On January 31st, Cisco Systems disclosed a vulnerability allowing up to complete control of a device from the Internet, affecting Cisco ASA Software that is running on several Cisco products. The purpose of this blog post is to:
Help you understand the issue
Point you to trusted resources to explain it in more depth
Determine how you can protect yourself against it
The Issue
Cisco Systems released an advisory and a patch for a vulnerability allowing up to complete control of a device from the Internet.
What You Should Do
Check the following systems for the webvpn configuration, and if enabled for external communications, the systems need the patch from Cisco.
This vulnerability affects Cisco ASA Software that is running on the following Cisco products:
3000 Series Industrial Security Appliance (ISA)
ASA 5500 Series Adaptive Security Appliances
ASA 5500-X Series Next-Generation Firewalls
ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
ASA 1000V Cloud Firewall
Adaptive Security Virtual Appliance (ASAv)
Firepower 2100 Series Security Appliance
Firepower 4110 Security Appliance
Firepower 9300 ASA Security Module
Firepower Threat Defense Software (FTD)
What ISG Is Doing
Currently, the ISG Data Centers are following our normal process for patching, with additional analysis for the critical configuration problems. Our service engineers are available to assist any customer with any Cisco product help in regards to this issue and any other issue.
When things are good, it’s hard to imagine how the world could ever wrong you. But when something goes wrong, it’s nearly impossible to see the sun through the clouds. Disasters happen without warning, and they can cripple a company if you’re not ready.
This is the entire reasoning behind investing in a disaster recovery plan. These procedures help companies get back on their feet after a major catastrophe, and they’re often the reason businesses don’t go belly-up following such an event.
That said, a large number of companies aren’t properly prepared for the worst. They may have disaster recovery solutions, but they haven’t fully worked them out. This can be just as dangerous as not having any plan at all, and we would like to rectify these issues by discussing some aspects of disaster recovery that you may not be considering.
1. You need to test constantly
“Everyone has a plan until they get punched in the face.” That’s a quote from Mike Tyson, and it’s just as true in boxing as it is in disaster recovery planning. Actually coming up with a plan is great and puts you ahead of the companies that haven’t, but it’s impossible to know if your procedure will work until you’ve put it through its paces.
“A huge portion of organizations just aren’t putting any priority into testing.”
Sadly, a huge portion of organizations just aren’t putting any priority into testing. Some test once or twice and think they’re done, while other literally never test at all. Therefore, it’s up to you to ensure that your company’s plan actually works.
TechTarget recommends starting with a test that checks data recovery, application recovery and communications. That last aspect is the most important, as not being able to discuss issues with your team can lead to widespread panic and confusion. The site states that these tests should happen on a “regular basis” all throughout the year, so don’t think you can do it once and be done.
Finally, you’ll want to examine audit logs to see exactly what worked and what needs some more tweaking. With enough patience and testing, you can come up with a procedure that will hopefully see you through the worst disasters.
2. What about your employees?
Although most people think of data systems and downtime when discussing disaster recovery, it’s important to realize there is a much more human element to this process that you’re want to consider. Specifically, you need to figure out what your employees will be doing during such an event.
Of course, the first step is to make sure everyone is alive and well following a catastrophe. After this, you’ll need to think about where these people can work. Will they be able to simply log in from home? Do they need access to data systems stored in the office? Do they have all the equipment they need at home?
After considering this, TechTarget asks administrators to consider the possibility of employees being displaced from their homes. In such situations, work is the last thing on an employees mind. While there’s nothing wrong with that, it’s up to you to figure out what the next step is. TechTarget recommends gaining access to trained psychological professionals in order to help workers mentally readjust.
When an employee loses their home, they generally don’t worry about work.
3. Your workers are a major threat
Clearly, your employees are a valuable asset. That said, they’re also often the ones most responsible for disasters in the workplace. According to a 2014 report from IBM, 95 percent of data security disasters can be traced back to human error.
Although you trust your employees, this statistic shows that the best way to avoid a disaster may be to better train your employees. Exactly what that means depends on your industry and what employees have access to, but the point is that thinking about external factors like tornados and earthquakes while ignoring human error can have disastrous results.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/power-button-computer.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2018-01-31 15:19:342019-05-09 21:30:503 things you might be forgetting about disaster recovery
If you run an SMB, cybersecurity should consistently weigh on your mind. Cybercriminals are extremely common these days, and fighting them off can be quite the challenge. In fact, the Duke University/CFO Magazine Global Business Outlook Survey found that more than 80 percent of companies in the U.S. have been hacked.
