Category: Security Page 62 of 79

Tips For Managing Cyber Security Risks

On July 22, 2016

22 July, 2016

The incidences of online attacks have undergone a steep rise over the past few years, making cyber security a top priority for the organizations. A security breach can jeopardize the confidentiality of a company’s network and important data, leading to financial losses as well as reputational damage. Therefore, it is important to be proactive and identify as well as mitigate the potential threats to the corporate network.

Listed below are tips that can help organizations manage cyber security risks:

Internet Firewalls And Gateways

Internet firewalls, gateways and other such mechanisms should be adopted to protect the corporate network against unauthorized access. Devoid of proper security techniques, the company’s files, client details and other important information are at risk of being stolen, manipulated or deleted. A firewall will monitor the traffic on the organizations’ internal network and block any suspicious or unauthorized users. However, it is important to ensure that the firewall is frequently updated and password protected.

Secure Configuration

All the devices connected to the network should be properly configured to adhere to the cyber security policies of the company. This will help to identify and deal with the potential vulnerabilities. The default security settings on any device can serve as an easy backdoor for the hackers to gain access to your corporate network. Therefore, when installing networking devices, these settings should be changed and safeguarded with a strong as well as hard-to-crack password. Unrequired user accounts should be deleted and obsolete software should be updated or disabled. Auto-run feature should also be deactivated to prevent unintended installation of malicious software.

Software Management

Most cyber-attacks are initiated by exploiting the security vulnerabilities in the software installed on a computer system. Hence, it is essential to regularly download and install the updates released by the software vendors. The organization should frame a comprehensive patch management policy to ensure efficient and effective updating of the software. There should be a specified time frame within which the patches need to be installed on the networking devices. Also, all the software updates should be licensed and released by a legitimate authority.

Malware Protection

When computer systems are connected to the internet, they are likely to download malware through spam emails, fake websites, malicious advertizements or drive-by downloads. Anti-malware software should be installed to protect against such online threats. Make sure you keep it updated and allow regular scans to detect any malware installed on the device.

Centex Technologies is a leading IT consulting firm providing cyber security solutions to business firms across Central Texas. For more information, you can call us at (855) 375 – 9654.

Types And Advantages Of Access Control

By centexitguy

On July 16, 2016

In Security

16 July, 2016

Access control can be defined as a security technique utilized to restrict access to the physical and logical assets within an organization. The physical assets include the computer system or server room whereas the logical assets comprise networks, data, files etc. Having complete control over who can view, use or manipulate the resources in a computing environment, the companies can mitigate the likelihood of a potential security breach.

Types Of Access Control Systems

Mandatory Access Control (MAC): This is the most stringent form of access control mechanism. In this, the access restrictions are monitored by the operating system according to the specifications provided by the system administrator. Each user or device on a network is assigned a classification label. When a user tries to view or edit any file on the server, the computer system verifies his credentials to determine if access should be granted.
Discretionary Access Control (DAC): It allows each user to control access rights for their own file or program. Unlike Mandatory Access Control, the DAC is much more flexible when it comes to data security. It allows you to create customized access policies for each user. For instance, you can allow read and write access to one user as well as read-only access to another one for the same file.
Role Based Access Control (RBAC): Also known as Non-Discretionary Access Control, it allows access depending upon the role of a user. Role is defined according to the job profile, responsibilities and authority of an employee within the organization. For instance, an accountant would be provided access to all the files that contain financial data.
Rule Based Access Control (RB-RBAC): Under this type, access is allowed on the basis of a set of criteria defined by the system administrator. It is a good option if you need to stipulate access rights for a specific account during certain hours of the day. The rules set by the administrator are stored in Access Control Lists (ACLs).

Advantages Of Access Control

It helps to increase data security and confidentiality in an organization
It reduces administrative work needed to monitor unauthorized access to important files
Access rights and protocols are easy to implement by the system administrator
Access control systems decrease the possibility of security errors as the permissions are automatically monitored and regulated according to the specified criterion

We at Centex Technologies provide complete IT security & networking solutions to our clients. For consultation regarding implementation of access control in your organization, feel free to contact us at (855) 375 – 9654.

What Is A Banking Trojan And How Does It Work

By centexitguy

On July 9, 2016

In Security

9 July, 2016

Banking Trojan, or Banker Trojan, can be defined as a malicious program designed to steal confidential information from online financial accounts. With a large number of people turning to online and mobile banking, the risk for these types of malware attacks has also increased manifold. The Banking Trojans usually come in the form of a legitimate software which, when installed on a computer system, gains inadvertent access to the files and programs. The software has a built-in backdoor that allows hackers to view files or monitor the online activities of the infected computer.

How Does Banking Trojan Work?

After the Banking Trojan infects a computer system, it usually stays dormant until the user performs an online financial transaction. It works covertly to replicate itself on the computer and edit registry entries each time the computer is started. The Trojan also searches the cookie files that had been stored on the computer while browsing financial websites.

Once the user attempts to make an online transaction, the Trojan sneakily steals the login credentials and transmits it to the hacker. Some of the ways in which Banking Trojans attempt to steal a user’s information are:

Keylogging
Form data captures
Inserting fraudulent form fields
Screen captures and video recording
Mimicking financial websites
Redirecting of banking websites
Man-in-the-middle attack

Upon acquiring the user’s banking details, the hacker may occasionally transfer relevantly moderate amounts of money to fake bank accounts.

