Archive for the ‘Network Security’ Category

Should Employees Be Allowed to Use Their Own Devices?

Sunday, December 25th, 2011

This is a question that business owners must deal with more and more each day.  In this age of increased mobility, people want to use one device (their personal cell phones, for example) when they’re on the go. And why not?  There’s a huge benefit to your employees being willing and able to answer business emails or check on accounts when they’re off the clock or out and about. But it also presents a security issue with so many diverse devices hopping on and off your network. So what’s the answer?

Public VPNs, instead of corporate VPNs, according to tech writer Steve Wildstrom, may be the answer.  Choosing the right security components for your network also makes a difference.

Security breaches are expensive and can destroy consumer trust. Before you start allowing employees to use their own devices, find out the best way to protect your critical data and hardware by researching the various options or speaking to a network hardware provider.

Interesting Perspectives on VPNs

Friday, December 9th, 2011

If you know anything at all about technology, you’d probably question network security that was sans VPNS. Most routers that have advanced security features include VPNS. Some of the familiar ones that come to mind are the Cisco CVPN3002-K9 and the 7609-VPN+-K9.

According to a recent article written by Steve Wildstrom, VPNS provide terrific security but may not be the perfect solution. In his article titled ‘Reducing the Risks of Public Wi-fi’ (available on Cisco’s website):

“Despite providing excellent security, VPNs have a number of drawbacks. They can be expensive and complex to set up and administer, especially for smaller organizations with limited IT expertise. They can also be tricky for users, who may have to switch back and forth between VPN and standard connections. And depending on how the corporate network is configured, the VPN may provide access to the internal network, but limited or no connectivity to the public Internet.”

So what’s the solution?

According to Wildstrom, “One solution is to have corporate users connect to public Wi-Fi networks using public VPNs. These are less secure than corporate VPNs since they provide encryption only from the device to the service provider, not all the way through to the corporate network. But they do protect the most vulnerable zone, the Wi-Fi link and associated local area network.”

Great advice so we thought we’d share it with you!

Reducing IT Costs through Cloud Computing

Monday, November 28th, 2011

In an article written by Kristi Essick for Cisco, the leader in high performance routers and switches, the benefits of cloud computing are laid out simply and neatly. Essick writes, “For enterprise and consumer users, cloud computing promises to reduce IT costs and simplify everyday technology tasks–from file sharing and storage, business processes, and collaboration to entertainment and social networking. You simply log onto the service via a Web browser and everything is transacted, analyzed and stored on a server far, far away. But the magic of the cloud also presents a major threat: potential security breaches.”

With security issues being the primary reason not to adopt cloud computing, Essick goes on to explain what’s being done:

Meanwhile, security software companies have created firewalls and encryption that companies can deploy on top of any cloud-based services they use. Layer 7′s CloudSpan CloudProtect and Managed Methods’ JaxView for Cloud Management are two of the cloud-focused security solutions on the market, while companies such as Altor Networks, Catbird Networks and Reflex Systems have adapted their data center security products to run in cloud environments.

Most cloud security solutions have shifted from protecting corporate networks using firewalls to instead securing point of access via a combination of firewalls and user-level encryption — so no matter which device someone uses to log onto the cloud, their communications, downloads and uploads are protected.

This is important as business users become increasingly mobile and a myriad of devices are used. We felt this information was worth sharing and if you’re interested in reading the rest of Essick’s informative article, look her up in the ‘Newsroom’ on Cisco’s website.

Cybersecurity Recommendations

Wednesday, October 5th, 2011

Cybersecurity is on everyone’s minds these days when companies like Japan’s Mitsubishi Heavy Industries (the largest defense corporation in the country) can succumb to an attack. How will you keep your critical data safe?

According to the Institute for Security Technology Studies located at Dartmouth College, there are six “best practices” that will help keep your network safe:

1. Enforce rigid password security. You may have noticed many banks and online companies forcing you to pick new passwords lately and requiring that they include a mix of numbers and letters, and even punctuation. Some even show you the strength of your chosen password as you create it.  Business owners should enforce password security by: (a) forcing employees to update passwords regularly; (b) send out reminders that they are never to give their passwords to anyone else; (c) teach employees that they should use different passwords for their different accounts and not the same password for everything (if it gets hacked, the hacker can access every account they have); and (d) remind employees never to write down passwords and keep them near the computer in case they forget.

2. Maintain firewalls. This can be done easily through various network security components.

3. Update software regularly.

4. Utilize intrusion detection services. Again, the newest technology is available on several security routers which enhance a system’s IDS.