While this should make any company administrator worried, this is an especially frightening statistics for those that run SMBs. While larger organizations certainly receive more attention when they're hacked, they also have the money and public image to bounce back when a data breach occurs. Smaller businesses, on the other hand, don't have this luxury. A single hack can be a signal to your customers that you aren't trustworthy, regardless of what actually happened during the hack.
With your entire business' image on the line, it's clear that cybersecurity needs to be a major focus n 2018. That said, this topic is so complex that finding a place to start can be difficult. Cybersecurity is vital, and not beefing up your protections simply because you don't know where to begin is a bad idea. Therefore, let's take a look at some of the most important areas of security today, as well as tips for SMBs to avoid these issues.
If you run a small business, there's a good chance you have a solid familiarity with the bring-your-own-device (BYOD) trend. This is where employees are encouraged to bring their own gadgets into the office for work-related purposes.
The benefits of such a system are obvious and very compelling for smaller organizations. The biggest of these is the cost advantages BYOD brings. The traditional model of getting devices into the hands of workers is to simply buy these devices, which can take a huge chunk out of your budget. However, by allowing workers to use their own tablets, smartphones and computers, SMBs can put the money they would have spent on gadgets toward objectives that can further the company's success.
On top of the cost advantages, BYOD also allows for a level of familiarity that you won't be able to produce with company-owned devices. According to a study from CIsco, U.S. employees that were allowed to use their own gadgets at work saved about 81 minutes every week. Clearly, BYOD allows for a big boost to productivity.
"There is a major drawback to BYOD in the form of cybersecurity."
Despite all of these obvious benefits, there is a major drawback to BYOD in the form of cybersecurity. The issue is that most people simply don't secure their own devices properly. While the lack of antimalware software on personal mobile devices is certainly an issue, the fact that many people don't even use PINs to acces their phones is disturbing. If such a person were to lose their phone, quite literally any person that finds it would be able to access sensitive data.
While there are some clear downsides to BYOD, that doesn't mean you shouldn't allow for such a system within your company. You simply need to prepare your employees. This begins with some sort of meeting where teh security needs of the company are outlined. On top of that, it may be a good idea to install protective software on any device that has access to the company's network and data.
2. Ransomware isn't going away
In a similar vein, ransomware has also reared it's ugly head and is making moves against SMBs. At its most basic, a ransomware attack is where the attacker encrypts a certain device or multiple devices on a network. The idea is that companies need constant access to the data contained on these gadgets, and that encrypting this information would be a major blow to operations. Therefore, the hacker is able to name his price in order to decrypt the captured data.
While this is a major issue for all the devices your company uses, one area you may want to focus on is how ransomware might affect your mobile infrastructure. Kaspersky Lab reported a 253 percent increase in ransomware attacks in Q1 2017 over the previous quarter. That's an enormous uptick, and this is very clearly a mounting trend within the enterprise.
"Going after mobile devices simply makes sense to a ransomware hacker."
Going after mobile devices simply makes sense to a ransomware hacker. Due to BYOD, these gadgets often contain incredibly important information, and companies can't simply ignore how much data they contain. What's more, smartphones and tablets often have a lower level of security than traditional computers, which is the perfect opportunity for a hacker to strike.
While the tips above can help prevent such an attack, an additional piece of advice is to back up every scrap of data that you consider important to the company. In fact, the 3-2-1 Backup technique is generally though of as the best way to protect data security from a ransomware attack. This is where you have three copies of a piece of data, kept on two different mediums with one of these mediums being kept offsite. By doing this, you can simply wipe any device hit by a ransomware attack without having to worry about losing precious information.
3. Social engineering should be your biggest concern
Social engineering is a topic we've touched on before, but its importance deserves constant attention, especially within smaller businesses. You can think of these attacks in the way you might think of a conman. They generally involve preying on people's kindness in order to accomplish some sort of malicious task. For example, a hacker dressed up as a plumber might be able to talk a receptionist into letting him into a secure part of the building without clearance.
