September 29, 2015
The word ‘cloud’ has gained much popularity in the past few years. Cloud computing essentially means storing all your electronic files, software, applications, documents, programs and data over the internet, instead of your computer’s hard drive. Considering the virtually endless benefits it offers, majority of businesses are switching to cloud computing to make the most of this service.
If you are also considering moving your business activities to cloud, here are some of the important things that you should know:
- Different Versions: Cloud computing services can be availed in different versions. Among them, the most common are Software-as-a-Service (SaaS) and Infrastructure-as-a-Service (IaaS). In the former one, you need to pay a monthly fee to store your applications and files on your cloud provider’s servers. On the contrary, in IaaS, the users can have a direct access to their servers and data centers. This service operates on a pay-as-you-go basis, i.e. the users are charged according to the space they use on the virtual machines.
- Less Burden On IT Staff: Your IT staff spends a good deal of time on maintaining, troubleshooting and updating the equipment in the office. However, with cloud computing, all these tasks can be outsourced to your provider. This will help to reduce burden on your IT staff and allow them to focus on other tasks critical to the success of your business.
- Better Accessibility: With cloud computing, you can have complete access to your files and important documents from anywhere at any time. All you need to have is an internet connection and a compatible device. You do not need to be present in the office to handle the business activities.
- Unlimited Storage Capacity: When you store your applications on cloud, it eliminates the issues concerning exhausted storage space or expanding data centers. The users can anytime increase the storage capacity according to their requirements.
- Flexibility: As cloud computing services are charged on a monthly basis or according to the consumption of space, it offers a greater flexibility to companies. For instance, if your business witnesses high and low phases during certain times of the year, you can easily match the capacity of cloud storage to suit your needs. With this, you can also make huge savings on your company’s IT finances.
For more information about the benefits of cloud computing, you can call at (855) 375 – 9654.
September 24, 2015
IT security is one of the biggest challenges faced by every organization. Considering the different malware and networking threats discovered frequently, the impact of a feeble security policy can be disastrous. Hence, data security should be your company’s top priority, specifically if your business activities involve storing sensitive customer details.
Here are some practical tips that can help to improve IT security in your organization:
- Establish A Definite Plan: Chalk out a well-defined plan stating the actions that should be taken to evade a data breach. This should include terms and policies regarding which data can or cannot be accessed by the employees. The rules mentioned in the plan should be strictly followed by each and every individual who is a part of the organization. Also, the security policies must be reviewed and updated from time to time.
- Educate Your Employees: Let your employees know about the potential security risks and the best practices to mitigate them. They should be educated about creating strong passwords, handling spam emails, maintaining data backup etc. Also, there should be a dedicated IT staff that they can turn to in case of any doubts or concerns.
- Set A Data Storage Policy: You should also implement a data storage policy in the organization. It should have a clear mention of the data that should be stored or deleted from their devices. Keeping files with certain extensions can also increase the risk for a security breach.
- Ensure Encryption: If you need to store any sensitive customer data such as names, passwords, credit card details, email addresses, bank account numbers etc., make sure they are properly encrypted. Only a limited number of employees should have access to the computers containing this information. You can also consider using two-factor authentication for added protection.
- Avoid BYOD Culture: With a rise in the work from home culture, the data security risks have also increased manifold. The personal devices used by the employees may not be compliant with your company’s security plan. This provides hackers an easy pathway to gain access to your organization’s confidential data. To prevent this, do not allow employees to use their own devices as long as they are made to comply with the company’s policies. Connecting portable networking devices with the office computers should also be restricted to prevent a malware breach.
We, at Centex Technologies, provide complete IT security solutions to businesses across Central Texas. For more information, you can call us at (855) 375 – 9654.
September 17, 2015
Following the discovery of MAC firmware worm Thunderstrike 2, the cybersecurity experts at Palo Alto Networks along with WeipTech, have released reports of a new iOS malware, KeyRaider. Being responsible for the largest ever account theft caused by a malware, KeyRaider has successfully stolen credentials for more than 225,000 accounts of Apple customers. The Apple devices targeted by KeyRaider were primarily jailbroken, i.e. they permitted the download of unauthorized applications, extensions and themes from sources other than the Apple App Store.
How Does KeyRaider Work?
When a user jailbreaks an Apple device, the malware prompts him to install a third party app from a Cydia repository. Once the app is downloaded, KeyRaider attempts to steal important account credentials and Universally Unique Identifier (UUID) number. It allegedly intercepts random data from iTunes accounts of users who have installed malware-ridden apps on their jailbroken devices.
In addition, the malware even goes a step further to access Apple’s service certificates, disable remote unlock feature and share App store information. This allows other users to use the stolen data in order to purchase premium apps or themes from the Apple Store.
