Blog

Coleman Technologies Blog

We can give your organization comprehensive IT services and 24/7/365 live support for a predictable monthly fee. Stop stressing about technology, and start focusing on growing your business.

Invest in Your Business’ Future with Security Best Practices

Invest in Your Business’ Future with Security Best Practices

Nowadays, it is crucial that you make security a top priority. With the right approach, it not only saves you massive headaches, but also a considerable amount of capital—particularly if you leverage the appropriate solutions for SMBs. As a managed service provider, we can ensure that you implement the appropriate IT solutions to maximize the return on your security investment.

0 Comments
Continue reading

This Malware Targets Your Facebook Business Accounts

This Malware Targets Your Facebook Business Accounts

Chances are your business has a social media presence in at least some capacity, as it’s a good way to drive traffic to your business. However, hackers want to leverage this benefit against you. A new malware specifically targets Facebook business accounts to launch malicious advertisement campaigns using your own money against you.

0 Comments
Continue reading

Fake Browser Updates Pose a Dangerous Threat

Fake Browser Updates Pose a Dangerous Threat

It’s important to keep the software on your computer updated. If your operating system or web browser or some other important application is out of date, it could lead to things not working properly while also leaving you susceptible to threats. However, hackers are disguising malware to look like important web browser updates.

0 Comments
Continue reading

4 Ways Hackers Can Take Advantage of Your Business Technology

4 Ways Hackers Can Take Advantage of Your Business Technology

Cybercriminals fight dirty, whether it’s attacking small businesses, large enterprises, or individuals who just want to watch Netflix. It doesn’t matter who you are or what you do for the community; you’ll always be a target for hacking attacks. To save time and effort, hackers will use low-tech attacks and social engineering attacks to target individuals. Hackers aren’t developing new threats all the time; if anything, they largely use existing exploits, purchasable software, and social engineering to take advantage of people.

0 Comments
Continue reading

It’s Time to Upgrade Your Firewall

It’s Time to Upgrade Your Firewall

As the threat landscape gets more concentrated with serious cyberthreats, new next-generation firewalls (NGFWs) have been developed to help stem the tide of negative outcomes that result from cyberattacks. An NGFW is an advanced network security device or software solution that combines traditional firewall capabilities with additional features and functionalities designed to provide enhanced protection and visibility into network traffic. NGFWs are designed to address the evolving and sophisticated nature of cyberthreats, including malware, intrusion attempts, and other malicious activities.

0 Comments
Continue reading

Why You Might Consider Taking Your Security to the Edge

Why You Might Consider Taking Your Security to the Edge

Any business that depends on its IT—in other words, most businesses—needs to consider the cybersecurity that is in place to protect it. Today, many businesses have started focusing their cybersecurity efforts on protecting their network from the edges, an approach that is fittingly known as edge security. Let’s take a moment to talk about the benefits that edge security can offer you.

0 Comments
Continue reading

It’s Time to Fight Malware with AI

It’s Time to Fight Malware with AI

This past year saw a dangerous 86% increase in the most dangerous types of malware out there, so we want to ask you an important question: are you ready to protect your business from the different types of threats you might encounter? We know a technology solution that might help this mission along, and we want to share it with you today: artificial intelligence.

0 Comments
Continue reading

What You Need to Know About the Massive Solarwinds Hack

How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

0 Comments
Continue reading

Go Beyond a Firewall to Secure Your Business

In reality, it takes several different tools to make a network as secure as it needs to be.

Why a Firewall Isn’t Enough

A firewall serves only one purpose, and that’s to monitor traffic that goes in and out of your network for any security issues. However, it’s important to remember that there are threats that can bypass firewalls, and that there are other components of network security besides monitoring traffic.

0 Comments
Continue reading

Clearing the Ethical Hurdles of Employee Monitoring

Monitoring Employees Without Their Knowledge

We figured it would be most appropriate to discuss the no-go option first, which would be to start monitoring your employees without their knowledge or consent. As you would imagine, this is the shadier side of the monitoring spectrum, and is actually illegal in most cases. Unless you have reason to believe an employee is actively acting out and are investigating them, you are not allowed to use monitoring software to keep an eye on your team without telling them.

