Is Cloud Hosting Still the Best Option for Your Business?

The cloud is a powerful method of computing. When the term first entered into wide usage, it was ambiguous. No one really knew what it meant. Or, if they understood the concept, most people had no idea how it worked.

Today, we’re past the stage of being mystified by the cloud. Most people get the concept of a decentralized computer network that harnesses the power of many individual machines to provide computing services.

But understanding the cloud and trusting the cloud are two entirely different propositions. Despite the proven benefits, many business owners or administrators still have a tough time relinquishing control over their data to a third party. They just don’t like the idea of sending proprietary information out into the ether.

Are they right to be concerned? Are there better methods of storing data?

To be sure, cloud computing isn’t the only option available. Many businesses choose to host their websites or manage their business infrastructure on their own, in-house servers. Some may split some data storage tasks between in-house servers and the cloud. On the other hand, many businesses fully embrace the power of the cloud.

What’s right for someone else may not be right for you. And vice versa.

So, how can do you know if cloud hosting is right for your business? Let’s take a look at a few attribute of the cloud to help you make an informed decision.

Ease & Access

One of the best things about cloud hosting is the ability to easily access your data anytime and from almost anywhere. This makes running your business on the go very easy. And, it can also foster greater collaboration among your employees – especially if they’re working remotely or in different locales.

Another benefit is foregoing big expenditures on expensive hardware. In-house servers cost a lot of money. If you’re a small business, investing in costly infrastructure may not be the right move. Cloud hosting allows you to keep your costs down as your organization grows.

This highlights another cloud advantage – scalability. If your company grows quickly, or your website traffic takes off unexpectedly, all you have to do is inform your provider that you need to step up your plan to meet your data needs. That’s it.

Another upside of cloud hosting is the ability to get back up and running quickly after a disaster or emergency situation. Decentralizing your data allows you the flexibility to access important information whenever you need it, from whatever device you have available.

Security

Many cloud detractors cite security is a reason why they won’t engage with the service. This group prioritizes maintaining complete control of company data from start to end. They would rather entrust their IT security to an in-house team of experts.

However, cloud providers are actually better positioned to provide data security than any individual business. Cloud providers have dedicated teams that are specifically tasked with keeping the entire cloud network safe. Most organizations, especially small businesses, don’t have the resources to stay on the cutting edge of network security. Even a robust internal IT team would have trouble matching the security capabilities of a cloud host, as security is just one aspect of an in-house IT team’s responsibility.

Also, it’s important to remember that your internal security protocols are only as strong as your weakest user. System users (people) are the greatest weakness to a secured system. Keeping sensitive information off your local servers can actually protect your business from an accidental breach, employee theft or corporate espionage.

The Final Case

Is cloud hosting right for absolutely everyone? Probably not. However, the scalability, flexibility and security of the cloud makes it an attractive and affordable choice for small and medium-sized businesses.

If you’d like to know more about how cloud hosting can help your business, give BITS a call. Our IT security experts can provide a professional analysis of your vulnerabilities and network needs.

By | 2018-10-30T05:45:15+00:00 October 30th, 2018|Hosting Services, IT Services|

Why Cheap Threat Protection Isn’t Saving You Money

Today’s digital landscape is fraught with security pitfalls. In the pioneer days of the internet, hackers mostly went after digital conquests to gain notoriety or for the thrill of getting past the most advanced security setups of that early digital period. In 2018, however, that hacker mentality has long been replaced by a different ethos.

Cyber criminals now are less likely to take pleasure in simply penetrating your digital security perimeter and taking a look around. If your organization suffers a breach, the consequences are much more dire.

Whether you work for a large, multinational corporation, or run a small business, once a security vulnerability is exploited on your network, all of your data, operations and business processes are at risk for exploitation — be it out-right theft, blackmail, sabotage, etc.

There are some stark numbers out there when it comes to cyber security:

  • 61% of organizations worldwide have been impacted by ransomware
  • 1 in 6 businesses lose more than 25 man hours following a security breach
  • 6 out of 10 small businesses that suffer a cyber attack close their doors within 6 months

Here are a couple more startling statistics: 65% of consumers lose trust in an organization following a security breach, and 31% cut off their relationship with the brand entirely.

Despite the growth in the sophistication and complexity of cyber exploits, and the threat to consumers, many organizations still operate under a “if it ain’t broke…” mentality. If they haven’t been hit with an attack recently, many are happy to roll with the same cyber security protocols they’ve been using for years.

