How Social Apps are Fighting Terrorism

Posted on

With the growing number of terrorist attacks of late, it is clear that businesses across the world must take a stand and do everything they can to prevent terrorist attacks. This is especially important for social media platforms, where terrorists are spreading their message, recruiting, and searching for “inspiration.” Tech companies, specifically those in social media, are stepping up to the plate by implementing technology and security measures which prevent terrorist organizations from spreading their message across and communicating through their networks. While most of these companies fight to preserve free speech, they realize that they can help control the abilities of groups that strive to wreak havoc and cause misery.

Facebook

With over 1.9 billion worldwide users, it can be hard to monitor all of the activity that Facebook hosts. While the platform has already implemented technology aimed to fight copyright infringement and child pornography, they realized the need to defend itself against other unacceptable content. Facebook has consulted with counter-terrorism agencies, law enforcement, and other government agencies, and is now using Artificial Intelligence (AI) to help block terroristic posts on its website. This is done through image matching, which removes known terrorism related photos or videos. In addition, language understanding analyzes text and removes it in the case that it violates policies by praising terrorist groups or their actions. When pages, groups, posts, or profiles that are terroristic are blocked, algorithms scan profiles that have engaged with that material and can block them as well. Additionally, the algorithms try to prevent blocked or banned users from creating new profiles and continuing the same behavior.

WhatsApp

Facebook’s WhatsApp, a messenger application, has been under fire for encrypting conversations and allowing terrorists to communicate freely on the platform. This became the subject of many media-inquiries following a terrorist attack in London, where authorities were unable to decipher the attacker’s last message. Although they haven’t changed their encryption methods, the company provides all of the information they can when ordered by law enforcement.

Twitter

In 2015, Twitter began working to combat extremists utilizing this platform, but recently the company has increased its efforts. This is being done through AI, which scans the platforms for posts that are similar to its internal database of text, imagery, and videos that are related to terrorism. Twitter’s platform reported that between July and December of 2016, almost 400,000 accounts were suspended for terrorism-related issues. Of these, 75% were prompted by internal spam-fighting tools.

Our team members unanimously condone acts of terror and social content related to terroristic groups, individuals, or acts. We are proud to see technology groups are taking part in the fight against this propaganda and look forward to seeing how advancements in AI understanding and other technology will further deter these groups and individuals from utilizing social media to spread their message. Stay tuned to our blog for more industry news and tech tips.

How much storage does your business need?

Posted on

So, you’ve decided to switch to the cloud? Congratulations! This technology is becoming more popular with businesses each day because it has many applications and creates a higher performing and more secure infrastructure. This technology will enable your employees to safely work from devices outside of the office and create a backup of your data that you can trust to provide complete and prompt recovery after an emergency. Deciding on how much storage space your business needs on the cloud can be tough, but it is important to also remember that this is a scalable solution, which can be increased or decreased any time.

The first step in determining the amount of storage space you need is deciding what you want to store. You can measure the amount of this data simply by auditing your current drive. Things that can’t be replaced earn their place within your online storage while software programs and applications can either be replaced or can be hosted through Software as a Service (SaaS) or Platform as a Service (PaaS). This process will also give you the perfect opportunity to encourage employees to delete files which are no longer necessary.

Although you can add more data later, you should accommodate for the amount of data you will want to add within the immediate future. These additions are especially prevalent in those who implement a cloud migration along with other IT initiatives. If you are planning on storing video or high-quality images on the server, you will need to accommodate for the large amount of space these will take.  Additionally, if your company employs graphic designers or video editors, they will require a large amount of storage for their files as well as their unique programs.

There are multiple cloud storage plans that your business can choose from, and it is important to compare the prices your business would pay with each. The first plan typically sets a price per user, where each user is given a set amount of storage space. This is a good plan for a company that’s users all have similar tasks or storage needs. Other plans have a set storage limit that can be utilized by anyone across the team, which is the most popular choice. The largest plans, which are typically very expensive to purchase and maintain, include unlimited storage. It is also important to weigh out the costs of the plans per month vs. per year, as you will presumably be utilizing the technology for a long time period.