0 Comments
Continue reading

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

What’s the Exploit and Who Does It Affect?

The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. 

0 Comments
Continue reading

Are Macs Inherently More Secure than PCs?

Spoiler Alert: Macs Do, in Fact, Get Malware

Not to be juvenile about it, but duh. A computer produced by Apple can just as easily be infected by malware and ransomware, just as they can also experience any of the other problems that a PC user would. Hardware failure, slowing with age, crashes, data loss—these and so many other issues can be seen in a Mac.

0 Comments
Continue reading

Four Cybersecurity Tools Your Business Needs

Today, it’s not enough to have an antivirus or firewall. You need solutions designed to actively protect your network and data from those that are actively trying to gain access to them. So while it may not be enough, making sure that your firewall and antivirus software are updated with the latest threat definitions, and that your other solutions like spam blocking and virtual private networks are being utilized properly, can set you up for success. Let’s look at four additional strategies that extend traditional cybersecurity into the modern age. 

0 Comments
Continue reading

Is Your Business Being Attacked From the Inside?

Today, there are literally billions of phishing emails sent each day. Inevitably, you are going to confront this problem, and depending on your staff’s preparedness (or intentions), you will either deal with them or they will likely deal with you. 

The first thing that you should know is that you have to train up your staff about phishing and other issues surrounding your organization’s security. They have to understand social engineering tactics used by scammers to infiltrate networks, steal data, and deliver malware. If they are left in the dark about these issues, you will likely see a plethora of cybersecurity problems in your immediate future. It’s good to be lucky, but you’d rather be good.

0 Comments
Continue reading

Three Facets of Security to Focus On

Physical Security

First on our list is the oldest kind of business security, the (sometimes literal) gun behind the counter that helps to dissuade potential attacks. It is only too easy to overlook the fact that data theft can be as simple as someone taking a hard drive, rather than hacking into it. Of course, we aren’t suggesting that all businesses should have an arsenal at the ready. Instead, technology provides assorted alternatives that should be implemented to deter attempted intrusion.

0 Comments
Continue reading

Tip of the Week: Keep an Eye on Your IT While You Aren’t There

First, we’ll define what “infrastructure monitoring” refers to:

Understanding IT Infrastructure Monitoring

Infrastructure monitoring covers a few different considerations, all critically important to the continued productivity of your business. These considerations include things like the physical condition of your infrastructure’s hardware, how your operating systems are being utilized, how much of your network’s bandwidth is being consumed and how many errors are occurring, or the performance and availability of your applications.

0 Comments
Continue reading

Social Engineering Isn’t Going Away

What is Social Engineering?

Think of it like this: online, you have some type of social currency. Your personal information, your data, your interactions, your profiles, they all add up to your online life. If someone were to use that information to trick you into providing them access to your secure online accounts, you would be the victim of a social engineering attack. 

Basically, a hacker uses what amounts to the fundamentals of human psychology to gain unauthorized access to an account. Rather than exploiting a vulnerability within a system’s technology, a social engineer will take advantage of the human resources to gain access through relatively simple psychology.

Successful social engineering can be the result of many different actions. Some include: carelessness by an individual, perceived kindness, reaction to fear, and business as usual. Let’s take a look at these actions and how social engineering schemes work as a result.

Individual Carelessness

When there is a lack of diligence carried out by an individual, there are openings for a social engineering attack. This includes trash thrown out with information on it, keeping login credentials out in the open, and other careless actions. It’s important that you and your staff understand that the best practices of password protection, such as using a password manager, are crucial to maintaining the integrity of your company’s network and infrastructure.

Perceived Kindness

Many people won’t think twice about helping someone that asks for help. Social engineering attackers take advantage of the better angels of our nature, by using people’s helpfulness to gain access to secure computing resources. Any person can fall for this type of attack. This is why we stress that in order to keep your digital and physical resources secure, a critical eye for potential intrusion works. That doesn’t mean you have to be a jerk, but if a situation is presented to you that’s out of the ordinary, take anyone’s helplessness with a grain of salt.

