IT Consultants' Insight on Business Technology | NSK Inc.

Enhancing Password Security in Light of Data Breaches

Posted by Philip Tang

Fri, Mar 27, 2015

 

Severe data breaches suffered by Sony, Anthem and other companies over the last year further solidify the importance of data security.

Large companies continue to endure targeted attacks.  Earlier this week, Twitch.tv publicly announced they had fallen victim to a data breach that possibly endangered users' personal account information.

So what makes this breach a big deal?  If you haven't heard of Twitch before, here's what they're about: "Twitch is the largest live video platform and community for gamers with more than 100 million visitors per month. We want to connect gamers around the world by allowing them to broadcast, watch, and chat from everywhere they play."

A year ago, the Wall Street Journal published an article analyzing U.S. Internet traffic with data from DeepField.com.  They found Twitch.tv to account for 1.8% of American peak traffic, ranking fourth overall and impressingly beating out companies such as Amazon and even Facebook.  Only three titans saw more traffic than Twitch: Netflix, Google and Apple.

At the time, Twitch's Vice President of Marketing Matthew DiPietro said the site "is the central hub for the entire video game industry to share their passion for games."

And hackers have breached this massive hub.  A hub that has undoubtedly grown even larger in the past year.

Fortunately, Twitch responded to the attack by providing disclosure to its users.  It dispatched emails detailing the information that hackers may have obtained:

Well, at least credit card information isn't on there.  Consolation prize acquired!

In addition to the email, Twitch took action.  For the sake of protecting people's personal data, every Twitch account was forced to undergo a password reset henceforth.  Not only would everyone have to make a new password, but that password would have to be actually strong, determined by their revamped algorithmic rating system.  Otherwise, it would not be accepted.

Essentially, Twitch offered some basic, but eternally useful guidelines on enhancing password security. They used a range of ranked examples to illustrate their point.

The more random a password is, the more effective it becomes.  However, it's a little painful to use symbols and non-letters (!, @, $, etc.) in a password, isn't it?  Passwords are something you often type out manually, and perhaps even from memory.  Symbols don't quite lend to making that process convenient.

But as Twitch recommends, the most secure form of password security may lie within a password manager and random password generator, although they don't recommend any.

Effective password managers tend to be gated by a paywall.  However, LastPass sports a beginner-friendly free version with enough features to help you feel safe, including two factor authentifcation and security alerts (but mobile access comes with a fee).  KeePass is completely free and is even open source, but lacks some features and demands user customization to be truly effective.

Lifehacker produced a helpful chart that can help you determine which manager would suit you best:

Ultimately, the wisest course of action is to swiftly change your password to a site when it reveals it has been breached.  Change your passwords used on other sites, too, if they are similar to the one from the compromised site. Password managers will help to facilitate this process.

Read More

Topics: Data Security

Identifying and Responding to Social Engineering Hackers

Posted by Philip Tang

Fri, Mar 20, 2015

Spreading malware such as CryptoLocker is the cowardly, distant method for breaching a victim's data security and extorting money out of them.  By comparison, social engineering is the method a bold-faced, audacious hacker will employ.  It often involves the hacker directly tricking the victim via a manipulative phone call conversation.  

Read More

Topics: Data Security

Information Technology Buzzwords You Need to Know

Posted by Cathie Briggette

Fri, Mar 20, 2015

 1. Software Designed Networking (SDN) – “Software Defined Networking (SDN) is enabling organizations to accelerate application deployment and delivery, dramatically reducing IT costs through policy-enabled workflow automation. SDN technology enables cloud architectures by delivering automated, on-demand application delivery and mobility at scale. SDN enhances the benefits of data center virtualization, increasing resource flexibility and utilization and reducing infrastructure costs and overhead.

SDN accomplishes these business objectives by converging the management of network and application services into centralized, extensible orchestration platforms that can automate the provisioning and configuration of the entire infrastructure. Common centralized IT policies bring together disparate IT groups and workflows. The result is a modern infrastructure that can deliver new applications and services in minutes, rather than days or weeks required in the past.

Read More

Topics: New Technology

Protecting Client's Sensitive Data and Personal Information

Posted by Cathie Briggette

Tue, Mar 17, 2015

According to recent studies, phishing attacks increased by 59% in one year.  And Social Engineering and Hacker Attacks are increasing even more.

In 2014 Webroot and RSA, the security division of EMC, announced a new technology partnership.  The partnership created an integration with Webroot’s real time anti-phishing service and RSA’s FraudAction anti-phishing service.  This partnership created SecureAnywhere Antivirus.  Giving IT departments and managers the ability to detect phishing attacks in real time within their organizations. 

SecureAnywhere Antivirus is more than an anti-phishing software. In addition to being excellent anti-phishing protection, it is antimalware protection, it includes firewall-style program control, and has powerful protection for your browser and secure connections.  It stops the viruses and worms that exist to infect other computers within your business infrastructure. It protects your employees while they are web surfing, by blocking harmful websites. And it takes down spyware that tries to deceive your employees or exploit vulnerabilities within your organization's operating systems.

Spyware steals information from computers and sends it to someone else. Some spyware is fairly benign. Adware, for example, watches you in order to tailor advertisements based on your habits. Adware can also happen with your consent if you opt to use a free service that involves accepting ads. Another less-lethal form of spyware is the tracking cookie. Advertising companies install cookies on your computer in response to you clicking on ads. Unless you delete it, the advertiser will know when you visit a site with its ads.