5. Scan for viruses and use virus protection. This obviously applies to both desktop computers and laptops. Be diligent about renewing anti-virus software and set computers to automatically update as new enhancements become available.

6. Disable unnecessary services. The less access to your network by outside agencies, the safer you are.

What is Cisco SDM?

Monday, August 29th, 2011

Cisco SDM (Secure Device Manager) is a “Web-based device-management tool for Cisco routers that can improve the productivity of network managers, simplify router deployments, and help troubleshoot complex network and VPN connectivity issues” (Cisco’s website, 2011). “Cisco SDM supports a wide range of Cisco IOS Software releases and is available free of charge on Cisco router models from Cisco 830 Series to Cisco 7301. It ships preinstalled on all new Cisco 850 Series, Cisco 870 Series, Cisco 1800 Series, Cisco 2800 Series, and Cisco 3800 Series integrated services routers” (Cisco’s website, 2011). According to Cisco, “Network and security administrators and channel partners can use Cisco SDM for faster and easier deployment of Cisco routers for integrated services such as dynamic routing, WAN access, WLAN, firewall, VPN, SSL VPN, IPS, and QoS.”

It’s no secret that Cisco is a leader in networking hardware and the security that protects critical data. The two go hand in hand. Keeping a system running concurrent services seamlessly and protecting the network shouldn’t be mutually exclusive. With Cisco Router and SDM, they’re not.  And you know you’ll have the best protection out there.

Email Security and What it Means for Your Business

Saturday, August 20th, 2011

Anyone with a personal email account is aware of basic email security best practices– don’t open emails from people you don’t know, don’t download suspicious attachments, don’t send personal information in emails. But what about from a business standpoint? How can you ensure that your employees aren’t unintentionally compromising your company’s email security?

Cisco touts IronPort-powered email security and the new Cisco IronPort Cloud Email Security. What is it exactly?

In short, it’s a service that combines industry-leading technologies in an effort to provide sophisticated and exceptionally scalable email protection. Cisco has married exclusive preventive technologies as well as reactive ones to work together to create a powerful, dynamic security service that includes:  data loss prevention, spam protection, email authentication, and virus defense.  Reporting and tracking tools round out the system adding an additional layer of protection.

How well does it work?

Given that Cisco is an industry leader in the world of networking security hardware, we’re pretty confident in the results.  Cisco devotes a considerable amount of resources to R&D meaning that it stays abreast of the security threats that can pop up at any moment by the malevolent hackers that loom in the abyss known as the world wide web.

Overall, whether you choose to try out IronPort or not, email security should be at the forefront of your system’s ‘Must Haves’ and if it isn’t than you can pretty much guess that at some point you may find that your network has been breached and the source of the attack:  email.

Router Security Features Made Easy: What is Malware?

Friday, June 24th, 2011

If you’re not an I.T. wiz, some of the descriptions of the router security features might seem more like a foreign language than anything aimed at helping you decipher which integrated services router is right for your company. We’re here to help you understand the security features of a router by breaking them down for you one at a time. Let’s talk about Malware.

First off, what is Malware?

Even the name sounds bad, doesn’t it? For good reason. Malware actually comes from the phrase ‘malicious software’ and describes any type of software designed to infiltrate or damage a computer without the operator’s consent. In legal terms, malware is known as a ‘computer contaminant,’ and comes in many forms including: spyware, adware, viruses, Trojan horses, worms, rootkits, crimeware, and other destructive software. It is important to note that while some software can damage a computer (ie., cause it to crash because it overloads the computer or has some other glitch), the difference between legitimate software and malware is that with malware, the creator intended to create something destructive.

How does Malware work?

Your network can become infected by malware in several ways. If even one computer on the network receives an email with a virus attached, or visits an attack website, the computer, and often the entire network can become infected. The results can be anything from an irritation in which adware keeps popping up to something more serious like spyware capturing credit card information of your customers. In extreme cases, if a computer has been compromised by a virus, a hacker, or a Trojan horse, it can become a ‘zombie computer’ and part of a botnet. Zombie computers are actually under the control of a ‘botmaster’ and are used to send out spam or even spread illegal material like child pornography. This way, the spam and contraband material is difficult to trace back to its source.

Protecting your computer and network from malware is important if you want to keep your system secure. Anti-Malware software is significantly effective in identifying and preventing any Malware from infiltrating your network. Companies like McAfee and Symantec offer subscriptions to software that detects and removes Malware.

