No matter what size your business is, having the right security to protect your company, and your clients' data is a must. Security services are more important now than ever! CTI created a robust three-prong approach to combating security threats. With our help we are here to provide you and your company with cutting edge security. We have had an abundant amount of success recovering client data from natural disasters, hardware failure, and malware infection including RansomWare and CryptoLocker attacks.

CTI’s 3 Prong Approach to Network Security

Local Data Backup: Installation of a NAS (network attached storage) handles fast local backups and encryption of a server data and workstation.

Cloud Data Backup: Enterprise cloud solutions guarantee data is always safe and available.

Data Loss Disaster Recovery: Assessment and retrieval of corrupted or lost data whether one bad file or an entire hard drive is malfunctioning. 

Data Security: Strategic privilege management, data encryption, and information architecture ensure only users with the proper credentials have access to sensitive files.

Secure Data Destruction: A system of redundant erasing, crippling, and dismantling leaves no trace of previous data on retired hard drives.

Email Encryption: Send and receive secure emails containing sensitive information without any worry of interception.

Anti-Virus: An enterprise anti-virus solution automatically updated with the latest virus definitions constantly examines software and files before opening them, and scans browser search results for possible malicious sites.

Computer Virus Recovery: Immediately, the threat is isolated before more damage can be done. Then expert CTI staff members assess the situation and determine the best options for virus removal.

Network Monitoring: Automated logging of possible malicious cyber activity and content filtering.

Firewall Configuration: Lock down the traffic streaming in and out of a network with a device which can quickly process all of a business’s data transfers while regulating access.

Employee Training: Group or one-on-one sessions helping users to understand the importance of safe practices, and to learn about better procedures that fit their workflow and keep a company secure.

Helpful Articles: Periodic articles provide a basic knowledge of terminology and on-going changes in the field of data security.

Security Audits: A careful inspection of a business’s network, and practices determines vulnerability and reveals necessary corrective measures.

HIPAA/PCI Compliance Audits: A network security audit with applicable regulations in mind will determine if a business is operating within the bounds of government by-laws, which govern a particular industry.

Computer Security Tips:

Avoiding viruses, malware, and phishing attacks is easy if you're cautious.

Follow these basic tips below to help users consider safe practices while on the web.

  • Do NOT share passwords
  • Don't make the office email password something simple, and share it with every employee.
  • If you suspect a machine has been compromised, disconnect the computer from the network and call CTI's help desk immediately.
  • Beware when downloading from the internet, no matter what - double and then triple check where you are actually downloading something from.
  • Don't instantly click the first link you see when searching something on the web, it could be a virus. Always make sure that the domain name is what you expect, or type in manually the webpage you want to visit.
  • Don't open zip files or any other files from someone who didn't tell you that they were sending you something - Many email attacks look like they are from someone on your contact list. Before clicking, get in touch with them and ask if they sent you something.
  • Attention Medical and Dental Practices! Losing data due to a RansomWare attack is a HIPAA - PHL breach, because you cannot prove data wasn't stolen before being encrypted.

Related Topics

RansomWare

Out of the menagerie of virus attacks, RansomWare (CryptoWall, CryptoLocker) is the most threatening for users, businesses, and networks. Typically, RansomWare is delivered in an email, making false claims.

 

For instance, a FedEx delivery, these scams lure unsuspecting users into opening up an attachment or visiting a webpage. Within a few short hours the entire network is infected, the virus courses through the network seeking any file that it can access and encrypting files making the entire system unusable. The virus will then leave a message demanding payment in exchange for the key to un-encrypt the drive on their network.

 

The operators of these RansomWare scams see themselves as businessmen, the days of hackers making viruses simply to prove that they can are long gone. These criminals discovered an easy way to extort money at no-cost to themselves from victims all over the world.

 

As with other viruses, the best prevention is a combination of backups, anti-virus, and education. Here at CTI, we recommend a NAS (Network Attached Storage) for local backups, along with an off-site cloud based solution.

Modern viruses have become far worse than they use to be. Distributers of viruses and malware are more often criminals than pranksters whose product is designed to gather information which can be sold to other thieves, or used to steal money directly from you.

Computer Viruses: 

  • Worm: A computer virus which infects computers through a network.
  • Trojan: Any piece of malicious software which is disguises as - or attaches to an attractive piece of software. Two common false downloads containing Trojans are fake installers for Adobe Flash Player or Adobe Acrobat Reader. 
  • Key-Logger: Software hidden on a machine which records all of a user's keystrokes and possibly their web activity. Algorithms are then used to harvest passwords, credit card numbers, and banking information.
  • Zombie: A machine which has been infected, and now runs software allowing criminals to put that computer's processor to work. This happens either by utilizing the processor for calculations, or by using the machine as an untarnished source for email spamming.
  • Phishing: When a website or program pretends to be another site or entity and asks for your credentials. Users will often receive an email/pop-up that they believe is valid. The email will link to a website where the user will be asked for their password or call a number. The criminals will attempt to gain control of the machine by asking the user to open a connection, or they will simply collect and sell the passwords that the user enters.
  • Adware: This causes a machine to show ads to a user. Sometimes the user may not even see the ads - the main goal is to make money each time the ad is loaded, even in the background. Adware is often coupled with a warning, inviting the user to call a number to get rid of the ad, but this number is nothing more than a phishing attempt.

 

 

To protect yourself from attacks, CTI recommends following our 3 pillars of computer security: Awareness | Anti-Virus | Data-Backup

Theft & Loss

While you're worried about all of the people trying to get to your data and infect your software, DON'T forget there are plenty of people who would just grab your laptop bag and run! Most offices aren't swimming with criminals. But, there are some environments where expensive equipment is kept in unsecured areas.

 

CTI installs surveillance equipment, anti-theft devices, keyless entries, and emergency systems to help avoid any of theft/loss problems. 

 

Sometimes, the data that is on a laptop or a device is more valuable than the actual device itself. In the case where a someone has ran off with your computer containing sensitive information, you want to know that there is no way for that criminal to access your data. Use of system-wide encryption ensures that they must discard the machine or find a way to erase the encrypted storage before even being able to use it. Confidence in this situation of powerlessness is built from a complete and solid security protocol.

Tampering

Just a 7 letter word that defines something that we never want to come in contact with - HACKERS.

 

Anyone can download and exploit  from the internet and use it to break into an under-protected network. Although, there are numerous times that the likely culprit in any malicious data breach is a disgruntled employee. An employee may get upset and before thinking before they act, the project they were working on is deleted or the customer mailing list has been copied and erased.

 

Any server or machine that is kept up to date with operating system updates and anti-virus definitions are protected against most vulnerabilities and exploits. A robust network security system will prevent an innocent user from poking around and downloading software that they shouldn't be, and preventing them from accessing files that they shouldn't have access to. 

 

The best way to keep anyone, an employee, or an ex-employee from abusing their credentials is with remote instant account freezing. Before they even find out that they have something to be upset about, the employee's access can be revoked and their communications will be forwarded. Although, this doesn't help much in a business environment where employees insist on sharing office passwords, and keeping machines unlocked. When a network is chronically left open in this way, the best a business owner can hope for is the kindest of their fellow employee.