Your Step by Step Guide to Mitigating and Preventing a Ransomware Virus in your Small/Medium Business

With the recent epidemic of ransomware viruses (up over 600% in 2016 and with the newest batch of exploits wreaking havoc internationally), I thought it would be a good idea to go through the basic guidelines for mitigating and containing ransomware for your small to mid sized business. There are plenty of additional pieces to putting this together completely so please reach out to me if you would like some assistance. Some of these are simple recommendations and this is by no means a complete list. But, then again, eat healthy, exercise regularly and don’t smoke are simple recommendations – and if you don’t follow them, you know what to expect.

  1. Use a reputable multi vector end point security – Use anti virus programs like Webroot/Kaspersky/McAfee/Avast. Don’t be penny wise and pound foolish. Buy a proper license for each machine. Keep it updated for all new definitions. Keep it current and get one that is constantly being updated. No one program is going to be 100% effective. Also, make sure that you have a program that detects malware. Malwarebytes Premium is my favorite. Again – go for the full paid version and don’t try to cut corners on freemium or freeware versions. An ounce of prevention is worth a pound of cure.  You need protection that is going to detect phishing from spam, detect unsafe websites and web browser protection.
  2. Put strong back up procedures in place– you should have back ups in place with a return point objective that you can live with. That means that you should have back ups both onsite on a device and in the cloud. Both of the back ups should be constantly tested for verification and the process should be monitored. When this is successfully in place, in case of an outbreak, you can restore to the last back up that was unaffected. Please note: tape drives, USB sticks, and removable hard drives are not adequate for business applications. You need a proper belt and suspenders- a properly sized on premise device that is backed up to the cloud.
  3. Make sure that you are updating your operating system and plug ins regularly – the current round of ransomware is exploiting unpatched and un-updated Windows vulnerabilities. We update our clients with whitelisted patches and updates from Microsoft. Make sure that you are constantly updating your operating system. Make sure that you are scheduling your updates properly- for all of your computers and all of your devices. Make sure you update all of your computers- even those that you may use less frequently. For example, we use micro pc’s in our conference room- for use with our large screen monitors. All of those units must be updated regularly.
  4. Make sure that your firewall is regularly updated and maintained– your firewall should be under contract and updated with the very latest definitions. Your firewall is all that stands between you and the virus filled Internet. We recommend Watchguard because it is constantly being updated and maintained – and it includes best of breed components that would be too expensive to buy separately bundled in.
  5. Disable autorun- make sure that you disable autorun for everyone!!Yes, autorun is useful. Yes, it is also used by viruses and malware to propagate itself throughout a network. In these dangerous times, disable it.
  6. Stop making everyone an Admin!! – administrators should be admins. However, if you give everyone admin rights, you open yourself up to more damage. User should be users and admins should be admins. Period.
  7. Enforce secure passwords– believe it or not, people use stupid passwords. Enough with stupid. If you want to get infected, use a simple password. If you don’t use a secure password (strong with characters, alphanumeric and symbols). Better yet, have your users get a password manager app.
  8. When relevant, encourage the use of two factor authorization– if you have compliance requirements (HIPAA or PCI) definitely use two factor authorization.
  9. Disable RDP– remote desktop protocol is used by all sorts of viruses and malware to gain access. If you don’t need it or don’t know what it is, disable it.
  10. Educate EVERYBODY– even if your office is a handful of people- but especially if you have less sophisticated users- education of the threat is important. Your staff should know what phishing, spear phishing and how to recognize and avoid suspicious emails. Incorporate this into your onboarding of new employees or have a meeting about this. If you would like a recommendation for videos, send me an email and I will send you a recommended list. Along with that, add pertinent sections to your employee manual about bringing your own device onto the network, using “free”USB drives, and clicking on links in emails.

Like I said, this is by no means a comprehensive list. I have learned Mark Twain may have had the last word. “It’s not what you know that gets you in trouble, it’s what you know for sure that just ain’t so”. The world of viruses and malware is changing. Yesterday’s method may be overcome in an instant and you have to keep on top of it. If you need help- just let me know!

 

Advertisements

Prime Telecommunications Leverages State-of-the-Art Cybersecurity Techniques and Tools to Protect Customers

Prime Telecommunications, Inc., a leading provider of unified communications, announced today that the company is leveraging state-of-the-art cyber security techniques and tools to protect customers from cyber attacks that have become a daily occurrence in the small to mid-sized business marketplace. The company has been at the forefront of cybersecurity for many years and has taken their expertise to an entirely new level, well beyond their competition. Prime Telecommunications protects businesses from several key cybersecurity threats.

The first threat facing organizations is phishing. Phishing is essentially, using fake links to lure users into offering up sensitive information, by posing as an authority. Hackers can embed malicious links into emails, attachments or images, which usually lead to another page that requests the sensitive information, which will later be used against the user. One of the most creative ways hackers have found to attack SMBs is to call in and impersonate IT staff or Network Administrators, asking for specific information off the employee’s computer to resolve a potential “virus.” The employee will usually comply and supply the information, giving the hacker the exact keys they need to infiltrate the system.