Some may rely on security features embedded in their preferred browsers — Windows Defender, for example — or place their trust in the security features of trusted applications, like WordPress.

To be sure, the less-is-more approach does not work for cyber security. In fact, it’s a good way to lose your customers.

Windows Defender

Microsoft, like a number of other providers, offers a complimentary anti-virus, security software. The free Windows Defender is billed as “comprehensive, built-in and ongoing security protection.” However, Microsoft supplements the free version with the more robust Windows Defender Advanced Threat Protection (ATP) that consumers have to pay for.

On its own, Windows Defender can stop most viruses and digital threats (it does have to be updated fairly regularly). However, ATP offers “a unified platform for preventative protection, post-breach detection, automated investigation, and response.”

The advanced version of the software speaks to a more sophisticated threat landscape and the need for strategic planning and professional protection.

WordPress Vulnerabilities

Many businesses turn to the WordPress platform to build and host their websites — one of the draws being affordability. Of course, the site provides security for their customers, including encryption, firewalls, security monitoring and data backup and recovery. WP also has a team of cyber security professionals on staff “to address potential security risks.”

Nonetheless, the site acknowledges that no means of data exchange is perfectly safe, and that it “can’t guarantee absolute security of your site.”

Indeed, security of WordPress sites is a muchdiscussed topic — both because nearly 25% of websites run on the open-source platform and due to the prevalence of attacks. In fact, some of the vulnerability of WP is due to its popularity. While the WP security team does all it can to protect users, users themselves (especially those not well-versed in cyber security protocols) are security vulnerabilities as they can (sometimes easily) be targeted for exploitation. A good chunk of WP vulnerabilities are exploited through third-party plug-ins and themes that customers download themselves, a consequence of open-source coding.

For this reason, Beacon offers SITEXPRESS, our own, closed-source website platform.

BITS: Professional Approach to Data Security

It is certainly possible to create and execute an in-house digital threat prevention program on your own. However, if you are short on time, staff, or the required level of expertise, it’s best to trust your data security to a dedicated and professional team. For guidance on your threat prevention efforts, give the experts at BITS a call at 336.365.7703.

 

By | 2018-09-25T04:57:59+00:00 September 24th, 2018|IT Services|

Why Locality Matters for Managed IT Services

Many companies rely on managed IT services to help them keep their computers secure and in peak performing conditions. It isn’t too difficult to find a provider that can keep your software up to date, make sure the latest security patches are implemented, or execute regular data backups.

The decision to “farm out” the upkeep of a company’s digital infrastructure is a smart one for many businesses. After all,

if technical/computer know-how has nothing to do with your industry, it doesn’t always make sense to devote an entire department to a skill set you know little about operationally.

That said, your organizational digital infrastructure is an important part of running your business. You want to make sure that the vendor you choose to hire has both, sound technical capabilities and trustworthiness.  Undoubtedly, these are very important decision points.

However, one thing that some decision-makers may overlook is the location of your IT support providers. In fact, in today’s ultra-connected and shrinking world, it may seem old-fashioned, maybe even uncool, to base a  vendor selection criteria around the concept of locality.

With the ever-expanding cloud economy, you may assume that IT is the last industry where physical location matters. After all, a tech can fix a problem on your work computer in seconds via remote access from anywhere in the world.

This is, of course, true. So, why does locality matter?

Face-to-Face Interactions Are Still Important

Knowing your clients is another old-fashioned business value.

Most businesses that rely on vendors for IT security and support believe that the less they hear from the vendor the better. No news is good news. Much like your favorite football team’s offensive line, if you’re talking about it, it’s probably because there’s a problem.

At BITS, we take a different view. Our aim is to develop and maintain close working relationships with all of our clients through regular conversations. We know that an offensive line can only protect your quarterback if it knows the game plan. Moreover, if the defense calls a blitz and you need to change the play at the line of scrimmage, the new play will only work if your linemen know the audible calls.

Football analogies aside, communication is still an important aspect of managing your vendors. And, as old-fashioned as face-to-face meetings and onsite visits may seem, they still offer the best methods of ensuring that the team you hire to protect you has the necessary information and understanding to do the job properly.

We believe you should treat your IT vendor as a full member of your team, and include them in pertinent business discussions. We want to be in the huddle with you.

