Category: News and Events

Financial Services: Adding Business Continuity to your Bottom Line

Arby News and Events , , , ,
Financial Services: Adding Business Continuity to your Bottom Line

Financial firms have the task of making sure that their clients are making the most of their fiscal decisions.  From services such as accounting, hedge fund management, and stock investments, your clients put their trust in you to handle their funds and ensure confidentiality.  Once that trust is gone, you will most likely lose that client for life.  Therefore, maintaining that trust is important in the financial industry.  So how do you ensure that their data is safe?  Do you have plans just in case your clients are unable to retrieve information or make withdrawals?  How about if their identity was stolen and you were are unable to access their data that would help stop it?

Downtime is one of the causes that hampers the industries performance, and this does not just apply to downtime caused by natural disasters.  The other and more recent causes of downtime from data loss come in the form of cyber attacks and malware like ransomware.  These are the kind of situation that your company should try to avoid at all costs as this can not only ruin the trust from the said client, it could also affect your future prospects.

A False Sense of Security

While you may be taking some precautions, such as securing and backing up your sensitive data, sometimes that’s not enough. There is a common misconception that data is safe if backed up once a day, but this outdated practice is no longer sufficient for several reasons:

  • If you forget to perform the backup or the backup process fails, you’re not protected.
  • If you only back up your files once a day, you’re left vulnerable to the loss of an entire day’s work.
  • If you don’t properly validate your backup files, you could be in for an unpleasant surprise when you try to use those files to restore your company’s operations.
  • If you only back up your files on-site, you could lose them too, leaving you with no way to meet client requests.
  • If you only back up your raw data, rather than all your application and server configuration files, it could take several days to restore your practice —because you will also have to rebuild your servers, operating systems, applications, etc.

Below are a few best practices your company should follow to start the most basic of ways you can protect your data:

  • Outsource your company’s IT needs to an expert who has experience in the financial industry.
  • Don’t sacrifice quality to save money when purchasing hardware. It will benefit you (and your bottom line) to have strong technology in the long run.
  • Perform timely hardware and software updates, maintenance and backups.
  • Establish, review and maintain system security of all practice technology.

The Better Way: Business Continuity

Although best practices are good to follow, it won’t give you that extra layer of insurance that you would like to have when handling with a lot of confidential and important data.  This is where a Business Continuity and Disaster Recovery (BCDR) solution comes in to help you with your backup and disaster recovery.  It will help you protect your data whether it is on-prem or in the cloud and even help backup data in your SaaS applications.  While still being able to help you restore your data in case of unforeseen incidents.

When a business faces an incident in which their systems are majorly affected, whether it be natural disasters or a man-made, a strong BCDR solution can help you get back online in minutes.

When leveraging hybrid solutions as well, can ensure that your restore time will be quicker as using local storage exclusively can cause issues if the area it was stored was also affected by the disaster.

Going full cloud is also be slow as well due to bandwidth issues that will pop up as you try to bring back all the hundreds of GB back to your system. A hybrid model works to alleviate the vulnerabilities by implementing both processes to fill in the gaps. That’s intelligent business continuity.

To learn more you may contact us at 8893 9515 to learn more about BCDR solution or if you have any questions that you would like to clarify.

Office App: Your new Microsoft Office on the Go

Arby News and Events , ,
Office App: Your new Microsoft Office on the Go

Most Microsoft Office users hardly use their phone to do their work, if ever they do its for revisions or small adjustments.  Users usually save majority of the work for when they can use a desktop, this should be expected as the mobile version, while handy, had a lot of limitations.  Microsoft took this as a challenge to better improve their mobile app so that you could use the app on the go to create majority of the content of your files, be it a document, a spreadsheet or even presentations.

Microsoft has announced on February 19, 2020 that the Office app is now generally available for use on both iOS and android for you to test and hopefully give more feedback.

The Office app delivers several key benefits including:

  • Combining Word, Excel, and PowerPoint in a way that simplifies the experience with fewer apps to download or switch between. It requires far less phone storage than installing individual apps while maintaining virtually all the capabilities of the existing mobile apps people already know and use.
  • Integrating our Lens technology to unlock the power of the camera with capabilities like converting images into editable Word and Excel documents, scanning PDFs, and capturing whiteboards with automatic digital enhancements to make the content easier to read.
  • Adding new functionality for common tasks people often encounter when working on a phone—things like making quick notes, signing PDFs, scanning QR codes, and transferring files between devices.

