Everything You Need To Know About Remote Data Backups

everything you need to know about remote data backups

Remote data backups, also known as ROBO backup, is the practice of securely storing mission-critical data in remote offices. The advantage of this approach is that it allows an organization to keep all of its data in one place. Remote file backup services allow you to log into a remote drive and through an online interface upload a company’s data. The entry point of storage space for most remote data backup services is 5GB. A potential drawback of remote data backup is data transfer speed. The process can take very long if you’re tied to the maximum upstream speed of your network.

Remote Data Backups

Recent research demonstrates that 60% of a company’s data does not lie in databases and servers covered by Data Recovery Programs. These days cloud backup is a popular remote backup and recovery solution. Backups are kept in a remote office and replicated through cloud storage.

ROBO backup services can reduce storage capacity demands, keep productivity high in a company and meet strict service level agreements. They are a guarantee against fire and theft, and they allow remote access to data from any location, and permit selective files restoration. A company can create copies on tape for disaster recovery. They also allow instant recovery anytime to help you save time and money needed post disaster. They eliminate effort involved in recording, maintenance, and rebuilding of files in case of disaster. By freeing people from these obligations, a company can streamline their staff.

If you would like to learn more about remote data backup please contact us.

Business Computer Backup: How To Backup Your Computer To The Cloud

business computer backup how to backup your computer to the cloud
Cloud Backup

Cloud backups are the easiest form of backup to set up and maintain, and most services allow access to your files from various platforms.  And learning about business computer backup is very important.

To backup your files, create an account, download software, and input your account information. After this process, every time your computer goes online, the software will automatically back up your files.

Do not confuse online backup services with cloud storage and syncing services like Dropbox and Google Drive. These services save your files in the cloud–mostly for collaboration and editing–but they do not store all system files.

Cloud backups encrypt your files so no one has access to them and copies them to a number of drives on various computers. If one of these computers losses data, your information is available in another server.

After uploading your information, the client does not have to worry about uploading their material again.

A downside of cloud backup is that the initial uploading can take a few weeks or months, but this will depend on the amount of data that a company wishes to upload and the speed of their Internet connection.

Most Internet Service Providers (ISPs) focus more on download speeds than upload speeds. A good idea is to temporarily update to a plan with more “upload bandwidth” during your initial backup.

Another potential problem with the use of cloud backup services is if you lose your physical backups and need access to all of your files. In that situation you would be limited by the speed with which you could download information from your cloud service.

Resolving these problems depends on working closely with your ISPs. If you would like to learn more about cloud backup contact us.

Don’t Become a Victim: Avoid Phishing Emails With These Tips

don t become a victim avoid phishing emails with these tips

Phishing emails remain a popular method cyber criminals use to coerce users out of sensitive account information or to inject malicious code on a user’s machine. Individuals fall for phishing scams each day, leading to identity theft, security breaches, and exposure of confidential business data. According to the Anti-Phishing Work Group, 2016 was a record year for phishing attempts and the trend is expected to continue in 2017. Here are a few tips on how anyone can avoid phishing emails and not become the victim of corruption.

Avoid Phishing Emails

  • Most, if not all institutions, would never ask for your personal information via email. If you receive an email asking for usernames, passwords, or personal/company data (i.e., account numbers), you should immediately question its legitimacy.
  • If you don’t recognize or if you weren’t expecting something from the sender, exercise caution. Often, phishing emails may come from sources you don’t know; however, in many cases, the sender may have masked their email address so that it appears to come from an organization or individual you are familiar with.
  • Pay close attention to the sender’s email address. This is normally a sure-fire way of spotting a phishing attempt. If the contents of the email appear to come from a known source (i.e., PayPal), but the sender address is @gmail.com, it’s undoubtedly a phishing email.
  • Pay close attention to any links in the email. In most cases, the links may appear genuine; however, if you hover your mouse over the link (do not click on it), a tooltip will appear showing you the actual URL. If the URL is different from the link in the email, it’s not an authentic message.

So, what do you do if you’re not sure? Phishing emails can often be very convincing, so if you suspect a message is phishing, but have doubts…

  • Try contacting the alleged sender directly (not using any links or phone numbers provided in the email). They can typically confirm whether the email is legitimate or a scam.
  • Try contacting your organization’s IT department for assistance as they may be able to assist with investigating the email to determine if it is genuine.