The next area of concern is mobile security. As web traffic continues to migrate from PC to mobile, hackers have followed suit by redirecting their efforts to mobile attacks, as well. At an organization, whereby users are encouraged to BYOD (bring-your-own-device) to the network, this increases the exposure for network attack exponentially. SMBs need to be on the lookout for attacks from third party apps, mobile malware and unsecured public Wi-Fi locations. For example, employees will use their phone at an unsecured Wi-Fi hotspot to work but they won’t realize that the network is rigged to enable hackers with easy access to sensitive apps, data and information on any phones connected to that particular unsecured Wi-Fi hotspot. In many cases, users will be attacked without even realizing that the attack has happened.

The last area for an SMB to monitor is malvertising. This threat is where hackers embed malware within advertisements, landing pages or even directly on reputable websites. Sites that offer advertising on a massive scale, such as Facebook, have a tough time regulating online security throughout the buying process. Facebook can do its best to ensure that the links on Facebook aren’t malicious; however, they have no access to monitoring the pages that those advertisements lead to, once the user has left Facebook. Malvertisers can embed a code on an advertisement which leads to a dummy checkout page or a fake application page, which phishes all of the sensitive information that the hacker needs to launch an attack.

“These threats all point to the importance of SMBs consulting with an expert in the cybersecurity field,” stated Vic Levinson, President at Prime Telecommunications. “We are well-equipped to deal with threats like these, in addition to the new threats that will undoubtedly arise over the coming years. For any business that leverages technology as one of its key productivity drivers, it pays to have a team like Prime Telecommunications to face the hackers of the world.”

The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:

 

09/06/2016 06:29 PM EDT
Original release date: September 06, 2016 | Last revised: September 28, 2016

Systems Affected

Network Infrastructure Devices

Overview

The advancing capabilities of organized hacker groups and cyber adversaries create an increasing global threat to information systems. The rising threat levels place more demands on security personnel and network administrators to protect information systems. Protecting the network infrastructure is critical to preserve the confidentiality, integrity, and availability of communication and services across an enterprise.

To address threats to network infrastructure devices, this Alert provides information on recent vectors of attack that advanced persistent threat (APT) actors are targeting, along with prevention and mitigation recommendations.

Description

Network infrastructure consists of interconnected devices designed to transport communications needed for data, applications, services, and multi-media. Routers and firewalls are the focus of this alert; however, many other devices exist in the network, such as switches, load-balancers, intrusion detection systems, etc. Perimeter devices, such as firewalls and intrusion detection systems, have been the traditional technologies used to secure the network, but as threats change, so must security strategies. Organizations can no longer rely on perimeter devices to protect the network from cyber intrusions; organizations must also be able to contain the impact/losses within the internal network and infrastructure.

For several years now, vulnerable network devices have been the attack-vector of choice and one of the most effective techniques for sophisticated hackers and advanced threat actors. In this environment, there has never been a greater need to improve network infrastructure security. Unlike hosts that receive significant administrative security attention and for which security tools such as anti-malware exist, network devices are often working in the background with little oversight—until network connectivity is broken or diminished. Malicious cyber actors take advantage of this fact and often target network devices. Once on the device, they can remain there undetected for long periods. After an incident, where administrators and security professionals perform forensic analysis and recover control, a malicious cyber actor with persistent access on network devices can reattack the recently cleaned hosts. For this reason, administrators need to ensure proper configuration and control of network devices.

Proliferation of Threats to Information Systems

SYNful Knock

In September 2015, an attack known as SYNful Knock was disclosed. SYNful Knock silently changes a router’s operating system image, thus allowing attackers to gain a foothold on a victim’s network. The malware can be customized and updated once embedded. When the modified malicious image is uploaded, it provides a backdoor into the victim’s network. Using a crafted TCP SYN packet, a communication channel is established between the compromised device and the malicious command and control (C2) server. The impact of this infection to a network or device is severe and most likely indicates that there may be additional backdoors or compromised devices on the network. This foothold gives an attacker the ability to maneuver and infect other hosts and access sensitive data.

The initial infection vector does not leverage a zero-day vulnerability. Attackers either use the default credentials to log into the device or obtain weak credentials from other insecure devices or communications. The implant resides within a modified IOS image and, when loaded, maintains its persistence in the environment, even after a system reboot. Any further modules loaded by the attacker will only exist in the router’s volatile memory and will not be available for use after the device reboots. However, these devices are rarely or never rebooted.

To prevent the size of the image from changing, the malware overwrites several legitimate IOS functions with its own executable code. The attacker examines the functionality of the router and determines functions that can be overwritten without causing issues on the router. Thus, the overwritten functions will vary upon deployment.

The attacker can utilize the secret backdoor password in three different authentication scenarios. In these scenarios the implant first checks to see if the user input is the backdoor password. If so, access is granted. Otherwise, the implanted code will forward the credentials for normal verification of potentially valid credentials. This generally raises the least amount of suspicion. Cisco has provided an alert on this attack vector. For more information, see the Cisco SYNful Knock Security Advisory.

Other attacks against network infrastructure devices have also been reported, including more complicated persistent malware that silently changes the firmware on the device that is used to load the operating system so that the malware can inject code into the running operating system. For more information, please see Cisco’s description of the evolution of attacks on Cisco IOS devices.

Cisco Adaptive Security Appliance (ASA)

A Cisco ASA device is a network device that provides firewall and Virtual Private Network (VPN) functionality. These devices are often deployed at the edge of a network to protect a site’s network infrastructure, and to give remote users access to protected local resources.

In June 2016, NCCIC received several reports of compromised Cisco ASA devices that were modified in an unauthorized way. The ASA devices directed users to a location where malicious actors tried to socially engineer the users into divulging their credentials.