That handyman may not be who he says he is.
The reason this is such an issue for small businesses is that these organizations generally have a more neighborly feel to them. The entire point of hiring a small business is the friendly personal touch these companies can provide, which is a major selling point. However, this attribute can allow for hackers to get away with more than they would have if they'd attacked a larger organization.
The sad truth is that the only way to lower the threat of a social engineering attack is by hardening your employees to sob stories. Hackers will usually spin a yarn about how they lost their ID card o r their login credentials, and this story is often convincing enough to get them everything they could ever want out of a company.
Therefore, organizations need to teach employees that being nice isn't always the best thing to do. Losing login credentials may get a person in trouble, and its human nature to want to help someone in such a situation. However, doing so could be disastrous for the company.
At the end of the day, a company is really only as secure as you want it to be. You can purchase all kinds of cybersecurity software, but if you aren't willing to take step to prevent an attack, you're no more protected than someone who avoided these services. By increasing your knowledge and working to ensure your employees understand the importance of security, you can help keep your company's data safe.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/woman-with-coffee.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2018-01-31 15:18:392019-05-09 21:30:583 things SMBs need to know about cybersecurity
On January 1st, 2018 Intel disclosed a critical alert around a large variety of Intel CPUs that allows an attacker to read memory belonging to other processes. Further details from Google Project Zero, Cyberus Technology private researcher Paul Kocher, and various universities surfaced January 3, including white papers. The vulnerabilities are named Spectre and Meltdown. The purpose of this blog post is to:
Help you understand the issue
Point you to trusted resources to explain it in more depth
Determine how you can protect yourself against it
What is the Issue?
Spectre has been assigned CVEs CVE-2017-5753 and CVE-2017-5715. Meltdown has been assigned CVE CVE-2017-5754. Some elements of Spectre, at least for the moment, cannot be mitigated in software.
This vulnerability was privately disclosed to Intel and operating system vendors, but security researchers working independently have developed proof of concept code. In a statement released on January 3, Intel stated it is working with AMD and ARM, as well as with major operating system vendors, on fixes.
Microsoft released emergency patches for supported versions of Windows on January 3, and is patching Azure on an accelerated schedule. Microsoft has not stated if end-of-life systems such as Windows Vista, Windows XP, and Windows Server 2003 will be included. Apple included fixes in macOS 10.13.2, and plans more fixes in macOS 10.13.3 by the end of the month. Google addressed the issue on Android and Chrome OS in its January 2018 security patch.
Potential Impact
This vulnerability can be potentially exploited to defeat ASLR and KPTI on affected systems and read memory contents belonging to other processes running on the machine. At this point, the most useful scenario for an attacker would be to use it to steal passwords, credit card numbers, or other sensitive but succinct data from memory. On desktops and laptops, it can be exploited remotely via JavaScript residing on a web page. It could also be used in cloud environments to cross over into other virtual machines and steal data belonging to other customers.
The patches for this flaw may prove to be unpopular due to early reports stating to expect performance hits ranging from 5-30 percent. Reports from the field indicate 20% is a more common worst-case scenario on database and web servers. On desktops, the performance impact generally is minimal.
What Should You Do
Having a complete inventory of IT systems is critical for addressing vulnerabilities such as this one, including hardware make and model, CPU architecture, and operating system.
Workstations and virtual machines in cloud environments, which have the greatest exposure to the outside world, should have the highest priority when deploying patches. ISG Data Center infrastructure systems are in the process of patching. Servers running on virtual infrastructure under your control will be harder to exploit.
There are some caveats to patching Windows for this vulnerability. A Microsoft article on compatibility issues between this patch and certain third-party antivirus solutions is included in the Supporting Information section at the end of this document. GuidePoint recommends you confirm with your antivirus vendor that its solution is compatible with Microsoft’s update for Spectre and Meltdown. Slowdowns, although initially overstated, still have the potential to occur. The effect on workstations will be minimal. Servers that perform heavy I/O, such as web servers and databases, will incur more significant performance hits.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/lighting-storm-weather-city.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2018-01-24 00:00:402019-05-09 21:31:09Spectre/Meltdown Vulnerabilities: What You Need To Know
Cybersecurity may be the biggest issue facing the enterprise. The costs of dealing with an attack are through the roof, and experts believe it's only going to get worse. The Official 2017 Annual Cybercrime Report from Cybersecurity Ventures predicted that by 2021, cybercrime would cost the worldwide economy around $6 trillion.