If spyware was just adware and tracking cookies, it would just be annoying. But spyware has worse forms. Some spyware can change your computer settings, slowing down internet connections and slowing down your home page. Webroot SecureAnywhere Antivirus insulates you from these spyware attempts to infect your PCs.

Webroot SecureAnywhere works in a few different ways.

  • It scans data and blocks viruses that it detects.
  • It removes malware that already exists on a computer.
  • It can be programmed to scan PCs according to any schedule.
  • It looks at the Windows registry, operating system files and applications to give you a list of threats.
  • Unlike other antivirus programs that use the latest threat signatures to protect your PC, yet they cannot protect against a brand new, zero-day threat, Webroot uses other ways to detect threats based on the threats behaviors or by comparing with other known threat families.
  • The web protection includes warnings if you try to go to a malicious site that pops up in a search result
  • It protects you against phishing attempts and dangers that might arrive via Facebook or Twitter
  • It works on Windows PCs, Macs, Android Phones or Tablets, iPhones and iPads

The architecture of Webroot’s code uses a small footprint that gathers its information in the cloud. The actual signature database that is part of Webroot is housed in the cloud, so it does not take up space on your computers or servers.  This cloud based database relies on analyzing behaviors of suspected malware. It is compact and efficient.

NSK's IT Managed Services protects our client’s sensitive data and personal information with antivirus, internet security and identity protection.

Outsourced IT Services - Managed Services

 

Read More

Topics: Managed Services, Data Security

Social Engineering and Hacker Attacks

Posted by Cathie Briggette

Mon, Mar 16, 2015

Last week we received 2 phone calls from consumers in Missouri and Tennessee asking about our Techs calling them on the phone and trying to charge them from $250 to $350 to reset their passwords and fix their IP addresses, because they were unable to connect to Netflix.  Our receptionist, talked to the first person, who thank goodness hadn’t given the scammers her credit card, and explained that we did not work in Missouri, nor did our techs call consumers about broken computers.  The woman was relieved that she did not share her credit card information.  The receptionist shared this information with me and I asked her if anyone else called, please route the call to me.

Read More

Topics: Data Security

Boston Mayor's Implementation of New Technology

Posted by Philip Tang

Fri, Mar 13, 2015

Boston's Mayor Martin J. Walsh recently wrote for the Huffington Postsharing some ways the city has integrated new technology to boost its problem-solving capabilties.  The essence of a Mayor's job, according to Walsh, is "meeting people's challenges, solving problems and getting things done."  New technology is the engine by which these tasks can be accomplished.

Read More

Topics: New Technology

How to tell if a URL link or hyperlink is safe without clicking on it

Posted by Mauricio Cornejo

Fri, Mar 13, 2015

Even the best security software can’t protect you from the headaches you’ll encounter if you click an unsafe link. Unsafe links appear to be shortcuts to funny videos, shocking news stories, awesome deals, or “Like” buttons, but are really designed to steal your personal information or hijack your computer. Your friends can unknowingly pass on unsafe links in emails, Facebook posts, and instant messages. You’ll also encounter unsafe links in website ads and search results. Use these link-scanning tips to check suspicious links. All of these solutions are free, fast, and don’t require you to download anything.

Read More

Topics: Data Security, Tech Fixes

Back Up Disaster Recovery (BDR)

Posted by Cathie Briggette

Thu, Mar 12, 2015


Business Protection Checklist

Every business has critical data and applications they need to protect – personal work stored on laptops, business applications running on servers, or infrastructure systems like email and payroll.  All of this information is vital to the operation of any business.

If you are a small or medium-sized business, looking after all this data is a major challenge.  You have limited budgets and limited IT resources.  Let’s face it, sometimes things go wrong.  Laptops get stolen.  Email servers fail.  Someone accidentally deletes a file, or even worse, an entire folder of vital business information.  Systems get hacked, files get corrupted, and as we all know, disasters like fire, hurricanes and floods do happen.

BACK-UP DISASTER RECOVERY CHECKLIST
YES     NO     Are your laptops and desktops protected automatically?              

YES     NO     Is a copy of your data moved off site each day, safe from fire flood, or sabotage?                

YES     NO     Can you backup Microsoft, Linux and Mac?

YES     NO     Can you get your business back up and running in 15 minutes or less when a server fails?

Can you quickly viertualize your servers and work off the cloud
iof your business site is damaged?                                              

Can you do all of this without spending upfront costs
on new hardware or software?                                                      YES             NO

If you answered NO to any of these questions, your data IS AT RISK!


Read More

Topics: Disaster Recovery

Finding your PC's Windows Product Key so you can re install Windows

Posted by Mauricio Cornejo

Tue, Mar 10, 2015


How to find your PC's Windows Product Key so you can Re-Install Windows

Read More

Topics: Tech Fixes

Position Open for Senior Help Desk Support Technician

Posted by Cathie Briggette

Mon, Mar 09, 2015

General Purpose: NSK is looking for an experienced Senior Help Desk Support Technician who is ambitious, highly detailed, analytical and assertive to work collaboratively as a productive team member with a multi-layered IT help desk. As the Senior Help Desk Support Technician you will be expected to deliver excellent technical support with outstanding customer service, satisfaction and timeliness. Within this role this individual will provide help desk support to current clients by offering constant support, maintaining productive communication with the client and taking the lead on projects for the Help Desk Department. If you love a challenge and are looking to take a step towards a rewarding career, the Senior Help Desk Support Technician position may be right for you!

Read More

Topics: Careers

New Call-to-action