How To Detect And Remove KeyRaider?
The most viable way to keep your Apple device protected against KeyRaider is to keep it updated with the latest software applications. You should also not jailbreak your phone as its removes Apple’s protections and make your device vulnerable against security breaches. However, if you have already jailbroken your phone, here are some of the steps that you should take to protect yourself against KeyRaider:
- Search ‘Filza File Manager’ on Cydia and install it on your device.
- Open the app and go to /Library/MobileSubstrate/DynamicLibraries/.
- Select the first file that has a ‘.dylib’ extension.
- After opening the file, type in the following keywords into the search bar – wushidou, gotoip4, bamu, getHanzi.
- If you are able to locate any of these keywords, your device is infected with malware. Make sure you remove the file along with all the ‘.plist’ files in the same name.
- You should follow the same steps for each ‘.dylib’ file that you find in the directory. Once done, reboot your iOS device.
After you have successfully removed the malware, it is suggested that you change your Apple account password and enable two-factor authentication to keep your device safe.
September 10, 2015
In order to take users’ search experience to yet another level, Google recently announced a major change that it is going to implement in mobile search results. It stated that the mobile websites which use pop-up ads to prompt the users to download apps will be penalized in the form of lower rankings. The latest move by the company can prove to be a major setback for the advertizers, app developers and web publishers.
According to the post published on Google Webmaster Central Blog, “After November 1, mobile websites having an app interstitial that hides majority of the web page content will no longer be considered mobile friendly.” Adding further, it specified, “Our analysis shows that it can be frustrating for the users when the content that they expect to see on a web page is blocked by an undesired interstitial.” The update has been released following the company’s internal survey that showed 69 percent of the people abandoned a website after being encountered with such pop-ups while only 9 percent actually downloaded the app.
As a replication to this announcement, Google has also updated its mobile friendly test to warn sites that have large app download interstitials during users’ transition from search pages. The mobile usability report in search console will display the number of web pages where the issue has been found. Google also stated that it will penalize only those interstitials that cover a significant amount of relevant content on any web page. Also, the company has advised websites to present app download interstitials in a more user friendly manner. Instead of using the obstructive pop-ups, smaller and less intrusive banners can be placed at the top of a web page. It will provide a more convenient way of promoting an app while allowing the users to manage their browsing experience.
Google has always strived to provide quality and relevant search results to the ever increasing number of mobile users. Once the new update is live and you still have large pop-ups on your website, you are bound to witness a considerable drop in your mobile search rankings. In order to avoid being penalized, you should make sure you do not prompt your visitors to download your app. You should keep user experience as your top priority while designing your website in order to increase traffic and reduce bounce rate.
August 31, 2015
A data breach can be defined as an unauthorized access, viewing and retrieval of a database, application or program. The attack is carried out to steal, manipulate or use information for malicious purposes. Data breaches are usually targeted towards large organizations and businesses to steal sensitive, confidential or patented information.
A data breach typically takes place in the following stages:
- Research: After deciding on a target, the cyber criminals look for network security flaws that can be exploited. This involves researching about the kind of infrastructure a company has.
- Attack: When the weaknesses have been identified, the hacker initiates a data breach either as a social attack or a network based attack. In the former one, social engineering methods are used to jeopardize the target’s network. This may include spam emails, malware infected IM attachments, installing programs with malicious code etc. A network based attack, on the other hand, is when the cyber criminals use vulnerability exploitation, SQL injection or session hijacking to access the network on which the target computer is operating.
- Exfiltration: Once the attack is successful, the hacker can easily take out the important data and transfer it into another system. This data may either be used for spiteful purposes or to carry out another attack.
Tips To Prevent Data Breach
- Be Careful With Passwords: Make sure you do not store passwords for any website or servers. You should also avoid using same passwords for any two accounts. Also, consider using two-factor authentication for all accounts that contain sensitive business information. Thus, you will require a password along with a personal authentication method, such as OTP or biometric scan to access the account.
- Use Data Encryption: You must mandate encryption of all personal or official information that is transmitted over the organization’s internet network. The IT staff should be directed to encrypt all software and hardware at all times, including the devices issued to the employees.
- Outsource Payment Processing: In order to safeguard your customers’ financial data, you should consider outsourcing your payment processing system. Whether it is for point-of-sale or online banking, hiring a credible PCI complaint dealer will ensure better and dedicated protection of the data.
- Educate Employees: You must implement and let the employees know about the data security policy of the organization. Restrict the usage of computer only for official purposes and confine access to unsuitable websites. You must also educate the employees about their responsibilities with regard to protecting and maintaining confidentiality of any information.
We, at Centex Technologies, provide complete data security solutions to the businesses in Central Texas. For more information, you can call us at (855) 375 – 9654.