It is suspected that malicious actors leveraged CVE-2014-3393 to inject malicious code into the affected devices. The malicious actor would then be able to modify the contents of the Random Access Memory Filing System (RAMFS) cache file system and inject the malicious code into the appliance’s configuration. Refer to the Cisco Security Advisory Multiple Vulnerabilities in Cisco ASA Software for more information and for remediation details.

In August 2016, a group known as “Shadow Brokers” publicly released a large number of files, including exploitation tools for both old and newly exposed vulnerabilities. Cisco ASA devices were found to be vulnerable to the released exploit code. In response, Cisco released an update to address a newly disclosed Cisco ASA Simple Network Management Protocol (SNMP) remote code execution vulnerability (CVE-2016-6366). In addition, one exploit tool targeted a previously patched Cisco vulnerability (CVE-2016-6367). Although Cisco provided patches to fix this Cisco ASA command-line interface (CLI) remote code execution vulnerability in 2011, devices that remain unpatched are still vulnerable to the described attack. Attackers may target vulnerabilities for months or even years after patches become available.

Impact

If the network infrastructure is compromised, malicious hackers or adversaries can gain full control of the network infrastructure enabling further compromise of other types of devices and data and allowing traffic to be redirected, changed, or denied. Possibilities of manipulation include denial-of-service, data theft, or unauthorized changes to the data.

Intruders with infrastructure privilege and access can impede productivity and severely hinder re-establishing network connectivity. Even if other compromised devices are detected, tracking back to a compromised infrastructure device is often difficult.

Malicious actors with persistent access to network devices can reattack and move laterally after they have been ejected from previously exploited hosts.

Solution

1.    Segregate Networks and Functions

Proper network segmentation is a very effective security mechanism to prevent an intruder from propagating exploits or laterally moving around an internal network. On a poorly segmented network, intruders are able to extend their impact to control critical devices or gain access to sensitive data and intellectual property. Security architects must consider the overall infrastructure layout, segmentation, and segregation. Segregation separates network segments based on role and functionality. A securely segregated network can contain malicious occurrences, reducing the impact from intruders, in the event that they have gained a foothold somewhere inside the network.

Physical Separation of Sensitive Information

Local Area Network (LAN) segments are separated by traditional network devices such as routers. Routers are placed between networks to create boundaries, increase the number of broadcast domains, and effectively filter users’ broadcast traffic. These boundaries can be used to contain security breaches by restricting traffic to separate segments and can even shut down segments of the network during an intrusion, restricting adversary access.

Recommendations:
  • Implement Principles of Least Privilege and need-to-know when designing network segments.
  • Separate sensitive information and security requirements into network segments.
  • Apply security recommendations and secure configurations to all network segments and network layers.
Virtual Separation of Sensitive Information        

As technologies change, new strategies are developed to improve IT efficiencies and network security controls. Virtual separation is the logical isolation of networks on the same physical network. The same physical segmentation design principles apply to virtual segmentation but no additional hardware is required. Existing technologies can be used to prevent an intruder from breaching other internal network segments.

Recommendations:
  • Use Private Virtual LANs to isolate a user from the rest of the broadcast domains.
  • Use Virtual Routing and Forwarding (VRF) technology to segment network traffic over multiple routing tables simultaneously on a single router.
  • Use VPNs to securely extend a host/network by tunneling through public or private networks.

2.    Limit Unnecessary Lateral Communications

Allowing unfiltered workstation-to-workstation communications (as well as other peer-to-peer communications) creates serious vulnerabilities, and can allow a network intruder to easily spread to multiple systems. An intruder can establish an effective “beach head” within the network, and then spread to create backdoors into the network to maintain persistence and make it difficult for defenders to contain and eradicate.

Recommendations:
  • Restrict communications using host-based firewall rules to deny the flow of packets from other hosts in the network. The firewall rules can be created to filter on a host device, user, program, or IP address to limit access from services and systems.
  • Implement a VLAN Access Control List (VACL), a filter that controls access to/from VLANs. VACL filters should be created to deny packets the ability to flow to other VLANs.
  • Logically segregate the network using physical or virtual separation allowing network administrators to isolate critical devices onto network segments.

3.    Harden Network Devices

A fundamental way to enhance network infrastructure security is to safeguard networking devices with secure configurations. Government agencies, organizations, and vendors supply a wide range of resources to administrators on how to harden network devices. These resources include benchmarks and best practices. These recommendations should be implemented in conjunction with laws, regulations, site security policies, standards, and industry best practices. These guides provide a baseline security configuration for the enterprise that protects the integrity of network infrastructure devices. This guidance supplements the network security best practices supplied by vendors.

Recommendations:
  • Disable unencrypted remote admin protocols used to manage network infrastructure (e.g., Telnet, FTP).
  • Disable unnecessary services (e.g. discovery protocols, source routing, HTTP, SNMP, BOOTP).
  • Use SNMPv3 (or subsequent version) but do not use SNMP community strings.
  • Secure access to the console, auxiliary, and VTY lines.
  • Implement robust password policies and use the strongest password encryption available.
  • Protect router/switch by controlling access lists for remote administration.
  • Restrict physical access to routers/switches.
  • Backup configurations and store offline. Use the latest version of the network device operating system and update with all patches.
  • Periodically test security configurations against security requirements.
  • Protect configuration files with encryption and/or access controls when sending them electronically and when they are stored and backed up.

