employee, corporate security teams cannot install their software. Company data may be accessed by two methods, either directly through apps, or indirectly through remote desktop capabilities. Both methods rely on a device that is outside of the corporate IT infrastructure in the possession of an employee. Either method exposes the company’s data to loss to cyber criminals. To understand why, this article discusses some of the tools cyber criminals can deploy to exploit remote employees. 

In the normal course of our business, we help clients monitor activity of their employees on their devices. The “good guy” monitoring software provides a window into the types of tools used by cyber criminals to compromise a company’s security and gain access to valuable data. These tools include key stroke logging, click logging, URL logging, screen shots, access to log files and an inventory of software used by the employee. In the hands of a skilled cyber-criminal these tools would allow the cyber-criminal to impersonate the employee to gain access to the companies systems.

Here’s how. The software inventory tells the cyber-criminal what software they need installed to make the connection. The key stroke logger will provide the user name and password, and the screen shots will provide information about the connection, including clues about the multi-factor authentication. If a VPN tunnel is setup, the cyber-criminals can remote control the employee’s computer to gain access to the configuration of the VPN tunnel to gain any keys. With no multi-factor authentication (MFA), the cyber-criminal would have enough information to gain access to most systems with just this information. 

The most common form of multi-factor authentication is to a cell phone. Cyber-criminals have two methods for getting the MFA codes from a smart phone. One method is to get malware installed on the employee’s phone that forwards any codes received to the cyber-criminal, or allows the cyber-criminal remote control.  The more common method used today is for the cyber-criminals to take the employees phone number by impersonating the employee with the cellular phone company. Once the phone number is switched to their own device, the criminals can get the MFA codes directly. Both of these methods have been documented as used by cyber-criminals. 

A cyber-criminal could also use an active session to impersonate an employee when they aren’t working to gain access to information. Cyber-criminals controlling a device could also inject code into a company’s systems to search for and exploit weaknesses in internal systems. Since the screen shots will reveal the company’s internal systems, the cyber-criminals can tap the vast library of hacker’s tools to compromise the system. The success of either of these methods may allow the cyber-criminal to gather corporate information.

Any remote device compromised and controlled by a cyber-criminal can become a gateway to your company’s data.

Click here for more information.

0 Comments
Continue reading

Cyber Criminals Business Models

cyber criminalsI am beginning a series of articles discussing the threats to companies through employees working remotely. Ultimately, cyber criminals are working to monetize their efforts. There are three dominate business models in use today by cyber-criminals that drive their behavior. The business models are employee impersonation, data theft and denial of service attacks. This article discusses these business models to gain an understanding of the “why” behind cyber criminals. 

Most cyber criminals will employ one business model for their criminal enterprise. For example, we have not seen evidence of cyber criminals doing Ransomware exploits stealing company data or employee credentials. Likewise cyber-criminals using impersonation for their exploits rarely steal company data or perform denial of service exploits. Cyber criminals stealing company data, like the recent Capital One breach, may use impersonation tools to gain access to company data stores where they make off with troves of valuable data. 

Impersonation exploits take two forms. One form of impersonation uses a set of stolen credentials to become the employee for the sake of transacting personal business as the employee. Examples of these types of attacks include credit card charges, diversion of pay checks to criminal bank accounts, long distance charges and health insurance theft. The second type of impersonation that has recently become an issue is a cyber-criminal impersonating an employee for the purpose of diverting company financial transactions.  By monitoring a compromised employee’s communication silently, a cyber-criminal can intercept and divert financial transactions. IT industry publications have documented diversion of wire transfers from an intended financial institution to a cyber-criminal’s bank account. This is a particular problem in Real Estate transactions where large sums are wired between banks. The cyber-criminals monitization of this exploit is straight forward, they divert and get the cash.

Some of the biggest headlines talk about the theft of Personal Identifiable Information (PII). PII often includes social security numbers, birthdays, health insurance policy numbers, addresses, credit card number and bank account information.  The recent Capital One exploit illustrates an exploit of company data. Cyber-criminals monetize data theft in two ways. One method is to actively use the data to impersonate a consumer to use the consumer’s credit to purchase items or establish credit lines that can be used to generate cash.  The second method for monetizing data theft is the sale of the data. Cyber-criminals have a Google of sorts for stolen consumer PII.  The fresher the PII, the more it is worth. The 110 million consumer PII records stolen from Capital One would be worth millions on the consumer data resale market. 