Business as Usual

When we picture a hacker, we all tend to think about them the same way. They are brooding people sitting in a dark room typing away at a computer. In social engineering attacks, this couldn’t be further from the truth. A popular social engineering tactic is to gain physical access to a large business--where there are often a lot of moving parts--and then spend time at the business looking for ways into secure digital environments. This could also include straight hatchet jobs, where your employees would help people outside of your business sabotage your access control systems. 

Reaction to Fear

Finally, fear is one of the best motivators. By striking fast and threatening all types of negative consequences if a worker doesn’t help them get into a secure computing system, this kind of cyberattack can be a major problem. 

Coleman Technologies Can Help Protect Your Business

If you are looking to secure your network from cyberattacks, including social engineering, the IT professionals at Coleman Technologies can help. Call us today at (604) 513-9428 to learn more about how we can help you with the training you need to keep social engineering from causing problems for you.

0 Comments
Continue reading

Five Steps to Better Basic Cybersecurity

One crucial component of any successful cybersecurity practices is the active effort to eliminate risk wherever possible. Here, we’ve compiled five practices that will contribute to your business’ capability to recognize where its threats come from. While these aren’t exactly policies to help protect your data, they can help you collect the data you need to form these policies.

1. Inventory All of Your Assets

When you resolve to protect everything, as many business owners do, it helps to know what exactly “everything” includes. Maintaining a comprehensive inventory of all of your technology-- each wire, additional peripheral, and software title your business has acquired--makes managing your technology far simpler and more efficient.

2. Push Cybersecurity Best Practices

Your staff, being the ones with their hands on your business technology, need to be trained on how to maintain its security. As it happens, this training should transcend just security and cover their cyber hygiene as well. The more they know about how to better secure their use of your technology and identify threats and issues, the more secure your business will be.

3. Address Shadow IT Head-On

Shadow IT is an insidious problem that many don’t even consider an issue. The phrase “shadow IT” basically serves as a blanket term for any software that an end user has downloaded without the knowledge and approval of the IT administrator. While there are many potential issues with shadow IT, the worst of them likely comes from the vulnerabilities that unapproved and unpatched software can bring into the network. By enforcing a policy of utilizing only the solutions that IT has vetted and approved, you can protect your business from one of the least expected threats there is: the employee who was just trying to do their job.

4. Ensure the Proper Tools are Implemented

Cybersecurity, on paper, isn’t such a difficult process. The issues come from the fact that everyone involved needs to understand the threats facing them and why the practices and tools they are expected to utilize are so crucial to security. Unfortunately, if the reasoning behind using antivirus and anti-malware, firewalls, spam blocking and content filtering (among other security tools) is never addressed, their use is more likely to be taken for granted, and ultimately neglected. Not only should these tools be in place, there needs to be an organizational commitment to using them… otherwise, threats are more likely to be an issue.

5. Keep IT Refreshed

As a general rule, the older your technology gets, the less effective it is at serving its intended purpose. This can be resolved by making a point of systematically and strategically patching, updating, and upgrading the technology you rely on to operate. More up-to-date solutions have better security and can better keep your assets safe, threats less of a consideration (but still one to be consideration).

Coleman Technologies can help you put these practices in place for the betterment of your business and its security. Reach out to our team for improved cybersecurity by calling (604) 513-9428 today.

0 Comments
Continue reading

Cybersecurity: An Origin Story

Let’s start with where we are now. History is best told on a timeline, so let’s start from the present. Cybercrime today is profiting over $1.5 trillion each year, and that figure continues to climb. Some have predicted that this figure will nearly quadruple by 2021. Security breaches are up by 67 percent over just the past five years.  