Signs Your Computer Is Infected With Banking Trojan

It may change your computer’s security settings
Your computer may slow down unexpectedly
Unidentified addition or deletion of files stored on your computer
Malicious backdoor downloads may take place
The Trojan may block or disable other programs in the infected computer
You get randomly redirected to different websites
The computer may crash or Blue Screen of Death (BSOD) appears regularly

Countermeasures Against Banking Trojans

Frequently update your operating system and internet browser
Download latest patches and updates of the anti-virus software to protect your system from the recent versions of Banking Trojans
If the computer has multiple users, only the administrator should be permitted to download and install any software
Use web content filtering to block malicious websites and advertizements
Be careful while downloading software and programs, particularly from unreliable sources.
Do not store your financial information on computer system. If necessary, keep it in an encrypted format

We, at Centex Technologies, can help you stay protected against Banking Trojans and other online security threats. For more information, feel free to call us at (855) 375 – 9654.

Web Content Filtering: Types And Benefits

By centexitguy

On June 30, 2016

In Security

30 June, 2016

Web content filtering is one of the most important elements of an organization’s cyber security policy. Also known as “Information Filtering”, it involves screening a website and restricting access if deemed harmful or objectionable. It not only helps to prevent unwanted internet access by the employees, but also protects the corporate network from online threats. Web content filtering works by checking the credibility of a portal, when a user attempts to visit it. If the website has been blacklisted by the administrator, the user is barred from accessing it. Content filtering is important to restrict access to webpages which can have pornographic content, malware, keyloggers, botnets, proxy server etc.

Types Of Web Content Filtering

Client Side Filter: In client side filtering, software is installed on computers that require content filtering. The admin can customize the list of blocked websites or specify guidelines according to which the content needs to be filtered. Client side filters are a good option for small businesses that have a limited number of employees.
Server Side Filter: In this type, content filtering software is installed on a central server computer that monitors the security settings on other systems on the same network. The business owner or network administrator can apply the same filter rules for all computers.
Content Limited ISP: In this type of filter, the internet service provider has the authority to regulate the type of content that can or cannot be viewed by the users. Apart from blocking malicious websites, it also monitors emails, chats and web traffic to prevent Denial of Service (DoS) as well as man-in-the-middle attacks.
Search Engine Filters: Many search engines like Google and Bing also offer content filtering options to the users. They can block inappropriate content and text from being displayed in the search results.

Benefits Of Web Content Filtering

Increased Employee Productivity: As the unwanted websites are blocked, the employees are likely to be more focused towards work. They would not get distracted which, in turn, increases their overall productivity at the office.
Better Network Protection: Web content filtering helps to block malicious websites, emails and programs that are likely to infect a computer system with malware. Preventing these online threats safeguards your corporate network against a potential security breach.
Bandwidth Usage Reduction: With a high speed internet connection, employees may engage in undesired activities like streaming videos, downloading movies, peer-to-peer file sharing etc. This increases the network’s bandwidth usage which can be controlled by using a content filtering software.

For more information on the benefits of web content filtering, feel free to contact Centex Technologies at (855) 375 – 9654.

How To Protect Against Spyware

By centexitguy

On June 24, 2016

In Security

24 June, 2016

Spyware is a general term for the malicious programs aimed at gathering information from a computer system without the consent of the user. They record keystrokes or monitor user’s internet activity to collect sensitive data such as usernames, email addresses, passwords, credit card numbers etc. The data is then transmitted to the hackers who may use it to initiate various online attacks. Spyware may infect a computer system through a malicious email attachment, visiting a spam website or in the form of a drive-by-download.

Listed below are some useful tips to protect against spyware:

Install anti-spyware software

The most critical step in protecting your computer system is to install a reliable anti-spyware software. Most anti-virus programs may detect and remove malware, but they may not be able to identify the diverse variants of spyware. Make sure you update it regularly and configure it to check for the latest versions available. Enable a complete scan of your computer’s hard drives on a regular basis to detect any spyware program that may have discreetly infected the system. It will add an additional layer of protection.

Be cautious while surfing the web

You should not click on unknown URLs or visit malicious websites. The browser plugins included in the anti-spyware software should be enabled to protect against infections. Software should be downloaded only from reliable sources after carefully researching about its reviews and information that it may access on your computer.

Keep operating system updated

An updated operating system will make your computer less vulnerable to the online threats. Software vendors often release the security patches to fix any flaws that may be exploited by the cybercriminals. Enable automatic updates so that your computer automatically scans and downloads the latest software versions periodically.

Do not click on ads or pop-ups

Flash advertizements and pop-ups are common ways through which spyware is downloaded into a computer. To avoid this, make sure you do not click on or enter any confidential information in these windows. It is possible that the hacker may be tracking the way you respond to these ads or tracing the data you enter. If you want to close an unwanted ad or pop-up, click on the ‘X’ icon instead of the ‘close’ link within the window.

Centex Technologies is a leading IT firm providing complete online security solutions to the business firms in Central Texas. For more information, you can call at (855) 375 – 9654.