With so much money funneling into the criminal underground, it's easy to see why so many companies are terrified of a hack. To satisfy this urgent need for data safety, businesses have started to invest in highly-complex technologies aimed at catching digital incursions before they get out of hand. These systems are certainly necessary in this day an age, but many administrators mistakenly think they're the only way to secure information.
In fact, many hackers actually rely on a technique called social engineering. This approach is incredibly successful, mainly due to the fact that companies don't plan for it. To help officials stave off such an attack, let's explore exactly what social engineering is and what you can do to prevent it.
How does social engineering work?
Although the term is used to discuss a certain type of attack, social engineering actually encompasses a wide range of hacking techniques. That said, they basically all boil down to using human error to accomplish a goal.
For instance, a hacker may come to find that he needs login credentials to access a certain data set. One popular technique in such a situation involves the hacker calling the front desk to say that they've just been hired at the company. They could spin a sob story about not being able to gain access to a certain system and will plead for help. If this cybercriminal has the right charisma, he can pretty easily persuade someone into giving him exactly what he wants.
Another way hackers rely on social engineering is by physically breaking into a company's office. In the same scenario where the cybercriminal needs login credentials, he might put on a pair of overalls and say he's an electrician. If he can make it past the front desk, he might get lucky enough to find a person's username and password written on a sticky note on their computer. If he's not that fortunate, he could even install a keylogger on someone's machine that could give him the information he needs.
That friendly electrician may not be as innocent as he looks.
While these two scenarios aren't the only ways social engineering techniques are deployed, the point is that all of these attacks rely on unearned trust from your employees. People want to help those in need, and hackers use this desire to get what they want.
Companies just aren't prepared
Due to the fact that social engineering relies on good-hearted people just trying to be nice, there's a real chance that your company is at risk. This is especially true of employees who have to be helpful by nature of their position, such as receptionists and HR workers. However, this epidemic reaches just about every inch of most companies.
"Two-thirds of employees will give out information like their Social Security numbers."
A security company called Social-Engineer took a deep look into just how big of an issue this hacking technique is. They found that around 90 percent of employees will give up their names and email addresses without even confirming who's calling. That's certainly an issue, but the real problem is that around two-thirds of employees will give out information like their Social Security numbers. On top of that, Social-Engineer has a perfect record when it comes to physically breaking into an office, which shows just how vulnerable companies are.
How can you avoid an attack?
Clearly, a majority of companies are in serious risk of a breach due to social engineering. Thankfully, there are some steps administrators can take in order to lessen the chances of an employee making a grave error.
To begin, you'll want to hold a mandatory meeting for all employees about security. If possible, try to break up the courses by department so you can discuss specific needs with all the different professionals at your company.At these meetings, you'll need to discuss social engineering attacks like impersonation and phishing, as well as how to report these issues should one arise.
Finally, and perhaps most importantly, you'll want to lower the number of individuals who have access to admin privileges. The more people you have with access to every system, the larger your attack surface area.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/manufacturing-warehouse.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2018-01-16 15:35:502019-05-09 21:31:17Why should your company fear social engineering?
Managed service providers (MSPs) are booming these days. Organizations of all sizes are seeing their potential, but small and medium-sized businesses are really starting to understand the importance of MSPs. In fact, the market for these products is expected to reach $257.84 billion by 2022, according to Business Wire. That's a compound annual growth rate of 11.1 percent compared to 2017's market size of $152.45 billion.
Clearly, MSPs are providing a valuable service to their customers. However, many smaller institutions are still wary of investing in one. They don't fully understand what outsourcing these duties can accomplish, and simply see the initial price as a deterrent.
That said, paying an MSP can actually end up saving money in the end if you use the services properly. To that end, let's take a look at the top 4 reasons you should invest in an MSP today.
1. Improved security
"Cybersecurity is one of the biggest issues facing IT departments."
If you aren't worried about the safety of your company's data, then you aren't paying attention. Cybersecurity is one of the biggest issues facing IT departments, and for good reason. According to the Information Systems Audit and Control Association, there will be a shortage of 2 million security professionals by 2019.