The final prevalent cyber-crime business model is a denial of service attack.The type receiving the most press today is Ransomware.  By encrypting a company’s data, the cyber-criminals are able to demand payment in bitcoin for the decryption keys and decryption software to return access to the data. When combined with an attack that turns employee computers to zombie computers, as was experienced by Sony, the attack is particularly paralyzing to a business. The criminals monetize the denial of service attack by seeking payment in bitcoin that is easily convertible to dollars or other local currencies.

The business models of cyber-criminals are constantly evolving and growing to turn technology into cash for their efforts. Upcoming articles will focus on the specific threats facing companies that have remote employees.

Click HERE for more information.

0 Comments
Continue reading

Introducing New Office 365 Backups

This past September, we began backing up client’s Office 365 data.  Starting at just $10 for 100 GIGs of storage, the backup system will backup email, contacts, calendar and SharePoint files stored in Office 365.  The backup system stores the data for a year, allowing the recovery of an email or file on any given day.   Increasingly our clients are relying on Microsoft SharePoint, Teams and One Drive for their document storage.  As more data gets stored in Microsoft’s cloud the need for external backups of the data has grown.

Microsoft in its service level agreement states that it is not responsible for backing up and protecting a user’s data.  While Microsoft does provide a way to restore lost or deleted files for several weeks after deletion, there is no way to go back three months and recover a file.  We maintain the backups for a year so that files may be recovered if a user suddenly discovers they are lost.  As clients increasingly move data to Teams, SharePoint and One Drive, the need for backups becomes greater. 

There is often a need to recover an earlier version of a file that may not exist any longer in Office 365.  In this case, the backed up file would be recoverable through the Office 365 backups.  By going backwards in time, the earlier version of the file may be identified and recovered.  This is a problem with seasonal or calendar based business processes that may only happen once a year, or only quarterly.  Having a backup copy of the files is the only method to recover these lost files.

The backups maintain old files for up to a year even after an account is deleted from Office 365.  When you delete a user from Office 365, those emails and files are deleted forever.  With the files backed up, you have the ability to recover an important email a former employee may have received.  Users often misplace emails in Outlook.  The backup system has advanced search features that can aid the recovery of misplaced emails. 

If a user’s account gets compromised, and all of the emails, contacts and files get corrupted or deleted, the only option a user would have would be to go to the backup copy of the lost items.  Between lost smartphones and cyber criminals hacking in, Office 365 data is at constant risk of being compromised.  Having a backup copy of the data is an important way to protect important business data.

Click HERE for more information.

0 Comments
Continue reading

Managing Remote Workers

remote workersOver the past several months we have experienced a transformation in our business.  The transformation has been driven by the expansion of our work force beyond the walls of our corporate headquarters.  While our customers are based in New Jersey, our team is now scattered around the globe.  Managing a work force with remote employees is a challenging task for even the most experienced management team.  Here are some of our findings for how to maintain employee engagement with remote employees.

I have never been a fan of meetings, but a regular cadence of meetings is critical to having a team jell and work together for common goals especially when team members are remote.  We have both daily and weekly meeting cadences which get team members to interact to discuss problems we are facing with clients.  The meetings focus on planning and collaboration to deliver services to our clients.  All of the members have input in the meetings which gets the team to engage each other. 

We work hard at having documented processes for virtually everything we do.  By having good documented processes, remote workers have a guide for how to perform their duties, and we as managers have some gauges for how to assess the remote workers contribution to the team.  A process is a living set of steps that defines how business data is transformed into action on the client’s behalf.  We have invested hundreds of staff hours to develop well defined and effected processes that are documented in staff binders for each job role.  Don’t attempt to have remote workers unless there are well defined business processes for the remote workers to follow.

Technology also plays an important role in how the remote team members interact within the team and with clients.  Using Voice Over Internet Protocol (VOIP) technology, each team member has an extension on our phone system regardless of where they are located.  Calling our support team member half way around the world is no different than dialing a team member across the hall.  Using secure access technologies, we are able to allow all of our team member’s access to our systems, while maintaining our tight security.  We utilize Microsoft Teams for chat based communications and team meetings providing any additional layer of communication between team members. 

It shouldn’t be a surprise that the generation that lives on their smartphones doesn’t have any conceptual problems with working remotely.  As business owners, there is a lot of work necessary to provide the technology, process and structure to make the remote workers feel connected and contributing team members.

Click HERE for more information.