Juniper Equipment in Multi-Million Dollar Corporations

Sunday, June 12th, 2011

This month, Juniper Networks  secured a multi-million dollar contract from Texas-based Hess Corporation. Partnering with IBM, Juniper Networks will take the lead in delivering energy-efficient networking services to the global energy company, creating a simplified, automated, reliable and secure environment.

But what if you don’t have the cash to offer a multi-million dollar contract? Can Juniper still provide a secure networking solution for your organization?

Absolutely.

Juniper Networks NetScreen-Security Manager system provides IT departments with a centralized management solution which controls all aspects of the Juniper Networks Firewall / IPSec VPN and IDP products. Available pre-owned or new through MULTI-LINK, Juniper NetScreen products allow IT departments to control the entire device life cycle with a single centralized solution. The addition to your network improves efficiency and security. Reduce overhead and lower operating costs even more by investing in a used Juniper Netscreen product.

Don’t let your company’s critical data go unprotected. Security works best before a cyber attack and being prepared with one of Jupiter’s many security options can save thousands if not tens of thousands of dollars in the long run.

Juniper Survey Shows Network Security an Issue

Thursday, June 2nd, 2011

According to a survey sponsored by Juniper Networks and conducted by Ponemon Institute, businesses of every type are susceptible to cyber attacks. Fifty-nine percent of respondents reported at least two attacks on their networks within the last year.

In addition, the costs associated with these attacks are astronomical. Companies overall reported that they spent almost half a million dollars to address attack issues including internal labor, overhead, cash outlays, revenue losses, businesses interruption, and security hardware.  In addition to the financial costs, respondents listed the theft of information assets as a primary concern.

Attacks, according to the study, seem to be on the rise as well. More than 33 percent feel that their organization’s IT infrastructure does not have the ability to prevent attacks.  When attacks do happen, they’re also difficult to detect which is problematic.

According to the study, which can be found on Juniper Network’s website, key findings include:

  • Only 11 percent of respondents know the source of all network security breaches.
  • Almost half, 48 percent cite complexity as one of their biggest challenges to implementing network security solutions — with the same percentage of respondents saying it is due to resource constraints.
  • Combating cyber attacks can be made more effective by streamlining or simplifying network security operations, said 76 percent of respondents.
  • Seventy-five percent say their effectiveness would increase by implementing end-to-end solutions.
  • Twenty-eight percent are earmarking more than 10 percent of their budgets to security to address these issues.
  • Employee mobile devices and laptops are seen as the most likely endpoint from which serious cyber attacks are unleashed against a company.
  • The top two endpoints from which these breaches occurred are employees’ laptop computers with 34 percent and employees’ mobile devices with 29 percent.

Protecting your organization with security networking hardware is the first step in preventing attacks.

Be Careful What You Open: Viruses and Malware

Monday, October 25th, 2010

Those pesky hackers are at it again.  In light of last month’s major malware attack that affected what may be the largest number of malware victims ever with fake LinkedIn emails that looked real enough to convince thousands to click on a link which subsequently installed Zeus on their computers, what can we do to keep our data and personal information safe?

Ironically, last month I, too, was a victim of malware. I still have no idea how it got onto my computer (I didn’t receive the LinkedIn email), but somehow it did and $300 later, after the Geek Squad rep spent two hours trying to find the virus and remove it, I updated my antivirus software.  But it got me thinking.

And apparently I’m not the only one who thinks about this. According to the BBC News, E-crime police in London recently blew the lid off a cybercrime ring that was using Zeus to get a hold of personal banking information and passwords. So what can you do to protect yourself?

First, if you’re a business, invest in security hardware and software. Cisco  is one of the leading manufacturers of this type of hardware that features VPNs, firewalls, encryption, and much more. And you don’t need to spend a lot. Buying used security networking hardware can save a bundle and still give you peace of mind.

Second, get into the practice of not opening emails that seem to be spam, keep your antivirus software up to date, and never click on a link within an email– always type the url yourself and pay attention to whether it matches the link url in the email or not. If not, that link is directing you someplace else.

Third, don’t use the same password for everything and don’t keep a list of your passwords by your computer or on your laptop. Pick a few different, solid passwords and cycle through variations of them every few months. For example, in the fall use a variation of your favorite sports team (ie., SteelerNation30, GoSteelers30, 30SteelersFans, Pitt30Steelers). In winter, switch to a model of car or a vacation theme. In spring, change it to reflect variations on your favorite musical groups, etc. This way, you will easily remember your various passwords and if someone gets a hold of one, they won’t systematically have access to everything.