New features are also on the works that will hopefully help you do more content heavy work when using the Office App.  Below are the features that are currently being worked on and hopefully will be out on a future update:

Word Dictation— a feature where you can enable writing via voice while keeping all punctuation and symbols via a shortcut bar.

Excel Cards View— a feature in which excel rows will be displayed as easy to read and edit cards to better.

Outline to PowerPoint— a feature in which your powerpoint slide based on an outline you write will be automatically designed by powerpoint designer.

To learn more about Microsoft Office or any other Microsoft products, you may visit our product page or you can contact us directly at 8893 9515 and we would be happy to answer your inquiries.

You may also find the link for the Office app below for your respective devices:

Download for Android | Download for iOS

Malware in a X-Ray Machine Adds Tumors to the Test Results

Arby News and Events
Malware in a X-Ray Machine Adds Tumors to the Test Results

What Malware these days are getting more versatile in the way they do attacks.  Ransomware attacks were one-way people thought of new ways to use malicious programs to exhort money from unfortunate victims.  Other attacks are meant to exploit vulnerabilities to get into your system to steal your data.  Recently however, there has been a new kind of malware that was recently made that can alter your x-ray results and add fake tumors into you results.

Cyber Security researchers recently created malware that was so effective in adding fake lung tumors, it was able to fool 3 different radiologists.  It also has the capability of planting different kinds of false evidences for different signs of disease on the body such as brain tumors and other serious illness symptoms.  Researchers even stated that it could also tamper with actual positive results and make them seem like they are negative causing patients to be unable to get the treatment they may need.

Fortunately for us, this was just a security test executed by the security experts to show the medical community how vulnerable their security on the diagnostic machines are.

What does this mean for us?

With how easily our researchers were able to make these kinds of malware, it means that its just as easy for those will malicious intentions to do the same.  With these kinds of flaws prevalent in most healthcare diagnostic machines, there may be a day where we will be affected on en mass like when hospitals around the globe were hit by the ransomware attack, WannaCry.

Below are a few solutions you can consider if you would like to better safeguard your specialized equipment:

  • Exabeam UEBA for behavioral analytics (for detecting any abnormal and risky behavior by users, machines or other entities on the corporate network)
  • Trend Micro TippingPoint IPS is an appliance that can detect, and block network traffic associated with vulnerabilities being exploited by threat actors targeting Medical devices such as CT scan and MRIs.
  • Trend Micro Deep Discovery Inspector is an appliance that can detect malicious traffic including command-and-control communications that may be found within these networks and associated with a breach. Unusual traffic can also be identified.
  • Trend Micro Safelock for those medical devices running on Legacy Windows OS. It can be used for smart whitelisting protection that can keep the system still locked under maintenance, and just allow approved software to be updated.

To learn more about these solutions, you may contact us at 8893-9515 and we would be happy to answer any inquiries that you may have!

Ransomware attack causes a US Telemarketing Company to shutdown before the Holidays

Arby News and Events , ,
Ransomware attack causes a US Telemarketing Company to shutdown before the Holidays

Last year before the holidays, an Arkansas-based telemarketing firm was hit by ransomware.  Their employees at the time didn’t even know they were hit by it, however they felt the repercussions of the attack.  More than 300 employees were sent back to their homes and told that it would be best to try looking for another job as a worst-case scenario if they are unable to recover their data.

The attack that happened on October 2019, forced the CEO of the company to send a letter informing their employees of the situation.

“Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running,” wrote Sandra Franecke, the company’s CEO, in the letter sent to employees.

With the initial recovery plan failing, it was estimated to only take 1 week, management decided to suspend operations while the process is ongoing.  However, many of the 300 employees are doubtful that the company will be able to survive this situation.

This situation is not as uncommon as you would think it is.  In the last few years, many other companies have decided that a ransomware attack was too costly for them to recover and ended up shutting operations down.  One example would be a Medical practice in Michigan opting to end their operations 1 year earlier than planned rather then deal with the fallout of a ransomware infection.