0 Comments
Continue reading

5G Early Reviews

5GVerizon, AT&T, T-Mobile and the other wireless carriers have been hyping 5G technology for years now.  5G technology has recently been deployed in several metropolitan areas, so the first consumer reviews are in and the results are spotty.  When it works, the speeds are remarkable...measured at nearly 2 GIGs of wireless bandwidth.  Unfortunately, the coverage is poor and performance is not predicable yet. 

5G wireless technology offers the potential for 10 GIG speeds.  In order to achieve those speeds, the wireless infrastructure needs to be entirely rebuilt from scratch.  Unlike older wireless technologies where carriers were able to add new antennas to existing towers, 5G technology requires a completely new infrastructure with a much higher concentration of antennas.  Instead of positioning antennas every few miles, the antennas now have to be positioned within 1,000 feet of each other.  Each new antenna needs to be serviced by a new fiber optic line which in turn must be brought back to a switching station where new high-tech routers and switches are concentrated to move the vast volumes of data.  This may be the largest and most expensive communications build-out since the original Bell System installing copper lines across the country over 100 years ago.

All of the carriers see 5G technology as the ultimate replacement for wired connections, which will reduce their operating costs in the long run.  No more copper lines or fiber optic lines into buildings, only a receiver converting the signal into technology recognizable by the equipment in that site.  That is the phone company’s vision.  The build out will take at least 10 years, and will probably take 20 years to hit most of the country. 

One beneficial side effect of the 5G build-out will be much better cell phone reception and faster 4G download speeds.  Since there will be so many more antennas, it is likely that a 4G phone will always connect with five bars of strength.  Combine strong signal strength with new much faster infrastructure behind the senses, and a 4G device should connect at closer to its 300 MG potential speed. 

With the scope of the 5G build-out, it may be years before it rolls into your area.  In the meantime, keep your 4G devices and be happy with the better performance when you're in areas where 5G is deployed.

Click HERE for more information.

0 Comments
Continue reading

Now is the time to buy Cyber Insurance!

cyber insuranceMany insurance companies are jumping into the market for cyber insurance. It is a cut throat business with each insurance company trying to underbid the other or add additional protection features. The net result has been a flood of insurance products at low prices. 

Why do I say the prices are low? We complete the security assessment questionnaires that our clients send us from insurance companies. The vast majority of insurance companies aren’t asking the right questions to accurately determine the cyber security risk of an attack by cyber criminals. Recent awards to cities around the country highlight the poor underwriting by the insurance companies. The Wall Street Journal today reported that the town of Lake City, Florida paid $462,000 in ransom on June 17, 2019 to get its computers back online. The out-of-pocket expense for the town was only $10,000.   Towns see cyber insurance as a way to avoid spending money on cyber security defenses. 

Insurance companies covered by cyber insurance policies that don’t force clients into good cyber security practices are almost always certain to make large payouts.  Cyber criminals know this.  They have also figured out that commercial insurance sales to municipalities has included cyber coverage so they can demand higher ransoms and get paid. As cyber insurance spreads to other business entities, look for the same trend in ransom demands for businesses. If your company is attacked and doesn’t have cyber insurance, the entire IT system is at risk since the ransom will be more than the business can afford since the cyber criminals will be expecting you to have insurance to support big payouts.

Since the cyber insurance market is relatively small, most insurance carriers aren’t paying any attention to the mounting losses being generated by this type of insurance. When the insurance companies finally wake up, they will be out hundreds of millions of dollars and policy rates will rise substantially. The other thing that will happen is the insurance carriers will get better at assessing cyber risk by asking the right questions which will probably include some type of automated network scan and client provided reports to verify the answers being submitted are correct. The insurance industry will begin to treat cyber insurance like fire insurance that has strict guidelines for compliance and the availability of insurance. This realization by the insurance industry is years away, so now is the time to buy cyber security insurance. 

Ironically the insurance industry is ultimately going to do something we in the IT industry have failed at for years. Getting companies to invest enough in cyber security to protect their data.

Click HERE for more information.

0 Comments
Continue reading

Computer Best Practice...turn off your computer at night!

sleep computerSince we started in this business 35 years ago the best practice has been to leave your computer on at night. There were several reasons. In the early days when computer models started with XT, AT and 386, the components, in particular the hard drives, did not like being turned on and off.  Leaving a computer on was the key to making the computer last longer. The other reason computers were left on at night was to run updates and perform system maintenance.

Fast forward to today. Desktop computers increasingly come with solid state drives, and even the spinning drives are much more reliable. Updates can be scheduled to download when the computer is on, and installed when the computer is turned off or when it boots up. The reasons we left computers on in the past no longer apply.