If you operate an SMB, there's a good chance your IT department is already limited. What's more, there's an even greater likelihood that you don't have a dedicated cybersecurity employee on your payroll. This is a perfect example of what MSPs can bring to small businesses.
Due to the nature of the MSP business model, data security is of the highest priority. A company that loses control of this information will most likely be blacklisted by any prospective clients, and MSP administrators know this. Therefore, the level of security these organizations can provide is so much greater than anything your employees could ever devise.
This isn't to say that your workers aren't talented individuals. Rather, they simply don't have the expertise necessary to ward off sophisticated attacks. You could hire a trained professional to do the job, but these people are incredibly expensive to hire and, as the above study shows, they're hard to find. You're simply better off spending your money with and MSP that can provide you a host of services on top of excellent security.
2. More robust disaster recovery
Disasters, whether they be natural or man made, absolutely terrify company administrators. In fact, the Red Cross has found that 94 percent of small business owners think such a catastrophe could ruin their organization within the next two years.
A natural disaster can spell the end for a business.
Clearly, a lot of institutions simply aren't ready for the worst. While there are many reasons behind this, the most important is the lack of a solid disaster recovery solution. These plans basically document what to do in the event of an emergency, going so far as to backup data and ensure the use of vital applications.
Sadly, most companies are completely unprepared when it comes to their disaster recovery solution. A study conducted by the Disaster Recovery Preparedness Council found that nearly three-quarters of companies are not ready to handle a catastrophe. While that's certainly scary enough, the truly frightening part of this study was the level of testing done on these plans. Almost a quarter of respondents stated that they never test their plans, and nearly two-thirds admitted that they couldn't pass their own tests.
This is an issue that can be easily solved by investing in a disaster recovery solution through an MSP. These organizations have highly trained staff who have seen all kinds of emergencies, and they can use these skills to help ensure the security of your company. What's more, investing in an MSP disaster recovery solution generally comes with a data backup service. One of the keys of a robust plan is to store copies of data offsite in the event that your entire office is destroyed, and an MSP can help you accomplish this goal.
3. Freeing up of internal resources
In a similar vein, not having to assign employees to aspects like cybersecurity and disaster recovery allows them to work on projects that can actually help further your business. This is probably the most enticing benefit for the average IT worker, as these people are generally overworked.
In fact, a study from Robert Half Technology found that 43 percent of respondents believed their IT departments to be deeply or somewhat understaffed. This is a major issue, because overworked people tend to make mistakes. Therefore, relying on in-house solutions for disaster recovery, security and other areas both ties up current resources while also decreasing the overall effectiveness of what's produced.
The sole focus of your company should be to make money, which means that internal IT teams need to focus on ways in which to improve current operations. Partnering with an experienced MSP simply frees these employees to work on projects that can further your organization's success.
4. Better uptime
In the modern world, uptime is everything. Companies live and die on their abilities to provide digital services to their customers, and any disruption of this can be incredibly dangerous to the organization's bottom line. According to Gartner, the average cost of downtime is about $5.600 every minute. That adds up to over $300,000 per hour, which very clearly illustrates just how serious this issue is.
However, the money you lose is only the tip of the iceberg. The real problem when it comes to downtime is the damage it can do to your customer-facing image. People have come to expect a lot of consistency when it comes to digital services, and this expectation is tied up in their opinion of an organization. Even a minor amount of downtime can forever change how a consumer views your product or services, and you may actually lose a customer for life.
Again, this is yet another area that MSPs excel in. An MSPs entire job is dependent on its ability to avoid downtime, which means they have a host of highly-sophisticated systems to sidestep the possibility of your customers not getting what they paid for. In fact, downtime is often seen as a breach of contract with an MSP, so these companies have a very real reason to do what they can to avoid it.
While these are only some of the ben efits you can receive from an MSP, it can be easy to get lost in the number of companies who provide these services. Thankfully, you can find a strong partner in ISG Technology. We have years of experience helping companies succeed, and we'd be happy to give you everything here and more. If you'd like to hear more about us or our products, make sure to contact an ISG Technology representative today!
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/server.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2018-01-02 11:45:112019-05-09 21:31:234 things SMBs can get out of working with a managed service provider
With 2017 coming to a close, people are bundling up and heading inside to spend time with friends and family. For many, it's a time of celebration and relaxation. For those who haven't done their holiday shopping, it's a time of panic attacks and hyperventilating.