4.    Secure Access to Infrastructure Devices

Administrative privileges on infrastructure devices allow access to resources that are normally unavailable to most users and permit the execution of actions that would otherwise be restricted. When administrator privileges are improperly authorized, granted widely, and/or not closely audited, intruders can exploit them. These compromised privileges can enable adversaries to traverse a network, expanding access and potentially allowing full control of the infrastructure backbone. Unauthorized infrastructure access can be mitigated by properly implementing secure access policies and procedures.

Recommendations:
  • Implement Multi-Factor Authentication – Authentication is a process to validate a user’s identity. Weak authentication processes are commonly exploited by attackers. Multi-factor authentication uses at least two identity components to authenticate a user’s identity. Identity components include something the user knows (e.g., password); an object the user has possession of (e.g., token); and a trait unique to the specific person (e.g., biometric).
  • Manage Privileged Access – Use an authorization server to store access information for network device management. This type of server will enable network administrators to assign different privilege levels to users based on the principle of least privilege. When a user tries to execute an unauthorized command, it will be rejected. To increase the strength and robustness of user authentication, implement a hard token authentication server in addition to the AAA server, if possible. Multi-factor authentication increases the difficulty for intruders to steal and reuse credentials to gain access to network devices.
  • Manage Administrative Credentials – Although multi-factor authentication is highly recommended and a best practice, systems that cannot meet this requirement can at least improve their security level by changing default passwords and enforcing complex password policies. Network accounts must contain complex passwords of at least 14 characters from multiple character domains including lowercase, uppercase, numbers, and special characters. Enforce password expiration and reuse policies. If passwords are stored for emergency access, keep these in a protected off-network location, such as a safe.

5.    Perform Out-of-Band Management

Out-of-Band (OoB) management uses alternate communication paths to remotely manage network infrastructure devices. These dedicated paths can vary in configuration to include anything from virtual tunneling to physical separation. Using OoB access to manage the network infrastructure will strengthen security by limiting access and separating user traffic from network management traffic. OoB management provides security monitoring and can implement corrective actions without allowing the adversary who may have already compromised a portion of the network to observe these changes.

OoB management can be implemented physically or virtually, or through a hybrid of the two. Building additional physical network infrastructure is the most secure option for the network managers, although it can be very expensive to implement and maintain. Virtual implementation is less costly, but still requires significant configuration changes and administration. In some situations, such as access to remote locations, virtual encrypted tunnels may be the only viable option.

Recommendations:
  • Segregate standard network traffic from management traffic.
  • Enforce that management traffic on devices only comes from the OoB.
  • Apply encryption to all management channels.
  • Encrypt all remote access to infrastructure devices such as terminal or dial-in servers.
  • Manage all administrative functions from a dedicated host (fully patched) over a secure channel, preferably on the OoB.
  • Harden network management devices by testing patches, turning off unnecessary services on routers and switches, and enforcing strong password policies. Monitor the network and review logs Implement access controls that only permit required administrative or management services (SNMP, NTP SSH, FTP, TFTP).

6.    Validate Integrity of Hardware and Software

Products purchased through unauthorized channels are often known as “counterfeit,” “secondary,” or “grey market” devices. There have been numerous reports in the press regarding grey market hardware and software being introduced into the marketplace. Grey market products have not been thoroughly tested to meet quality standards and can introduce risks to the network. Lack of awareness or validation of the legitimacy of hardware and software presents a serious risk to users’ information and the overall integrity of the network environment. Products purchased from the secondary market run the risk of having the supply chain breached, which can result in the introduction of counterfeit, stolen, or second-hand devices. This could affect network performance and compromise the confidentiality, integrity, or availability of network assets. Furthermore, breaches in the supply chain provide an opportunity for malicious software or hardware to be installed on the equipment. In addition, unauthorized or malicious software can be loaded onto a device after it is in operational use, so integrity checking of software should be done on a regular basis.

Recommendations:
  • Maintain strict control of the supply chain; purchase only from authorized resellers.
  • Require resellers to implement a supply chain integrity check to validate hardware and software authenticity.
  • Inspect the device for signs of tampering.
  • Validate serial numbers from multiple sources.
  • Download software, updates, patches, and upgrades from validated sources.
  • Perform hash verification and compare values against the vendor’s database to detect unauthorized modification to the firmware.
  • Monitor and log devices, verifying network configurations of devices on a regular schedule.
  • Train network owners, administrators, and procurement personnel to increase awareness of grey market devices.

 

Shadow Broker Exploits
Vendor CVE Exploit Name Vulnerability
Fortinet CVE-2016-6909 EGREGIOUSBLUNDER Authentication cookie overflow
WatchGuard CVE-2016-7089 ESCALATEPLOWMAN Command line injection via ipconfig
Cisco CVE-2016-6366 EXTRABACON SNMP remote code execution
Cisco CVE-2016-6367 EPICBANANA Command line injection remote code execution
Cisco CVE-2016-6415 BENIGNCERTAIN/PIXPOCKET Information/memory leak
TOPSEC N/A ELIGIBLEBACHELOR Attack vector unknown, but has an XML-like payload
beginning with <?tos length=”001e.%8.8x”?
TOPSEC N/A ELIGIBLEBOMBSHELL HTTP cookie command injection
TOPSEC N/A ELIGIBLECANDIDATE HTTP cookie command injection
TOPSEC N/A ELIGIBLECONTESTANT HTTP POST parameter injection

 

References

Revision History

  • September 6, 2016: Initial release
  • September 13, 2016: Added additional references

Prime Telecommunications Offers Innovative Cloud Disaster Recovery Solutions

Prime Telecommunications, Inc., a leader in unified communications, announced today that it has launched a program that focuses on cloud-based data safety. This program is aimed to help small to mid-sized businesses (SMBs) to effectively store, manage, and transfer their critical business files seamlessly while simultaneously increasing the overall security of all of their business files. Whether employees are utilizing files on their servers, laptops, workstations or smartphones, this Cloud Disaster Recovery Program will change the way that business owners handle their sensitive corporate and financial information.