New realities make turning your computer off at night the right thing to do. A typical computer consumes about as much electricity as a 60-watt light bulb. Over the course of a year, that computer left on full time will cost about $60 per year in electricity.  So turning a computer off at night can save at least $30 per year per computer, not to mention the positive impact on the environment from using less energy. 

The most compelling reason to turn off as many computers as possible at night is cyber security.  In analyzing past criminal exploits of client networks, most of the criminal activity is conducted on desktop computers left on overnight. Criminals are smart enough to know that they can’t do network discovery or deploy ransomware while the users are working on their computers.  By turning a computer off at night, the criminals no longer have access to the systems reducing the attack vectors available. A computer that is turned off is protected from criminal attacks. This is especially true on the weekends when most ransomware attacks are conducted. 

Employees should be encouraged to turn off their computers at night to help protect the company network, and to reduce energy consumption. If your employees need help remembering, through DeckerWright’s automation tool, we have the ability to turn off computers for clients if they would like us to do so. 

The new best practice for our industry is if the computer is not in use, turn it off.

Click HERE for more information.

0 Comments
Continue reading

The Dangers of Public Email

email securityMany clients in the small and medium business (SMB) market still use public email accounts from gmail, aol, Hotmail, yahoo and msn.  Using a public email account carries a significant business risk.

One key risk of public email is the inability to regain control of an account if it is taken over by a criminal. If you discover that your gmail account has been compromised, good luck getting technical support to resolve the issue. How does tech support have any idea that the email belongs to you, and not the criminal? By the time you determine the email account has been hijacked, all of the challenge questions have been changed to ones the criminal knows, not you. While you are fighting with tech support to fix the problem, any email correspondence meant for you is now getting responded to by the criminal. Banking and other transactions that may be validated in the account are now being responded to by the criminal. With a private email address, the email administrator is part of your organization and can change your password to regain control of the account. 

Email Phishing by criminals is the #1 way criminals infect computers with ransomware. We use enterprise class spam filtering from Proofpoint that provides effective protection from phishing attacks. A public email has none of these protections, so a company is down to the last line of defense against phishing, the employees. The best way to keep employees from making a wrong click is to keep the email out of their mailbox all together. Public email doesn’t screen the emails, making a company much more susceptible to phishing attacks. 

As an employer, if you allow or encourage employees to use public email accounts for conducting your business, you risk losing clients and money. How? If an employee leaves the company, clients may still contact the former employee with their public email account. You have no way to stop the communications, and no way to recover the emails from the former employee. If the employee had a private email account, the emails could be redirected to another employee. 

Email retention and recovery is also an issue with public email.  Public email may be left on the providers email servers subject to their retention rules. When the email piles up to the limit, emails can start bouncing. If you download the email to your local machine, you can accumulate more email, but if your computer crashes, you risk losing it all. Either option isn’t good. An email service like Office 365 provides for 50 GIGs of email storage, and automatically synchronizes with the Outlook, providing more storage and protection from data loss. 

In environments covered by regulatory or contractual obligations where email archiving is a requirement, using a public email account prevents the setup of email archiving systems.  Email archiving makes copies of emails sent into or out of an email server and freezes the email so it can be used as evidence in a legal proceeding. There is no way to incorporate a public email box into an email archiving system.

If you are using public email for business, contact DeckerWright Corporation so we can get you set up right.

Click HERE for more information.

0 Comments
Continue reading

Phishing for Ransoms

phishingOne of the more technical terms we use in our industry is “phishing”. Phishing in security circles refers to criminal activity using email with a message that is bait for the unsuspecting user to click on. Phishing is the number one method used by criminals to distribute ransomware. 

Criminals put together phishing campaigns just like a company might do a marketing campaign to sell their products and services. Depending on the sophistication of the criminal, the phishing email may be poorly constructed with obvious flaws, or a carefully constructed message meant to mimic a legitimate email. Criminals have access to email lists and tools to create the phishing email content and the ransomware software. 

The better and more targeted the list, the more the criminals pay per email.  The most sophisticated phishing campaigns we have seen have phishing emails look like emails sent within a company from a manager to a subordinate. Many of the phishing campaigns are now role based where the criminals target Human Resources or Accounts Payable personnel. 

DeckerWright Corporation uses a multi-layer approach to protecting our client’s data. Every email is checked by a spam filter before delivery. Most phishing attempts never reach the client’s inbox. For phishing emails that make it past the spam filter, the spam filter modifies the email so that any embedded URL is checked by the service when it is clicked. If the URL is evil, the spam filter service won’t let the client reach it. We also run AV software and malware protection on each PC. 