Thankfully, those in the second group can rest assured that the loved ones on their shopping list are most likely tech lovers. Everybody likes receiving the coolest gadgets, but knowing exactly which to choose demands a little knowledge about the recipient.
On that note, let's explore some of the most interesting devices on the market as well as the kind of person that would want to get them.
1. Smart speakers
If you're looking for a catch-all gift that's good for anyone on your list, you'll be hard pressed to find something better than smart speakers. These are great for jamming out to your favorite tune or listening to an audiobook while cooking, but the feature that makes a smart speaker special is the built-in personal assistant.
A good way to explain the benefits of this feature is to examine the second-generation Amazon Echo, which Tom's Guide believes to be the best smart speaker of 2017. This device has Alexa, which is an assistant that can answer questions, play specific songs or even order something off Amazon for you. What's more, a firmware update has greatly increased the second generation's sound quality and a reduced price of $99 is pushing many to invest in the Amazon Echo. If you're looking for more value, the Amazon Echo Dot is only $50. However, you'll have to deal with reduced sound quality in this model.
Of course, the Echo line isn't the only choice here. If you still like the Alexa AI, the Sonos One speaker might make a better gift. The sound quality has been found to be far superior to either of the Echos, and it still runs Alexa for that more personal touch. However, at a price tag of about $200, you'll certainly be paying for quality.
2. Drones
Although smart speakers are a solid general gift, you may be looking for something more specific. If you need a gift for an outdoorsy loved one or a kid that has too much free time on her hands, you might want to consider a drone. Advances in this technology have allowed drones to become much cheaper and much more fun than they were just a few years ago, and they're a great wow factor for any holiday get-together.
For young kids who need a reason to get out of the house, check out the Syma X5SC. With a price of around $49, this starter drone is a great way to get children excited about the hobby without putting too much money on the line. The device can perform a 360° roll, has multiple cameras and has a blade protector to ensure a single mistake won't forever ruin usability.
Drone popularity is exploding recently.
If you know someone older who's already into drone operating or simply wants to get into it, you may want to look at the DJI Phantom 4. Although the overall usability and speed of this drone are certainly impressive, it's the obstacle avoidance system that truly makes this device special. This safety program stops the drone from hitting an object that is in its flight pattern, which can seriously cut down on the mistakes a beginner might make. However, with some stores selling the drone for around $1,399, the DJI Phantom 4 is a hefty investment to say the least.
3. VR headsets
Virtual reality was seen as something only for science fiction for years. Now, however, the technology exists to bring VR home for the holidays. Although the future applications seem to be endless, the current uses for these devices seems to be within gaming.
"Virtual reality was seen as something only for science fiction for years."
If the gamer in your life is looking to upgrade their hobby, you may want to take a look at the Sony PlayStation VR. This headset works with the PlaStation 4 or PS4 Pro, and has a 3.5-millimeter headphone jack for you to use your own earphones. Although it has dedicated consoles and a large company pushing it – which means it already has specifically-designed games to go with it – the 1,920-by-1,080 OLED display panel isn't as sharp as other devices. What's more, the VR headset doesn't work without the PlayStation Camera, which simply adds on to a $299 price tag.
For a more general VR headset, you can't go wrong with the HTC Vive. At $599, this device is certainly more expensive than Sony's. However, the user isn't required to purchase a PlayStation Camera. Additionally, the HTC Vive is best suited for a PC, which gives the gamer more flexibility in terms of his or her loadout. However, as PCMag pointed out, the fact that the headset is tethered to the gaming device means that whole-room VR is often out of the question.
Outside of gaming, an interesting feature of the HTC Vive is the Virtual Desktop option. This basically allows you to project your computer's desktop anywhere you want, whether that be floating in the air or placed directly on the wall. This augmented reality experience is not only useful, it's also an incredible look into the possible future of home computing.