Converting over to cloud storage can seem expensive and time-consuming, but the benefits outweigh the costs. If you do your research and choose the right plan, your business will enjoy a secure form of accessible backup, reduced server maintenance costs, and other benefits. To learn more about our cloud storage offerings or our other cloud based products or to get help deciding on the amount of storage space your business needs, contact us today!

Cybersecurity and the Medical Industry

We understand that in today’s business world, there is an increasing demand for online and mobile service offerings. Utilizing technology will increase your customers’ satisfaction and improve your data and efficiency, but in the medical industry, this will increase the amount of risk you face. Not only will this affect your organization’s operation, but it will also lessen customers’ confidence in your practice and put you at risk for governmental and industrial compliance breaches. This concern has become increasingly serious in the past few weeks, when a series of cyber-attacks have targeted healthcare organizations. In today’s blog, we’re identifying these risks and explaining the steps necessary for your business to address them.

Hackers target the medical industry because the data this industry utilizes contains a large amount of personal information. It is fairly easy to target healthcare systems because health records are all stored in a single place.  Additionally, many companies are unaware of the dangers within their healthcare apps or, in some cases, they are selling patient data for profit.  HIPAA addresses this by mandating security standards for electronic protected health information (e-PHI).

The first step in protecting your medical business is to analyze your current risks. Protection involves not only analyzing your network security, but also the practices and regulations you have in place to address patient privacy and compliance such as password policies and mobile device compatibility. Analysis can become increasingly complicated when utilizing modern medical devices that use the IoT, as many of these have lax built-in security.

Once your business has analyzed each of these risky areas, it is time to address each risk. In order to properly address these risks, new guidelines and technology must be put into place. This involves dedicating a team of professionals to monitor your infrastructure 24/7 to ensure its security and efficiency. These measures will not only improve the amount of up-time your organization has,  but also the ability to recover after a cyber-attack.  Recovery is achieved through performing frequent backups and testing them in order to ensure their ability to be used in the case of an emergency. Additionally, your team members should learn practices from professionals in order to lessen the threat of falling victim to malicious attacks disguised as email attachments or software updates. Working with industry experts will help ensure your healthcare business has all of its bases covered.

No matter how technologically secure you think your healthcare facility is, it is important to take the proper measures in order to protect your patients and practice. Your patients deserve their information privacy and your reputation depends on it. Contact us today to learn more about how your healthcare business can benefit from partnering with us or stay tuned to our blog to learn more about industry news, tips and tricks, and company highlights!

Should your business utilize a private or public cloud?

Posted on

Optimize Your Business

In today’s business world, it is important that your business employs cloud technology in some form. Infrastructure as a software gives businesses access to cloud storage which is scalable and accessible. Software as a service allows companies to access online applications and software such as Salesforce, DropBox, and Google Apps. Platform as a service is used to develop, run, and manage applications virtually. No matter which application you are utilizing cloud technology for, you will have to decide if you want to trust a public or private cloud.

Public Cloud

Public clouds utilize software which is managed by a third-party provider and are most often utilized by small to medium sized businesses. The biggest benefit for companies utilizing this technology is that it is scalable. This means that you only pay for the amount of storage you need, and you can adjust that amount as your business grows. Cost savings also come from the eliminated server maintenance requirements. This includes the costs associated with machine maintenance as well as the labor involved with the management of this information. Additionally, because there are multiple parties contributing to this management, the management, hardware, and software will typically be newer and more advanced. This often means that the facility that hosts the cloud software is more secure from temperature variation, damage, and security threats. However, there will also be more frequent attempts to attack this type of environment, which raises many concerns.

Private Cloud

Private clouds are managed on site, and many larger businesses enjoy the amount of control and storage space they gain from utilizing them. Because only one organization uses the cloud, there can be a variety of security measures implemented within this software. Companies can also add additional features and customize it if they wish. Building these servers may be done in-house or outsourced, but the management must be done in-house. If this management is done proactively and a strong focus is placed on security, businesses can trust that it is more secure than public options. The biggest disadvantage to this environment is the large upfront cost of buying and installing the hardware.