Project Planning

Close integration with your IT vendor fosters operational familiarity and increases efficiency. But, it can also help your provider anticipate your needs and help you with project planning.

If you’re expanding or moving offices, for example, it makes sense to involve your IT services team in the planning stages. Such a project is a logistical monster. Your vendor can provide valuable advice by recommending the best types of equipment, an efficient computer network setup, and a new emergency response plan.

No matter what kind of project you’re undertaking, the more your managed IT services vendor knows about your operational cycles, technology use patterns and future goals, the more they can do to move your projects forward quickly and efficiently.

Beacon Knows IT

If you want a closer, more responsive relationship with the team responsible for your IT operations and security, give us a call at 336.546.6660. See what you’ve been missing.

By | 2018-08-28T11:27:41+00:00 August 16th, 2018|BITS Team, IT Services|

Data Breaches: Has the Industry Adjusted?

For cyber-security professionals, 2017 may have been “The Year of the Data Breach.” It’s not that data breaches just started happening last year — cyber-criminals have been at it for quite some time. But the number of high-profile breaches, as well as the sheer number of consumers being affected, seem to have hit an all-time high.

According to the non-profit Identify Theft Resource Center (ITRC), last year saw 1,253 reported data breaches. That’s a nearly 15% increase in the record-setting number of breaches that occurred just the year before, in 2016.

Not too long ago, consumers didn’t pay that much attention to data breaches. Most didn’t think or realize that their personal information was at risk. Last year, that laissez-faire attitude came crashing down as consumers were rocked month after month with news of huge breaches at very visible public companies.

Equifax, Uber, Facebook, Yahoo and eBay are some of the companies that found themselves in the spotlight for all the wrong reasons. The attacks didn’t just target internet companies, however. Cybercriminals didn’t discriminate — they went after state and local governments (WannaCry in Atlanta, SamSam took down Colorado DOT), health care organizations (Anthem/Blue Cross Blue Shield and UNC Health Care), universities (Oklahoma, Washington State), hotels (IHG, Hyatt), retailers (Forever 21, Kmart, Saks Fifth Avenue) and even the US government (FAFSA, SEC).

Lessons Learned

So, what have consumers and IT security professionals learned from all this?

One positive thing that high-profile data breaches did accomplish is they brought cyber security concerns out into the general public discourse. Consumers are a lot less likely to skip over a news story about a data breach today. Many now pay much closer attention to protecting their own personal information, and are more vigilant about checking up on breaches that have the potential to impact them — like with Equifax.

The IT security industry has responded as well. For one, demand for cyber security specialists has skyrocketed. Firms are having trouble filling positions, with an estimated two million shortfall of qualified IT professionals projected for 2019.

But, have businesses and top decision-makers learned anything?

The leaders of Equifax, Uber and Facebook are certainly facing a considerable backlash for the failure to protect their platforms. They’re also being criticized for not being forthcoming or responsive enough to the concerns and needs of their consumers. All three companies are working through lawsuits brought forward by their consumers. The lawsuits are still working their way through the legal system, so, it’s not yet apparent what lessons these companies have learned.

But, it’s safe to say that the rest of the business community is on alert. Consumer data protection is a must — not a “nice to have.”

Is IT Security Better Today?

The positive takeaway from the Year of the Data Breach, is that data security is no longer the forgotten cousin to IT infrastructure concerns. Data protection is top of mind for both consumers and the organizations that collect and store consumer data.

With the highly anticipated GDPR (General Data Protection Regulation) going into enforcement earlier this year, the emphasis on data security is no longer optional. Now, businesses have an obligation to think about and protect the data that their consumers allow them to collect. And consumers, themselves, are empowered to exercise greater control over what data they share and how their data is stored.

So, while 2017 was a bad year for data breaches, 2018 may prove to be a turning point for consumer data protection.

Beacon Knows IT Security

If you haven’t reviewed your organization’s IT security needs in a while, or are unsure of what security protocols are in place, Beacon’s highly capable and responsive team of IT professionals can help. Give us a call at 336.265.2700.

By | 2018-07-30T11:20:43+00:00 July 30th, 2018|IT Services|

Cloud IT Services and Security

Is Cloud-based Computing as Secure as Server Hosting?

Security questions have hounded cloud services since their inception. But, is the cloud an inherently less secure method of computing than in-house servers? The answer differs depending on who you ask.