Getting a gift for a loved one may be difficult, but the holiday season truly is about giving. Getting your friends and family tech will make sure everyone goes home happy, so do what you can to make this holiday season special.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/team-work.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2017-12-14 11:09:582019-05-09 21:31:29Top 3 tech gifts for this holiday season
Watch Cisco’s Ransomware Video: The Anatomy of an Attack to see how an effective ransomware attack comes together. This is why today’s enterprises require effective security. Learn how Cisco Email Security and Umbrella DNS provide dynamic security against ransomware. Umbrella DNS is cloud-based to provide security for all users on or off a network – essential cover for mobile devices and employees working out of office.
Only suspicious websites are redirected by Umbrella DNS for further investigation, offering robust security without compromising network speed or performance. If you manage to connect to a malicious website, Umbrella DNS blocks the site from requesting data, protecting your network until the threat is removed.
When you put ISG Technology to work for you, you don’t just put industry leading security experts on your team, you put security at the top of your priority list. You put the concern that someone might be selling you a short-sighted solution to the wayside. You put trust back where it belongs – on your side.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/teamwork-collaboration.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2017-12-07 12:52:472019-05-09 21:31:38Video: The Anatomy of an Attack - Vol. 2
Cybersecurity has become one of the most important areas of study for the new millennium. With so much data being traded and stored in the digital landscape, it just makes sense for criminals to focus their energy on this new means of theft.
That said, the simple novelty of hacking in terms of human history means that companies are still trying learning and adapting to the new threats facing them. For example, the idea that a criminal could hold your information hostage would have seemed ludicrous a few years ago. Now, society is dealing with ransomware attacks like the 2017 "WannaCry" malware that experts have estimated cost the economy around $4 billion.
The world is changing rapidly, but this doesn't mean your organization has to be left behind. The next year certainly holds surprises for the cybersecurity industry, but following these tips can help prepare your company for the worst of it.
1. Backup your data now
Data is at the heart of any company's success. It's simply impossible for organizations to function without information, which is why it's so shocking that so many businesses don't properly backup the data they create and collect.
To begin, not doing so is simply an accident waiting to happen, especially for small businesses. In fact, a study posted by Small Business Trends found that 58 percent of small organizations are not at all ready for a data loss event.
However, the truly frightening aspect of this is the fact that a robust backup system is often the best protection against a multitude of attacks. The best example of this is ransomware, which is where the hacker encrypts the data on a device or network and will only unlock it when paid a certain amount of money. What's more, security firm SOPHOS stated that the increased market for ransomware kits on the dark web is going to lead to a rise in attacks in 2018.
Wiping the ransomware from a gadget without removing the data itself is next to impossible most of the time, which is why many experts recommend 3-2-1 backup. This process requires three copies of a piece of data where two are stored on different mediums – such as the cloud and a physical drive – and one must be kept offsite.
Those looking to boost their backup system should consider the Backup-as-a-Service model offered by ISG Technology. Our top-of-the-line system uses the cloud to implement robust backup, which allows you to utilize multiple mediums and store data offsite.
2. Discuss security with your employees
Although a lot of people think of high-tech solutions when it comes to cybersecurity, the fact of the matter is that a huge portion of successful hacks have to do with something called social engineering. This is where the cybercriminal uses pity, deceit and emotional manipulation to get what they want out of an employee.
"Just about every person is vulnerable to social engineering."
Most people don't know it, but just about every person is vulnerable to social engineering. In fact, experts at security firm Social-Engineer have found that around 90 percent of the employees they try to hack end up willingly giving up their names and email addresses without even confirming the identity of the person asking. But that's not all. Around two-thirds of people will give their Social Security numbers, birthdays or employee identification numbers.
Clearly, this is a major attack vector and it makes sense that hackers would exploit it as much as they do. Therefore, it's important to educate employees on the multitude of ways a cybercriminal could use their benevolence against the company.
To begin, employers must emphasize the importance of vigilance when it comes to email. Hackers love beginning their attacks through something called phishing, which is where they send messages to workers in the hopes that one of them will click a link or give up sensitive information. However, the real problem many companies are dealing with these days is spear phishing, which is where the hacker targets a specific person by using information about them to convince them the email is legitimate.
According to PhishMe, attacks of this nature rose about 55 percent in 2016. What's more, around 91 percent of data breaches can be traced back to an original spear phishing email.
Phishing is a huge issue that many companies aren't taking seriously.