How is this figure climbing so quickly? Well, let’s examine the most popular form of cybercrime: phishing. The method that cybercriminals are using are able to deploy all types of malware, yet also has data-stealing abilities. Whether that data is your sensitive personal information, or login credentials to your bank account, phishing gives a cybercriminal direct access. The worst part for people who have fallen victim, is until something dramatic happens, they are clueless that they have even become a victim. Phishing attacks have led to billions of records being exposed, stolen, or corrupted each year.

Cybercrime has become a real concern for all business owners. So how did all of this start?

The Beginning 

This information Coleman Technologies is about to reveal may be hard to believe, but cybercrime was Bob’s fault. This trillion-dollar criminal trend is the result of a research project held by a man named Bob Thomas. Bob Thomas made the observation that a program is able to move across a computer network, leaving a trail behind. He then proceeded to write a code that was named “Creeper”. This code resulted in a program that was designed to travel between Tenex terminals on the ARPANET. The message that came across? “I’M THE CREEPER : CATCH ME IF YOU CAN”. 

The research project sparked the attention of email inventor Ray Tomlinson. Tomlinson altered this program into a self-replicating one. This resulted in the first computer worm. Immediately after this discovery, he wrote an additional code which was titled “Reaper”. This chased down the Creeper code, and deleted it; which resulted in what was effectively the first antivirus software

So how did Bob’s experiment start all of this? Well, in the 1980s Soviet hackers considered the applications of this experiment. Academics designed applications that could be used to infiltrate other networks. This ideology quickly spread, and in 1986 German hacker Marcus Hess hacked into an internet gateway which was hosted at the University of California at Berkeley. This hacked connection was then used to piggyback onto the ARPANET. He hacked into a total of 400 computers, including mainframes hosted at the pentagon. 

How did this turn into such a profitable “business”? Hess planned on selling the secrets found on these computers to the Soviet KGB. Before he was able to do so, he was caught by the group effort put forth by the FBI and the West German government. His conviction was the first of its kind -- cybercriminal activity sentencing. The abnormality of the case resulted in a 20-month suspended sentence. 

At the same time as this was occurring, computer viruses started to become a serious threat. With the exponential growth of the internet, there were more connections that viruses could infect. The virus started to become a real problem.

The Middle

In 1988, Robert Morris woke up and decided he wanted to see just how big the internet had become. Morris, a software engineering student at Cornell University, wrote a program designed to spread across various networks, work themselves into Unix terminals, and begin replicating. The software replicated so quickly that it actually slowed down the early Internet, which caused major carnage. This carnage become known as “the Morris Worm”. Morris’ worm resulted in the formation of the Computer Emergency Response Team, known as US-CERT today. Morris was the first person convicted under the Computer Fraud and Abuse Act (CFAA). This act was introduced with the intentions to protect against unauthorized access. 

After Morris’ worm was handled, viruses began being developed at an absurd rate. The antivirus industry, which started in 1987, began to grow as a result. By the time the Internet was an accessible user-product in the 1990s, dozens of solutions were available to prevent devices from being infected. These solutions scanned the binaries on a computer, and tested them against a database of known virus-code. There were major problems with this protection method, such as the abundance of false positives. They also had a tendency to use a lot of the systems’ resources to scan for these viruses. Remember how slow dial-up used to feel? Your anti-virus could have been the culprit. 

The mid-90’s to late-2000’s were a prospering time for the world of viruses. While the figure was estimated to be a few thousand known viruses in the mid 90’s, that figure was estimated to be around five million by 2007. These different malware strains were either worms, viruses, trojan horses, or other forms. By 2014, 500,000 different types of strains were being created daily. This time truly was the malware boom. 

Who was stopping this boom? Well, nobody. Cybersecurity professionals needed to make an effort. Antivirus solutions simply couldn’t keep up, and while they might detect malware, they had a hard time preventing it. Innovations in cybersecurity developed quickly. First, endpoint protection platforms (EPP) that didn’t just scan for known code, they also scanned for code similarities. This meant that unknown viruses could be detected.

The End?