Situations like this could have been avoided given that they were able to:

  1. Have proper security measures implemented to detect and isolate suspicious files
  2. Had their data recovery plan regularly tested or had on implemented in the first place.

If you would like to learn how we at CT Link Systems, Inc. can help you company better secure your IT environment or even ensure that you have a good BCDR plan in place, Contact us at 8935 9515 and we would be happy to help you!

Recovery Failure: Spotting What Went Wrong

Arby News and Events ,
Recovery Failure: Spotting What Went Wrong

Everyone knows that backup is critical to a business’ operations to ensure that everything keeps going in a case of an unforeseen disaster. However, many businesses do not have backups until a disaster strikes, and for those who do have their backups, they can sometimes fall into a false sense of security.

One good example of this would be from a customer of Unitrends, large entertainment complex’s IT department (name is withheld for the reputation of the client).

Background

The IT division was responsible for multiple critical business operations which include the SQL Server databases, file shares, and customer loyalty systems. All of which were based on an on-premise data center. They ensured that they used best practices to protect the apps and data while also ensuring they had security up such as firewalls and a virus scanner. They also made sure to keep employees who had access to the corporate network aware of risky actions on the internet through training.

They were using Veeam to back up their primary data center while storing their backups locally and replicating to a remote site on a separate building on the property. All of this done through the corporate WAN. They also made sure to backup and test regularly to ensure that they could recover in the case of an unforeseen disaster.

However, even with all this precautions in place, there came a day when departments across the organizations contacted them saying that they could not access their applications. They could not find the problem until they saw that ransomware had started popping up on their screens.

No matter how much you train someone, as humans we are prone to errors. Someone clicked a link and infected the network. What made the situation worse, the ransomware actively sought the backup and immediately infected it as well.

Avoiding this scenario

So, what can you do to ensure that your backup stays safe?  Below are a few suggestions that can help your company prepare:

Phishing simulation – You must continuously educate your employees that they and the business is constantly under attack. Many companies are turning to products to educate employees by conducting simulated phishing attacks and security awareness training. Consider a product such as Bullphish ID by ID Agent.

Deploy Linux-based backup appliances – To avoid this and other Windows ransomware issues Unitrends backup and recovery appliances are delivered in hardened Linux.

Utilize cloud storage – Get your backups way offsite and physically disconnected from your production environment with Unitrends Cloud.

To learn more about Data Protection or Unitrends Solutions, you can contact us at 8893-9515 and we would be happy to answer your inquiries!

PlunderVolt: A new Vulnerability found in Intel Processors

Arby News and Events , , ,
PlunderVolt: A new Vulnerability found in Intel Processors

Academics from three universities across Europe have disclosed today a new attack that impacts the integrity of data stored inside Intel SGX, a highly-secured area of Intel CPUs.

It was reported by three academics from three different universities across Europe that a new attack was re that affects the integrity of data stored in the highly-secured area of Intel CPUs called the Intel SGX.  The attack exploits an interface which is in charge of controlling the voltage regulation of the Intel processor, this interface is something that many gamers will recognize as it is the same one that is used to overclock their CPUs.  The attack is aptly named, Plundervolt.

How it works

Plundervolt only targets Intel Software Guard eXtensions (SGX). The Intel SGX, for those unfamiliar with it, is a powerful security feature that is found on all modern Intel CPUs that keeps very sensitive data for applications to ensure that other applications are unable to access it.

By using the CPU’s energy management interface, it is able cause some changes in the SGX data just by altering the electrical voltage and frequency of the SGX memory cells. This causes bugs and faults appear within the data and operations which SGX handles.  Meaning, instead of destroying, Plundervolt sabotages output to weaken the encryption of SGX and even cause errors within apps that might have not been there before to exploit and steal data.

However, unlike other attacks, Plundervolt cannot be exploited remotely like luring users into a website and then being able to execute the attack.  Plundervolt needs to run from an app of an infected hosts with root or admin privileges.  So getting a successful attack may be harder compared to other attacks but once they are able to get in your system, they will be able to exploit your system much faster than most other attacks.

What Intel CPUs are infected and where can we get a fix?