For those who aren’t yet familiar, disaster recovery, is a set of policies and procedures which enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. The majority of enterprise-level organizations have recognized the blatant need for disaster recovery programs because they focus on strengthening the underlying IT or technology systems supporting critical business functions, especially in moments of need. For example, when an organization starts growing and adds on more staff, there are more possibilities for human-induced disasters or data theft. An accidental deleted or misplaced file can can cost companies dozens of hours in lost producitity. Futhermore, with more staff come more devices, which in an increasing BYOD (Bring Your Own Device) environment, means that there are more vulnerability points for hackers to enter the network. When businesses begin to scale, these productivity interruptions are no longer tolerable.

“When a business begins its growth trajectory, it’s easy to sit back and enjoy the success,” stated Vic Levinson, President at Prime Telecommunications. “We know that feeling. It’s so rewarding to see your business growth outpacing your operating expenses and all of the years of sacrifice make it completely worth it. It’s so easy to kick your feet up, relax and enjoy the fruits of your labor in that moment, however, this is precisely when businesses need to take the steps to protect themselves so they can continue to grow at that same rate. This is when they are most susceptible to virtual disasters and without a comprehensive disaster recovery plan and cloud technology that is engineered specifically to shrug off these types of disturbances, they are putting that stable growth at risk.”

In years prior, many businesses were hesitant to purchase cloud-based disaster recovery solutions because they required large, up-front capital expenditures. Prime Telecommunications’ cloud disaster recovery program breaks this pattern because its on a pay-as-you go model, so businesses only pay for what they use, enabling them to scale up and down their disaster recovery program in perfect sync with the pace of their businesses. It’s file syncing, syncing with business growth, syncing with a cost structure that makes this technology easy to implement into any growth-oriented SMB.

Prime Telecommunications Educates Customers on Ransomware

watchguard-1

Prime Telecommunications, Inc., a leader in unified communications, announced today that they have launched a ransomware awareness campaign. The purpose of the campaign is to quickly educate business owners in understanding one of the latest threats now facing small to mid-sized businesses (SMBs). Ransomware is a specific variation of malware, that is growing in popularity amongst hackers and Prime Telecommunications is doing its best to alert business owners of this new tactic. Prime Telecommunications’ existing customers are very well protected against this type of threat but many business owners may be unaware of the potential destruction this has on an organization.

While business owners have always understood the need to protect their businesses from malware, short for “malicious software”, ransomware is a new tactic that hackers are using to attack businesses in an especially wicked way. Essentially, an employee will receive an email with a deceptive link, labeled “See Resume Here” or “Download Report Now”, and then upon clicking the link, a ransomware application will be installed immediately on the computer. Then, the software can remain hidden for several days, until it is activated. At that moment, the ransomware application will hijack critical files, remove them from the network, encrypt them so no other computers can access them and then hackers will send an email demanding payment for the release of the missing files. The biggest problem with this type of cyber attack is that it leaves absolutely no leverage to the business owner. Even if they pay the “ransom”, hackers don’t necessarily unlock the files every time. “This is a huge problem that could have drastic impact on an organization and the craziest thing we notice is that there is such a simple solution,” stated Vic Levinson, President at Prime Telecommunications.

“These types of attacks happen far too often, and we take great pride in protecting our customers from threats like this,” added Levinson. “The first line of defense for these kinds of attacks is a technically educated staff. While the majority of these threats come in the form of suspicious email links, an educated staff can avoid these catastrophes simply through awareness. That’s one of the reasons why we issued this press release,” commented Levinson. “For business owners that see the value of peace of mind, we devise comprehensive solutions that thwart these types of attacks from every angle. We take a global approach that includes a combination of anti-virus software, anti-malware software, strong firewalls, employee education, data backup, and network redundancy. What we’ve noticed over the years is that every network has different exposure points and our job is to come in as a technology advisor and to proactively prevent not only ransomware attacks, but the myriad of others attacks that a business owner may face for years to come.”

Prime Telecommunications’ mission is to leave business owners in a more empowered position by serving as an educator of emergent technologies. “Our biggest aim with this campaign is to usher in a sense of urgency amongst business owners so they take action now, instead of waiting to be in a difficult, immutable situation later,” closed Levinson.

Who’s Stealing Your Bandwidth?

Prime Telecommunications, Inc., a leading provider in unified communications, announced today that the company is educating its customers on the recent expansion of bandwidth monitoring and management solutions. Essentially, bandwidth monitoring is the practice and policy of tracking the utilization of company bandwidth between all employees, software applications and desktops. The growth of bandwidth management solutions in recent years is due primarily to growth of company provided and personal devices (smart phones, tablets, etc.) connected to an organization’s network.