As part of the new Compliance Security Service (CSS), DeckerWright is now offering to send phishing emails to test users. If the users click in the email, they get redirected to a training web site where they can review training material on how to spot and avoid phishing emails. The CSS also includes a Security Information and Event Management (SIEM) tool that monitors network traffic looking for bad behavior. The SIEM includes log file storage that would allow us to go back in time to determine the root cause of a criminal attack. 

Current clients receiving Business Security Services can add any of the components included in the Security Service bundle as an option. The Compliance Security Service bundle provides significant savings if the client needs or wants all of the services necessary for regulator or contractual compliance.

Click HERE for more information.

0 Comments
Continue reading

The Dark Web

dark webThe news often reports of nefarious activity conducted on the dark web.  What is the dark web?  The dark web is a term used to describe the parts of the internet developed, used and maintained by criminals.  At the dark web's heart are services on the internet just like Amazon, Google and Facebook.  The difference is that the dark web uses a special “dark” browser, separate domain name servers and “dark” encryption methods. 

In order to access one part of the dark web you need to download and install a Tor browser.  There are a number of websites that allow you to download the Tor browser.  Think of these websites as the portals between two parallel universes.  Once you download, install and start using Tor, you are connected to the dark web.  How do you find things on the dark web?  Just like Google provides a search engine on the internet, dark web search engines include DuckDuckgo, Onion, and TorLinks.  Simply type in your search term in one of these search engines such as, email passwords, and the dark web search engine will return multiple sources for the data you are looking for. 

Communications on the dark web are all encrypted using Pretty Good Privacy (PGP) encryption technology.   Modeled after IPSec, PGP is a public sourced encryption technology available to anyone.  By encrypting the communications between the Tor browser session and data source, criminals are able to hide their activity in broad daylight on the internet.  Internet Service Providers recently reported that about 3% of the Internet’s traffic is dark web PGP traffic.  The PGP encryption makes discovery and monitoring by authorities of criminal activity next to impossible. 

In order to make the dark web work, criminals maintain domain name service host computers that serve up the names and IP addresses of dark websites.  Any computer that has been compromised with malware is a candidate to be a DNS server on the dark web.  Criminals will install the dark version of DNS on a compromised computer unbeknownst to the victim.  The victim’s computer becomes part of the dark web providing a key function.  Thousands of copies of dark web DNS are planted around the world this way.  No need for expensive data centers and servers to run DNS when you can steal someone’s computer and internet bandwidth for free.

DeckerWright Corporation is now providing Dark Web Monitoring services as part of its new Compliance Security bundle so that business owners can get a look at what information criminals are maintaining on the internet about them.

Click HERE for more information.

0 Comments
Continue reading

Introducing Compliance Security Service

compliance security

DeckerWright Corporation is now offering a Compliance Security Service (CSS) that provides additional security services to meet regulatory, HIPAA, PCI and financial industry requirements. CSS differs from the Business Security Services provided to every client today by providing additional security layers built into the latest regulations and industry guidelines.

The current Business Security Service (BSS) provides a layered defense against criminals and unscrupulous employees to protect a company’s data. BSS combines anti-virus and anti-malware software, a firewall with unified threat management, Windows patch management, email spam filtering with attachment and URL defenses, and local and cloud backups. All of these security services are monitored in our network operations center to ensure that software and threat identification data is current and working. Most important, backups are checked daily to ensure that anything from a lost file to a ransomware encrypted server can be quickly recovered.

The Compliance Security Service builds on the Business Security Service and adds services required to be in compliance with regulatory, PCI and financial industry requirements.These additional services include Security Information and Event Management (SIEM), employee training, dark web monitoring, multi factor authentication, email archiving, and a 24x7 security operations center that monitors the network for bad behavior. The SIEM system provides for device log file management and retention and analyzes the log files to look for bad behavior. The SIEM connects the dots found in the log file following the data bits from its source to its destination across multiple devices on the network to the internet. What may elude stand-alone security products is exposed through the SIEM’s heuristics. The SIEM alarms are sent to the security operations center where the SOC team immediately acts to defend against the attack. 

Along with the CSS, DeckerWright Corporation provides Chief Security Office (CSO) oversite of a client’s documentation, and governance as called for in regulatory and industry guidelines. Clients may opt to receive CSO services as used, or as part of their monthly Security as a Service fee. Components of CSS may be added to the Business Security Services to provide enhanced security to businesses.

Click HERE to learn more about SIEM.