Therefore, it falls upon employers to convince employees of the importance of email security. This should certainly involve a company-wide meeting discussing the risks, but it's also vital that administrators set up tests for workers to see if they'll fall for such an attack. Hackers have been relentless with spear phishing and it looks like that will continue in 2018, so the best way to avoid such an issue is to stress email security now.
3. Keep an eye on mobile security
Mobile devices aren't a luxury anymore. They're a vital necessity for workers all over the world, and ignoring this fact could have enormous security ramifications. The Pew Research Center found that 77 percent of Americans owned smartphones in 2016, This is causing a lot of companies to understand the value of the bring-your-own-device trend, which allows employees to use their own gadgets for work-related purposes.
While BYOD is certainly a huge step forward, the fact that many organizations are ignoring it is extremely dangerous. Gartner found that around 37 percent of employees are currently using their own devices for work without the knowledge of their employers.
The ramification here is that a huge number of devices are accessing sensitive company information without any sort of uniform security system protecting them.
While the importance of security measures must be stressed to employees, ignoring BYOD is most likely doing your company more harm than good. Therefore, the new year is a great opportunity to reorganize how your business handles employee-owned devices.
The future may be uncertain, but that shouldn't paralyze you. By taking the proper precautions and being prepared for whatever cybercriminals can throw at you, you can avoid the biggest mistakes and ensure the success of your firm.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/tight-rope.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2017-11-30 14:21:422019-05-09 21:32:033 Cybersecurity Tips For 2018
Cloud technologies have transformed the way businesses operate, and organizations in the manufacturing industry are no different. Manufacturing processes are increasingly being moved to the digital realm to enable companies to perform efficiently and effectively. Office 365 in particular has become a tool capable of empowering manufacturers and improving operations. Let's take a closer look at what Office 365 means for manufacturing:
1. Better communication and collaboration
Organizations are not monolithic entities. Many businesses are extending their reach across the country and even expanding to a more global audience. With resources devoted to so many different places, it can be difficult to keep everyone updated and ensure that people can work together effectively. Mobile devices and cloud-based applications have helped to mitigate the distance between workers, and Office 365 is a critical tool for enabling remote operations. As Forrester noted in a report, mobile access to SharePoint and Office Professional Plus through Office 365 provides a better understanding of inventory levels in real time. Managers can keep up-to-date information flowing across the supply chain and into distribution, resulting in improved delivery time and lower inventory costs. Other segments of the manufacturing team can use Skype and Yammer for improved communication, bolstering employee and customer satisfaction.
Office 365 enables better communication for manufacturers.
2. Tool consolidation
As manufacturers grow, their infrastructure can become more complex and unwieldy. Supporting all of these tools is costly and causes issues with navigation and data integration. Rather than using a bunch of disparate tools, manufacturers can take advantage of Office 365's suite of interoperable features. Jabil CIO Gary Cantrell noted that choosing Office 365 was a way to simplify and consolidate the IT environment with a fully integrated productivity platform. This ensures that workers have a user interface that inherently advocates collaboration and ensures that there are no compatibility issues when sharing important information and files.
"Migrating processes to Office 365 empowers manufacturers to keep up with complex business environments."
3. Improved agility
In today's fast-paced world, it's becoming more difficult for businesses to keep up and leverage technology in a beneficial way. In one Office 365 case study, Fortescue Metals Group had a server environment that wasn't keeping pace with the company's accelerated growth, resulting in downtime, slow onboarding and additional costs. By moving to Office 365, the organization's IT services were more reliable, secure and agile. Office 365 modules allow manufacturers to connect to plants in real time to avoid production issues, foster innovation, and improve service. Migrating processes to Office 365 inherently improves agility and empowers manufacturers to keep up with complex business environments.
The cloud has changed what organizations and workers expect. Office 365 is a critical cloud-based suite that can directly benefit the manufacturing industry, as well as many other verticals. Using Office 365s modules, businesses can improve their agility, consolidate their IT environment and bolster communication. To find out more about what Office 365 can do for your business team up with a certified partner like ISG Technology.
https://projectrecognition.isgtech.com/wp-content/uploads/2019/04/tall-grass-sunrise.jpg266702ISG Technology/wp-content/uploads/2018/02/isg-logo.pngISG Technology2017-11-13 11:11:572019-05-09 21:32:18What Office 365 means for manufacturing
When an employee loses their home, they generally don’t worry about work.