A 2014 study by the information security-focused Ponemon Institute found that about half (51%) of IT security practitioners had concerns about their organizations’ ability to secure data and applications hosted in the cloud. Understandably, these concerns provide enough justification for some organizations to avoid using the cloud.

However, other IT experts contend that the cloud’s out-sized security vulnerability is a myth. In fact, they argue that security of cloud-based services is often better because of industry standards governing data centers. In majority of cases, they say, what threatens the security of the cloud is the same thing that threatens in-house IT infrastructure — the users.

So, perhaps, the debate should be reframed. Maybe the question isn’t “How secure is the cloud?”. Maybe what you should be asking is “How good are my data security protocols?” and “How well does my team understand them?”.

These are much bigger questions. But, ones that are likely to result in a better approach to data security and risk management. Putting cloud-specific security concerns aside and thinking about your data network holistically allows you to zero in on your organization’s unique IT management needs.

The Public Cloud

Over 70% of the world’s businesses rely at least in part on services based in the cloud. These services offer some serious advantages for data storage and website hosting, not the least of which is cost effectiveness.

Cloud services are easy to access, customizable to your organization’s structure and adaptable to changing needs. When you host your website on the cloud, there’s no need to buy and configure expensive servers. There’s no need to hire a large IT staff for the purpose of server maintenance. And, you can also scale up quickly, in case your website traffic spikes unexpectedly (yay!).

Services delivered via the cloud tend to have extensive security measures, including change management — the ability to track system and data changes within a computer network. You can also restrict access to sensitive data streams to designated personnel.

That adds up to a fairly convincing business case. So, why do some organizations insist on building out their own extensive IT infrastructure?

The Case for In-house Servers

The bottom line is, you lose a measure of control the second your data leaves your network. Even if that data is stored on a very secure server in a tightly controlled data center, there’s a possibility that you could lose access unexpectedly.

Additionally, some industries carry stringent requirements for data management that can impact IT infrastructure decisions. If you work with the military or the intelligence community, for example, you may be restricted from relying on servers based in other countries. If you’re a hospital or a doctor’s office, there are legal obligations that come with storing patient records electronically. In both cases, the choice to use secure, in-house servers may be perceived as more prudent.

Lots of things happen that we cannot control. When and if they do, proximity to the physical location of your data can be an advantage. For this reason, organizations large and small, sometimes choose to keep their data network in-house.

Beacon is Here to Help

Whether you’re looking to streamline your IT infrastructure, or need expert assistance supporting your in-house data processing and storage, Beacon IT Services (BITS) has the technical know-how you need. Have questions or concerns? Give our experienced team a call at 336.265.2700.

By | 2018-06-19T10:50:11+00:00 June 19th, 2018|Hosting Services, IT Services|

Managed IT Services

Disaster Response Time

If you’ve ever been in the unfavorable position of seeing your business IT infrastructure compromised, you understand the necessity of an expedient response from your IT vendor. If you haven’t, thank goodness. Unfortunately, the rise in the number of successful web-based attacks increases the odds of you facing this situation sometime in the future.

Successful businesses protect themselves against known risks. So, how do you best prepare for the eventuality of your company network being attacked? Another way to ask this questions is: What are the elements of a good disaster preparedness plan that ensure the fastest response time?

At Beacon, we hang our hat on two essential elements when working with clients to secure their IT infrastructure: experienced live technicians, and a properly-configured remote tool kit.

Live Technicians Make All the Difference

It’s natural and easy to become reliant on technology. Humans have done this at every stage of our evolution. An appropriate present day example is the societal discussion taking place around automation. It’s true – robots and artificial intelligence may very well be the components that someday revolutionize the workplace.

But, even the smartest tech leaders of the most forward-looking companies are re-learning the value of human capital. As Elon Musk, the CEO of the upstart carmaker Tesla, recently acknowledged, there is such a thing as over-automation. It turns out that the key to ramping up the production of Tesla’s highly-anticipated Model 3 is not more robots, but more people.

We’ve always placed a high value on highly personal customer service. In fact, the calling card of Beacon’s IT services is the ability of clients to receive live assistance immediately.

If you’re faced with a cyber attack that took down your network, you don’t want to be reduced to leaving voice mails to your IT vendor. Or worse, relying on a corrupted or compromised network to figure out what’s what. You want to be speaking with a real expert right away, not three hours from now. It is this step that’s going to be the difference between restoring your network in minutes, rather than days.

