tech blog header

Free Whitepaper

Follow Us

Your email:

Blog Topics

Current Articles | RSS Feed RSS Feed

5 Fundamental Tips to Keep Your Network Safe

Network Security

The need for IT security is paramount to successful operations, especially in the business world. All data is important and should not be subject to outside intrusion in the form of malware, worms, spyware, viruses, botnets or adware. Regardless of the size of the organization, an IT management system should be set up in order to protect against intruders.

How to Give Your Online Passwords an IT Security Check-Up

IT SecurityThere's an adage that you should treat your password like your toothbrush: Change it every six months and never let anyone borrow it. Honestly few people adhere to these fundamentals of IT security and, actually, it's far worse than it appears. Here's the run down on what's wrong and what to fix:
  1. “You can look it up.” Do you use a password that can be found in a dictionary? If you do, then a hacker can simply bang on your log-on with a simple dictionary program until he has access to your account. Fix: Consider one of two options most professionals in IT security recommend. Either create a password that contains odd characters interspersed with random letters and numbers or use a pass phrase instead of a password.

  2. “Be a snowflake.” You need to use a different password for each different site. You do this, right? Oh... Even if you do come up with a strong password, IT security professionals report most people use only one or two passwords for all their log-ons and, of course, that means someone only needs to crack your single password to access all your sites. 

  3. “Don't leave a paper trail.” You'd be amazed how many people write down their passwords on a Post-It and stick it onto their monitor or, if they're really cagey, underneath their keyboard or lap drawer. IT security best practices recommend you never, ever do this.

  4. “Cover your tracks.” IT security professionals also recommend that, whenever possible, you use a secure connection when you log on. What's a secure connection and how to you make it? Take a look at your address bar. If the address starts off “http://...etc.” then the connection is not secure and an evil doer might be snooping on your session. Try a very simple, single change by using an “s” so that the address looks like this: “https://...etc.” And this encrypts the connection between your browser and the website and thereby making it more difficult for evil doers to do evil. 

  5. “Loose lips sink ships.” One of the most notorious hackers in modern history, Kevin Mitnick preferred “social engineering” to technology techniques. In other words, what he did most of the time was call people up, pose as a system administrator and simply ask users for their passwords. One famous study in England discovered most people would give up their password for a candy bar. 

  6. “We have the technology...” There is a new generation of software utilities that help you manage passwords. For example, a utility called LastPass is a browser extension that connects a heavily encrypted password vault to your browser. Once installed you only have to remember one, highly-secure password and then LastPass can automatically fill in all the others. Even better, LastPass can generate super random, secure passwords whenever you open up a new account on a website or change your password on a site where you already have an account. And finally, perhaps best of all, you can install LastPass on the browser you use at work and the browser you use at home and any other browser you use. This way, you will enjoy convenient security wherever you are. 

IT professionals have to do a lot more than install, administer and repair technology systems. Sometimes they have to be educators and help their users better understand the rules of the road for the information highway. Fortunately, the best rules are the simple ones and effective password security is a simple proposition. Teach your users what to do and you'll end up with less to do.

IT Security: Cracking the Code of the Most Breached Passwords

IT security and passwords

In today’s age of heightened IT security and multiple password protected online accounts, is it any wonder that the average user chooses the simplest passwords to remember?

Nvidia IT Security Compromised...400,000 Passwords Stolen

IT Security

Month after month high-profile cyber attacks have left companies at risk and IT security professionals on guard. The latest? Nvidia Corporation, a California-based U.S. semiconductor producer who recently claimed that up to 400,000 encrypted passwords had been compromised from the company’s online forums.

IT Security: Recent Breaches Raise Questions About Hashed Passwords

IT Security

Businesses that maintain any sort of online accounts for their customers or other interested parties must eventually confront the issue of password encryption. In recent months, major breaches at several high-profile online sites have caused many to wonder over the effectiveness of using hashed passwords. LinkedIn was perhaps the most well-known site to have its password hashing compromised, but other major online businesses such as eHarmony and have experienced similar problems.

All the companies have seen hackers gain unauthorized access to a portion of the hashed passwords in use on their sites. The hackers have then posted the hashed passwords on forums that specialize in promulgating ‘underground’ material. The problem of password security, however, is not limited to large companies. Any small business that allows users to sign in, to keep the contents of a shopping cart active, for example, has good reason to take a close look at how hashed passwords work and how such systems can potentially be improved.

Google Warning Increases IT Security Awareness

Security Awareness

The need for robust IT solutions became ever more clear this week when none other than internet giant Google announced that it would be alerting specific users that their Gmail accounts may be become the target of determined hacking attacks.  Eric Grosse, speaking as Google's vice president in charge of security engineering, made the announcement on the firm's official security blog: "When we have specific intelligence, either directly from users or from our own monitoring efforts, we show clear warning signs and put in place extra roadblocks to thwart these bad actors." It is believed that the need for a warning has been prompted by an increasing level of hacking sponsored by foreign governments. 

Huge LinkedIn Breach Suggests Importance of IT Security

Importance of IT Consulting

The recent huge password breach at social media networking site LinkedIn provides an object lesson in the need for improved IT risk management.  After all, if a huge business such as LinkedIn can find itself with millions of users whose passwords may have been hacked, it only means that small and medium-sized businesses with access to fewer resources must be all the more diligent to use those resources to their maximum capacity.

In the case of LinkedIn, more than 6 million hashed passwords may have been breached, though the company has yet to issue any official numbers.  The networking site, intended and used primarily for individuals in professional fields, posted a blog entry revealing the problem, explaining that: "Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.  For security reasons, you should never change your password on any website by following a link in an e-mail."

Making Remote Access Easier with ID Management and Authentication

Remote Access with Cloud Computing

Remote access to business systems opens up huge potential in terms of efficiencies. With the ability to access a computer or network from a remote distance, many workers appreciate the flexibility that the modern workplace can offer.  On the other hand, however, this immense flexibility can also bring with it new challenges in terms of identification, authentication, and access management.

Beware of Hacktivist Group 'Anonymous'

Anonymous Hacktivist Group

The hacker group referred to as 'Anonymous' has recently launched a cyber attack, this time targeting a pair of trade associations in the area of technology.  The attacks took the form of a distributed denial of service, a technique that can make web sites inaccessible.  The group, which is considered a ‘hacktivist’ organization because its attacks generally relate to policy aims rather than the theft of personal information, was protesting legislation currently before Congress.  The legislation would serve to encourage businesses to share information about the threat environment with government officials.

IT Consultants Can Help Move Businesses to the Cloud

Cloud computing

Amag Pharmaceuticals of Lexington, Massachusetts provides an example of a company that is becoming more robust and efficient thanks to IT solutions like the cloud services.  This requires a large amount of data migration, as well as the expertise needed to establish and configure the kinds of cloud operations that will best suit any given enterprise.  In short, it requires an IT company that can provide consulting services to make the move happen.

All Posts