According to Vic Levinson, President of Prime Telecommunications, “Any company that provides cloud-devices, software or applications that run over a data network, need to ensure that bandwidth is being consumed properly.” This notion reflects the current state of most solutions, which are simply being strained to the point where many business owners notice that the devices, applications and software underperform. In essence, it’s like siphoning out all of the gas from a car, and then blaming the car for running on fumes. The problem lies with poor policy making and a lack of guidelines for employees on how to properly utilize the Internet at a place of business.

“On many occasions, we’ve found that up to 40% of a company’s employees are choking bandwidth and making it harder for other people to do their work,” Levinson added. “We conduct quarterly reviews with our customers where we assess the performance of all of the technology that we provide. It gives our clients a global perspective on their network and what its performance is and how it can be better. Our overarching goal is to make sure that our customers’ businesses are performing at more productive levels and this is how we quantify productivity. This is why we lead these meetings with device performance audits. With bandwidth being the central resource upon which nearly every technology relies, we have to make sure that this is being consumed in accordance with best practices before any other steps are taken.”

In addition, to the underperformance of the network and the drain on productivity this can cause, many business owners appreciate technology audits, like the one provided by Prime Telecommunications, because they uncover how much time employees are spending on various sites that have nothing to do with their job. This gives tremendous insight on the productivity, or lack thereof, with certain employees. One of the quickest ways to immediately boost customer profitability is to restrict the bandwidth of employees to sites to those that are exclusively productive in nature, as opposed to entertainment-based sites.

“In some cases, employees simply don’t know that their bandwidth consumption is slowing the rest of the team down. New parents can put their children in day care and want to stream the video from time to time to see how their child is doing throughout the day. Inherently there’s nothing wrong with this, if done on occasion. However, when a parent leaves one of these streaming videos up while they begin working on other things, the rest of the team will notice the lag time that slows down their own desktop. The network is simply a shared resource that needs some guidelines in place, especially in the new employee handbook. With a comprehensive bandwidth consumption policy in place, business owners can rest assured that their software, hardware and online tools will all function at optimal levels.”

Cloud and Human Resources

Cloud computing is penetrating every corner of business, and this includes human resources. Human resources professionals can benefit greatly from effective communication, instant access to information and applications, and cloud-based systems. HR is often thought of as a pretty administrative job. With the implementation of cloud tools and resources, HR professionals can remove this administrative stress and instead turn their attention to the employees and the business. Here are some benefits of cloud computing for human resources:

Cloud Software for HR

There is a lot of HR cloud software available, and the best ones combine the many functions of HR into one central place. This software can help get a lot of tasks done, including tracking applications, searching resumes, generating reports, calculating payroll, tracking performance appraisals and maintaining data on current employees. This streamlines many HR processes, helping to boost productivity and communication. And the end environment remains familiar. Users might not even realize they’re working in the cloud.

Businesses and customers also get quick access to the software they need, as it can be installed company-wide in hours, rather than days. They will also receive access to the latest software updates automatically, which is a perk of a cloud software subscription.

Efficient Recruiting

Recruiting is a huge part of human resources, and today the pool of talent is increasingly competitive and complex. HR cloud solutions make it easier to create job postings and expand their reach to multiple platforms, while collecting candidate information. HR and talent acquisition professionals have to be able to grow their reach without needing to greatly expand resources. Luckily, cloud software can track, measure and report from various online databases that hold candidate information, helping HR professionals access more talent. And once they’ve accessed talent, big data can compare various candidates and provide both relevant and targeted results to HR professionals. This means that positions can be filled faster, reducing time between hires and costs of hiring.

A Mobile Workforce

You’ve probably heard it before, but we’ll say it again: cloud computing offers professionals the ability to access their data and applications on-demand via the Internet. This means they can work from any device, in any location, at any time. Yeah, that’s pretty hard to beat. This allows businesses to grow a mobile workforce. HR professionals can access their programs and data on the go. So if they’re off on a recruiting trip, these employees can still take advantage of cloud software and maintain communication with the folks back at the office.

An Affordable Solution

Cost concerns are always prevalent when considering new technology. Fortunately, cloud computing makes HR solutions affordable for any size business. The costs that often come with server space, extra in-house IT personnel, expensive software and licenses, and maintenance are eliminated. A provider like RapidScale comes in and manages the solutions, simply offering the business access to these resources.

Sophisticated Security

Like cost, security will always be top of mind when looking at new technology. Cloud security has greatly matured in recent years and HR professionals, who often work with sensitive information, get access to sophisticated security systems through their provider. Cloud provider’s depend on their reliability and reputation, so they go great lengths to ensure client information remains secure. This includes measures like in-flight and at-rest encryption, geographically diverse data centers, strong firewalls, 24×7 monitoring and support, strict SLAs, intense physical security and more.

 

This was written and published on the Rapidscale Blog by Sommer Figone. 

Hybrid Cloud: The Best of Both Worlds

Hybrid cloud is the solution that offers the best of both worlds – and by that, we mean it combines the benefits of the private and public cloud environments. This allows organizations to pick a strategy that works best with their workloads, demands and preferences, while still experiencing the flexibility of the cloud.

It’s no coincidence that by the end of 2017, nearly half of large enterprises will have hybrid cloud deployments (Gartner). This is the solution that allows businesses to embrace cloud technology while remaining comfortable with the security of their information. Let’s look further at why a hybrid environment is so beneficial.