With advanced malware defeating endpoint protection regularly, it was time to further innovate cybersecurity measures. The timeline innovators had was cut short with the deployment of WannaCry. WannaCry was, at this point, the most devastating piece of malware that existed. WannaCry even shook the world of the most capable security professionals. It encrypted the data on a computer and forced the computer owner to pay in Bitcoin to regain access to these files. This deployment sparked an explosive increase in the cybersecurity industry. It was time for cybersecurity to surpass the capabilities of cybercriminals, instead of being constantly behind.

The only way anyone was able to determine if they were being infiltrated was to have a transparent network. Administrators began using endpoint threat detection and response (EDR) services to monitor their networks. This solution is still cutting edge by today’s standards. While this isn’t the end for cybersecurity, EDR services are extremely capable of keeping malware out of your network. 

If you would like to learn more about cybersecurity, or are interested in keeping your business’ data safe, call Coleman Technologies today. Our professionals can be reached by calling (604) 513-9428.

0 Comments
Continue reading

We Celebrate National Cybersecurity Awareness Month

Any data you collect, you must protect. You might not think your business is big enough (or noteworthy enough) to be targeted by hackers, but the truth is, those are the reasons you are a target. It is estimated that by 2020, more than 24 billion devices will be connected to the Internet, so it is imperative that you follow simple, yet crucial, steps to ensure your data and information are kept safe.

Here are some variables you--and the other people on your network--need to be aware of. 

Phishing

Phishing attacks are some of the most prevalent attacks being made in 2019. Basically, users will send you an email that seems to be from a user the recipient might know. If a user interacts with that email by clicking on a link or downloading an attachment, the phishing scam is a success. A successful phishing scam is a huge problem for your business. 

You will want to train your staff on how to spot and avoid phishing attacks. Phishing attacks have been developed to be subtle and admittedly easy to miss. There are, however, several tell-tale signs that an email is legitimate. Hackers know that the weakest link in any business or organization is the employees. Do your employees know how to recognize an out of place email? It is crucial that you take the time to train your employees the art of phishing identification. 

Secure Passwords

Passwords are the standard in which most people use to keep files secure and to authenticate access to devices, platforms, programs, etc. Understanding what makes a strong password can go a long way toward securing your IT resources. Some best practices include:

  • Creating strong, unique passphrases
  • Changing passwords frequently
  • Using Upper and Lowercase letters, numbers, and symbols

Multi-factor Authentication 

Multi-factor authentication, often rolled out as two-factor authentication, puts an additional step between you, and potential threats to your network or data. You use a password to unlock a 2FA/MFA platform that requires you to get a randomly-generated code from a third-party device to gain access. Since you need a third-party device/account to open the application, account, or device protected by 2FA/MFA, that account is more than twice as secure. 

Applications and Software Updates

In order to say ahead of security attacks, the software you use cannot have vulnerabilities. As a result, patching and updating software is essential to comprehensive security. If you are going to remain secure you will want to be sure to stay up-to-date on your updates. 

How Do I Know If My Systems are Safe?

So, you want to know if you are safe from a cyberattack? To put it lightly: nobody is. By associating security preparedness with cybersecurity and routinely taking proactive, preventative measures to enhance your security position, you reduce the chance that your organization will have to suffer from downtime, data loss, and reputation damage that a data breach would bring your company.

If you would like more tips; or, if you would like to talk to one of our experts about network security, call us today at (604) 513-9428.

0 Comments
Continue reading

Customer Login

News & Updates

When it comes to growth and advancement, small and medium-sized businesses (SMBs) in British Columbia have been effectively leveraging Coleman Technologies’ affordable enterprise-level IT practices and solutions since 1999. The proof: Coleman Technol...

Contact us

Learn more about what Coleman Technologies can do for your business.

Coleman Technologies Inc.
20178 96 Avenue, C400
Langley, British Columbia V1M 0B2

Operations Center
6600 Chase Oaks Blvd, Suite 100 Plano
TX 75023

 

2 year badge

Copyright Coleman Technologies. All Rights Reserved. Privacy Policy