0 Comments
Continue reading

Why GIG Internet Doesn't Work

GIG

Verizon recently came out with its Gigabit internet connection service. We have several clients that have gotten the 1 GIG service only to find that they aren’t getting 1 GIG throughput when they run speed tests, including Verizon’s speed test. Why?

There are two main factors in explaining why clients aren’t getting 1 GIG speeds. The first is fine print. In speaking with the Verizon installers implementing 1 GIG service, they explained they certify 1 GIG service with speeds as low as 750 MGs. In visiting the Verizon FiOS web site, in the footnotes and fine print on the 1 GIG Internet speeds page, Verizon states they only guarantee speeds of 750 MGs on the 1 GIG service. That means the 1 GIG service is really Verizon marketing, and not what's getting delivered to customers. 

The second reason is technology. In order for a customer to achieve 1 GIG performance, everything between their device and the website or app they're using needs to support 1 GIG speeds. This is rarely the case. Typical device interface speeds are either 100 MGs (0.1 GIGs) or 1 GIG. Let’s look at a case where every firewall, router, wire and web site service being accessed has 1 GIG interfaces. If you're lucky enough to access that website when no one else is accessing it, you would achieve 1 GIG speeds. As soon as other people access the same internet resource, the 1 GIG pipe becomes shared, effectively reducing the throughput of your connection. To keep it simple, divide the pipe size by the number of simultaneous users to estimate the speed. New technology supports 10 GIG device speeds, but the technology is not widely deployed, and over 95% of the internet connected devices have 1 GIG or slower interfaces. When everyone was accessing the internet with 25 to 100 MG connections, 1 GIG interfaces were sufficient. Suddenly they are not.

The client’s local network and equipment also provide a bottleneck to achieving 1 GIG speeds. Many clients have older firewalls and networking equipment that only support speeds to 100 MGs. 95% of the firewalls we deployed at client locations will not support 1 GIG speeds. Firewalls, routers, switches and network cabling all have to be up to specs in order to achieve 1 GIG bandwidth from your wired devices.

Even after a client upgrades their physical infrastructure to support a 1 GIG connection, they are disappointed with the performance of their wireless devices. Turns out, they will need to upgrade their wireless access points and make sure their wireless devices support the latest 802.11ac standards. Most WiFi operates in the 802.11b/g/n 2.4 Ghz radio spectrum, which is where the majority of access points and wireless devices operate. Many of the newer wireless enabled devices will operate in the 5 Ghz frequency range which supports the 802.11a/n/ac wireless standards. Even if a client has a new access point and device that auto selects the right frequency and communications standard, WiFi technology adjusts the bandwidth according to the signal strength. The worse the WiFi signal, the slower the connection regardless of the WiFi technology.  To achieve 1 GIG on a wireless device, a client needs an 802.11ac access point, with a device that supports 802.11ac and the client must be standing within 10’ of the access point. If the client wonders away, or has walls between them and the access point, the speeds will drop dramatically.

If you're thinking of upgrading your internet connection to 1 GIG, contact DeckerWright Corporation so we can assess your network before you purchase the 1 GIG service to see if your network can support it.

Click HERE for more information on wireless technologies.

0 Comments
Continue reading

Browser Wars - Round 2

browser wars

Since the inception of the World Wide Web in the mid-1990’s, there has been a battle between competing web browsers.  In the early days, the competition was between Netscape and Microsoft.  The competition got so intense, the US Department of Justice stepped in to regulate some of Microsoft’s behavior.  If you can’t remember Netscape, that’s okay, they are no longer in business.  For many years, Internet Explorer was the only browser in town so there was relative browser stability.

Today’s browser war is very different.  The top three browsers today are Microsoft’s Edge (Internet Explorer), Google’s Chrome and Mozilla’s FireFox.  Both Microsoft and Google have nearly unlimited funds to spend on developing their browser technology.  Unlike Netscape in the past that was relying on licensing revenue from people using their browser, Microsoft and Google have different revenue models that provide funding for their browsers.  Both see their browsers as a significant technology in the delivery of their core services.  The third browser, Mozilla’s FireFox, is developed based on Netscape technology assigned to a non-profit organization that doesn’t have the resources to match the big two, so they are always playing catchup.