Remote Tools Help Your Network Recover Quickly

Hopefully, your firewall solution is good enough to keep out any unsavory characters. But, if we’ve learned anything about IT security in the last few years, it’s that breaches can – and do – happen despite the most robust security setups.

If your defenses have been penetrated, what helps you get your systems back online the fastest is a responsive data backup system (that you had the foresight to install prior to the attack). There are two setups that yield the best results: local virtualization and cloud backup. Both can get you back online within hours, if not minutes.

Local virtualization relies upon an on-site device that’s connected to your network. In case of a breach, the device is automatically quarantined. It is then used to restore access to your data by transferring the data to a “clean” server, or by acting as a server itself.

The second method is similar to the first. The difference is in the way the backed up data is stored and accessed. In local virtualization, the backup data can be accessed locally, on the backup device.

With the cloud backup, your data is sent to the cloud at selected time intervals – could be as often as once an hour. The task can be scheduled for non-business hours or overnight, so it does not interrupt normal business operations. If the need arises, you can access the saved data from a cloud portal – a secure, dedicated web page. In this manner, you’re able to restore individual files; or, in a disaster recovery scenario, activate servers in the cloud to replicate the compromised servers on site. In some scenarios, cloud servers can even be set up to mimic the function of your on-site servers, allowing authorized users to access the data the way they normally would.

Is Your Network Protected From Today Exploits? 

If you’re not sure, give BITS a call at 336.546.6660. We’ll be happy to talk to you about your IT security concerns. Our team is experienced in crafting customized solutions for the most stringent requirements.

By | 2018-05-15T11:49:08+00:00 May 15th, 2018|BITS Team, IT Services|

Lessons in Cyber Security & Threat Prevention

Atlanta Ransomware Attack

The ransomware attack that took hostage a number of vital computer systems in Atlanta last month wreaked havoc on residents and sent the city’s administration scrambling. What can we learn from the situation?

Considering that city officials were aware as early as last summer that “severe and critical vulnerabilities” existed within the municipality’s computer network, the biggest takeaway is: DON’T WAIT to shore up your cyber security.

We’re not in the business of beating dead horses. And, surely, Atlanta officials have their hands full orchestrating the recovery from the attack and trying to return vital operations back to normal. Nonetheless, the fact that a 2017 internal city audit revealed an utter lack of preparedness to manage any sort of cyber threat should not go unmentioned.

What that means is the March 22 attack wasn’t a technology problem. As with most hacking efforts, it’s not the code that sinks you – it’s the human element that’s exploited for criminal gain. In this case, the human element was the inability of city administrators to respond to known threats. Not only was the city not equipped to handle an attack on its networks, it also didn’t have a proper response plan ready.

The number of ransomware attacks spiked sharply in the last year. So, if you don’t have an updated plan for your organization’s network security, you may very well be the next target of SamSam – the group responsible for the Atlanta situation – or another criminal outfit.

The good news is that there’s an army of cyber security professionals who are very skilled at crafting customized solutions. We, at Beacon, have been good at it for quite a while.

Protection Through Prevention

The best way to avoid a ransomware attack is to make sure that your network has a sufficiently strong firewall in place. A firewall identifies incoming web traffic and filters any suspicious or unapproved activity. The effectiveness of any firewall depends on how well it is configured. Typically, large networks require complex firewall configurations and a team of IT specialists for maintenance and monitoring.

Firewalls are great at protecting against known threats. However, new hacking techniques are developed every day. To defend against these zero-day exploits and other sophisticated attacks, IT pros deploy advanced automated audits that boot the threat off the targeted network. About 80% of current Beacon clients rely on this type of advanced protection. And, ideally, that number would be 100%.

Of course, even the most well-designed security setups can be breached. Criminal hackers know that people are the weakest link in network security and design attacks to take advantage of unwitting networks users. (There’s that human element again.) However, the odds of such attacks succeeding are low if your organization takes security awareness training seriously. Security seminars should be made available to every person on staff, and be repeated at least once every three years.

Recovery: It’s Good to Have a Back-Up Plan

Let’s be honest – sometimes hackers succeed even when you’ve done everything right. If that happens, you don’t want to find yourself in the same position as the folks in Atlanta. Backing up your network will protect you in case of a catastrophe.

While the concept is simple, data backup is actually a fairly complex process that takes considerable forethought. You’ll need to decide how often your network needs to be backed up (hourly, daily, weekly, etc). You’ll also have to examine how long your organization can go without access to your data.