Hybrid Cloud

In addition to public and private clouds another option is available. Hybrid cloud servers combine the best aspects of each offering. In this type of infrastructure, each cloud offering operates independently and the two communicate via an encrypted connection. Businesses enjoy the ability to store more sensitive data on their private servers and utilize the public cloud for data that exceeds storage capability. Savings are achieved through this method because there will be fewer costs associated with the hardware, the physical environment, and the third party provider.

No matter which type of cloud infrastructure your business wishes to utilize, trust the Westech team for help! We have experience in providing the hardware, expertise, and relationship management skills necessary to provide a seamless cloud environment. To learn more about how this technology has benefitted other businesses or to find out how it can help yours specifically, contact us today!

NotPetya Ransomware

Posted on

Last month, a virus known as NotPetya affected thousands of computers across Europe. Specifically, the virus targeted Ukrainians’ electric, government, and bank systems. These specific organizations fell victim to the spread because of their shared use of an accounting software. Many articles refer to this attack as Petya, an outdated virus that this current assault resembles. As a result, the current virus is known as “NotPetya,” “Pnetyna,” or other variants of this word.

Although this attack seemed similar to the recent WannaCry ransomware, it is actually not a form of ransomware. Rather, NotPetya is a wiper which was disguised as ransomware. The difference between these two attacks is that ransomware demands money for a key that will recover your systems, while a wiper is aimed to destroy your systems and data. However, the two are similar in that they both affected only Windows OS systems and targeted the same vulnerability within the software. These attacks differed further in that the NotPetya virus wasn’t thwarted by performing software updates.

During these attacks, the virus collected administrator credentials out of each machine’s memory and spread rapidly throughout each network. If admin access wasn’t accessible, the administrators themselves were targeted through a malicious email attachment. Once this control was achieved, attackers were able to fully control most workstations, internal systems, and storage. The leaked EternalBlue SMB exploit, which is rumored to have been stolen from the NSA, was modified during this attack. This is the same flaw that was exploited with the recent WannaCry virus, although system updates prevented many computers from being affected from this attack.

Additionally, the goals of these attacks varied. WannaCry attackers sought financial gain while NotPetya creators wanted to take information from and disrupt the operations of the business and governmental organizations they targeted. However, in order to disguise their motives, the attackers originally did request a $300 ransom which they said would produce a decryption key. Encryption is a popular tool aimed to protect data and is used even in the business world. These types of keys can be entered to recover files which were previously encrypted, or unreadable. Some news outlets claim this recovery key is successful, but it will only restore a limited number of corrupted files.

So, what should you do if you believe your computer was targeted in the NotPetya attack? First off, if a ransom is demanded, don’t pay it! This won’t help you recover your system. Give us a call and our expert team will work to recover as many files as possible and prevent future attacks. We pride ourselves on staying ahead of attacks such as these and providing our customers with the most secure environments possible.

Tips on Creating a More Secure Password

Posted on

A recent PEW Internet study found that 41% of adults with online passwords have shared those passwords, 39% use one password or very similar passwords for every account, and 69% admit they don’t worry about their passwords’ security. This lack of password security and complexity can have serious effects. In Bangladesh, a stolen password gave hackers the ability to steal $81 million from the Central Bank. These statistics prove that businesses without strong password requirements are at risk for theft, breaches, and more. Follow these tips to ensure your business’ passwords will protect your business from intruders:

Utilize a Password Manager:

Having so many passwords to remember can be confusing, which is why many people set the same or similar passwords for multiple accounts. A password manager will integrate into your web browser and automatically populate the password field. However, when all passwords are stored on one website, it is critical to ensure the password to access that website is very strong.

Create a Complex Password:

It is important that your password is at least 12-14 characters so hackers are less likely to guess the combination within the allowed number of guesses.  You should also be sure to include a variety of character types. This includes numbers, symbols, and both capital and lower-case letters. Additionally, you should make sure to use a unique word combination. For example, “InsuranceDaisy702!” is more secure than “redhouse123”.

Answer Complex Security Questions:

Often, upon setting up accounts, you will be prompted to answer a variety of security questions. Although “what is your pet’s name?” or “what city were you born in?” can be the easiest questions to remember, they are also easily identified by hackers. Answering more specific questions can make it more difficult for hackers to access your account.