Essentially, it is always best to err on the side of caution and be mindful of each email you receive. As a rule of thumb, never respond to or open attachments in an email unless you are certain it is legitimate. By doing so, you can better protect you and your organization’s confidential data. Please contact us with any questions.

Essential Network Security Support: ICMP Protocol Security

essential network security support icmp protocol security

Essential Network Security Support: The TCP/IP protocol stack includes Internet Control Message Protocol (ICMP)  designed as a troubleshooting tool that can provide feedback to network devices either for status information or when problems such as network routing failures occur. ICMP has also been used as a cyber-attack reconnaissance tool facilitating mapping of target networks, Denial of Service attacks, and covert channels for remote unauthorized network access. Unfortunately, blocking all ICMP packets on a network is not recommended because certain network functionality cannot operate properly without ICMP. However, proper ICMP filtering can ensure both security and functionality.

Essential Network Security Support

Essential Network Security Support

ICMP type 8 Echo and Echo Reply is probably the most commonly used and familiar type of ICMP. Type 8 ICMP packets provide network feedback to determine whether or not hosts are active on a network. However, Type 8 ICMP can also be used to map a network and determine which hosts are available for attack. In addition, Type 8 ICMP Denial of Service attacks (DoS) are possible by flooding a network with ICMP echo requests until the target servers and/or network connections fail. For this reason block all incoming ICMP requests to private networks, while allowing outbound initiated requests (for troubleshooting) and ICMP echo requests within the private network.

Routers send ICMP Type 5 Redirect messages when other routers on the same network have a better network path for packets received. However, ICMP Redirect messages are also leveraged by cyber criminals to maliciously subvert routing tables and enable IP address spoofing issues. Since networks require ICMP Redirect messages, for increased security configure all networks to send ICMP Redirect messages and deny receipt of these messages from unknown networks.

ICMP Type 9 Router Advertisement packets enable hosts on the local network to only find routers on the local network. Since these packets could be used for a DoS attack by flooding the network, block all inbound and outbound ICMP Type 9 messages.

ICMP Type 13 Timestamp Request messages determine the local time on a host or remote network. Unfortunately, ICMP Type 13 packets can also be used as an alternative to Type 8 packets as a hacker reconnaissance and mapping tool. Since ICMP Type 13 messages provide only non-essential informational services, block this type of ICMP message on both egress and ingress points to private networks.

ICMP Type 17 Address Mask Request and Reply messages enable network hosts to find the network mask of another host or interface. However, these messages are not necessary for network functionality and attackers use them to map network. Since ICMP Type 17 messages are informational and not necessary, block them at both egress and ingress points on private networks.

Contact us to assess your organization’s security posture, learn more about essential network security support and secure your network from ICMP vulnerabilities.

 

Tips For Performing Regular Website Security Maintenance

tips for performing regular website security maintenance

Launching a business website is a great way to attract more customers and establish a strong, authoritative presence on the web. However, your site is also a source of vulnerability. It’s critical to keep an eye on it, perform regular website security maintenance, and stay up-to-date on security threats.

website security maintenance

What are some of the things you should do?

Monitor cyber security news. One example of how important this is came from a recent major data breach involving Cloudflare. A security bug wound up exposing passwords, cookies, and other sensitive identifying information from various business websites, with some of the leaked data getting picked up by search engines. Knowing about these developments is critical for acting quickly to protect your business as best you can or do any necessary damage control in the aftermath.

Keep your software updated. Let’s say you’re using WordPress as the content management system for your website. WordPress regularly releases software updates that improve performance and patch security holes; furthermore, any reputable WordPress plugin will do the same. Make sure you’re staying on top of updates and not running older versions that are riddled with vulnerabilities.

Review your site for security flaws. If you’re running an e-commerce site, for example, are there ways in which you may be inadvertently exposing customers’ personal information? Does your website contain vulnerabilities to SQL injections or other insertions of malicious code? Perform periodic reviews of your site to determine its weaknesses, and address them as quickly as possible.

If you need assistance or additional advice, please contact us. Your business website is critical for your success in a digital world. As your home on the web, it’s meant to leave a strong, lasting impression on customers.

Make sure it’s a favorable impression. By conducting regular website security maintenance, you’re in a better position to protect your customers and yourself from major problems such as malware infections and data breaches.