Home Router Security Issue

Just prior to the Memorial Day holiday, the Justice Department and FBI sent out a mass communication highly recommending that everyone with a home connection to the Internet reboot their routers. This was to protect against a new Internet exploit called “VPNFilter”. If you attacked by VPNFilter, you login credentials, email address, etc. could be hacked.

Many of us in the technology industry were surprised at the announcement and skeptical that a reboot could fix anything like this. Turns out that it’s all for real. However after doing some digging, we discovered that this very real problem potentially affects a relatively small number of home based routers; about 500,000 around the world.  And only certain models (mostly older routers) are vulnerable.  Here’s the list that Symantec published of the affected routers:

[More]

Cybersecurity - a ToDo List!

We've been writing about network security, email security, web security since the earliest days of the Internet. Today, all that along with smart device security, IoT security, etc. all falls under the heading of cybersecurity and everyone needs to have at least some understanding of what's important. 

For businesses and organizations, cybersecurity needs to be managed. You can do this work or we can provide these services for you. For some clients, we do the work in all five areas listed below. For others, we provide a few areas of services and for a small number, the client does the work and we provide consultation and a second set of eyes on the topic.

We urge you not to ignore this. Left unattended, bad things will most likely occur. You can't be too careful. Contact The Computing Center. We can help.

#1 Train Your Employees

The best way to improve your IT security is to train your employees on best security practices. Educate them so they can recognize and avoid cyber threats like phishing and scams. Teach them about protecting sensitive information. Humans are the weakest link in your security defense: with a single click in an email they can open the door for hackers. You should have a network firewall, but don’t forget your employees are a firewall too.

[More]

Securing Data is a Process, NOT an Event!

 by Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection

“Sound data security is a process, not a checklist.” We’ve all heard that slogan – and with good reason. The way that sensitive information moves into, through, and out of your company’s networks or the software products you develop is ever-evolving. So, too, are the risks that hackers and data thieves pose as they adapt to the countermeasures you take to foil their efforts. Approaching data security with a one-and-done attitude ignores the here-and-now realities you face. That’s why Start with Security recommends that companies put procedures in place to keep your security current and address vulnerabilities that may arise.

A look at FTC law enforcement actions, closed investigations, and the experiences that businesses have shared with us demonstrates the wisdom of that advice. These examples illustrate why you should keep your security up to date and respond quickly to credible threats.

[More]

Are Passwords Passé? Not Quite Yet.

We've been seeing significant changes in the way we are all working with passwords. Some say passwords will be a thing of the past in a few years. A number of Computing Center clients as well as ourselves are using multi-factor authentications and biometrics to access our most important information. 

Is my password still enough, or do I need more?

Without question, security is critical these days. Whether it’s device, online, or mobile security, the need for protection is obvious, and the risk can’t be ignored. For years, that protection has centered on a login…and a password. But has that changed?

Oh, that password. We’ve been reminded us for years not to write it down. Not to keep it anywhere that someone could find it. Which has made more than a few people prone to forgetting it. Show of hands, anyone?

[More]

Secure Remote Access to Your Network

Remote access to your network and your data. Everyone wants it and we install a lot of it. Access is one thing, securing that access is something else. This is a good article that describes in general terms the security requirements of remote access. We can talk about the specific products and services to get the job done.

Ask a business person where their office is located and the likely answer is “everywhere.” They’re working from home, staying in the loop while traveling, and catching up on email between sales calls. For productivity’s sake, many companies give their employees – and perhaps clients or service providers – remote access to their networks. Are you taking steps to ensure those outside entryways into your systems are sensibly defended?

If your business wants to start with security, it’s important to secure remote access to your network. Here are some examples based on FTC investigations, law enforcement actions, and questions that businesses have asked us.

[More]

More Entries