Leverage Public and Private Cloud

The whole idea of the hybrid cloud is that it combines public and private cloud infrastructures. Businesses using a hybrid model get the best of both worlds, as certain data and workloads are better suited for either the public or private cloud. Organizations can decide which aspects of their business they want in each environment, allowing them to take advantage of all the benefits.

Companies can complete non-sensitive operations and collaboration in the public environment, while ensuring that critical data and applications remain secure in the private cloud. A business can rely on the cost efficiency and scalability of the public cloud, while looking to the private cloud for advanced security, control and flexibility. The hybrid model also allows you to place information according to any compliance requirements. The hybrid cloud is the most flexible IT environment for a business.

A hybrid model is best suited for businesses that experience business fluctuations but still deal with confidential information. For example, e-commerce organizations see constant traffic shifts, but also deal with personal and payment information. A hybrid cloud allows organizations like these to complete processing and basic operations upfront, without risking the confidentiality of important information.

Cost Efficiency

Hybrid cloud helps organizations move from a CapEx model to an OpEx one. Additionally, businesses see costs that reflect their actual demand, thanks to the pay-as-you-go pricing that is so popular. Organizations will see reduced total cost of ownership (TCO), and improved cost efficiency overall.

The hybrid environment successfully bridges the gap between a business’ old and new systems, meaning not everything has to be replaced. This efficiency saves a lot of money, as it utilizes much of what is already in place. Additionally, scaling is much easier as demand changes, as it can be done seamlessly and immediately, without having to invest in expensive new equipment.

Scalability

With a private cloud, businesses are responsible for significant investments in server and storage hardware, and when they face the need to scale up, these investments only grow. This isn’t necessary, as the public cloud avoids these costs with almost unlimited scalability. This is a major benefit that a hybrid cloud takes advantage of. When an organization needs to scale its resources, it’s quick and easy, and won’t put a burden on the budget.

Security

A huge draw of the hybrid environment is the ability to have greater control over security. It allows organizations to maintain in-house storage for sensitive information and operations, while still gaining the benefits of a public cloud. Many businesses see this as a way of avoiding security concerns.

Security is rightly a concern of most businesses, especially those that handle personal information and payments. Many organizations are simply not comfortable putting all of this information into a public cloud, but it’s also limiting to stick only to a private cloud. That’s why a hybrid model strikes the perfect balance. Businesses can ensure that data remains secure on dedicated servers, while still benefitting from scalability and cost efficiency. This creates an efficient, seamless, agile environment for an organization to run in.

The Right Way to Do It

Once you get the hang of the hybrid cloud concept, you might think you’re ready to just jump in. But hold on – there’s a right way to go about it.

By doing some self-evaluation, determine ahead of time which workloads will fit best in each environment. It’s important to ensure that you’re pairing the correct resources with the correct operations, data and applications. Additionally, don’t be afraid to start small! Once you’re used to the new cloud environment, you can scale up, and you’ll be much more prepared. This allows everyone, especially your IT team, to get comfortable with the new hybrid model.

Streamline Manufacturing in the Cloud

streamline manufacturing in the cloud

Today, manufacturers are already benefiting from the cloud. They use mobile reporting, online dashboards and automation. According to Mint Jutras, SaaS-based apps are already 22% of all manufacturing and distribution software installed today. This will grow to 45% within ten years. However, the use of the cloud in this production sector can go even further.

Today, manufacturing organizations face huge challenges that the cloud is ready to take on, including regulatory and compliance requirements, the introduction of big data, a pressure to innovate rapidly, a global marketplace, security, and much more. While manufacturers have made small moves towards the cloud, they can now fully embrace it.

Why cloud computing?

Manufacturers face many constant challenges. They are increasingly compared to competitors and face a pressure to increase accuracy, process speed, security, innovation and more.

Cloud computing is a popular solution today that is benefiting businesses in all industries – and manufacturing is no exception. The move to the cloud results in transferring many responsibilities and costs to the cloud provider, including hardware maintenance and software upgrades. With characteristics like scalability, cost efficiency, security, centralized data and flexibility, it’s no wonder that the cloud is proving to be such a powerful force in the business world.

By combining cloud computing and manufacturing, these organizations are able to streamline their operations and business. This not only benefits time to market, but it also frees up time, money and resources for innovation. The benefits of cloud in the manufacturing sector include reduced costs, rapid deployment, greater innovation, increased flexibility and improved security.

 

  1. Overall Reduced Costs

With cloud solutions in place, manufacturers are able to reduce both capital and operating costs significantly. These organizations, after moving to the cloud, use hardware that is managed, monitored and maintained by the cloud computing provider. Additionally, much of the up-front capital costs are replaced by lower, predictable operational costs, as businesses use a pay-as-you-go or subscription model in the cloud, which can be adjusted at any time. Manufacturers will undoubtedly see savings in IT labor, operating, space, computing resource, administrative, and management costs. As they see these savings, manufacturers will experience greater ease and innovation within their organization.

  1. Quick Deployment and Innovation

Not only does cloud lead to easier access and lower costs for the necessary infrastructure resources, but it also results in rapid deployment. Ultimately, this supports faster time to market. Setup for production infrastructure can happen in a matter of minutes or hours, instead of the weeks that are typical with traditional solutions. This rapid deployment supports quicker responses to dynamic demands from around the globe that manufacturers constantly face.