Utilize Robust Security Software:

Many forms of Malware can access unprotected passwords that are stored in your computer’s memory. Keylogger software is a significant threat because it keeps a record of each keystroke and can often go undetected.  Employing a defense against these types of attacks will further protect your business and can also help in a variety of other ways. You can learn more about the benefits of cyber security here.

Once your company heeds to all of these tips, it will attain a high level of defense against the potentially expensive, time-consuming, and damaging threats it faces. Here at Westech Solutions, we aim to create a more secure infrastructure for our clients, as well as a way to recover in the case of an attack or other emergency. To learn more about our capabilities or to get started improving your business’ IT security, contact us today!

Our Favorite IoT Devices for the Home

Posted on

The internet of things industry is growing rapidly, and every day there are new products being introduced. With this fast development, it can be confusing for shoppers to find quality products. We want our customers to choose devices that are high performing, affordable, and secure. This list of smart home products highlights devices that our team members have enjoyed using and have positive online reviews in order to advise readers.

Best Smart Speaker

Because of its early development, Amazon’s Echo is a very popular smart speaker that has earned our choice for top smart speaker. This device, like all smart speakers, can play music, narrate news, control smart home assets, and answer questions.  We favor this specific speaker because it is able to connect to a larger variety of smart home devices and perform a larger number of functions. These functions are being added to every day, and currently, we enjoy its ability to order pizza, read recipes, and request an Uber. Each of these functions is performed with the help of a high-quality speaker, which produces impressive sound quality.

Best Smart Lighting

The Philips Hue White and Color Ambiance A19- Gen 3 is our top pick for smart lighting because of its abilities and connectivity. Users will need to install a hue system that will allow them to ultimately control their lighting via an application. Through this app, users will be able to turn lights on and off, dim the lights, and change their color to one of 16 million options.  This can be done in real-time or set to schedules. Additionally, this bulb is designed to integrate with a variety of other apps and smart-home systems. Popular systems that can be synced include Amazon’s Alexa, Nest, and Apple’s Siri.

Best Smart Security

Although there are a variety of smart cameras and smoke/flood/etc. detectors, our team wanted to focus on the best all-encompassing security systems. We put the Abode Starter Kit at the top of our list because of its ability to be customized and integrated with a variety of systems. Included in this kit are a hub with a siren and backup battery, two door/window sensors, a security camera, a motion detector, and a key fob which arms and disarms the system. Although the camera doesn’t offer live streaming, it takes three pictures when it detects motion. Both free and paid access to these images are available, depending on how long and where you want them stored. This technology can pair with Amazon’s Alexa and Nest, among others and be controlled through both Android and iOS apps. We chose this as our top pick because of its affordability and ability to be customized through device additions and plans.

Best Smart Thermostat

For the many households that have used this technology, it is no surprise that the Nest Learning Thermostat earned a place at the top of our list. This device can be controlled through smartphones, computers, and other smart home devices.  Within a week of using the device, the Nest will learn your temperature preferences and adjust itself accordingly. When the home is unoccupied, the nest will turn itself down to help save energy, which is just one factor that contributed to the device’s Energy Star rating. The device itself also has a superior face, which will light up when it detects motion to show the time, temperature, or weather.

Best Smart Vacuum

With every smart vacuum developed, there are new features and abilities. We think that the Neato Botvac deserves its title of “Best Smart Vacuum” because of its power and connectivity.  This device can be started, scheduled, or steered from both its LCD screen and iOS and Android devices. It has superior suction power, leaving behind a reliable clean. To navigate, the robot uses lasers for assistance and is able to compute an efficient path around each room.  If you have a larger house that competes with the battery life, you can switch from “Turbo” to “Eco” mode.  During “Eco” mode, we found the room to be quieter but still powerful enough to amply clean.

Best Smart Blinds

Hunter Douglas Shades have made their way to the top of our list because of their affordability, quality control, and abilities. These devices are controllable via a very user-friendly smartphone app as well as the two remotes. Connections to home control systems are available as well, most notably to the Crestron, Control4, and Savant systems. Users can select which individual blinds are adjusted when making changes, allowing for customized environments in each room. These changes can be made in real-time or scheduled “scenes” can be created.