A busy medical center, for example, would need to have its data backed up hourly to capture changing patient statuses, doctor’s orders, prescriptions, etc. With lives at stake, it would also be imperative to restore access to that data as quickly as possible.

Organizations that don’t deal with life and death issues would probably have less stringent requirements for their data protection plan.

We’re Here to Help

Have questions about your company’s cyber security? Give BITS a call at 336.546.6660, and we’ll be happy to talk to you about your concerns and data protection needs.

By | 2018-04-12T11:22:11+00:00 April 12th, 2018|IT Services|

What to do if Your Business is Victimized by Ransomware

Your computer is acting funny. You can’t access certain files. Then, you receive a pop-up message. You read the message only to learn that your data has been encrypted and you no longer have access to it – UNLESS you send a large wad of cash to the hijacker in unmarked bit-bills.

Unfortunately, bitcoin payments don’t arrive with dye packs that blow up on delivery. So, how do you get access to your data? What do you do when your business has been attacked by a hacker with ill intent?

Step One: Don’t panic.

First and foremost, remove the infected computer from your network.

Before complying with any demands, you may wish to verify the existence of malware. Hackers have been known to create threats that aren’t really there, all for the express purpose of extorting money from you. The hope is that you never actually check to verify that a threat really exists. Hackers rely on you to panic and pay the fee without thinking. So, take a deep breath and…

Step Two: Run an anti-malware scanner to check for an infection.

Reboot your computer and run it in safe mode. This will enable you to run your anti-malware software. If the ransomware is fairly innocuous, your anti-malware software will be able to remove it. Once you know that’s the case, there’s no harm and no reason to pay the hacker. Then, your next step is to…

Step Three: Develop a prevention strategy so that you won’t have to go through this again.

Call the IT experts at Beacon and we’ll check your network for other vulnerabilities. We’ll copy your hard drive, desk top files and applications and install a backup system that protects you from future malware attacks.

If you’re unable to remove the insurgent threat, you should attempt to….

Step Four: Identify the ransomware.

If the anti-malware application will not remove the threat, your next step is to identify the ransomware. You can do this through ID Ransomware. Upload the ransom note, forward a file that cannot be opened or simply input an email address from your network. This free website can often identify the ransomware that has encrypted your data.

If ID Ransomware fails to identify the ransomware type, there are decryption tools that may be able to help you unlock your files. There are decrypters available to combat ransomware such as Locky, HydraCrypt, CryptoLocker, and Petya. You’ll be taking a shot in the dark so to speak, but if you hit on the right one, you’ll be able to unlock your files.

If not, we suggest that you…

Step Five: Go Back to Step Three and Call Beacon

By now, you may have decided to pay the ransom. While we don’t recommend doing so, only you know what this ordeal is costing you in lost revenue and/or reputation. If circumstances dictate it, one cannot be blamed for protecting one’s customers by paying the ransom. However, the IT team at Beacon can put the kind of prevention plan in place that best fits your need and budget, protects you and your customers and prevents the same kind of mishap from every happening again.

Get a free assessment of your network. Contact me directly or speak with a member of our IT team at 336-447-3379. We’ll make sure you’ve got the necessary system in place to protect you from ransomware threats so that you can focus on your core business.

By | 2018-03-13T06:50:05+00:00 March 12th, 2018|IT Services|

Crypto Currency: Ransomware & Your Vulnerability

Crypto mining is not against the law, nor is it a nefarious activity. At least not most of the time. But in order to fully understand why crypto mining can be a problem, we need to start from the beginning.

Our story starts with the creation of a crypto currency called “Bitcoin”.  Like Paypal, Bitcoin is an online transaction system. Unlike Paypal, Bitcoin is decentralized or “open source”. In other words, it’s open to all users, meaning any developer can modify the code that makes the software do what it does. However, all modifications must pass muster with the software’s lead developer, Gavin Andresen.

With Paypal, each transaction is authenticated by a single authority or custodian. By contrast, Bitcoin uses something called a blockchain. A blockchain is a public record sent to everyone in the network. When a transaction occurs, the computers in the network automatically adjust the balances of the addresses involved in the transaction. The beauty of this system is that it’s impossible for anyone to edit and makes for a permanent record of the transaction.