Furthermore, the quick setup cloud computing allows leads to increased innovation within an organization. Manufacturing companies can more quickly access new capabilities to easily experiment, share and collaborate. These innovations won’t result in the typical significant costs or disruption of resources. Instead, they may result in a step forward for the manufacturer.

  1. Operational Flexibility

Speaking of the dynamic demands manufacturers face, it’s clear that operational flexibility is extremely important for these organizations. With the immense scalability that cloud computing offers, manufacturing companies can easily and quickly free up the resources they need to accommodate demands. As demand fluctuates, it’s easy to scale or provision new capabilities.

But scalability isn’t the only way these companies can experience flexibility. Cloud computing makes it possible to access, use and share secure data from any location, on any device, at any time. This means employees around the globe can easily participate in remote operations by accessing centralized data and workflows, as well as collaborate with ease while avoiding travel and security issues. This brings geographically separate employees together, which ultimately benefits the manufacturing company.

  1. Full Security

While security continues to be the main factor standing in the way of cloud adoption, it has improved immensely. The cloud makes it possible for manufacturers to extend their existing security model into the cloud and add to it. Additionally, cloud security prepares an organization for multiple threats through authentication, authorization and encryption on both the application and infrastructure levels.

Cloud providers know that security is a top priority for the organizations they work with, and therefore have made it their own priority as well. Providers have the resources to hire security experts and dedicate personnel, time and money to client security. This is more than a manufacturer is able to do for itself, so more often than not, these organizations experience greater security after moving to the cloud.

Cloud computing can help streamline the operations of manufacturers, allowing them to focus on developing new products and increasing sales. While improving manufacturing in the above four ways, cloud also reduces the environmental impact of manufacturing and supports an enhanced customer experience.

Manufacturing isn’t the only industry that’s benefiting! See more about cloud’s impact on every sector right here.

8 Signs You Should Invest in the Cloud

bigstock-young-businessman-in-the-start-49810607

The word “cloud” may have bounced in and out of conversations at your office, but you’re still not 100% sure it’s for you. You’re waiting for some sort of sign that it’s worth your time. Luckily, we have eight. If any of these sound like your business, it might be time to invest in the cloud.

You’re looking to upgrade your software.

With cloud software, the upgrades are automatic. You don’t need to repurchase the latest version every time you want to update. You pay for your business applications on a subscription basis – think of how you’d pay for a magazine – and updates are included! And when you want to add new software, you don’t need one of your IT guys running around installing it on every single device. Instead, it’s accessible through the cloud and can be ready to go in minutes, rather than hours or days. And if you realize you don’t need a certain application anymore, you can simply cancel the subscription and be left with no waste!

You’re in need of a hardware refresh.

In the cloud, the hardware becomes the provider’s job. When you want to be working on state-of-the-art hardware, but just don’t have the bucks to spend, cloud computing is the answer. You’re not the one who invests in and maintains the hardware – the provider is! You simply get the benefit of real-time, flexible storage and modern equipment that you don’t have to manage yourself. This frees up both time and money.

You want a data backup plan.

The cloud is able to protect data both virtually and physically, with a dedicated team in place that’s available around the clock. Despite some concerns about cloud security, it has proven itself over and over in recent years. Cloud providers are paid to keep client data safe. Support and backup become their primary focus, when it couldn’t always be yours. With the cloud, businesses avoid losing data in accidents. Redundant, geographically diverse data centers keep data up and running no matter what. It’s the best backup plan, protecting a business even if its primary location or one of the data centers is damaged.

You’re looking to cut down on CapEx.

Then you’re looking in the right place. Cloud moves much of CapEx to OpEx, thanks to the pay-as-you-go model. Businesses end up paying for what they need, as they need it, rather than spending a lot upfront for resources they might not even end up using. With the cloud, many costs shift to the provider, including costs of infrastructure and maintenance, so it’s easier for organizations to decrease spending.

You want your employees to have greater flexibility.

They should have immense flexibility, especially in today’s modern, mobile business world. The cloud provides employees with anytime, anywhere access to company data and apps, on any device. This includes laptops, smartphones and tablets. The user simply connects to the company workspace using their login, and they’re good to go. When employees can work remotely, opportunities open up for a business. It’s easier to expand geographically, that’s for sure. Users have an easier time computing, connecting and responding with this flexibility too. The cloud creates seamless access across multiple devices, which employees and businesses will certainly appreciate.

You’re interested in implementing BYOD.

BYOD not only adds flexibility, but it can cut down on costs. The “Bring Your Own Device” trend puts the responsibility into the employees hands. Rather than a business purchasing devices and updating them regularly, it’s up to the users. This can be empowering, as employees can use devices they’re comfortable with, and know that they have a choice in how they work.

You want to focus your IT resources in new or different areas.

IT was traditionally more of a maintenance role, but with the cloud, many of those responsibilities move to the provider. Instead, IT personnel can transition into leaders and strategists, leading your business towards innovation. They can focus more on ever-changing technology, delivering business value, focusing on growth and the competitive landscape, identifying problems and solutions, and choosing which new tools to implement.

You’re rapidly growing.

Scalability is a key benefit of the cloud. It’s always one of the first things you hear about, and that’s because it accommodates ever-changing business demands. If your business is rapidly growing, it gets really expensive and complicated to continue updating resources. With the cloud, when you need more resources, you get them instantly. There’s virtually unlimited space in the cloud, making it easy to get more when you need it, and then scale back down again as things calm down.