This list highlights smart systems that are most popularly used and that our team members have experience with. If you have any questions about these devices, please feel free to reach out! Stay tuned to our blog to find out more about the technology industry, recommended IT practices, and company highlights!

How Information Security is adapting to the IoT

Posted on

Gartner, Inc. predicts that there will be 8.4 billion connected devices around the world by the end of 2017. By 2020, other studies estimate this number will reach more than 50 billion. These devices will be used in cars, homes, businesses, cities, doctors’ offices, manufacturers, and more. They will store credit card information, medical information, your home’s layout and occupancy habits, and other private data. Commercially, AT&T reports that 85% of surveyed enterprises intend to deploy IoT devices. With this industry emerging and beginning to grow so quickly, it is important to step back and realize the effects these devices will cause and begin addressing IoT security.

A recent HP study estimates that 70% of the most commonly used devices contain vulnerabilities. Ensuring the security of these devices is critical protecting this sensitive information. Recently, the Federal Trade Commission filed a suit against an IoT device manufacturer who sold insecure products. They allege that this company failed to provide adequate security and also misrepresented their level of security. This is not the first suit of this type, which shows their commitment to protecting customers from vulnerabilities and companies who produce dangerous goods. The FTC also published a report titled “Internet of Things, Privacy, and Security in a Connected World,” which described threats and gave recommendations for the IoT industry.

An IoT device is only as secure as the network it is connected to. That is why it is important to create a comprehensive security plan before the IoT devices are put into place in order to ensure their sustainability. Not only will this null any existing vulnerabilities, but it will also be less expensive than incorporating these devices later.  This includes not only purchasing secure devices, but also ensuring the network and applications’ vulnerabilities are addressed. Our team predicts that as this industry grows, it will implement common security practices that will become standard for these devices and the companies and homes that implement them.

With the growth of the IoT industry, it is critical that both software and service providers create standards that will ensure security. These practices should not only protect against hackers, but also random product malfunctions.  We believe in the benefits of IoT devices and look forward to seeing what industry standards will be created and what product and security improvements will be made. To learn more about online security, technology tips and tricks, industry news, and company highlights, stay tuned to our blog!

The WannaCry Virus

Recently, a cyber-attack known as WannaCry took hostage hundreds of thousands of public and private Microsoft computers around the world. Computers were affected in more than 150 countries, making this the largest recorded ransomware attack. This virus is a form of ransomware, which encrypts files until a monetary ransom is paid. Often, these ransoms will double after a certain period of time and if they are not paid within the set time, all of the files will remain encrypted. Once the ransom is paid, a key is provided that will unlock the files. In this case, the requested ransom was around $300.

Victims of these attacks include a healthcare company in Britain, where patients had to be turned away from more than 36 hospitals, doctor’s offices, and ambulance companies. Thankfully, patient data was not compromised during this attack. In Russia, the Interior Ministry’s computers were frozen. In the United States, FedEx became a target.

These types of attacks are usually triggered by malicious attachments in emails that are designed to mimic legitimate sources. Microsoft was aware of this vulnerability and had released software updates to protect customers from these types of attacks. However, many people have outdated software which allowed them to remain vulnerable. It has yet to be reported the total amount victims paid.

It is rumored that the strategy of this attack is rooted in the N.S.A. because of the comments made when the plans were posted online previous to the attack. A group who identifies itself as the “Shadow Brokers” claimed that the numerous hacking tools they posted online were stolen from the U.S. Government. These tools targeted firewalls, anti-virus programs, and Microsoft products. This is especially concerning because the N.S.A. is taxpayer funded. The N.S.A. has denied this allegation but some sources claim that former officials have suggested the content looks similar to other N.S.A. documents.

The United States has used cyber-attacks against other governments in the past and it is known that they have classified information on these types of vulnerabilities. Former President Obama’s administration developed a process to determine which of these vulnerabilities should be kept in a classified setting and which ones should be reported to the companies so they can be fixed.

Our team strives to provide prompt, cloud based updates to our customers so that their software is always up to date. We also employ both network security and email filtration measures in order to further reduce the risks of these types of attacks. If you are curious about how we have helped protect other companies or are ready to trust us with your technical security, contact us today to get started.