According to Intel, the following CPU series are vulnerable to Plundervolt attacks:

Intel® 6th, 7th, 8 th, 9th & 10th generation CoreTM processors

Intel® Xeon® Processor E3 v5 & v6

Intel® Xeon® Processor E-2100 & E-2200 families

Plundervolt is nothing that end-users should worry about. It’s an attack vector that is of little interest for malware authors since it’s hard to automate at scale. It is, however, an attack vector that could be weaponized in targeted attacks, against specially selected targets. If Plundervolt is a serious threat depends on each user’s threat matrix.

For those who are looking for the update to fix this vulnerability, you may refer to the microcode and BIOS update here.

For any inquiries with regards to this vulnerability or any other security questions, you may call us at 8893-9515 and we would be happy to help you!

Liberty Mutual: An Insurance Case Study for Office 365

Arby News and Events ,
Liberty Mutual: An Insurance Case Study for Office 365

In the insurance industry, business is all about protecting valuable items of people.  This is why insurance industries need to make sure that they are using tools and technology that serve to bring their clientele sufficient protection.  This is to help make sure that their products and services stay innovative.  A good example of a company doing this in practice is Liberty Mutual.  With more than 50,000 employees and 900 global locations, Liberty Mutual is one of the few in the industry that experience business on a large scale.

This is why they have a few unique problems that they run into as a bigger insurance business.  They are forced to compete with many internet startups who have the advantage of mobility through the use of cloud-based technologies.  They also need to take care from their other competitors as well who try to disrupt their value chain and build stronger relationships with their client base.

To overcome these challenges, Liberty Mutual had to make a change, a digital transformation.  Microsoft office 365 and power BI were just the products to help them start this journey.  Office 365 improved the collaborations of their worldwide team.  They are able to share insights more conveniently, helping them with the product development process and shorten the time for breakthroughs for products the import and export globally.

Analytics is also a very important ability to have in the industry.  Office 365 has helped Liberty Mutual through faster response to market changes.  They are now moving to a more agile development process in which smaller groups from multi-disciplinary employee groups are able to collaborate on new products with more efficiency.  Chat-based real-time collaboration has increased their proportion of people across their company who normally could not collaborate with each other through regular means.  Analytic tools as well is the other way in which helped them increase their efficiency, this is where Power Bi comes in.  With just the right amount of user friendliness and high-level insights, even departments like Claims, Legal, Reinsurance and HR are able to quickly pick out information from just the dashboards and KPIs.

With new tech savvy recruits, they are now accustomed to wanting mobility compared to on-premise workstations.  They need to be able to have access to what is normally on-premise on the go, this is not only a storage concern but also security one.  Office 365 helped them as they are able to access their documents and emails on the go while still maintaining a high level of security for their employees.

To learn more about Office 365 and other Microsoft products, you may contact us at 8893-9515 and we would be happy to answer your inquiries!

University Medical Center Groningen: Citrix Endpoint Management Case Study

Arby News and Events , ,
University Medical Center Groningen: Citrix Endpoint Management Case Study

As one of the largest hospitals in the Netherlands, the University Medical Center Groningen (UMCG) boasts close to 11,000 employees and have a wide number of patients who come for various reasons.  May it be for basic care, specialized diagnostics or even examinations, the doctors, nurses, and support staff work to give their patients the best of their abilities.

The Challenge: Organizational adopting mobility

Usually, most sensitive care data would be placed in one secure safe.  However, with the industry growing with more specializations, data must be now shared to multiple people who need it like specialists, general practitioners, peripheral hospitals and even the patient themselves.  Even employees are now becoming more mobile and not just working in the hospital but working even on the move or at home using their own devices.  These can cause security risks for UMCG if not properly addressed.

The Solution: Citrix Endpoint Management

UMCG has been a long user of Citrix solutions, they have been using Xendesktop (now known as Virtual Desktop) on thin clients before they considered Citrix as a way to alleviate their current problems.  To help solve their current issue, they are looking to use Citrix Endpoint Management (Formerly Xenmobile) and Citrix Sharefile.  With the use of Citrix Endpoint Management, UMCG was able to lower their investments, let them have a better picture of their environment while giving them more flexibility.  They were even given the preference to have their Citrix Endpoint management housed in their own data center. This is crucial for safety and redundancy to ensure its continuity and performance as it is a business-critical system with 5000 mobile devices.

