What You Can Learn From Recent Data Breaches

Posted by Maura Mahoney on Tue, Aug 15, 2017 @ 03:53 PM

As high-profile companies continue to experience data breaches in 2017, common attack vectors are emerging. A closer look at some of the worst breaches shows that employee negligence and weaknesses in point of sale (POS) systems are common problemsThe success of cyberattacks on other companies should serve as a powerful lesson for your business. Examining these attacks may prevent your business from making some of the same mistakes.  

Read More

Topics: Security

Ransomware: It’s Here and It’s Coming for Your SMB

Posted by Rob Williams on Tue, Jul 19, 2016 @ 09:30 AM

For companies that think they are too small to be the victim of a cyber crime, think again. There is a new cyber attack that searches and preys upon SMBs and personal users. Ransomware, otherwise known as a cryptolocker attack, is a sneaky phishing attack that tricks users into downloading malicious code.

This malicious code comes in many disguises and in many shapes and sizes. It can look like an email from a friend or a familiar company, or it could take the appearance of a free download of trial software. What all ransomware attacks have in common, though, is that the malicious code worms a sophisticated encryption into every file within its range.

Sometimes, the victim can be a personal computer. Other times, when a user is connected to a network, that infected encryption code can spread to an entire data center, locking down access to every stored file. This type of attack can be devastating for small and medium business owners. 

Know what makes up a secure and complete DR plan? Check out our eBook,
5 Things You Need to Know to Plan Your IT Disaster Recovery.

Read More

Topics: Security

Is the Cloud Really Secure? You Bet!

Posted by Rob Williams on Tue, Mar 22, 2016 @ 09:30 AM

On-premises vs. Cloud: A Rational Analysis

Cloud security continues to generate hype.

In fact, SC Magazine got two SMEs together to talk about whether hosting data in the cloud is more secure than hosting data on-premises.  

Even though we have come a long way from the early days of cloud security fear, and even though users and providers have gained more confidence in cloud security practices, misconceptions still persist.

Some assumptions include:

  • Hackers have easier access to cloud security settings
  • Once your data is hosted in a cloud environment, it’s exposed to the whole world, and you lose control. 
  • Data in the cloud is easier for anyone to access.

The Case For and Against On-premises

As a proponent for managing data in-house, Dan Timpson (VP of technology for DigiCert) gave his take on why on-premises is the safer route compared to cloud.

“On-premises solutions give users 100-percent control over their own SSL certificate keys and critical system security, and then it’s their responsibility to ensure privacy and data security. With on-premises, one has better visibility into the lifecycle of one’s own data and where attacks are coming from.”

Timpson makes some fair points. Ideally, it might be easier to manage and control your data when you know where it resides, while having full access and control.

But his point about it being “your responsibility” is important.

Unless you have a dedicated, integrated physical and digital security approach to host your most critical information and that security approach incorporates consistent testing and monitoring, you can’t cover as much ground as a cloud service provider.

Mid-market organizations don’t always account for these consistent privacy and data security practices. Just given the lack of manpower and internal resources, they can be hard-pressed to honor their security responsibilities. If these organizations aren’t able to keep up with the demands, they are always going to be more vulnerable.

The Case for Cloud Data Security  

Pete Nicoletti (CISO for Virtustream), who argued for cloud-based security management, had a solid counterpoint to Timpson’s statement.

His take: While security isn’t the core competency for most enterprise and mid-market organizations, it is the core competency for cloud vendors.

Vendors have the in-house resources and expertise to deliver repeatable and sustainable security practices that have been tested and verified.

The reality is that the cloud is likely no more of a danger zone than your very own in-house IT infrastructure.

Furthermore, Wieland Alge, VP and GM of EMEAR at Barracuda Networks, explained, “Almost all of the massive data breaches we’ve seen as of late were within traditional on-premises IT. Sometimes we are too quick in stating that the cloud is an inherently insecure element.”

With the right cloud provider, data security doesn’t have to be such a stress point.

How safe can a cloud provider get?

Physical security is an area often overlooked by customers who maintain on-premises systems.   A former NATO command center located in Maine with staff onsite 24/7 is as safe a spot as any for critical systems and sensitive data. As a cloud practice, Oxford Networks secures its computing environment with industry best-practices and an approach to security that includes annual audits and regular testing.  These enhancements complement sound internal practices that will always be part of the process of managing IT, whether in the cloud or on-prem.   

Learn about the cloud questions you need to answer in our free product sheet, Choose the Best Cloud Technology Path for Your Business.

 
Get My Product Sheet!
 
 
Read More

Topics: Cloud Computing, Security

Top 10 Things in IT That Are NOT Going to Happen in 2016

Posted by Rob Williams on Tue, Jan 05, 2016 @ 12:30 PM

There are so many articles out there on what’s going to happen in the coming year. We, at Oxford Networks, thought that we would offer a few helpful insights into what companies should NOT expect in 2016.

Here are the top 10 things that aren't going to happen in 2016:

Read More

Topics: Cloud Computing, Mobility, Security

2016 Cybersecurity: Why the Worst Is Yet to Come

Posted by Rob Williams on Tue, Dec 15, 2015 @ 11:00 AM

With the end of 2015 fast approaching, predictions for next year’s key trends and developments in the IT industry are already making headlines.

The biggest area of concern remains cybersecurity. And if the predictions hold true, 2016 is going to be an even more trying year for security professionals to handle.

Read More

Topics: Security

The State of Cloud Computing in the Accounting World

Posted by Rob Williams on Tue, Dec 01, 2015 @ 12:34 PM

90% of CPAs Believe the Accounting Profession Must Evolve 

We are slowly heading toward mainstream cloud-based accounting practices. But we aren’t quite there just yet.

Read More

Topics: Cloud Computing, Security

The Insider Threat: Why 51% of Companies Are At Risk

Posted by Rob Williams on Tue, Oct 20, 2015 @ 01:51 PM

According to a joint cybercrime study conducted between PWC and Carnegie Mellon University, only 49% of surveyed companies had “a plan to address and respond to insider security threats.”

Despite the fact that 32% of these organizations admitted that inside crimes can be more debilitating than outside crimes (of the digital variety), they haven’t addressed the issue.

Even when these inside attacks have taken place on-premises. More resources have been devoted to locking down logical security elements that protect your network such as threat detection, two-way authentication, and intrusion prevention.

Read More

Topics: Data Center, Security

Why Years of Security Neglect Caught up With the Government

Posted by Rob Williams on Tue, Aug 18, 2015 @ 12:54 PM

Last week, I touched on the hack that took place at the United States Office of Personnel Management (O.P.M).  

I didn’t get the chance to dig into that story much further than simply listing the incident as an example of a high-profile cyber-attack. But it goes beyond that. This incident is a prime example of security neglect gone wrong.

Read More

Topics: Managed Services, Security

85% of Targeted Security Attacks are Preventable

Posted by Rob Williams on Tue, Aug 04, 2015 @ 01:21 PM

We’ve heard a lot about high profile cyber-attacks in the news. 

Target, Anthem, US Office of Personnel Management, Sony…the list goes on. These attacks have come from a sophisticated groups of hackers, and some of those groups are sponsored by foreign governments.

Read More

Topics: Managed Services, Cloud Computing, Security

Top 2 Growth Tips Every CIO Needs to Know

Posted by Rob Williams on Tue, Jul 07, 2015 @ 11:30 AM

In the past, a business could still be successful by operating in silos. Today, a business needs to be connected in all ways at all times to survive.

A successful business is a business that connects across all departments, from the C-level suites to contributor-level employee desks.

Read More

Topics: Security, CIO Strategy