Why are we experiencing so many browser issues?  Website development is based on the industry “standards” that are in place at the point in time a website is developed.  Remember Microsoft’s Silver Light?  Most people can’t.  It was a technology Microsoft was pushing as an alternative to Java.  Proprietary to Microsoft’s browsers, Silver Light never got traction in the market, so Microsoft killed it.  Unfortunately, there were some large websites developed using that technology.  Today we keep a copy of the last release of Silver Light in a safe place so that we can install it with Internet Explorer (IE) 11 for some clients.  Other technologies that have been consumed by the browser wars include Java and Adobe Flash.

Microsoft and Google have little regard for those dependent on their browser technology.  A seeming innocent security update can hobble websites.  What may have been an acceptable security method five years ago doesn’t cut mustard today.   For many clients, we have had to freeze browser versions so apps can continue to function.  Chrome is probably the worst in pushing out updates that break things.  Chrome automatically updates itself whether you want it to or not unless you are running the corporate (Stand Alone) version of the browser.  How plugins are secured and executed in each browser is different causing various problems with websites. 

Needless to say if Google comes up with a “standard” Microsoft doesn’t like, Microsoft won't implement it.  Different Microsoft plugins won’t work with Chrome.  There is a standard settings board that sets standards for browsers.  As with any standards setting board, it moves slowly to make changes.  Microsoft and Google regularly introduce technology in their browsers long before the technology is even presented to the standards board.  Since neither company can knock the other one off financially, the browser wars are going to continue long into the future.  Make sure you have all three browsers loaded on your computer.  You never know which one will work.

Click HERE for more information.

0 Comments
Continue reading

Technology Provisioning

technology purchase

Every business relies on technology to run their business.  Where each company acquires their technology rests on a number of factors, including how much the company values staff time.  The purchasing of technology to place in service requires four phases.  The first phase is figuring out what to purchase.  The second phase is ordering the equipment.  The third phase is preparing the equipment for deployment and the final phase is deploying the equipment into the business.

The first technology purchasing phase entails researching the products available to solve a problem.  For example, a staff member needs a laptop.  The right solution has to factor in how the employee is going to use the laptop, the laptop manufacturer, the product warranty, delivery and price.  With hundreds of products to choose from, dozens of manufactures and an endless number of sources, it typically takes between 1 to 2 hours of research to select a manufacturer, model, source and price per item. 

Ordering the equipment can be complicated depending on the vendor.  Many vendors require being paid up front, or by credit card which can be a problem for public and non-profit entities.   Another common issue with online ordering systems, is they don’t verify product availability until after the order is placed.  This often happens on the Internet where items that are shown as “In Stock” are actually out of stock.  Following up on orders to determine delivery dates also takes up time.  Every order placed consumes about 1 hour of staff time for provisioning and follow-up.

Once the equipment arrives at the company, it has to be prepared for delivery to a staff member.  For a typical laptop, this means removing it from the box, turning it on, and going through the equipment setup wizard.  Once the setup wizard completes, all of the “bloatware” needs to be removed from the computer and any security patches needed to be downloaded and installed.  If there are any applications like anti-virus and Microsoft office, they need to be installed at this time too.  What if the laptop that arrives is either wrong or doesn’t work?  A common problem our clients encounter is ordering a cheap laptop that comes with the wrong version of the Windows 10 operating system.   In our experience in dealing with clients that self-provision, 1 in 4 orders will have a problem requiring 1 to 2 hours of staff time to straighten out and follow up on. 

The final phase of the technology purchasing cycle is deploying the technology to the staff.  If the client has a rigorous setup process, the computer delivered to the staff member should be ready to use.  However, most users have some local settings that they want to retain on the new system.  Migrating user settings and documents (known as the user’s profile) can take from 1 to 3 hours depending on the amount and type of data being transferred. 

DeckerWright Corporation provides technology provisioning services to our clients.  We take the time and stress out of the purchasing process.  We have flexible payment terms including credit card, ACH, check, cash, and purchase orders.  Using our Hardware as a Service (HaaS) program, we can even include the cost of the technology in a client’s monthly service amount.  Leasing options are also available to facilitate the acquisition of new technology.  Prices are competitive, but are higher than the lowest price that may be found on the Internet.  When a company factors in the time spent on the entire provisioning process, spending a little more to purchase through DeckerWright saves a company a lot of time and money.

Click HERE for more information.

0 Comments
Continue reading

WiFi...Great Technology When It Works!

WiFi

The explosion of the Internet of Things (IoT) and mobile devices has put an increasing load on existing WiFi networks.  Originally engineered to provide access to a few laptops and mobile devices, WiFi networks are now being tasked with streaming video from cameras, and a host of other IoT devices, impacting a WiFi infrastructure that was not engineered for the load.  Another big problem with business WiFi, is most small and medium sized businesses are in multi-tenant office space with many businesses.  Sitting at my desk, I have 18 different WiFi networks I could connect to.  The more access points that occupy a frequency, the more they interfere with each other degrading WiFi performance.