With so many devices, not all of them would be feasible to be company owned.  Therefore, UMCG has opted to use Bring Your Own Device (BYOD) structure.  However, to ensure that the network is secured, UMCG has imposed if they were to choose a BYOD then they would need to install a Citrix Agent on said device to ensure that Citrix can manage the security of the network.

To UMCG, the Citrix mobility solution achieved their goal of making their information as available and consistent as possible. It helped isolate data to ensure that their data was secured in a sandbox environment while also giving them a simplistic approach to manage their mobile devices.  This worked well since they were already existing Citrix customers, making the integration process smoother.

To learn more about Citrix solutions, you can contact us at 8893 9515 and we would be happy to answer your inquiries!

Cloud One: A Trend Micro Solution for Cloud Builders

Arby News and Events , ,
Cloud One: A Trend Micro Solution for Cloud Builders

With cloud technology advancements, more businesses are now connecting to the cloud to solve their IT needs.  This is why the cloud infrastructure services market is now filled with different vendors, this has also caused many stakeholders to become involved in these infrastructure decisions.  This has made cloud security even tougher.  To be able to maximize the benefits of the cloud, you need to be able to balance both your business objectives and cloud security to ensure the least amount of complexity.

Cloud One, a security services platform for cloud builders, delivers the broadest and deepest cloud security offering in one solution, enabling you to secure your cloud infrastructure with clarity and simplicity.

Cloud One will be able to help provide you by providing a powerful security which leaves you leverage to take the benefits and efficiencies that the cloud has to offer to your business.  Being designed with multiple services to make sure that specific cloud security needs are addressed, Cloud one gives you the leg room you need to solve your present challenges while still being able to help you with future cloud needs.

With support for all major cloud platforms, and solutions that integrate directly into your DevOps processes and toolchain, Cloud One is designed to provide the flexibility you need without slowing down your business or application delivery.

Benefits of Cloud One

Automated

Security as code lets your DevOps teams bake security into their build pipeline to release continuously and frequently. With built-in automation, including automated discovery and deployment, quick-start templates, and our Automation Center, secure your environment and meet compliance requirements quickly.

Flexible

Builder’s choice. Security for your hybrid cloud, multi-cloud, and multi-service environments, as well as protection for any vintage of application delivery—with broad platform support.

All-in-One Solution

One platform that has the breadth, depth, and innovation required to meet and manage your cloud security needs today, and in the future.

To learn more about Cloud One and other Trend Micro Solutions, you can contact us at 8893 9515 and we would be happy to answer your inquiries!

The State of Data Protection in 2019

Arby News and Events
The State of Data Protection in 2019

Unitrends has been doing an annual survey these past 5 years to find out the state of data security to see if improvements have been made to companies overall.  With more than 400 companies joining the survey, it was found out that data loss is still a prevalent problem despite us having better technology which should have prevented many cases.  This can be attributed to challenges such as reduced IT budgets and headcounts.  It was also found that cloud-based solutions such as DRaaS (Disaster Recovery as a Service) and direct-to-cloud back up of PCs and servers are now on the rise.

The challenges of Data Protection

One of the most basic job requirements for IT is to protect corporate data and keep the business applications running. However, that requirement is getting increasingly more difficult due to a variety of circumstances.

Organizations have seen a rise in their storage that require protection in the last four years, this has forced organizations to look for ways to keep their storage costs down.  This is seen from the data that organizations that needed 100TB of data has gone up from 11% of respondents in 2016 to 31% this 2019.

Organizations have also had their expectations for fast recoveries increased in the past 5 years.  An increase of 12% was seen compared to the last as organizations are now expecting to recover from downtime in less than 4 hours.  This increases the IT requirements that needs to be used from the existing tools an organization uses to procedures that need to set in place to ensure it happening.

Another thought to keep in mind is the direction in which customers plan to do with their data in the near future.  Many respondents of Unitrends’ survey have said that their direction is to move a larger percent of their enterprise data out of the traditional on-premise data center.  Although endeavors like this take a while, many years in fact, it is something worth considering when you are working on your road plan.

To learn more about your Data Protection options, you may contact us at 8893-9515 and we would be happy to help you with your inquiries!