What Crypto Miners Do

Crypto miners are computers along that chain. Their sole purpose is to donate their processing power, enabling verification of transactions included in the current “block”. Once that is complete, a new block is created and a new public record is distributed. In exchange for use of their CPU power, crypto miners receive 12.5 Bitcoins for every ten minutes of processing power.

Being that crypto mining is computationally intensive, it requires resources that far exceed your average laptop computer (although in Bitcoin’s infancy, that wasn’t the case). It requires dedicated processors, graphic cards and more. There is overhead involved in mining currency.

Cryptocurrency Malware

As a way to circumvent these costs, disreputable miners developed malware that can imitate the botnets that normally perform this function. This malware can hijack your CPU and slow everything down – sometimes to a halt. Delivery of crypto malware can occur through all of the usual means – spam emails, links and unwanted applications.

And then there’s Ransomware

These same malwares can present themselves in the form of ransomware. Ransom is always requested in Bitcoin or any of the other 700+ cryptocurrencies around today. The reason for this is simple. Cryptocurrency works with complete anonymity. You can’t trace the sender or the receiver.

Develop a Plan

At Beacon, that’s what we do. As IT professionals, we work with you to ensure the safety and security of your online business.  Get a free website security assessment or contact us at 336.447.3473 with any questions regarding your businesses’ IT needs. Together, we can develop a prevention plan that’ll keep your proprietary information in and cyber criminals out.

By | 2017-12-11T11:36:53+00:00 December 8th, 2017|IT Services|

Is Hacktivism a Problem for Your Business?

Back in the 80’s, when someone hacked a website, they left a message not unlike graffiti. “Hackers rule” or something silly like that. It was relatively harmless. These days, hackers have grown up and hack with resolve. If they should deem your website or business counter to their beliefs, you could find yourself out of business within days.

Research suggests that 1 in 5 hackers are hacktivists. That is, their motivation for hacking is activism. Some of this activity may be seen as productive. For example, a hacker once created an open source software that enabled people in China to circumvent government censorship. Through the use of this software, one could access restricted websites such as CNN or Amnesty International, even in countries where it had been banned by government.

However, there is a dark side to hacktivism. Hackers often use open source hacking tools to penetrate Windows networks and employ “denial of service” attacks to bring down legitimate businesses. Essentially, a “denial of service” or DoS attack bombards a server with more requests than it can handle until it ceases functioning. More effective than a traditional protest or picket line, a DoS attack can cut off a business’s sole source of online revenue, crippling it in the process. DoS attacks can be implemented through email spam, downloads and various other methods.

These open source tools go by names such as Social Engineer Toolkit, John the Ripper and Metasploit. Anyone can use them and they’re readily available for download online. Go ‘head. Perform a Google search and see for yourself. It’s more than a little bit scary.

Here’s a number that’s scarier, still. 60% of small businesses call it quits within 6 months of a cyber attack. Don’t be one of them. Follow a few simple precautions.

  1. Use the latest versions of software. Software updates ensure that vulnerabilities identified by the author have been addressed. If a software doesn’t have a recent update, then it may be wise to seek an alternative software.
  2. Make sure security extends across mediums. Anything connected to your network needs to be secure including cell phones and tablets. Use of a PIN code is highly desirable.
  3. Don’t rely on W-Fi. It’s risky and easily exploited. Make sure that employees use a VPN when accessing the network off-site. A VPN (or virtual private network) provides a layer of security as one must log on before being able to access an open wireless network.
  4. Educate employees. Just today, users of a common browser cleaner called CCleaner learned that the latest version has been compromised when hackers breached the author’s security. As a result, CCleaner version 5.3 not only contains software updates but a multi-stage malware payload. Approximately 2.27 million users are affected. Make sure your employees know what they should and should not download on their work stations. Create a list of approved tools.
  5. Be proactive. Develop a risk management plan. Identify your vulnerabilities and most valuable assets. Develop a strategy to secure the most valuable information first and work from there.

For certain business markets, hacktivism is an obvious threat. A fur business knows it has to protect itself from PETA activists. Political parties must protect themselves from their ideological counterparts.

For some of us however, the answer isn’t quite so obvious. So, consider the worst case scenario. If you were to lose your most important asset to a network hack, could you overcome it?

Feel free to leave a comment or email me with your thoughts and ideas on hacktivism. If you think your business is at risk and wish to take action to protect it, call me at 336.447.3473.

By | 2017-10-03T05:21:30+00:00 September 17th, 2017|IT Services|
Load More Posts