Another common problem we see with client’s WiFi networks is that they are not engineered to provide the right level of security based on the evolving usage profile.  Many business WiFi networks work in two worlds, the world of using WiFi to access a client’s business network to do work, and WiFi to allow clients and employees to access the internet with their mobile devices.  New IoT applications may have different network security requirements.  When planning out a WiFi network, security must be part of the design consideration.  You don’t want clients or guests to be connected to the company’s business network.  They should be isolated on a guest network with only internet access allowed.  Conversely, computers that need to be connected to the company’s network via WiFi should be. 

The last problem with WiFi networks is the usage of the public frequencies of 2.4 Ghz and 5 Ghz.  The 2.4 Ghz frequency is particularly subject to interference from other technology like wireless phones, microwaves, alarm systems and electric motors that can broadcast on this frequency.  The 5 Ghz frequency is less heavily used by other manufacturers, and does better in facilities with more walls and obstructions based on its wavelength.  The trade-off for the improved quality, is distance.  A 5 Ghz transmitter only goes about half the distance of a 2.4 Ghz transmitter. 

If the WiFi in your company is not performing up to expectations, contact DeckerWright Corporation for a consultation and a site survey

Click HERE for more information.

0 Comments
Continue reading

Should There Be Independent Cloud Backups?

cloudbackup

As the move to the cloud continues, one nagging question remains. Should there be an independent backup of cloud resources?  The answer is YES for a number of reasons.

Although it doesn’t happen often, there is a chance that the cloud service provider being used goes out of business. This shouldn’t be a concern if the cloud company is Microsoft or Amazon, but it should be a concern if it is a local Internet Service Provider, web hosting company or a vertical application hosting company. Several times a year we get panic filled calls from clients who just received notice that their service provider is closing their doors. On several occasions the client found out when they could no longer access their web site or data. Microsoft is famous for ending services or technology and leaving the clients hanging. There is a risk associated with the cloud service provider ending business operations or suspending services being used. Having backups reduces this risk.

Another reason for having independent backups of cloud resources is to provide recovery points farther back in time. While Microsoft doesn’t document the Office 365 retention policy, it is generally accepted that they will retain two weeks of data. Although Microsoft keeps the data, the recovery is restricted to the recovery options built into the applications, like the recovery of deleted files in Outlook. Microsoft does have various backup methodologies built into the Azure cloud, so it is possible to backup Microsoft hosted cloud services to other Microsoft cloud infrastructure. At Amazon you are not so lucky. Amazon does not backup ANYTHING. If a company has a server hosted at Amazon and the server crashes, unless it is backed up to some other resource, everything is lost.  Lack of any backup is part of Amazon’s marketing plan that encourages clients to buy more Amazon resources for redundancy and backups – a brilliant marketing plan! There is a risk associate with the backup policies of the cloud service provider. Before moving to a cloud resource, a company needs to fully understand this risk.

Other data retention issues may be important to regulated entities and government agencies. Most regulated entities and government agencies have data retention requirements that range between 7 to 10 years. These long data retention periods are seldom met by cloud hosting companies. In these cases, an independent third-party backup would be a requirement.

The method for restoring data should also be clearly understood before a restore is necessary. Here are some questions that should be addressed by the cloud service provider:

  • Can individual files, folders, or mail boxes be recovered?
  • In database restoration, does the whole database need to be recovered or can individual records be recovered?
  • Can a full volume be recovered?
  • Does the recovery require booting up a full working image of the resource to recover the desired data?

There has been an explosion of new services becoming available to backup cloud resources.  Industry best practices dictate that backups should be made to independent third-party backup locations that use different software, storage and infrastructure so that a catastrophic failure at the primary hosting location will not affect the backups and the ability to recover.  The independent backup location should be coupled with an ability to either directly or indirectly support a recovery if there's a catastrophic failure with the primary cloud host.  DeckerWright can assist in building a cost effective backup of a company’s cloud resources.

Click HERE for more information on Office 365 data retention - see section 6.

0 Comments
Continue reading

Mobile? Grab this Article!

Qr Code

Latest Blog

The advent of Covid-19, a Coronavirus, is accelerating a trend we have been seeing with our clients for many years. Employers are seeking out the best person for the job regardless of where they may be located. Many of our clients have employees scattered around the country,...

Account Login